NSA surveillance revelations prompt EFF resignation from Global Network Initiative

The initiative's corporate members can't reveal what the government forced them to do leading to a breakdown in confidence, EFF said

The reported participation of technology companies in the U.S. National Security Agency's surveillance programs has prompted digital rights watchdog the Electronic Frontier Foundation to resign from the Global Network Initiative, a multistakeholder group whose members include Google, Microsoft, Yahoo and Facebook and whose stated mission is to advance privacy and freedom of expression online.

The GNI was founded in 2008 specifically to develop an approach for dealing with increased government pressure on information and communication technology companies to comply with domestic laws in ways that may conflict with international standards on freedom of expression and privacy. Its members include human rights and press freedom groups, academics, investors, online services providers and other technology vendors.

"While much has been accomplished in these five years, EFF can no longer sign its name on joint statements knowing now that GNI's corporate members have been blocked from sharing crucial information about how the US government has meddled with these companies' security practices through programs such as PRISM and BULLRUN," the EFF said Thursday in a blog post.

According to media reports based on documents leaked by former NSA contractor Edward Snowden, the U.S. government uses these programs to collect user electronic communications from online services providers including Microsoft, Yahoo, Google and Facebook and collaborates with or forces companies to decrypt secure communications.

The government's requests for information or cooperation are most of the time accompanied by gag orders that prevent companies from even acknowledging those requests.

In September, the GNI asked 21 governments that are part of the Freedom Online Coalition, including the U.S. and U.K. governments, to report on the electronic communications surveillance requests their law enforcement and national security agencies make and to legally allow companies to inform the public about these requests.

While the EFF acknowledged the GNI's position on this matter in its resignation letter, the organization said that "until serious reforms of the US surveillance programs are in place, we no longer feel comfortable participating in the GNI process when we are not privy to the serious compromises GNI corporate members may be forced to make.

"Nor do we currently believe that audits of corporate practice, no matter how independent, will uncover the insecurities produced by the US government's--and potentially other governments'--behavior when operating clandestinely in the name of national security," the EFF said.

The GNI's most significant achievement so far has been third-party assessments of freedom of expression and privacy practices of service providers, including Google, Microsoft and Yahoo, according to the EFF. However, the EFF feels that it can no longer stand behind the credibility of those assessments giving the recent NSA surveillance revelations.

Members of European Digital Rights (EDRi), a pan-European association of digital rights organizations, generally support EFF's decision, said Joe McNamee, EDRi's executive director, Friday via email. However, "it is not appropriate for us to tell other civil rights groups what they should do. Any diligent NGO will always keep its membership of any organisations under constant review."

"As an organisation, EDRi has always had doubts about the value of GNI and our position remains unchanged," McNamee said. "We had an extensive discussion about the possibility of joining during our 2010 General Assembly and there was no support for this."

The EFF will continue to provide guidance to GNI as an external organization and feels that the project can still serve an important role as a platform for collaboration between human rights groups, companies and academics.

"We appreciate the contributions that EFF has made to GNI and we look forward to working with them outside our formal structure to protect rights online," GNI said in an emailed statement. "GNI is growing, and just admitted six new members and observers, including LinkedIn and PEN America."

"The disclosure of secret national security orders highlights the constraints government secrecy imposes on companies," the organization said. "GNI and its members are actively calling for transparency from governments on surveillance. These challenges make GNI's work to advance freedom of expression and privacy rights more important than ever."

Join the CSO newsletter!

Error: Please check your email address.

Tags GoogleMicrosoftsecurityEuropean Digital RightsgovernmentprivacyElectronic Frontier FoundationFacebookYahooGlobal Initiative Network

More about EFFElectronic Frontier FoundationFacebookGoogleMicrosoftNational Security AgencyNSAYahoo

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Lucian Constantin

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place