Archives for September 2017

Corporate Accountability News Highlights: U.S. government drops Facebook gag order, research shows security risks in content filtering apps, Togo orders network shutdown

Corporate Accountability News Highlights is a regular series by Ranking Digital Rights highlighting key news related to tech companies, freedom of expression, and privacy issues around the world.

U.S. government withdraws Facebook gag order

D.C. Court of Appeals (Photo by Mr.TinDC, Licensed CC BY-ND 2.0)

The U.S. government has dropped its effort prevent Facebook from notifying three users that their communications were being investigated. Facebook received search warrants for content from the users’ accounts and the warrants were accompanied with gag orders preventing the company from notifying the users. Facebook contested the gag order, though its request was denied by the D.C. Superior Court. Facebook appealed the decision to the D.C. Court of Appeals. A hearing on the matter was scheduled for September 14, though it was cancelled on September 13 after prosecutors said the gag orders were no longer necessary, and withdrew their request.

This is one of several recent instances of U.S. internet and telecommunications companies pushing back against inappropriate or overly broad government requests. Web hosting provider Dreamhost is currently engaged in a legal battle with the U.S. Department of Justice over a demand for information an anti-Trump website, although the DOJ has thus far dropped portions of its original overly broad warrant, including the demand for all IP addresses of visitors to the website. In April of this year, Twitter reported that the Trump administration had attempted to force the company to reveal the identity of an anonymous Twitter account critiquing the administration. Twitter pushed back against the request, which was ultimately withdrawn, saying it was unlawful and a violation of the First Amendment.

As noted in the Corporate Accountability Index methodology, companies should clearly disclose their processes for responding to third-party requests for user information. This disclosure should include a commitment to carry out due diligence on government requests before deciding how to respond, as well as a commitment to push back on inappropriate or overbroad government requests. Of the seven U.S. companies evaluated in the 2017 Corporate Accountability Index—Apple, AT&T, Facebook, Google, Microsoft, Twitter, and Yahoo— all seven committed to carry out due diligence on government requests for user information and to push back on inappropriate or overbroad requests.Continue Reading

Corporate Accountability News Highlights: India’s Supreme Court issues landmark privacy verdict, Yahoo to face civil suit for data breaches, Chinese government’s crackdown on free speech online continues

Corporate Accountability News Highlights is a regular series by Ranking Digital Rights highlighting key news related to tech companies, freedom of expression, and privacy issues around the world.

Privacy is a fundamental right, says India’s top court

Image by MohitSingh (Licensed CC BY 3.0)

In a landmark decision, India’s Supreme Court has ruled that privacy is a fundamental right, protected by the country’s constitution. The case stems from a legal challenge to the Indian government’s controversial new biometric database, Aadhaar, which is the largest of its kind in the world. Individuals must enroll in this database—which requires submitting their fingerprints, iris photographs, and facial photographs—in order to obtain a variety of government services, including paying taxes or receiving a government subsidy. According to The Atlantic, this makes it “almost impossible to live in India without enrolling.”

Privacy advocates in India petitioned the court over the program’s privacy risks to individuals enrolled in Aadhaar. In its ruling that privacy is a fundamental right, the court also overturned previous cases which said it was not. The court did not rule on the legality of Aadhaar itself, which will be considered separately. Advocates also anticipate the case will also have an impact on tech companies’ collection and use of user data. “These companies must brace for [legal action],” Sunil Abraham, executive director of the Bangalore-based Centre for Internet and Society, told CNN. “Individuals who are unhappy with the treatment of their personal information can now take them to court, because it is an infringement of a fundamental right.”

The Corporate Accountability Index contains 18 indicators measuring companies’ disclosure of policies affecting users’ privacy, and whether these policies and commitments demonstrate the concrete ways companies respect and protect the privacy rights of users. Indicators in this category are based on standards established by the Universal Declaration of Human Rights, the International Covenant on Civil and Political Rights and other international human rights instruments, which guarantee privacy as a fundamental human right. However, national laws and regulations can have a significant impact on a company’s policies affecting users’ privacy. As noted in our recommendations, governments should work with the private sector and civil society to ensure that legal and regulatory frameworks make it possible for companies to respect digital rights.Continue Reading