|Jerry Berman, Janlori Goldman, Deirdre Mulligan, Jonah Seiger, Daniel Weitzner
|President & Chief Executive Officer Alexandra Givens
Center for Democracy & Technology (CDT) is a Washington, D.C.–based 501(c)(3) nonprofit organisation that advocates for digital rights and freedom of expression. CDT seeks to promote legislation that enables individuals to use the internet for purposes of well-intent, while at the same time reducing its potential for harm. It advocates for transparency, accountability, and limiting the collection of personal information.
The CDT seeks to mitigate online media censorship, enable individuals to access information freely without retaliation or punishment, and encourages consensus among all parties interested in the future of the Internet.
The CDT acts as a non-partisan body, drawing together perspectives from varying backgrounds to emphasize the importance of technology's role in the freedom, expression, security, privacy, and integrity of the individual. It advises government officials, agencies, corporations, and civil society. In addition to its office in Washington, D.C., the CDT has a full-time presence in Brussels.
CDT was founded in 1994, by Jerry Berman, the former executive director and former policy director of the Electronic Frontier Foundation. Specifically, the passage of Communications Assistance for Law Enforcement Act (CALEA), which expanded law enforcement wiretapping capabilities by requiring telephone companies to design their networks to ensure a certain basic level of government access, spurred Berman to found CDT. Recognizing a threat to privacy and innovation in CALEA's design mandates, CDT fought the passage of the CALEA and later worked to ensure that its implementation would not extend to the Internet. In the end, CALEA did not contain wiretapping design mandates for the Internet and required transparency surrounding design standards. CDT's launch was assisted by seed donations from AT&T Corporation, Bell Atlantic, Nynex, Apple, and Microsoft.
In its early years, CDT fought the Communications Decency Act (CDA) in its attempt to restrict free expression online for the sake of child safety. CDT founded the Citizens Internet Empowerment Coalition (CIEC), a coalition of free speech groups and tech companies for the advancement of free speech. Against the proposed government censorship of the CDA, the CIEC maintained that both child safety and free speech could be protected by giving users the right to control their own content access. To provide further context for the case, CDT wired the courtroom so that the judges of Philadelphia's District Court could see the Internet. After combining forces with the ACLU, the CIEC's counsel argued the case before the Supreme Court. The CDA was struck down unanimously in 1997.
In the following year, CDT helped to craft the Children's Online Privacy Protection Act. Testifying before Congress, CDT argued that the Federal Trade Commission (FTC) should be able to develop rules to protect both adults' and children's privacy online. Forming a coalition of free expression and youth rights groups, CDT and its coalition secured an amendment to limit parental consent to children 12 and under, allowing teenagers to enjoy more freedom online.
In a 1999 report, CDT made clear that the Federal Election Commission's (FEC) attempts to regulate online political speech according to campaign finance laws were impractical and to the detriment of civic political engagement. CDT worked against the FEC's proposal with an organized group of online activists and bloggers. In collaboration with the Institute for Politics, Democracy, and the Internet, CDT created guidelines to help the FEC and Congress consider their treatment of citizens' political speech online. In support, hundreds of concerned parties signed onto the listing of principles, urging the FEC to drop its proposed rules and Congress to end the rule-making. CDT's grassroots advocacy reversed the tide. The FEC abandoned its proposal and issued a new rule that applied campaign finance regulations only to paid online advertising, protecting the online political speech of citizens.
CDT launched the Global Internet Policy Initiative in 2000, partnering with Internews to survey 11 developing countries to assess their telecom and Internet policies. CDT staff worked with Frank LaRue to shape a report on Internet human rights and the U.S. Ambassador to the UN Human Rights Council to educate members of the Council on Internet freedom in advance of the successful Resolution on Internet Freedom.
Following an influx of spyware in 2003, CDT filed complaints against egregious actors with the FTC, resulting in historic settlements against spyware companies. CDT pulled together anti-spyware and anti-virus companies, leading security product distributors, and public interest groups to create the Anti-Spyware Coalition (ASC). The ASC developed a self-regulatory model for companies based on shared definitions of spyware, a comprehensive risk model, best practices for software companies, and a concise vendor conflict resolution process. Using the ASC outputs, anti-spyware companies could label malicious software and protect consumers without fear of being sued by the companies they were targeting, and advertisers could keep better track of where their advertisements were displayed.
In 2006, CDT united with the Business for Social Responsibility to assemble human rights advocates, companies, researchers, and investors to deal with government calls for censorship and restriction of information access. The pairing has successfully worked together to create an accountability framework and principles for the Global Network Initiative (GNI), a human rights organization that promotes the privacy of individual users while preventing online censorship by authoritarian governments.
In 2007, CDT was among the first advocacy organizations to formally call for a Do Not Track (DNT) list from the Federal Trade Commission (FTC). In addition, CDT has played an integral role in pushing for a standardized DNT header at the World Wide Web Consortium (W3C). In 2010, the FTC requested a system that would allow consumers to control whether they were tracked online. In response, all five major browsers put DNT features into place, granting users the ability to surf the web incognito. The W3C formed a Tracking Protection Working Group in order to standardize the DNT compliance, which CDT leadership had a prominent role in.
In 2008 CDT was given a grant of $125,000 over two years from the MacArthur Foundation to support the Internet, Human Rights and Corporate Responsibility Initiative. CDT has also voiced privacy concerns about "deep packet inspection" (DPI), a technology that allows companies to collect data from Internet service providers (ISPs) and categorize individual Internet traffic streams to service ads based on that information without user consent. CDT conducted legal analysis to show how DPI advertising practices could violate the Electronic Communications Privacy Act (ECPA) and testified before Congress. In 2009, major ISPs affirmed that they would not use DPI-based behavioral advertising without robust opt-in provisions. In the same year, CDT started the Health Privacy Project to bring expertise to complex privacy issues surrounding technology use in health care. A year later, CDT recommended new guidelines for reporting data breaches and for protecting health data used in marketing. These guidelines were incorporated into the American Recovery and Reinvestment Act.
Later in 2009, the CDT commented on aspects of smart home appliances and the Smart Grid, and the potential dangers of the then-growing technology. More specifically, the potential risks of the information that could be collected, noting "device identifiers that uniquely identify a smart device and the manufacturer, control signals that reveal the function of smart devices, energy consumption at frequent time intervals at both the household and device level, temperature inside customers’ home, status of smart devices such as IP address and firmware version, and customers’ geographic region". They drew concern over the usage of the data collected, citing said concern over the potential benefits of smart appliances but the dangers of "invading the traditionally protected zone of he home and home life. Without planning, such adverse impacts could drive opposition to the Smart Grid and prompt a backlash against data collection that could be socially beneficial when limited to the narrow purposes of improving efficiency".
Later in 2010, CDT launched the Digital Due Process Coalition, establishing four principles for Electronic Communications Privacy Act (ECPA) reform. Currently, the coalition has over one hundred members including some of the biggest Internet companies to advocacy groups across the entire political spectrum. The campaign for ECPA reform has brought the need for extending full constitutional protections to the Internet to the forefront of the national debate and has resulted in 2013 coalition-supported bipartisan bills in both houses of Congress.
Two copyright enforcement bills, the Stop Online Piracy Act (SOPA) and the Protect IP Act (PIPA), were introduced to the US Congress in 2010 and 2011. Both bills posed serious threats to the technical grounds of the Internet, as well as freedom of expression online, by increasing the role of ISPs and Internet intermediaries in combating online copyright infringement. In opposition to SOPA and PIPA, the CDT gathered organizations from technical and civil society backgrounds. The efforts of CDT provided critical legal analysis which laid the foundation for 2012's surge of grassroots resistance against SOPA and PIPA.
CDT was one of the few civil society organizations involved in the founding of the Internet Corporation for Assigned Names and Numbers (ICANN), encouraging a bottom-up style of governance and making certain that the voice of the Internet users be included at the table. In the ICANN deliberations, CDT argued for public representation and for the placement of a Civil Society representative on its Board. In helping to form the Organization for Economic Cooperation and Development's (OECD) Principles for Internet Policy Making in 2011, CDT also pushed for a multi-stakeholder approach to Internet governance. OECD's 34 member states committed to respect human rights, open governance, rule of law, and consideration of numerous viewpoints by accepting the principles.
At the International Telecommunication Union's (ITU) World Conference on International Telecommunications (WCIT) in 2012, CDT brought inclusive Internet governance into focus. Though many governments came bearing proposals to escalate government and ITU control over Internet governance, CDT defeated all such proposals through organized civil society advocacy. In addition, CDT fortified relationships between organizations for the sake of future advocacy efforts. Even now, inclusive Internet governance faces serious obstacles as nations scramble to respond to news of the National Security Agency (NSA) surveillance. CDT continues to work with an expanding group of partners motivated by civil society concern to preserve the free and open nature of the Internet.
CDT requested Congress make Congressional Research Services Reports (CRS) publicly available and easily accessible. When Congress failed to do so, CDT started a website, OpenCRS.com, that made CRS reports freely available online. OpenCRS.com was one of the leading sources of CRS reports. By collecting CRS reports acquired by organizations and citizens through direct appeals to their representatives, the OpenCRS website served as a valuable repository of information. Though no longer in operation, the OpenCRS inspired other CRS websites and open resources.
CDT has long been an active supporter of Internet neutrality. In a brief filed in 2012, CDT supported the Federal Communications Commission's (FCC) Open Internet Rules. The rules detailed the limited role of the agency by blocking discrimination by broadband providers. In this way, the FCC intended to protect online free expression and innovation. In 2014, the Open Internet Rules were struck down, drawing CDT back into the fight for Internet neutrality on a global scale. By offering up extensive expertise, CDT has ensured that any EU regulation on Internet neutrality takes into account the central tenet of nondiscrimination.
In the early 1990s, the NSA developed and promoted the "clipper chip", an encryption device for telephone calls. The NSA argued that government access to cryptographic keys was essential to national security – CDT and its allies claimed that the clipper chip would introduce greater vulnerabilities into the country's communications networks. In 2013, on behalf of a coalition of Internet companies such as Apple, Google, Facebook, and Twitter and advocates for free speech and privacy rights such as ACLU, EFF, and Mozilla, CDT delivered a "We Need To Know" letter to U.S. government officials, demanding greater transparency in matters of national security-related surveillance of Internet and telephone communications. Advocating for reform, CDT's firm stance is that the NSA's surveillance programs and its interference with Internet security infringe on privacy, are chilling free speech and association, and threaten the free flow of information that is the foundation of the open Internet. As an advocacy organization, CDT has outlined key reforms to NSA surveillance. On March 17, 2016, the CDT released a statement about the senates unwillingness to vote in favor of or against Merrick Garlands nomination to the Supreme Court, opting to wait for the election cycle. They did applaud his contributions in the federal court circuits of recognizing the merits of the Freedom of Information Act (FOIA) requests, and ordering the CIA to release information about their drone strikes. They did not outright support him, only in favor of the senate making a decision after the longwinded period. In February 2017, stating the importance of privacy on smart televisions as they became more prevalent. This was following Vizio being fined by the FTC for tracking what users were viewing, and matching it to other identifying information collected about the consumer, eventually getting sold to third-parties interested in such data. In 2018, the CDT played a role in opposing the Stop Enabling Sex Traffickers Act (SESTA) and Allow States and Victims to Fight Online Sex Trafficking Act (FOSTA), a controversial bill which they argued as "a bill that will lead to censorship of a broad range of speech and speakers while failing to help law enforcement prosecute criminal traffickers". However, the law was passed and was enacted into public law on April 11, 2018.
In May 2020, the CDT filed a lawsuit against the Trump administration for his executive order 13,925 on preventing online censorship arguing that this executive order violates the first amendment. However, the court dismissed the case for lack of jurisdiction. In May 2021, President Joe Biden revoked former President Trump's executive order. The Center for Democracy and Technology praised this, quoting them referring to the executive order ""was an attempt to use threats of retaliation to coerce social media companies into allowing disinformation and hateful speech to go unchecked.""  In September 2020, the CDT organized a coalition opposed to the then recently proposed EARN IT Act, stating that the bill would potentially result in "online censorship disproportionately impacting marginalized communities, jeopardize access to encrypted services, and risk undermining child abuse prosecutions". In July 2021, the CEO of CDT Alexandra Givens commented on a story relating to artificial intelligence hiring tools. Her concerns were about them adversely effecting candidates with disabilities, as artificial intelligence will likely use data from gamified tests like Pymetrics to make hiring decisions. This typically does not take into account an applicants strengths or weaknesses in the field, nor their experience. In September 2021, the CDT wrote a letter to multiple senators and representatives urging them to update the CIPA (Children’s Internet Protection Act) to protect the privacy of students using school computers by disallowing invasive monitoring software. This applies to computers on, and off-campus that are taken home by the student. In September 2021, the CDT released their research that children from low-income families are more likely to use school devices on, and off-campus and therefore are more likely to be observed by monitoring software. Afterwards, the CDT wrote a letter to multiple senators and representatives urging them to update the CIPA (Children’s Internet Protection Act) to protect the privacy of students using school computers by disallowing invasive monitoring software. This applies to computers on, and off-campus that are taken home by the student. In April 2019, Michelle Richardson, a director of the privacy and data project CDT she formerly head, commented on an article saying that federal regulation regarding social media, and the internet was inevitable.
A Center for Democracy and Technology gerrymandering expert on November 9, 2021 commented on North Carolina’s legislature's multiple redrawings of the congressional map, citing that they were ordered twice, due to unfair gerrymandering. The Center for Democracy and Technology comments on gerrymandering because most drawings of districts are initially drafted by digital software of political parties. On November 29, 2021, a spokesperson for The Center for Democracy and Technology commented on FBI Documents obtained by the Rolling Stone magazine revealing that WhatsApp messages, and iMessages could be seen in real time by FBI agents with a warrant or subpoena. “Judging by this document, “the most popular encrypted messaging apps iMessage and WhatsApp are also the most permissive,” according to Mallory Knodel, the chief technology officer at the Center for Democracy and Technology....“You’re handing someone else the key to hold onto on your behalf,” says Mallory Knodel of the Center for Democracy and Technology. “Apple has encrypted iCloud but they still have the keys, and as long as they have the key, the FBI can ask for it.”
Formerly directed by Michelle Richardson, CDT's Privacy and Data Project was created to examine the evolving role of technology in daily life, considering its influence on individuals, communities, and law. In identifying emerging issues and collaborating with companies and public officials, CDT's privacy experts are able to develop progress-oriented technical and policy solutions. Among the topics covered by CDT's Privacy and Data team are AI and Machine Learning, European Privacy law, U.S Privacy Legislation, Disability rights and AI, Health Privacy, the Internet of Things, Broadband Privacy, Drones, Student Privacy, and Digital Decisions. Additionally, CDT heads the State Privacy Resource Center, which serves as a repository of information to help policymakers at the state and local level craft privacy legislation.
AI and Machine Learning
The CDTs Privacy and Data team is focusing on how automated processes are making decisions that affect people’s data and privacy because automated programs could make discriminatory decisions that can affect many people’s lives. They are working to ensure that innovation in the field of AI and Machine Learning remains. However, they want to make sure the rights of individuals aren’t taken away and AI is used in a responsible and ethical way.
The CDT pushes for privacy to be upheld in Europe through different laws. Due to the many emerging possibilities in the field of data collection the CDT pushes to ensure that the privacy of the individuals in society data is maintained. The CDT focuses on both the technology behind data collection as well as the laws in place in Europe. The legislation that they are focused on includes the General Data Protection Regulation, Right to Be Forgotten, Pseudonymous Data, and the EU–U.S. Privacy Shield agreement.
Due to the importance of data regarding individuals' health, the CDT pushes for the privacy and security in the data that is collected in the Health Industry and advocates for the ability of Individuals to know who is using data related to their health. There recent featured content in this field includes Vaccination data gathering, The CDT and eHI’s Proposed Consumer Privacy Framework for Health Data.
Many recent innovations in technology have led to technology that is more a part of individuals' daily lives including, smart watches, smart refrigerators, and smart cars. These technologies allow for a large amount of data to be collected about individuals that was previously unavailable while also not having important privacy and security protections. The CDT is attempting to push for Government officials and technology creators to work together to protect individuals’ privacy when it comes to these devices. The CDT and EPIC have filed an amicus brief arguing for protections for E-Scooter location information on August 23, 2021.
The CDT has created a resource center to help state and local policy makers to push for privacy regulations on the local and state level as the CDT believes that regulations for privacy on the local and state level can lead the way for changes on the federal level.
The CDT advocates for student data privacy due to the massive amounts of data being collected by school districts across the country, while also not having proper security measures in place to protect the data. The CDT helps school districts achieve higher security standards through policy advocacy and guidance. On December 2, 2021, the CDT published a research brief on student privacy titled Unmet Demand for Community Engagement on School Data and Technology Use where the CDT’s research found that parents and students want to play a role in the decisions around technology and data.
The CDT’s privacy team has worked on possible Legislation in order to garner support on the limitations on the collection and sharing of personal data in order to allow for the ability for individuals to be in control of their own data. The CDT has joined EPIC to urge congress to strengthen FTC’s power to halt data abuse on November 8, 2021
The CDT’s privacy team advocates for algorithms that make fair decisions when it comes to people with disabilities through analyzing how artificial intelligence is used to make decisions regarding employment that has the possibility of affecting another individual’s life. The CDT shares this data with policy makers, researchers, advocates, and disabled community members in order to make a change and make sure these algorithms stay fair. The CDT recently Join AJL, ACLU, Color of Change and other organizations in order to urge the secretary of commerce to fill Artificial Intelligence advisory committees with experienced civil rights advocates.
The CDT focuses on educating the public on the impacts that certain technologies have on the workplace as well as researching possible technologies to assist workers to do things like gain a fairer compensation. On September 16, 2021, the CDT posted an article to inform people about the threat of bossware titled "Strategies to Tackle Bossware’s Threats to the health & Safety of Workers".
CDT's Free Expression Project places emphasis on the ability for information being allowed to flow freely online without restrictions. The main focus of this project is to advocate for the protection of online free speech, while simultaneously providing criticism and other insight towards concepts such as online content censorship and gatekeeping. In particular, CDT observes the application and the boundaries of the First Amendment online in many circumstances, due to the constantly changing nature of the internet and other technologies that allow the spread of mass information at large. CDT's Free Expression team currently focuses on subjects such as Digital Copyright, Intermediary Liability, Children's Privacy, and Net Neutrality. This project is currently directed by Emma Llansó, a graduate of Yale's School of Law and the University of Delaware.
The CDT’s free expression team research how applications apply moderation to certain content and the mechanics behind content moderation. The team also meets with different companies, academic institutions, and government officials to enact change and make sure of consumer transparency on possible platform moderation practices that could affect the user’s rights. On November 16, 2021, the CDT filed a brief to urge to 11th circuit to affirm preliminary injunction enjoining enforcement of Florida’s social media law.
The Security and Surveillance Project of the CDT was created for the purpose of limiting the extent of which governments should be allowed to access and store personal information about their citizens, in addition to limiting the surveillance of foreign citizens. This project calls for the restriction of such practices to be implemented through legislation in the interest of preserving individual privacy rights in addition to rights for freedom of expression. The formation of this project was inspired by the rapid evolution of mass data storage technologies, and the increasing accumulation of the big data industry following the integration of the internet and other digital services which have the potential to carry a large amount of identifying and personal information about individual users. While bearing the importance of national security, the project also considers issues of ECPA reform, cybersecurity, U.S. government surveillance, drones, and encryption and government hacking.
The Internet Architecture team of the CDT focuses on online anonymity and encryption, the standards that govern the technical decisions of internet operation, net neutrality, government surveillance, internet governance policies at across the globe, cybersecurity research, and election security and privacy. The Internet Architecture project as a whole focuses on the value provided by individual security, privacy, and free expression along with each of these individual aspects relationships to human rights. Similar to other projects maintained by the CDT, the Internet Architecture team emphasizes the importance of setting modern precedents in regard to the drafting and implementation of well-informed legislation that will affect digital spaces.
The CDT has considered the importance of the global influence and impacts of international technology policy and has actively made efforts to communicate and coordinate with the European Union. Utilizing their established presence in Brussels, CDT has made efforts to promote their agenda overseas by advocating for the establishment of an open and inclusive Internet in collaboration with the EU's Member States, civil society, public institutions, and technology sector. CDT's EU Office focuses on the policy areas of digital copyright, intermediary liability and free expression, surveillance and government access to personal data, net neutrality, internet governance, and data protection and privacy. The GDPR (General Data Protection Regulation), EU net neutrality policy, European Commission's cybersecurity strategy, and the EU intellectual property enforcement directive are among the issues that CDT's Brussels Office has actively engaged with.
One-third of CDT's funding comes from foundations and associated grants such as the MacArthur Foundation, while another third of the organization's annual budget comes from industry sources including various companies such as Amazon, Facebook, Microsoft, and Apple among other high-profile tech oriented businesses. The remainder is split among an annual fundraising dinner known in DC circles as the "tech prom", Cypress awards, and other sources. In 2020, of the $5,689,369 generated through donations from outlets such as foundations and large corporations, the majority of funding ($4,655,316) was used for programs relating to education and research. The remaining $1,034,053 was dedicated to other expenses, with $224,012 going to public events, $280,000 going towards further fundraising for future projects, and $530,041 going to organizational administration.