Hello everyone, with the unfortunate passing of the FISA expansion, I was left with a few questions. I tried to research it, and to me, it seems like they are beefing up surveillance with routers and ISPs (correct me if I’m wrong.) Aside from having businesses stalk you when you use their WiFi (connected with ISPs.)

And if that’s the case, should I just always use a VPN? And furthermore, shouldn’t you have always used a VPN prior to this anyways?

That’s why I’m confused because I already thought that other businesses were collecting data and our ISPs were already sending our data away, so I’m partially confused about what the real change here with FISA is.

Any clarification and advice is greatly appreciated, thank you.

  • catloaf@lemm.ee
    link
    fedilink
    English
    arrow-up
    25
    arrow-down
    1
    ·
    7 months ago

    There is no real change. It’s a reauthorization. Continue following best practices to mitigate surveillance.

    • CCRhode@lemmy.ml
      link
      fedilink
      arrow-up
      10
      ·
      edit-2
      7 months ago

      Continue following best practices to mitigate surveillance.

      The slimy part of FISA has always been that the data it collects about overseas communications never sunsets. Moreover, Federal law enforcement officials used to be able to troll through the data without a lot of oversight. In 2020 and 2021, there were 270 thousand questionable uses of the data by the FBI looking for dirt — not on foreigners (who are fair game apparently) — but on citizens. The furor over that is what fueled the failed opposition to re-authorization, which succeeded primarily because the FBI insists that the data provides early-warning of terrorists plots and that [the FBI] promises to play fair in the future by digging for dirt only on terrorists here and abroad.

  • lemmyreader@lemmy.ml
    link
    fedilink
    English
    arrow-up
    16
    arrow-down
    1
    ·
    7 months ago

    And if that’s the case, should I just always use a VPN? And furthermore, shouldn’t you have always used a VPN prior to this anyways?

    No idea about these USA specific things but always using a VPN would mean that you need to trust your VPN provider more than your ISP and your government. There is only one commercial VPN provider that I trust and one non commercial one. But then there is Tor, and the slower i2p. You also have to take into account that VPN blocking appears to be increasing. For all kind of shopping on-line and filling in forms for government related things (Things like let’s say e.g. request money support for a wheel chair) I cannot use VPN because they’re blocked or worse : time out. And I found out that lemmy.world likes to block Tor and VPN for posting and uploads. Reading is allowed though. So all in all you have no smooth sailing guaranteed.

    • jqubed@lemmy.world
      link
      fedilink
      arrow-up
      6
      arrow-down
      2
      ·
      7 months ago

      I can kind of understand VPN and TOR blocking when those are often used by people wanting to post illegal content or engage in illegal activity that could also be harmful to the service that ends up blocking them. Even if it’s an extremely small fraction of the users coming from those services, depending on the action sometimes just one could be enough to make a service decide they’re not worth the potential problems.

      The more cynical part of me might suspect at least some of those problematic actions are coming from people working on behalf of privacy-opposed governments to make it harder for people to use VPN/TOR for legitimate purposes. But there are probably plenty of malcontent trolls happy to watch the world burn that governments don’t need to do that.

      • CCRhode@lemmy.ml
        link
        fedilink
        arrow-up
        8
        arrow-down
        2
        ·
        7 months ago

        I can kind of understand VPN and TOR blocking when those are often used by people wanting to post illegal content or engage in illegal activity that could also be harmful to the service that ends up blocking them.

        I can’t understand that at all. If they are able to identify a real threat, they understand more about their users than their IP address. Blocking IPs is a brutal and lazy way to deal with an imaginary threat. I they are truly that paranoid, they should do what Reddit does: Ban everybody.

        • refalo@programming.dev
          link
          fedilink
          arrow-up
          3
          ·
          7 months ago

          DDoS/spam/malware/hacking from tor and/or known VPN providers is not an imaginary threat. Many companies and websites block it entirely. This is not new, imaginary or lazy.

          • delirious_owl@discuss.online
            link
            fedilink
            arrow-up
            2
            arrow-down
            1
            ·
            7 months ago

            Yes, it is lazy to block all of Tor because a few bad actors come from it.

            That’s like blocking all emails from Nigeria just because some spammera live there.

              • delirious_owl@discuss.online
                link
                fedilink
                arrow-up
                1
                arrow-down
                1
                ·
                edit-2
                7 months ago

                That’s a few users. Temp block them when they do something malicious. Don’t wholesale block someone just for making a simple GET request from an IP on Tor that hasn’t done anything malicious.

  • Coasting0942@reddthat.com
    link
    fedilink
    arrow-up
    6
    ·
    7 months ago

    The Wyden/Lummis amendment would have struck language that expands the definition of an electronic communication service provider to include, with some exceptions, any “service provider who has access to equipment that is being or may be used to transmit or store wire or electronic communications.” The exceptions are for public accommodation facilities, dwellings, community facilities, and food service establishments.

    So basically anybody with a computer network open to the public has to bend over in secret. This changes nothing if you assume all connections end up in their metadata database. It just makes it faster. Use your VPN/tor/i2p

    • Woozythebear@lemmy.world
      link
      fedilink
      arrow-up
      5
      arrow-down
      7
      ·
      7 months ago

      VPN won’t be an option anymore after the Tik Tok bill goes through as it’s bans the use of them.

      • ChallengeApathy@infosec.pub
        cake
        link
        fedilink
        English
        arrow-up
        4
        arrow-down
        2
        ·
        7 months ago

        Source on this? It’s very unlikely. It would be hard to crack down on VPNs given the fact that businesses need them, especially now with the prevalence of remote work.

  • delirious_owl@discuss.online
    link
    fedilink
    arrow-up
    4
    ·
    7 months ago

    Nothing different than before. Make sure you use a VPN at all times and everything you send after that is end to end encrypted.

  • ChallengeApathy@infosec.pub
    cake
    link
    fedilink
    English
    arrow-up
    4
    ·
    edit-2
    5 months ago

    I’d say just keep doing what you would have done before to protect your privacy. Switch to privacy tools, especially encrypted communications services, and use both trustworthy VPNs and Tor for different use cases. Also, I heard (can’t verify) that this effectively lets the government legally co-opt regular people to essentially function as spies under gag orders, so I’d just keep an eye out if you ever need to let some sort of professional into your home.