Under the FISA expansion, what exactly should I worry about, how do I manage privacy?
Hello everyone, with the unfortunate passing of the FISA expansion, I was left with a few questions. I tried to research it, and to me, it seems like they are beefing up surveillance with routers and ISPs (correct me if I'm wrong.) Aside from having businesses stalk you when you use their WiFi (connected with ISPs.)
And if that's the case, should I just always use a VPN? And furthermore, shouldn't you have always used a VPN prior to this anyways?
That's why I'm confused because I already thought that other businesses were collecting data and our ISPs were already sending our data away, so I'm partially confused about what the real change here with FISA is.
Any clarification and advice is greatly appreciated, thank you.
Continue following best practices to mitigate surveillance.
The slimy part of FISA has always been that the data it collects about overseas communications never sunsets. Moreover, Federal law enforcement officials used to be able to troll through the data without a lot of oversight. In 2020 and 2021, there were 270 thousand questionable uses of the data by the FBI looking for dirt — not on foreigners (who are fair game apparently) — but on citizens. The furor over that is what fueled the failed opposition to re-authorization, which succeeded primarily because the FBI insists that the data provides early-warning of terrorists plots and that [the FBI] promises to play fair in the future by digging for dirt only on terrorists here and abroad.
And if that’s the case, should I just always use a VPN? And furthermore,
shouldn’t you have always used a VPN prior to this anyways?
No idea about these USA specific things but always using a VPN would mean that you need to trust your VPN provider more than your ISP and your government. There is only one commercial VPN provider that I trust and one non commercial one. But then there is Tor, and the slower i2p.
You also have to take into account that VPN blocking appears to be increasing.
For all kind of shopping on-line and filling in forms for government related things (Things like let's say e.g. request money support for a wheel chair) I cannot use VPN because they're blocked or worse : time out.
And I found out that lemmy.world likes to block Tor and VPN for posting and uploads. Reading is allowed though. So all in all you have no smooth sailing guaranteed.
How do you figure you need to trust it more than both your ISP and your government? I understand how it gets as much data as your ISP traditionally does, and that means you need to trust it as much as an ISP...
...But I have a very poor opinion of any ISP that operates on regional monopolies (as is common in the United States), and those are probably linked directly to the NSA a la PRISM anyway. I imagine a VPN, even a mediocre one outside the Eyes countries' jurisdiction, frustrates this.
I can kind of understand VPN and TOR blocking when those are often used by people wanting to post illegal content or engage in illegal activity that could also be harmful to the service that ends up blocking them. Even if it’s an extremely small fraction of the users coming from those services, depending on the action sometimes just one could be enough to make a service decide they’re not worth the potential problems.
The more cynical part of me might suspect at least some of those problematic actions are coming from people working on behalf of privacy-opposed governments to make it harder for people to use VPN/TOR for legitimate purposes. But there are probably plenty of malcontent trolls happy to watch the world burn that governments don’t need to do that.
I can kind of understand VPN and TOR blocking when those are often used by people wanting to post illegal content or engage in illegal activity that could also be harmful to the service that ends up blocking them.
I can't understand that at all. If they are able to identify a real threat, they understand more about their users than their IP address. Blocking IPs is a brutal and lazy way to deal with an imaginary threat. I they are truly that paranoid, they should do what Reddit does: Ban everybody.
The Wyden/Lummis amendment would have struck language that expands the definition of an electronic communication service provider to include, with some exceptions, any "service provider who has access to equipment that is being or may be used to transmit or store wire or electronic communications." The exceptions are for public accommodation facilities, dwellings, community facilities, and food service establishments.
So basically anybody with a computer network open to the public has to bend over in secret. This changes nothing if you assume all connections end up in their metadata database. It just makes it faster. Use your VPN/tor/i2p
Source on this? It's very unlikely. It would be hard to crack down on VPNs given the fact that businesses need them, especially now with the prevalence of remote work.
I'd say just keep doing what you would have done before to protect your privacy. Switch to privacy tools, especially encrypted communications services, and use both trustworthy VPNs and Tor for different use cases. Also, I heard (can't verify) that this effectively lets the government legally co-opt regular people to essentially function as spies under gag orders, so I'd just keep an eye out if you ever need to let some sort of professional into your home.