Skip to main content

ACLU & others call for tech companies – including Google – to sign four-point ‘security pledge’

Avatar for Ben Lovejoy  | Apr 2 2018 - 7:20 am PT
0 Comments

The American Civil Liberties Union (ACLU) and six other campaign groups have responded to the Facebook privacy controversy by calling on tech companies to sign a ‘security pledge.’ The pledge asks companies to make four promises to their customers and users …

  • Limit the amount of data they collect in the first place, and give users control over how it is shared.
  • Offer end-to-end encryption by default to ensure that users’ communications are protected from corporate and government surveillance
  • Provide users with full transparency about what data is collected, how it is used, and what measures are in place to prevent it from being abused.
  • Support legislation and policy reforms that limit government access to user data except with a warrant and judicial oversight.

A website created for the campaign is headed ‘tech companies need to change.’

Every day we learn more about how our data is being harvested and used against us. A group of technologists and human rights experts have developed this Security Pledge, a set of principles that — if enough companies adopted them — would ensure the Internet is used to expand democracy, not undermine it.

The website expands on the four bullet-points. For example, on point two:

We use the Internet to communicate about nearly everything, from banking to politics. Commit to following best practices to secure this information, including offering end-to-end encryption by default. Permit public and independent auditing of systems. Prohibit the use of your products and services, including your APIs, to collect information about your customers and users for commercial tracking or governmental surveillance purposes. If you are the victim of a data breach or contract violation, notify your users promptly if their information has been compromised or shared without their consent. Commit to providing updates to your products when necessary, and notifying customers in the case of breach or identified vulnerabilities. When other companies you work with fail to keep products updated, proactively warn users and potential buyers about them.

The group lists a group of target companies, which includes Google, noting that none have yet signed.

Check out 9to5Google on YouTube for more news:

Add 9to5Google to your Google News feed. 

FTC: We use income earning auto affiliate links. More.

You’re reading 9to5Google — experts who break news about Google and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Google on Twitter, Facebook, and LinkedIn to stay in the loop. Don’t know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

Check out 9to5Google on YouTube for more news:

Comments

Guides

security

security
privacy

privacy

Author

Avatar for Ben Lovejoy Ben Lovejoy

Ben Lovejoy's favorite gear

NordVPN

NordVPN
DJI Mavic Pro

DJI Mavic Pro