Court Orders Act of 2016 (CCOA)

“This draft bill is the most ludicrous, dangerous, technically illiterate tech policy proposal of the 21st century so far.” – Kevin Bankston, director of New America’s Open Technology Institute.1 Last week, privacy advocates and security experts widely denounced draft encryption … Continue reading

“This draft bill is the most ludicrous, dangerous, technically illiterate tech policy proposal of the 21st century so far.” – Kevin Bankston, director of New America’s Open Technology Institute.1

Last week, privacy advocates and security experts widely denounced draft encryption legislation leaked to The Hill newspaper as a radical assault on privacy that would make the American people less safe.2, 3

The Compliance with Court Orders Act of 2016 (CCOA) would undermine Americans’ privacy, make encryption illegal and force companies to weaken the security of their products and services. We need to make sure this dangerous legislation doesn’t gain any traction in Congress.

Sign the petition: Stop the Burr-Feinstein attack on privacy and security. Click here to sign the petition.

The CCOA, which is being drafted by Senate Intelligence Committee Chair Richard Burr (R-AL) and Ranking Member Dianne Feinstein (D-CA), is bad policy for a number of reasons. It would:

  • Make end-to-end encryption illegal by requiring companies to provide “information or data” to the government “in an intelligible format” anytime they are served with a court order. It would also require companies to decrypt secure communications “in a timely manner” or give technical assistance to law enforcement agencies attempting to do so. As Sen. Ron Wyden said in a statement, “for the first time in America, companies who want to provide their customers with stronger security would not have that choice – they would be required to decide how to weaken their products to make you less safe.”4
  • Undermine Americans’ privacy by increasing the risk that their private information and information entrusted to businesses is accessed by criminals, hackers and government entities, both domestically and abroad.
  • Make American technology companies less competitive by making it illegal for them to offer secure communications protected by end-to-end encryption, which is currently relied upon by Google, Apple, Facebook, WhatsApp and countless other companies.6 Foreign companies would not be bound by this constraint. As the executive director of a trade group that represents thousands of app developers put it, “the senators might as well take a hatchet to the entire Internet economy.”7
  • Force platforms to censor applications by requiring license distributors to ensure that all “products, services, applications or software” they distribute are able to provide the content of communications to law enforcement agencies “in an intelligible format.” This would put Apple, Google and any other company that operates a platform for software applications in the untenable position of vetting every app to make sure they aren’t secure, and censoring those that are secure.8

Tell Congress: Reject legislation that would undermine our privacy and security. Click here to sign the petition.

As we saw with the FBI’s recent attempt to force Apple to create a backdoor to access San Bernardino shooter Syed Farook’s iPhone, law enforcement agencies are determined to undermine Americans’ privacy and security, and gain access to encrypted communications. The Obama administration’s sudden reversal in that case in March – which came only after it said a third party had helped it access the content of the phone without Apple’s help – doesn’t change its desire to force companies to weaken the security of their own products. Indeed, in an April 8 letter to a district court judge presiding over a separate case, the Department of Justice maintained that “the government continues to require Apple’s assistance in accessing the data that it is authorized to search by warrant.”9

As this debate continues to play out over the coming weeks and months, we need to forcefully reject the dangerous language in the draft Burr-Feinstein bill and any other legislation that would put Americans’ privacy and security at risk by undermining encryption.

Sign the petition to Congress: Stop the Burr-Feinstein attack on privacy and security. Click here to sign the petition.

Thanks for fighting to protect our privacy and security.

Josh Nelson, Campaign Manager
CREDO Action from Working Assets

Add your name:

Sign the petition ?
  1. Anti-Encryption Bill from Senators Burr and Feinstein Would Be Disastrous for Cybersecurity, Tech Economy,” Open Technology Institute, March 31, 2016.
  2. Cory Bennett, “Senate encryption bill draft mandates ‘technical assistance’,” The Hill, April 7, 2016.
  3. Jenna McClaughlin, “Bill That Would Ban End-to-End Encryption Savaged by Critics,” The Intercept, April 8, 2016.
  4. Wyden Statement on Draft Bill Requiring Companies to Undermine Strong Encryption,” April 8. 2016.
  5. Max J. Rosenthal, “Tech and Privacy Experts Erupt Over Leaked Encryption Bill,” Mother Jones, April 8, 2016.
  6. Andy Greenberg, “The Senate’s Draft Encryption Bill Is ‘Ludicrous, Dangerous, Technically Illiterate’,” Wired, April 8 2016.
  7. Dawn Chmielewski, “The New Encryption Bill Isn’t Finished and Silicon Valley Already Hates it,” Recode, April 6, 2016.
  8. Andy Greenberg, “The Senate’s Draft Encryption Bill Is ‘Ludicrous, Dangerous, Technically Illiterate’,” Wired, April 8 2016.
  9. Julian Chokkattu, “Apple vs. U.S. isn’t over yet; Feinstein-Burr ‘encryption bill’ draft surfaces,” Digital Trends, April 8, 2016.

Amazon Prime Air

https://en.wikipedia.org/wiki/Amazon_Prime_Air http://www.amazon.com/b?node=8037720011 Amazon Prime Air is a conceptual drone-based delivery system currently in development by Amazon.com. On December 1, 2013, Amazon.com CEO Jeff Bezos revealed plans for Amazon Prime Air in an interview on 60 Minutes. Amazon Prime Air will use multirotor Miniature Unmanned Air Vehicle (Miniature UAV, otherwise known as drone) technology to autonomously … Continue reading “Amazon Prime Air”

https://en.wikipedia.org/wiki/Amazon_Prime_Air

http://www.amazon.com/b?node=8037720011

Amazon Prime Air is a conceptual drone-based delivery system currently in development by Amazon.com.

On December 1, 2013, Amazon.com CEO Jeff Bezos revealed plans for Amazon Prime Air in an interview on 60 Minutes. Amazon Prime Air will use multirotor Miniature Unmanned Air Vehicle (Miniature UAV, otherwise known as drone) technology to autonomously fly individual packages to customers’ doorsteps within 30 minutes of ordering.[1]To qualify for 30 minute delivery, the order must be less than five pounds (2.26 kg), must be small enough to fit in the cargo box that the craft will carry, and must have a delivery location within a ten-mile radius of a participating Amazon order fulfillment center.[1] 86% of packages sold by Amazon fit the weight qualification of the program.

Regulations

Presently, the biggest hurdle facing Amazon Prime Air is that commercial use of UAV technology is not yet legal in the United States.[2] In the FAA Modernization and Reform Act of 2012, Congress issued the Federal Aviation Administration a deadline of September 30, 2015 to accomplish a “safe integration of civil unmanned aircraft systems into the national airspace system.”[3]

In March 2015 the US Federal Aviation Administration (FAA) granted Amazon permission to begin US testing of a prototype. The company responded by claiming that the vehicle cleared for use was obsolete. In April 2015, the agency allowed the company to begin testing its current models. In the interim, the company had begun testing at a secret Canadian site 2,000 ft (610 m) from the US border.[4]

The agency mandated that Amazon’s drones fly no higher than 400 ft (122 m), no faster than 100 mph (161 km/h), and remain within the pilot’s line of sight. These rules are consistent with a proposed set of FAA guidelines. Ultimately, Amazon hopes to operate in a slice of airspace above 200 ft (61 m) and beneath 500 ft (152 m), with 500 ft being where general aviation begins. It plans to fly drones weighing a maximum of 55 lb (25 kg) within a 10 mi (16 km) radius of its warehouses, at speeds of up to 50 mph (80.5 km/h) with packages weighing up to 5 lb (2.26 kg) in tow.[5]

Public concerns

Public concerns regarding this technology include public safety, privacy, and package security issues.[2] Amazon states that “Safety will be our top priority, and our vehicles will be built with multiple redundancies and designed to commercial aviation standards.”[6] However, while privacy and security remain concerns, the FAA’s recently proposed rules for small UAS operations and certifications only provides provisions on its technical and functional aspects.[7]

The fact that the drone’s navigational airspace exists below 500 feet is a big step toward safety management.[8]

Privacy

Concerns over the constant connection of the drones to the internet raises concerns over personal privacy. The primary purpose of drone internet connection will be to manage flight controls and communication between drones.[9] However, the extent of Amazon’s data collection from the drones is unclear.[10] Some proposed data inputs include automated object detection, GPS surveillance, gigapixel cameras, and enhanced image resolution.[11] Because of this, Amazon’s operating center will collect unknown amounts of information, both intentionally and unintentionally, throughout the delivery process. Neither Amazon or the FAA has formed a clear policy on the management of this data.

Tor

Tor is free software for enabling anonymous communication. The name is an acronym derived from the original software project name The Onion Router,[7] however the correct spelling is “Tor”, capitalizing only the first letter.[8] Tor directs Internet traffic through a free, worldwide, volunteer network consisting of more than seven thousand relays[9] to conceal a user’s … Continue reading Tor

Tor is free software for enabling anonymous communication. The name is an acronym derived from the original software project name The Onion Router,[7] however the correct spelling is “Tor”, capitalizing only the first letter.[8] Tor directs Internet traffic through a free, worldwide, volunteer network consisting of more than seven thousand relays[9] to conceal a user’s location and usage from anyone conducting network surveillance or traffic analysis. Using Tor makes it more difficult for Internet activity to be traced back to the user: this includes “visits to Web sites, online posts, instant messages, and other communication forms”.[10] Tor’s use is intended to protect the personal privacy of users, as well as their freedom and ability to conduct confidential communication by keeping their Internet activities from being monitored.

Onion routing is implemented by encryption in the application layer of a communication protocol stack, nested like the layers of anonion. Tor encrypts the data, including the destination IP address, multiple times and sends it through a virtual circuit comprising successive, randomly selected Tor relays. Each relay decrypts a layer of encryption to reveal only the next relay in the circuit in order to pass the remaining encrypted data on to it. The final relay decrypts the innermost layer of encryption and sends the original data to its destination without revealing, or even knowing, the source IP address. Because the routing of the communication is partly concealed at every hop in the Tor circuit, this method eliminates any single point at which the communicating peers can be determined through network surveillance that relies upon knowing its source and destination.

An adversary might try to de-anonymize the user by some means. One way this may be achieved is by exploiting vulnerable software on the user’s computer.[11] The NSA has a technique that targets outdated Firefox browsers codenamed EgotisticalGiraffe,[12] and targets Tor users in general for close monitoring under its XKeyscore program.[13] Attacks against Tor are an active area of academic research,[14][15] which is welcomed by the Tor Project itself.[16]

GCHQ’s spying actions

UK Government quietly rewrites law so that GCHQ and other British spy agencies can avoid prosecution for hacking computers Government has changed the law via an amendment to Serious Crime Bill The change offers more protection to spy agencies who hack … Continue reading

UK Government quietly rewrites law so that GCHQ and other British spy agencies can avoid prosecution for hacking computers

  • Government has changed the law via an amendment to Serious Crime Bill
  • The change offers more protection to spy agencies who hack computers
  • Privacy International is challenging the legality of GCHQ’s spying actions
  • The charity has called Government’s ‘underhand’ behaviour ‘disgraceful’  

Read more: http://www.dailymail.co.uk/news/article-3084535/UK-Government-quietly-rewrites-law-GCHQ-British-spy-agencies-avoid-prosecution-hacking-computers.html#ixzz3sREYu3Ts
Follow us: @MailOnline on Twitter | DailyMail on Facebook

Virtual privacy

Dear Fight for the Future member, I wish we didn’t have to send this email. I wish we could take this week to reflect and grieve. But some politicians are wasting no time exploiting tragedy and manipulating our emotions to … Continue reading

Dear Fight for the Future member,

I wish we didn’t have to send this email. I wish we could take this week to reflect and grieve. But some politicians are wasting no time exploiting tragedy and manipulating our emotions to push their political agendas. (1) We can’t remain silent.

Sign the petition: more mass surveillance will not make us safer.

The attacks in Paris and Beirut have all of us looking for answers. What can we do to stop this violence?

But while people around the world are grappling with that question, government officials are instead seizing the opportunity to renew their attacks on our most basic freedoms, even though they know it won’t make us safer from attacks.

Specifically, officials in the U.S. and Europe are pushing to ban strong encryption technology. (2) They want every type of Internet security to have a “backdoor” so that governments can access literally everything. Here’s the problem: weakening encryption will actually make us all less safe. Even if you trust governments to never abuse this system and only use it in the most extreme circumstances, once a backdoor exists, it can be used by anyone who can find it, including criminals, other governments, and yes, even terrorists. (3)

Fortunately, we’ve done a mountain of work over the last year educating the public and fighting this kind of misinformation, so more people than ever before know what’s really going on. Security experts agree that putting backdoors in encryption technology and letting the government collect even more of our personal information won’t prevent attacks like the ones we saw last week.

The battle lines are being drawn, but some powerful voices have been listening and are weighing in on the side of freedom and logic. The influential New York Times editorial board just came out swinging with the headline: “Mass surveillance is not the answer to fighting terrorism.” This is exactly the message leaders need to hear right now.

If you agree, don’t be silent and let them take our freedom away. Click here to send the NYT editorial to your lawmakers and tell them that more surveillance won’t make us safer.

The details from Paris and Beirut are still emerging. The latest evidence suggests that the attackers were using totally unencrypted SMS messages. (4) The facts haven’t stopped politicians and pundits from demonizing encryption, but the reality is that it’s still not clear exactly how this happened, or how it could have been prevented.

What is clear is that now is not the time to make hasty decisions and rush to pass laws we’ve barely read. That path has failed us time and again. (5) Now is the time for informed, thoughtful, discussion about the causes of this violence and the real solutions to address it.

Weakening the encryption that protects our hospitals, power plants, airports, and personal information isn’t going to make us safer.

Collecting a giant haystack of data about hundreds of millions of innocent people is not going to stop the next attack.

We need real answers and solutions, not politicians scrambling spin this terrible situation to grab more power.

Do you agree? Click here to take one small action to make sure we don’t repeat our mistakes.

These decisions about encryption and mass surveillance will determine the type of world our children and our children’s children will live in. We shouldn’t let them be made for us by opportunistic politicians or violent attackers.

Yours for freedom and a better world,
~ Fight for the Future

P.S. Here’s a link directly to the New York Times editorial. Please share it widely! http://www.nytimes.com/2015/11/18/opinion/mass-surveillance-isnt-the-answer-to-fighting-terrorism.html

P.P.S. This is probably the only time you’ll see us rallying behind an NYT editorial. Savor the strangeness.
1. New York Times editorial board. “Mass Surveillance is Not The Answer to Fighting Terrorism” http://www.nytimes.com/2015/11/18/opinion/mass-surveillance-isnt-the-answer-to-fighting-terrorism.html?smid=tw-share&_r=2
2. Huffington Post. “It’s Unclear if Paris Attackers Relied on Encryption. Lawmakers are Attacking it Anyway.” http://www.huffingtonpost.com/entry/paris-attackers-cell-phone-encryption-terrorism_564cd67fe4b08c74b733d8ce?cbfyldi
3. The Guardian. “Academics criticize NSA and GCHQ for weakening online encryption.” http://www.theguardian.com/technology/2013/sep/16/nsa-gchq-undermine-internet-security
4. Techdirt. “After endless demonization of encryption, police find Paris attackers coordinated via unencrypted SMS” https://www.techdirt.com/articles/20151118/08474732854/after-endless-demonization-encryption-police-find-paris-attackers-coordinated-via-unencrypted-sms.shtml
5. The Intercept. “From Paris to Boston, Terrorists Were Already Known to Authorities.” https://theintercept.com/2015/11/18/terrorists-were-already-known-to-authorities/

 

Facebook is not your friend.

Asked a Forbes.com blogger: “Is it okay for Facebook to play mind games with us for science? It’s a cool finding, but manipulating unknowing users’ emotional states to get there puts Facebook’s big toe on that creepy line.” Slate.com called … Continue reading

Asked a Forbes.com blogger: “Is it okay for Facebook to play mind games with us for science? It’s a cool finding, but manipulating unknowing users’ emotional states to get there puts Facebook’s big toe on that creepy line.”

Slate.com called the experiment “unethical” and said “Facebook intentionally made thousands upon thousands of people sad.”

Mr. Kramer defended the ethics of the project. He apologized for wording in the published study that he said might have made the experiment seem sinister. “And at the end of the day, the actual impact on people in the experiment was the minimal amount to statistically detect it,” he wrote on Facebook.

We are the product, not the customer

If you’re a Facebook user, some of your friends may have recently posted a status update titled “Privacy Notice.” It goes on to declare in legal-sounding language that since Facebook is now publicly traded it can make public use of your private content—and if you don’t repost the statement yourself, you are giving your implicit permission.

Sadly, you cannot protect your Facebook content with a reposted status update: It’s a hoax. But you can protect yourself by taking control of your privacy settings; see our step-by-step video on how to do just that.

Facebook commented on its own privacy page about the hoax:

We have noticed a recent status update that is being widely shared implying the ownership of your Facebook content has recently changed. This is not true and has never been the case. Facebook does not own your data and content.

Facebook privacy page


http://www.guardian.co.uk/commentisfree/andrewbrown/2010/may/14/facebook-not-your-friend
Continuar leyendo “Facebook is not your friend.”

Personal VPN

You can use a free program called Hotspot Shield and it will hide your IP Address. http://www.hotspotshield.com/ VPN PROVIDER LIST The Anonymous US Privacy IP service  Use your PPTP or OpenVPN service on all your devices! Extend the same security, anonymity, and preferred IP location that VPN has always provided to all of your wireless devices. […]

You can use a free program called Hotspot Shield and it will hide your IP Address. 

http://www.hotspotshield.com/

VPN PROVIDER LIST

The Anonymous US Privacy IP service 

Use your PPTP or OpenVPN service on all your devices! Extend the same security, anonymity, and preferred IP location that VPN has always provided to all of your wireless devices. Sabai Technologies VPN wireless routers utilize your current VPN service to create a home VPN network in just five minutes of setup.

Advanced features such as dual gateway make wired or wirelessly connect your: Tablets, Laptops, Smart Phones, Streaming Devices, Smart TV or Game Consoles simple and easy. Sabai Technology has wireless VPN routers for anyone, whether you are connecting just a few devices in a small space or connecting hundreds of devices in a business setting.

Not sure which VPN Router is right for you? Try the Ultimate VPN Router Comparison Guide.

A VPN (Virtual Private Network) creates a secure tunnel between you and a safe server that encrypts and protects you and your information. In this day and age where governments and companies are spying on virtually everyone, we all need this type of protection.

Resist the urge to use a free or very cheap VPN service. In exchange for providing the free service, you agree to let them look at your data for marketing purposes.

A lot of people outside of the USA cannot access certain video and other websites that are only available from American IP addresses. This is also true in other countries where people lining outside their home country can no longer access sites restricted to their country. A Personal VPN with servers in that country will easily resolve this issue.

For a premium product we suggest this Personal VPN service which is reliable and secure. They run many servers throughout the Americas, Asia and Europe. Offering both TCP and UDP OpenVPN connections allows them to thwart blocking schemes that other vendors can’t penetrate. Also offered is a PPTP/L2TP or OpenVPN service for smart phones and tablets like iPhone, iPad, Android phones and Android tablets like the Samsung Galaxy. Additionally, they provide multiple ports to access the VPN, further enhancing their ability to beat the web blocks. Finally, they change – and never repeat – their IP addresses often, making it very problematic for ISP’s to block their IP addresses.

If you are only interested in basic service, with servers in 5 countries, we recommend this inexpensive no frills entry level VPN Service. It provides Both OpenVPN and PPTP/L2TP VPN servers to the USA allowing you to secure your connection, prevent wireless hotspot hacks, and unblock websites from around the world.

For an offshore only VPN service and secure email products, which operates only in countries with strong privacy laws, we recommend this Offshore VPN Service. They operate OpenVPN, PPTP and L2TP servers in several offshore locations and provide several unique and useful security products.

Router configuration

Before you can start configuring your router for HMA! Pro VPN, the first step is to check if it’s compatible.Some routers like the ASUS RT-N16 can connect to the VPN without needing to flash custom firmware (like DD-WRT, OpenWRT or Tomato firmware). Please refer to the Connection Instructions page for links to setup instructions.If you don’t know if your routers is compatible or not, you can try to adapt the settings from the other tutorials.

 

But most routers need to be at least compatible with DD-WRT firmware, so it can be flashed and the router configured for HMA! Pro VPN.
You can check if your router supports this @ the DD-WRT router database or the DD-WRT supported devices list

How to install the DD-WRT firmare: http://www.dd-wrt.com/wiki/index.php/Installation

For a list of all available router-related tutorials, see Tutorials:Router Configuration

privacy laws

Nov. 18, 2013 6:53 PM EST

SAN FRANCISCO (AP) — Google is paying $17 million to 37 states and the District of Columbia to make amends for the Internet search leader’s snooping on millions of people using Safari Web browsers in 2011 and 2012.

The settlement announced Monday stems from a technological loophole that enabled Google’s DoubleClick advertising network to shadow unwitting Safari users, even though the browser’s maker, Apple Inc., prohibited the tracking without obtaining a person’s permission. By following what Safari users were doing online, DoubleClick could gain more insights about what types of ads were most likely to appeal to different Safari users.


We’re getting rid of over 60 different privacy policies across Google and replacing them with one that’s a lot shorter and easier to read. Our new policy covers multiple products and features, reflecting our desire to create one beautifully simple and intuitive experience across Google.
We believe this stuff matters, so please take a few minutes to read our updated Privacy Policy and Terms of Service at http://www.google.com/policies. These changes will take effect on March 1, 2012.
Got questions?
We’ve got answers.
Visit our FAQ at http://www.google.com/policies/faq to read more about the changes. (We figured our users might have a question or twenty-two.)

States Move on Privacy Law

By
Published: October 30, 2013
Over two dozen privacy laws have passed this year in more than 10 states, in places as different as Oklahoma and California. 
For Internet companies, the patchwork of rules across the country means keeping a close eye on evolving laws to avoid overstepping. 

For companies, it helps that state measures are limited in their scope by a federal law that prevents states from interfering with interstate commerce.
Some of the bills extend to surveillance beyond the web. Eight states, for example, have passed laws this year limiting the use of drones, according to the American Civil Liberties Union, which has advocated such privacy laws. In Florida, a lawmaker has drafted a bill that would prohibit schools from collecting biometric data to verify who gets free lunches and who gets off at which bus stop. Vermont has limited the use of data collected by license plate readers, which are used mostly by police to record images of license plates.
California, long a pioneer on digital privacy laws, has passed three online privacy bills this year. One gives children the right to erase social media posts, another makes it a misdemeanor to publish identifiable nude pictures online without the subject’s permission, and a third requires companies to tell consumers whether they abide by “do not track” signals on web browsers.
But stiff lobbying efforts were able to stop a so-called right to know bill proposed in California this year that stood to hurt the online industry. The bill would have required any business that “retains a customer’s personal information” to share a copy of that information at the customer’s request, as well as disclose which third parties have received the information. The practice of sharing customer data is central to digital advertising and to the large Internet companies that rely on advertising revenue.
“ ‘Right to know’ is an example of something that’s not workable,” said Jim Halpert, a lawyer with the national firm DLA Piper, who leads an industry coalition that includes Amazon, Facebook and Verizon. “It covers such a broad range of disclosures. We advocated against it.”

According to a survey conducted in July by the Pew Internet Center, most Americans said they believed that existing laws were inadequate to protect their privacy online, and a clear majority reported making great efforts to mask their identities online. Some of those surveyed said they cleared browsing histories, deleted social media posts or used virtual networks to conceal their Internet Protocol addresses — and a few even said they used encryption tools.
Many states have already responded to those opinions. In the last couple of years, about 10 states have passed laws restricting employers from demanding access to their employees’ social media accounts.
California set the stage on digital privacy 10 years ago with a law that required organizations, whether public or private, to inform consumers if their personal data had been breached or stolen. Several states followed, and today, nearly every state has a data breach notification law.
A version of this article appears in print on October 31, 2013, on page A1 of the New York edition with the headline: No U.S. Action, So States Move On Privacy Law.

Nov. 18, 2013 6:53 PM EST

SAN FRANCISCO (AP) — Google is paying $17 million to 37 states and the District of Columbia to make amends for the Internet search leader’s snooping on millions of people using Safari Web browsers in 2011 and 2012.

The settlement announced Monday stems from a technological loophole that enabled Google’s DoubleClick advertising network to shadow unwitting Safari users, even though the browser’s maker, Apple Inc., prohibited the tracking without obtaining a person’s permission. By following what Safari users were doing online, DoubleClick could gain more insights about what types of ads were most likely to appeal to different Safari users.


We’re getting rid of over 60 different privacy policies across Google and replacing them with one that’s a lot shorter and easier to read. Our new policy covers multiple products and features, reflecting our desire to create one beautifully simple and intuitive experience across Google.
We believe this stuff matters, so please take a few minutes to read our updated Privacy Policy and Terms of Service at http://www.google.com/policies. These changes will take effect on March 1, 2012.
Got questions?
We’ve got answers.
Visit our FAQ at http://www.google.com/policies/faq to read more about the changes. (We figured our users might have a question or twenty-two.)

States Move on Privacy Law

Over two dozen privacy laws have passed this year in more than 10 states, in places as different as Oklahoma and California. 
For Internet companies, the patchwork of rules across the country means keeping a close eye on evolving laws to avoid overstepping. 

For companies, it helps that state measures are limited in their scope by a federal law that prevents states from interfering with interstate commerce.
Some of the bills extend to surveillance beyond the web. Eight states, for example, have passed laws this year limiting the use of drones, according to the American Civil Liberties Union, which has advocated such privacy laws. In Florida, a lawmaker has drafted a bill that would prohibit schools from collecting biometric data to verify who gets free lunches and who gets off at which bus stop. Vermont has limited the use of data collected by license plate readers, which are used mostly by police to record images of license plates.
California, long a pioneer on digital privacy laws, has passed three online privacy bills this year. One gives children the right to erase social media posts, another makes it a misdemeanor to publish identifiable nude pictures online without the subject’s permission, and a third requires companies to tell consumers whether they abide by “do not track” signals on web browsers.
But stiff lobbying efforts were able to stop a so-called right to know bill proposed in California this year that stood to hurt the online industry. The bill would have required any business that “retains a customer’s personal information” to share a copy of that information at the customer’s request, as well as disclose which third parties have received the information. The practice of sharing customer data is central to digital advertising and to the large Internet companies that rely on advertising revenue.
“ ‘Right to know’ is an example of something that’s not workable,” said Jim Halpert, a lawyer with the national firm DLA Piper, who leads an industry coalition that includes Amazon, Facebook and Verizon. “It covers such a broad range of disclosures. We advocated against it.”

According to a survey conducted in July by the Pew Internet Center, most Americans said they believed that existing laws were inadequate to protect their privacy online, and a clear majority reported making great efforts to mask their identities online. Some of those surveyed said they cleared browsing histories, deleted social media posts or used virtual networks to conceal their Internet Protocol addresses — and a few even said they used encryption tools.
Many states have already responded to those opinions. In the last couple of years, about 10 states have passed laws restricting employers from demanding access to their employees’ social media accounts.
California set the stage on digital privacy 10 years ago with a law that required organizations, whether public or private, to inform consumers if their personal data had been breached or stolen. Several states followed, and today, nearly every state has a data breach notification law.