4 Days in NYC for the Open Web Fellows

The inaugural cohort of the Ford-Mozilla Open Web Fellows met in New York last week for only the second time face to face.  Working remotely from Lima, Washington DC, Boston and London, the 6 fellows meet weekly with Melissa Romaine from Mozilla’s San Francisco office, and with me from my home office in Victoria, British Columbia. This was an In Real Life™ meeting we were all looking forward to, if for nothing else than the important reminder that we aren’t squares on a video conference call – we are talented and complicated humans.

Mozilla NYC

The six fellows are placed within Internet Freedom organizations, working on a mixture of team and individual projects.

      • Paola Villarreal, American Civil Liberties Union, Massachusetts.
        Paola is working on Data for Justice, a data-driven advocacy tool that visualizes information critical for eliminating injustice in communities.
      • Tim Sammut, Amnesty International. Tim’s projects are:
        Secure Communications Framework: An approachable framework for human rights researchers that helps them understand how to communicate with contacts around the world safely in the context of varying threats and information sensitivity.
        Community Incident Response: Help human rights organizations in Amnesty’s worldwide network access technical assistance during active digital attacks.
      • Andrea Del Rio, Association for Progressive Communications
        Andrea is creating the web version of the Feminist Principles of The Internet, which aims to inspire people not only to imagine a Feminist Internet but actually build one that is fair, inclusive, empowering and safe for everyone.
      • Drew Wilson, Free Press
        Drew is embedded in Free Press’ Internet2016 campaign and is building tools that internet rights advocates can use to bootstrap their own activism projects.
      • Gem Barrett, Open Technology Institute
        Gem is a member of the MLab team at OTI, helping to build the largest collection of open Internet performance data on the planet.
      • Tennyson Holloway, Public Knowledge
        Tennyson is working on projects that inspire and educate future web advocates. “What can i do for the internet.org” is a website that represents a vision of a story based platform that educates, inspires, and assists users to join the open web movement. His other projects involve creating web games that explain tech policy Washington issues, such as copyright and patent trolls.

The Weather Report

Being the first cohort, the 2015 fellows have their fair share of challenges and opportunities.  The challenge: we’re living a plan that is being executed for the first time.  Almost everything needs to be answered by “I don’t know. Let me get back to you”.  On the plus side, this cohort will likely play the largest role in shaping the program and will have the highest degree of input on where we need to make adjustments.  This day was about navigating that tension and also identifying where we are starting to win.


A random sample of substantive issues we discussed:

-How do we design a fellowship program that serves both established and emerging careers?

-What’s the right balance of individual projects and independent research within a fellowship year?

-How do we identify our mentors? Can these people be found for us, or is it in fact something we need to find time to do? (spoiler alert – that’s on us)

Some key takeaways for the Mozilla program team:

-The Mozilla network is a key asset. We need to present the “menu” of potential contacts and access to people that we can provide

-We need to find a way to bring the work of the fellows to Mozilla audiences

-We can assist fellows in finding mentors – those individuals that fellows can go to for advice and that have their best interests at heart

We ended the day with a Q & A with Mozilla’s Executive Director, Mark Surman.  Mark shared with the fellows his vision for leadership development at Mozilla, which he’s previously blogged about here.   He left with two invitations for the cohort – be demanding, and make sure Mozilla is doing all it can to advance your goals.  But also, be generous – give to each other and the program.

Mapping Collaboration

The 2015 cohort is impressive.  They’ve advised governments, settled refugees, built movements and shipped products.  One thing we needed to accomplish together was an identification of the believable ways that the cohort could collaborate together – from running workshops with one another to building a shared project, we spent time mapping this landscape and committing to some next steps. We were joined by Mozilla’s Internet Policy manager Jochai Ben-Avie,who will be working with the cohort during their fellowship year.


Some things we committed to producing together

-5 Lightning Talks we’ll give within the cohort about skills we want to share or an issue we are passionate about

-A Mozilla Wiki page about the fellowship cohort – You can now refer to this page to stay up to date on the 2015 cohort.

-Collaborating with the larger Mozilla Advocacy team to help develop advocacy campaigns

-Net Posi, a podcast about activism started by the cohort – listen to the first episode below and subscribe here.

We headed to midtown for a meeting with Jenny Toomey, Lori McGlinchey and Michael Brennan from Ford’s Internet Rights program.  We were also joined by Joshua Cinelli, who manages Ford’s strategic communications. It was a great chance for us all to learn more about why Internet Rights has been a strategic focus for Ford, and how they see field building and talent development fitting into their strategy.  As Lori McGlinchey, the Internet Rights Program officer expressed – “we need civil society orgs to see technologists not as the cherry on top of a cake they already are having trouble paying for – technologists need to be thought of as essential to these teams”.  It was also a chance for Ford to internalize the diversity and talent of our cohort and the projects we’ve undertaken.  This was the first time that the fellows and Ford staff had met, and we all left with a heightened understanding of not only our role within the Internet Freedom ecosystem, but the opportunities for us to make an impact.


From there we headed to Civic Hall for our closing event.  We hosted 30 activists and technologists for social change in a conversation designed to learn more about the projects of our cohort. We also met with several organizations hoping to place fellows within their organizations in 2016, and were fortunate to be able to dedicate some 1-1 time to these allies in the field.  We split into small groups where fellows lead discussions around their projects.

We finished the evening by braving the rainy ripple effects of Hurricane Joaquin to have a final meal together.  Exhausted but productive, the trains, planes and automobiles took us out of New York to reflect on, internalize, and act on what we’d learned.

A HUGE thank you to Misty Avila who joined us from Aspiration Technology to facilitate our days together.  We couldn’t have accomplished so much without her talent and spirit!


CalECPA nears the finish line, to potential global benefits

Earlier this year, we wrote about CalECPA (official name: SB 178), a bill in the state of California that would improve privacy protections for Internet users by requiring due process to ask for online communications data and metadata. This bill has been passed by the California legislature, and is now on its way to the Governor to be signed into law.

In some circumstances, we’d declare victory at this point. But other electronic privacy bills have advanced very far in the California political processes before, only to fail. So it’s not over yet. Fortunately, the scale of support for the legislation in this version is greater than it has ever been, both inside and outside government. We’re hopeful it can succeed this time.

It is important that it passes. California privacy law needs to catch up with other countries and other U.S. states (including Texas, Maine, and Utah). Federal law in the U.S. needs to follow suit. In too many areas, the United States is still applying privacy law written decades ago, long before smartphones were introduced, even before the ubiquity of personal computing devices at any scale. Old law doesn’t always equate to bad law. We rely on a fundamental document, the Constitution, that measures its age in the centuries, after all. In this case however, old privacy laws aren’t protecting Internet users adequately. Today’s old privacy laws weren’t written in a way that adapts well to evolving technology. CalECPA improves on this significantly.

Mozilla Manifesto principle #4 reads, “Individuals’ security and privacy on the Internet are fundamental and must not be treated as optional.” To us, this begins with our technologies. Our privacy principles emphasize limited data, transparency, and meaningful user control, informing and guiding how we engineer all of our products and services.

Legal safeguards, such as the changes proposed in CalECPA, are essential as a complement to good technical practices. Governments want access to the data that businesses collect, store, and use. But when there are no or insufficient protections on what information they can ask for, transparency, accountability, user control, and privacy all suffer.

We saw significant progress on surveillance reform earlier this year through the passage of USA FREEDOM – but we have a very, very long way to go. Adopting CalECPA into law would not only have tangible benefits for Internet users, with impact felt far beyond the state of California. It would also help sustain momentum and contribute to future victories on surveillance reform.

Host the Heroes of Tomorrow

Last year Ford Foundation and Mozilla came together to launch the Open Web Fellows Program, an international leadership initiative that brings together the best emerging technology talent and civil society organizations to advance and protect the open Web. This came at a critical point for the evolution and health of the Web, which Mark Surman, Executive Director of Mozilla Foundation, and Darren Walker, President of Ford Foundation wrote about here:

            “The Internet remains a contested space. Far too often, we see its core ethos – a                            medium where anyone can make anything and share it with anyone – undermined by                  forces that wish to make it less free and open. In a world in which the future health of                  the Internet is vital to democratic discourse and a free flow of ideas, we need a band of              dedicated individuals standing ready to protect it.”

As part of the NetGain initiative, the program provides an ecosystem for the next generation of open Web advocates to make an early impact while growing into the capable leaders we need as threats to digital freedom proliferate.

Looking towards 2016, we’ve opened the call for applications for host organizations (closing Sept. 12, 2015 Extended to Oct. 9, 2015).

Year Two will include 8-9 host organizations and Open Web Fellows who will work together to keep the Internet a global public resource by focusing on salient issues like privacy, access, and online rights.

Specifically, the goals of the Open Web Fellows program are:

  • Produce better technical understanding among civil society and government policy-making bodies
  • Increase public awareness and understanding of Internet policy issues
  • Provide talented individuals with the opportunities to create a healthier, more trustworthy Web
  • Provide civil society organizations with the capacity and capabilities to expand their work into new horizons
  • Contribute to building a community of public interest technologists

Host organizations are involved in the recruitment and selection process of the candidates. Other responsibilities include:

  • Collaboration: Host organizations will work with Mozilla to provide a learning environment through mentorship, networking, and conferences.
  • Fellowship Projects: Host organizations and their selected fellows will identify projects that build on the skills of the fellows. Host organizations and fellows will ensure that these projects do not entail any lobbying activities.

In turn, Mozilla will provide:

  • Thought Leadership: Mozilla will provide support and training throughout the fellowship, as the new leaders learn more about Internet policy and advocacy.
  • Program Management: Mozilla will manage the host organization and fellow selection processes, coordinate Mozilla-organized events for fellows, and disburse grant funding.
  • Mentorship: Mozilla staff will collaborate with fellows to transfer vital skills in open source, project management and professional development.

Each year, fellows spend 10 months embedded at leading advocacy organizations to lend their expertise to the field. They receive a stipend of $60,000, plus a number of supplemental benefits to help with relocation, housing, childcare, and equipment acquisition. We will also cover the cost of certain Mozilla-organized trips, but ask the host organizations to cover trips they deem required. Mozilla strives to make this a global program, and as such provides visa assistance where necessary.

To better understand the type of organizations with which the Open Web Fellows Program is looking to partner, please see our “Spotlight” series on our 2015 host organizations:

American Civil Liberties Union, Massachusetts
Amnesty International
Free Press
New America’s Open Technology Institute
Public Knowledge
[Note: Association for Progressive Communications is also a 2015 host organization, but were recruited at a later date.]

Apply now to become a 2016 Ford-Mozilla Open Web Fellows host organization.


Q: How should host organizations be”advancing the open Web”?
A: “Open Web” needn’t be specifically about net neutrality and access; open practices, research, privacy, surveillance, and promoting the web as a public resource all fit within the focus of the program.

Q: How technical are the fellows?
A: It depends on the needs of the host organization. Generally, they are quite technical (full-stack engineers), and some have specialities. To get a sense of they types of people this program attracts, meet our 2015 cohort of Open Web Fellows.

Q: How involved are host organizations in the selection process?
A: First pass is done by a core Mozilla team. The host organizations will then be given a list of about 100 candidates (depending on how many apply) from which they first choose who Mozilla should interview, and later who they want to interview. The final decision is made in negotiation with Mozilla and the host organization. Read more about the 2015 Fellows selection process.

Q: What if we don’t have a physical office space?
A: Fellows are generally encouraged to work in the office space of the host organization to better understand the culture of civil society organizations and the public sector. If an organization doesn’t have a physical space, arrangements for remote working can be made. However, this requires more oversight and involvement from the host organization.

Q: What sorts of projects do fellows work on?
A: Host organizations and fellows “ship” a tangible outcome over the course of the project. Initial projects range from content productions, campaign sites, mobile apps, mashups of open data sets, and tooling for activist organizations.

Apply now to become a 2016 Ford-Mozilla Open Web Fellows host organization.

Experts develop cybersecurity recommendations

Today, we’re excited to publish the output of our “Cybersecurity Delphi 1.0” research process, tapping into a panel of 32 cybersecurity experts from diverse and mutually reinforcing backgrounds.

Mozilla Cybersecurity Delphi 1.0

Securing our communications and our data is hard. Every month seems to bring new stories of mistakes and attacks resulting in our personal information being made available – bit by bit harming trust online, and making ordinary Internet users feel fear. Yet, cybersecurity public policy often seems stuck in yesterday’s solution space, focused exclusively on well known terrain, around issues such as information sharing, encryption, and critical infrastructure protection. These “elephants” of cybersecurity policy are significant issues – but too much focus on them eclipses other solutions that would allow us to secure the Internet for the future.

So, working with Camille François & DHM Research we’ve spent the past year engaging the panel of cybersecurity experts through a tailored research process to try to extract public policy ideas and see what consensus can be found around them. We weren’t aiming for full consensus (an impossible task within the security community!). Our goal was to foment ideation and exchange, to develop a user-focused and holistic cybersecurity policy agenda.

Mozilla Cybersecurity Delphi Process

Our experts collectively generated 36 distinct policy suggestions for government action in cybersecurity. We then asked them to identify and rank their top choices of policy options by both feasibility and desirability. The result validated the importance of the “cyberelephants.” Privacy-respecting information sharing policies, effective critical infrastructure protection, and widespread availability and understanding of secure encryption programs are all important goals to pursue: they ranked high on desirability, but were generally viewed as hard to achieve.

More important are the ideas that emerged that aren’t on the radar screens of policymakers today. First and foremost was a proposal that stood out above the others as both highly desirable and highly feasible: increased funding to maintain the security of free and open source software. Although not high on many security policy agendas, the issue deserves attention. After all, 2014’s major security incidents around Poodle, Heartbleed, and Shellshock all centered on vulnerabilities in open source software. Moreover, open source software libraries are built into countless noncommercial and commercial products.

Many other good proposals and priorities surfaced through the process, including: developing and deploying alternative authentication mechanisms other than passwords; improving the integrity of public key infrastructure; and making secure communications tools easier to use. Another unexpected policy priority area highlighted by all segments of our expert panel as highly feasible and desirable was norm development, including norms concerning governments’ and corporations’ behavior in cyberspace, guided by human rights and communicated with maximum clarity in national and international contexts.

This report is not meant to be a comprehensive analysis of all cybersecurity public policy issues. Rather, it’s meant as a first, significant step towards a broader, collaborative policy conversation around the real security problems facing Internet users today.

At Mozilla, we will build on the ideas that emerged from this process, and hope to work with policymakers and others to develop a holistic, effective, user-centric cybersecurity public policy agenda going forward.

This research was made possible by a generous grant from the John D. and Catherine T. MacArthur Foundation.

Mozilla Cybersecurity Delphi 1.0

Chris Riley
Jochai Ben-Avie
Camille François

Decisive moment for net neutrality in Europe


Yesterday, the European Union moved one step closer to enacting real net neutrality across the continent. The European Parliament’s Industry, Research, and Energy Committee (ITRE) approved an agreement on the Telecom Single Market Regulation (TSM), after drawn out negotiations between the three EU policymaking branches: the Parliament, the Council, and the Commission. This draft legislation includes proposed rules specifying that all traffic must be treated equally as well as rules prohibiting paid prioritization and blocking.

The ITRE Committee will vote in the fall to formally adopt the text and it will then move to the full Parliament plenary for a final vote. However, amendments can be offered before both the ITRE vote and the plenary vote, and the European Council (the body representing EU member states) must also ratify the final text before it becomes law.

While the current rules are ambiguous in places and give significant deference to national regulatory authorities, overall this is a significant step to protect the open Internet in Europe. We urge European policymakers to finish strong and enact clear, enforceable rules against blocking, discrimination, and fast lanes.


After years of negotiations, the E.U. Telecom Single Market Regulation (which includes proposed net neutrality rules) is nearing completion. If passed, the Regulation will be binding on all E.U. member states. The policymakers – the three European governmental bodies:  the Parliament, the Commission, and the Council – are at a crossroads: implement real net neutrality into law, or permit net discrimination and in doing so threaten innovation and competition. We urge European policymakers to stand strong, adopt clear rules to protect the open Internet, and set an example for the world.

At Mozilla, we’ve taken a strong stance for real net neutrality, because it is central to our mission and to the openness of the Internet. Just as we have supported action in the United States and in India, we support the adoption of net neutrality rules in Europe. Net neutrality fundamentally protects competition and innovation, to the benefit of both European Internet users and businesses. We want an Internet where everyone can create, participate, and innovate online, all of which is at risk if discriminatory practices are condoned by law or through regulatory indifference.

The final text of European legislation is still being written, and the details are still gaining shape. We have called for strong, enforceable rules against blocking, discrimination, and fast lanes are critical to protecting the openness of the Internet. To accomplish this, the European Parliament needs to hold firm to its five votes in the last five years for real net neutrality. Members of the European Parliament must resist internal and external pressures to build in loopholes that would threaten those rules.

Two issues stand out as particularly important in this final round of negotiations: specialized services and zero-rating. On the former, specialized services – or “services other than Internet access services” – represent a complex and unresolved set of market practices, including very few current ones and many speculative future possibilities. While there is certainly potential for real value in these services, absent any safeguards, such services risk undermining the open Internet. It’s important to maintain a baseline of robust access, and prevent relegating the open Internet to a second tier of quality.

Second, earlier statements from the E.U. included language that appeared to endorse zero-rating business practices. Our view is that zero-rating as currently implemented in the market is not the right path forward for the open Internet. However, we do not believe it is necessary to address this issue in the context of the Telecom Single Market Regulation. As such, we’re glad to see such language removed from more recent drafts and we encourage European policymakers to leave it out of the final text.

The final text that emerges from the European process will set a standard not only for Europe but for the rest of the world. It’s critical for European policymakers to stand with the Internet and get it right.

Chris Riley, Head of Public Policy
Jochai Ben-Avie, Internet Policy Manager

Announcing the 2015 Ford-Mozilla Open Web Fellows

Building and supporting leaders equipped to protect the open Web is a core part of Mozilla’s advocacy strategy. After a comprehensive, worldwide search, we are excited to introduce the 2015 Ford-Mozilla Open Web Fellows!

Paola Paola Villarreal | Americal Civil Liberties Union, Massachusetts
Tim Tim Sammut | Amnesty International
Andrea Andrea Del Rio | Association for Progressive Communications
Drew Drew Wilson | Free Press
Gem Gem Barrett | Open Technology Institute
Tennyson Tennyson Holloway | Public Knowledge

Find out more about what they will be doing in 2015.

The 2015 class represents the diversity of the Web — they come from around the world and bring skills ranging from security analysis and digital campaigning to games and apps development. Each Fellow will spend 10 months immersed in a host organization, working to advance Mozilla’s mission in policy areas including privacy, access, expression and more.

Learn about the competitive selection process.

The Open Web Fellows program — a collaboration between the Ford Foundation and Mozilla — is an international program designed to engage developers, engineers, technologists, programmers and other webmakers with civil society organizations around the world to help protect the Internet. The Fellowship program is designed to create an ecosystem that will strengthen and build leaders dedicated to advancing the free and open Web.

During the 10-month Fellowship, this next generation of leaders will be immersed in projects that address key needs with respect to digital freedom. The Fellowships will produce better technical understanding among civil society and government policy-making bodies, a stronger affirmative agenda that creates better public awareness and understanding of Internet policy issues, and improved cross-sector coordination. Fellows will serve as mentors, advisors and ambassadors, helping to develop a better-informed global policy discussion.

The 2015 class of Ford-Mozilla Open Web Fellows are working with some of the world’s leading organizations to help ensure the public policy climate safeguards the Internet as a shared, global and public resource. In this inaugural year, Fellows are embedded within six organizations: the American Civil Liberties Union (ACLU), Amnesty International, the Association for Progressive Communications (APC), Free Press, Open Technology Institute and Public Knowledge.

Please join us in welcoming the 2015 class of Ford-Mozilla Open Web Fellows. We are eager to see their impact in the months to come.

Mozilla applauds U.S. Senate’s passage of the USA FREEDOM Act

Today, the U.S. Senate voted to approve the USA FREEDOM Act. We will digest the news fully over the next few days but in the meantime would like to share this response from Denelle Dixon-Thayer, Senior Vice President for Business and Legal Affairs:

“Mozilla has long supported the USA FREEDOM Act, and we are glad to see today’s passage, which is a significant first step to restore trust online, and a foundation for further needed reform. We have more work to do, in the United States and in many other countries around the world, to protect user privacy and security on the Internet. Mozilla will continue our efforts to secure the Web and its users, demand greater oversight of surveillance activities by all governments, and keep backdoors out of our private communications.”

We’re not done yet. We’re going to rally the troops and plan for next steps to defend privacy all around the world. Stay tuned for more, soon.

Amendments at risk of derailing USA FREEDOM

On Sunday night, the U.S. Senate advanced the USA FREEDOM Act on a vote of 77-17, taking the largest step toward surveillance reform by this chamber in decades. We’re glad the Senate heard the loud chorus of voices demanding reform and voted in favor of the legislation, and we hope they will swiftly overcome the remaining procedural hurdles standing in the way of this important legislation without attaching any harmful amendments.

Real reform now is critical and this legislation will further serve as a foundation for the many reforms needed to restore users’ trust in the Internet, which is why we’re concerned to see several amendments put forward by Senate Majority Leader McConnell. Mozilla opposes all of the amendments up for a vote tomorrow:

  • Amendment 1451 – Guts amicus provision: The USA FREEDOM Act as approved by the House included good (not great) language appointing outside experts in certain cases, who would be charged to argue for protections for privacy and civil liberties. Amendment 1451 would remove these duties, rendering the amicus advocates ineffective and removing most benefits of the amicus provision.
  • Amendment 1450 – Doubles the waiting period before the law goes into effect: This amendment would extend from 6 months to 12 the transition period from current bulk collection to company-held data, despite clear indications from the NSA that they can transition fully in 6 months. The primary practical impact of the extended waiting period would be six months of unnecessary bulk collection and opportunities to weaken or curtail reforms.
  • Amendment 1449 – Requires providers to give notice about data retention policies: This amendment requires an “electronic communication service provider” to give 6 months notice to the Attorney General if that service provider intends to retain its call detail records for a period of less than 18 months. In practice, this could be interpreted as a data retention mandate, even though the Director of National Intelligence has already said that no new data retention mandate is needed. Requiring this kind of notification before a company can change its internal policies is unnecessary interference and seems to serve no purpose other than to undermine user privacy and security.

Due to a procedural move by Majority Leader McConnell, these are likely to be the only amendments considered by the Senate. However, if any of these amendments are adopted, this bill will need to go back to the House for another vote. It is unclear whether the House would adopt an amended version or how long it would take to approve a watered-down version of a bill that the House so overwhelmingly approved. We urge the Senate to pass the House version of the USA FREEDOM Act swiftly to avoid any further delay in enacting the reforms this country needs.

Copyright reform in the European Union

The European Union is considering broad reform of copyright regulations as part of a “Digital Single Market” reform agenda. Review of the current Copyright Directive, passed in 2001, began with a report by MEP Julia Reda. The European Parliament will vote on that report and a number of amendments this summer, and the process will continue with a legislative proposal from the European Commission in the autumn. Over the next few months we plan to add our voice to this debate; in some cases supporting existing ideas, in other cases raising new issues.

This post lays out some of the improvements we’d like to see in the EU’s copyright regime – to preserve and protect the Web, and to better advance the innovation and competition principles of the Mozilla Manifesto. Most of the objectives we identify are actively being discussed today as part of copyright reform. Our advocacy is intended to highlight these, and characterize positions on them. We also offer a proposed exception for interoperability to push the conversation in a slightly new direction. We believe an explicit exception for interoperability would directly advance the goal of promoting innovation and competition through copyright law.

Promoting innovation and competition

“The effectiveness of the Internet as a public resource depends upon interoperability (protocols, data formats, content), innovation and decentralized participation worldwide.” – Mozilla Manifesto Principle #6

Clarity, consistency, and new exceptions are needed to ensure that Europe’s new copyright system encourages innovation and competition instead of stifling it. If new and creative uses of copyrighted content can be shut down unconditionally, innovation suffers. If copyright is used to unduly restrict new businesses from adding value to existing data or software, competition suffers.

Open norm: Implement a new, general exception to copyright allowing actions which pass the 3-step test of the Berne Convention. That test says that any exception to copyright must be a special case, that it should not conflict with a normal exploitation of the work, and it should not unreasonably prejudice the legitimate interests of the author. The idea of an “open norm” is to capture a natural balance for innovation and competition, allowing the copyright holder to retain normal exclusionary rights but not exceptional restrictive capabilities with regards to potential future innovative or competing technologies.

Quotation: Expand existing protections for text quotations to all media and a wider range of uses. An exception of this type is fundamental not only for free expression and democratic dialogue, but also to promote innovation when the quoter is adding value through technology (such as a website which displays and combines excerpts of other pages to meet a new user need).

Interoperability: An exception for acts necessary to enable ongoing interoperability with an existing computer program, protocol, or data format. This would directly enable competition and technology innovation. Such interoperation is also necessary for full accessibility for the disabled (who are often not appropriately catered for in standard programs), and to allow citizens to benefit fully from other exceptions to copyright.

Not breaking the Internet

“The Internet is a global public resource that must remain open and accessible.” – Mozilla Manifesto Principle #2

The Internet has numerous technical and policy features which have combined, sometimes by happy coincidence, to make it what it is today. Clear legislation to preserve and protect these core capabilities would be a powerful assurance, and avoid creating chilling risk and uncertainty.

Hyperlinking: hyperlinking should not be considered as any form of “communication to a public”. A recent Court of Justice of the EU ruling stated that hyperlinking was generally legal, as it does not consist of communication to a “new public.” A stronger and more common-sense rule would be a legislative determination that linking, in and of itself, does not constitute communicating the linked content to a public under copyright law. The acts of communicating and making content available are done by the person who placed the content on the target server, not by those making links to content.

Robust protections for intermediaries: a requirement for due legal process before intermediaries are compelled to take down content. While it makes sense for content hosters to be asked to remove copyright-infringing material within their control, a mandatory requirement to do so should not be triggered by mere assertion, but only after appropriate legal process. The existing waiver for liability for intermediaries should thus be strengthened with an improved definition of “actual knowledge” that requires such process, and (relatedly) to allow minor, reasonable modifications to data (e.g. for network management) without loss of protection.

We look forward to working with European policymakers to build consensus on the best ways to protect and promote innovation and competition on the Internet.

Chris Riley
Gervase Markham
Jochai Ben-Avie

It’s the final countdown: US surveillance reform nearing the finish line

The USA FREEDOM Act was born out of the shocking revelations of overbroad government surveillance that began two years ago. In its short life (it was first introduced in 2013) the USA FREEDOM Act has gone through many iterations; along with many others we have supported this legislation in our push for broader surveillance reform. The USA FREEDOM Act, although not perfect and clearly a product of compromise, deserved our support. Yet, even after overwhelming support in the House, the Senate failed to do its job late last Friday night and failed to pass the USA FREEDOM Act (defeated by a 57-42 vote). Just three more votes were needed to move this legislation forward. The word “disappointing” doesn’t really express the proper sentiment.

Facing expiration (at midnight on May 31, 2015) of three legal authorities authorizing US surveillance programs, the Senate also declined on Friday night to advance a two-month reauthorization of these authorities (by a vote of 45-54). The strategic decision-making here is still confounding. Why wait until the night before a holiday recess when the House has already left to take these votes to the floor? Now, Senate Majority Leader Mitch McConnell – left with few options — is taking the unusual step of calling a Sunday May 31st session to try again to pass something just hours before these authorities sunset. This won’t be without several challenges.

Any paths for emergency reauthorization or any “compromises” will face filibuster threats from, among others, Senator Rand Paul, who took to the floor for 10 and half hours last week to lambast the surveillance state and refused Majority Leader McConnell’s attempts on Friday evening to extend these expiring provisions by even one day. Senator Paul’s hardline opposition, combined with the nuances of the Senate’s arcane procedures and the presence of a number of other privacy champions in the Senate, means it will be nearly impossible to pass legislation in such a short window of time.

On the House side, Representatives passed the USA FREEDOM Act overwhelmingly. The House is scheduled to return from recess and vote no earlier than 6:30PM on June 1st – well after the authorities sunset. There may be some last minute wrangling during this recess week, but without some agreement from the House to take up an interim reauthorization prior to the May 31st expiration, it appears that the Senate must either pass the House version of USA FREEDOM or let these authorities sunset. Put another way, if the Senate doesn’t pass the House version of USA FREEDOM, there will be a gap in authorized collection by the intelligence community. Justice Department officials have indicated that the NSA has already begun shutting down the 215 programs so as to be in compliance if a sunset occurs.

So what actually happens if these provisions sunset? It is tempting to view a sunset as a privacy win, as the government would be restrained from bulk collection of our telephone records after all. While there’s truth to that, we can and should expect to see the national security hawks and the intelligence community push hard to reinstate some version of these authorities. A likely possibility is a Senate effort to pass a weaker “reform” bill, a watered down USA FREEDOM Act. For example, several senators have been vocal about their belief in the need for a data retention mandate — which we’ve spoken out against before — so if these authorities expire, we fear post-sunset legislative efforts will likely include such a requirement as a pathway to 60 votes in the Senate. Already Senate Intelligence Chair Richard Burr and Vice Chair Diane Feinstein have each floated bills to this end. We oppose both of these bills; they do not provide the reforms that we need.

However, as Harley Geiger of CDT notes in a recent post on Lawfare: “A few hours’ sunset may not make much difference to beltway insiders, but a post-sunset vote re-instating Sec. 215 can correctly be seen by voters as a huge expansion in government surveillance power after that power had gone dormant.” While the Senate may look to compromise after sunset, the House may well lean the other direction. House Judiciary Chairman Goodlatte and Ranking Member Conyers have indicated in a recent statement, “If the Senate chooses to allow these authorities to expire, they should do so knowing that sunset may be permanent.”

Yet, permanent sunset of Section 215 would not satisfy the Senate, and it would not be a panacea for civil liberties. The government could still conduct bulk collection in a few different ways:

  1. The government could use the FISA pen register/trap and trace statute (PR/TT), for example, which the government has previously used to conduct bulk collection of email metadata (the program allegedly ended in 2011 due to a lack of resources and demonstrated efficacy). It’s worth noting that while bulk collection under PR/TT is curtailed in the USA FREEDOM Act, this statute doesn’t otherwise have a sunset.
  2. Through other legal pathways — the vast majority of mass surveillance occurs under other authorities such as Executive Order 12333 and Section 702 of the FISA Amendments Act. While the USA FREEDOM Act doesn’t address these authorities either, we believe passing this legislation will serve as a better foundation for further reform than a sunset.
  3. Through grandfathering — Section 215’s sunset provision has a clause saying that investigations that were begun before the sunset occurred may continue. The FBI doesn’t put a time limit on its investigations, whatever broad investigation they’ve been using to justify bulk collection could foreseeably continue indefinitely. While the recent 2nd Circuit Court of Appeals opinion might mitigate this a bit, it’s unclear if the Foreign Intelligence Surveillance Court will apply that court’s reasoning to the government.

Privacy and security of users on the Internet is fundamental. Mozilla stands in continued support of the USA FREEDOM Act, as do hundreds of thousands of users, tech companies, privacy advocates, the Director of National Intelligence, the Attorney General, and the White House. Indeed, a bipartisan majority of both chambers of Congress support this legislation. We urge the House to stand behind their overwhelming vote to approve this legislation and to demand reforms that are at least as strong as the USA FREEDOM Act. Ultimately, this bill failed on a procedural vote on Friday night by just three votes. When the Senate reconvenes this Sunday, we hope three senators will step up to help enact the real reforms that users demand.