An important fight is brewing over the nuts and bolts of the Internet that has significant implications for the privacy and security of all Internet users. The fight has already pitted Google and Cloudflare against American telecommunications companies, which are lobbying Congress to complain about the search giant. The fight is complicated, but at its core are questions about control over data, centralized power, and who should bear privacy risks. We believe that everyone deserves to be able to use the Internet without being subject to mass surveillance.

This particular fight centers over a new layer of encryption that Internet technologists (including one of us) have developed to further protect the privacy and security of Internet users. The ACLU is increasingly engaged with these kinds of battles over technical standards that shape Internet infrastructure in important ways — determining, for example, whether that infrastructure facilitates the violation of privacy and centralization of power, or autonomy and secure communication for all. These fights usually take place far outside of the limelight, but the brewing fight between the telecoms and providers like Google and Cloudflare is getting more attention than most.

To understand what is at stake requires explaining a little about how the Internet works — specifically about something that people online use every day: the Domain Name System (DNS). If you enter “aclu.org” into your browser, your computer reaches out to a server known as a DNS “resolver,” which tells your computer the IP address that it needs to download a web page. The DNS server then tells your browser that the web site with that name can be found at the IP address 151.101.58.217. Obviously, for humans, that’s a lot harder to remember than “aclu.org,” but your browser needs the IP address to reach our site.

Where does your computer find that DNS resolver? One of the strengths of the Domain Name System is that there are many DNS resolvers that can give you the same answer. You can manually direct a computer, router, or application to talk to a specific DNS resolver, but if you’re like most people, then your devices default to using whatever resolver your Internet service provider (ISP) offers, or to the resolver recommended by the WiFi or other network you’re connected to.

There are two major problems with the DNS, however.

The first is that whoever operates the DNS resolver gets to see the names of all the web sites that you visit (and potentially other Internet metadata as well). These days, that’s a valuable set of information, and a significant privacy problem. The second is that our communications with DNS servers have long been carried out in unencrypted plaintext. That means that your Internet activity is visible not only to whoever operates your DNS resolver, but also to anyone in the network who passes along the data that is exchanged between you and the DNS server. This not only creates privacy problems, but also security problems as it opens up avenues for hostile hackers to phish people, trick people into unknowingly visiting spoof web sites, or deliver malware or ads.

The first problem is to some extent unavoidable, but we can mitigate it in two ways: a) people should connect to DNS resolvers run by entities that are not in the businesses of collecting, storing, and monetizing people’s online activities; and b) make sure that there is a large diversity of actively used DNS resolvers, so that our information is not all centralized in one place.

The second problem — the lack of encryption — has been solved by new standards that use encryption to protect your data as it flows between your device and a DNS resolver. Such “private DNS” techniques, however, are relatively recent standards, and are offered only by some DNS resolvers.

That is where the telecoms’ complaint to Congress comes in. Google has proposed programming its Chrome browser and its Android operating system to automatically default to using Private DNS whenever a user’s existing DNS resolver supports it. That would certainly be a good thing. But the telecoms are also accusing Google of planning to route all Chrome and Android DNS traffic (a substantial portion of the world’s DNS queries) to Google’s own (private) DNS resolvers, thereby leading to a dangerous centralization of DNS lookups.

But contrary to the telecoms’ claims, Google’s stated plans do not actually involve centralizing DNS lookups to a specific resolver. Rather, they intend to automatically upgrade existing cleartext DNS traffic to private DNS when the user’s existing resolver is known to offer a secure channel. The nonprofit Mozilla Foundation, maker of the Firefox browser, has, however, announced that it plans to route DNS traffic generated by some future Firefox browsers to the resolvers run by a single entity, the company Cloudflare. Th. Firefox has been scrupulous in only doing this under a strict privacy agreement with Cloudflare, but users under different legal jurisdictions from Cloudflare might not appreciate their data ending up at this service provider, despite the privacy agreement.

Critics have pointed out that the telecoms are hardly being good Samaritans by pushing back against private DNS here. After the major ISPs successfully pushed the Trump administration and Congress to roll back ISP privacy protections, the telecoms have continued gearing up to try to make money by spying on their customers’ Internet usage. One of their big worries appears to be that they’ll lose out on their money-making surveillance if their customers are induced to shift to DNS servers that are not run by them and that are encrypted so they can’t spy on them.

Rather than hindering the deployment of private DNS and its resultant gains to end user privacy, the ISPs should upgrade the resolvers they already operate to also offer private DNS. If an ISP is a good steward of user data, then they should make it easy for people to use their services securely. They should be advocating for, not against, private DNS.

The ISPs are not wrong, however, in pointing out that centralization of DNS lookups would be a bad thing — including for privacy. We wouldn’t want one company having access to a list of all the people who visited narcotics.com, for example, or a list of all the sites that a particular person has visited. (In 2017, President Trump signed a measure removing privacy protections that prohibited ISPs from doing just this kind of spying; those need to be restored.)

We want private DNS to become the standard, available to all, and we want a diversity of DNS resolvers so that lookups and the information they reveal don’t become centralized — especially in the hands of any company bent on monetizing personal information. The way to fix centralization is through diversity, not by preserving the spying ability of ISPs.

There are tensions between these goals that will need to be solved along the way. Asking all users to make technical choices about which DNS resolver their devices and applications use is probably not the way to go — yet if particular private resolvers are selected globally by default by major players, that risks centralizing DNS queries around a few companies and undercutting the distributed nature of the Internet.

These tensions are resolvable, however. Among other things, we need more user-interface research to improve the experience of choosing among diverse DNS resolvers, and better systems for making reasonable, non-centralized choices for users who don’t have the time or interest to choose for themselves. Ultimately, the important thing is that policymakers, people who work in the tech community, and other interested Internet users should all push for the dual goals of making private DNS the standard and ensuring a diversity of DNS resolvers.

Private DNS protocols can help protect privacy online, and an increasing amount of software is capable of taking advantage of them, or will be soon. But it doesn’t stop there. There is a larger journey toward a more private and secure Internet that is underway. Diverse private DNS resolvers are one step in that journey, but there are others that also need to be taken (such as protecting DNS traffic between resolvers and “authoritative” DNS servers and minimizing metadata leakage in other Internet protocols). Piece by piece, we’re making the Internet more privacy-friendly and more secure.

Daniel Kahn Gillmor, Senior Staff Technologist, ACLU Speech, Privacy, and Technology Project,
& Jay Stanley, Senior Policy Analyst, ACLU Speech, Privacy, and Technology Project

Around the country and the world, people are mobilizing for menstrual equity. Central to the policy agenda: accessible and affordable period products for everyone who needs them. As legislative interventions gain traction, advocates are also readying legal arguments to challenge unfair policies. Constitutional law scholar and dean of UC Berkeley Law Erwin Chemerinsky recently co-authored a Los Angeles Times op-ed proposing that the failure of states to exempt menstrual products from sales tax — the tampon tax — amounts to denial of equal protection under the Constitution.

In forging these claims, a question emerges: How can we recognize that barriers to menstrual access are a form of sex discrimination without erasing the lived experiences of trans men and non-binary people who menstruate, as well as women who don’t? Some arguments that challenge discriminatory laws based on sex-linked characteristics have made the point that “only women” menstruate, get pregnant, or breastfeed. But that is not a full or accurate portrayal — and menstrual stigma and period poverty can hit trans and non-binary people particularly hard: 

• Trans people are three times as likely to be unemployed and more than twice as likely to be living in poverty as the general population. Those who are disabled, people of color, or undocumented immigrants are especially likely to be unemployed and living in poverty.
• While free menstrual products are not uniformly provided in women’s restrooms, they are almost never available in men’s restrooms, even for pay. Men’s restrooms are also less likely to have a place to dispose of these products conveniently, privately, and hygienically.   
• Similarly, women’s homeless shelters sometimes provide menstrual products, but men’s typically don’t. Some domestic violence shelters exclude trans and non-binary people — even though more than half have experienced intimate partner violence. Those shelters often provide a variety of types of support, including access to menstrual products for those who need them.
• While access to menstrual products in women’s prisons is often inadequate, it is far worse in men’s prisons. Trans and non-binary people may be incarcerated in either.
• Menstruation is not the only reason trans and non-binary people may need menstrual products. Trans women and non-binary people may also need pads and liners for months after vaginoplasty, and occasionally at other times. Some who take estrogen also experience period symptoms such as pain and nausea and may need medication to manage these symptoms. Those who experience endometriosis or adenomyosis, conditions that can cause continuous heavy bleeding, often face barriers to treatment, as well as an ongoing and often unmet need for pads and tampons.

Simply stated: because limited access to and the cost of menstrual products can hit trans and non-binary communities especially hard, as a matter of policy, a holistic agenda for menstrual equity and access must include trans people. (We have a Menstrual Equity Toolkit for those interested in how to create one

But what about in the court of law?

The constitutional argument is straightforward. Any law that targets one sex — or one race, or one religion — is inherently discriminatory. In the context of the tampon tax, for example, Dean Erwin Chemerinsky harkened to a famous remark by Supreme Court Justice Antonin Scalia that a tax on yarmulkes is a tax on Jews. By analogy, a tax on menstrual products is a tax on women — even though not all women menstruate, and some men and non-binary people do.

Legally, the focus is on the intention behind the action. Targeting something associated with one group can show intent. This doesn’t require that allor only people from the targeted group do the activity.

Take yarmulkes again. Not all Jewish people wear yarmulkes, and some people who aren’t Jewish do wear yarmulkes (for example, if attending a Jewish religious service). Still, if a legislature decided to tax people for wearing yarmulkes, or to impose sales tax on yarmulkes but not similar items, that would be anti-Semitism, and it would violate the constitution. Similarly, imposing a sales tax on menstrual products but not similar items is sexist, and violates the constitution.

Discrimination is illegal even when it affects members of multiple groups. Feminist scholars have long pointed out that sexism can harm people other than women. For example, Paula England has pointed out the tendency to devalue labor traditionally done by women, even when it is done by men. Ruth Bader Ginsburg famously challenged a rule that denied widowed fathers benefits that widowed mothers received. The rule both discriminated against women workers, who couldn’t earn the same benefits for their families that men did, and against men who wanted the opportunity to care for their children.

We don’t need to erase trans or non-binary people to show that barriers to menstrual equity, such as the tax on menstrual products, are unconstitutional sex discrimination. This tax targets a bodily function associated with women for less favorable treatment. It relies on sexist ideas that women’s needs are frivolous and unnecessary. It is irrational, and it directly affects cis and trans women, trans men, and non-binary people. It’s unfair, unconstitutional, and illegal.

Gabriel Arkles, Senior Staff Attorney, ACLU LGBT & HIV Project,
& Jennifer Weiss-Wolf, Co-founder, Period Equity

From the continued separation of families, to attacks on asylum-seekers, to the largest immigration raid ever in a state, to an unprecedented number of immigrants jailed by ICE, this year was filled with new lows for the Trump administration.

The ACLU, partners, and activists have been fighting nonstop for immigrant communities across the country. ACLU activists took over 400,000 actions against Trump’s anti-immigrant agenda and in support of humane immigration policies. Even in today’s challenging political climate, we are seeing our immigrants’ rights movement grow and gain momentum. This year, Congress introduced important legislation and carried out a steady stream of oversight hearings. Below are some highlights from this year.

The Trump administration rescinded a number of critical programs that protected two million immigrants from deportation, including protections for Dreamers through Deferred Action for Childhood Arrivals (DACA), and immigrants from countries including Nepal, El Salvador, and Liberia through Temporary Protected Status (TPS) and Deferred Enforced Departure (DED). In June, after months of advocacy and massive public support, the House of Representatives passed the Dream and American Promise Act (H.R. 6). This was the first bill focused on granting a pathway to citizenship to pass a chamber of Congress since 2010. ACLU activists sent over 10,000 messages in support of the bill. 

The House of Representatives passed Rep. Veronica Escobar’s bill, the Homeland Security Improvement Act (H.R. 2203), which would increase oversight and provide meaningful accountability of ICE and CBP’s actions. Senator Udall introduced a Senate counterpart of the bill.

There were also a number of bills introduced this year that serve as the gold standard for a future administration and Congress committed to immigration reform. Last week, Rep. Chuy Garcia introduced the New Way Forward Act, which if enacted would lead to a dramatic and large scale reform of our existing punitive immigration enforcement system. The Act corrects injustices embedded in our immigration laws, many of which have enabled this administration’s cruel and inhumane assaults on noncitizens in our country and at the border. This bill would dismantle the draconian immigration laws passed in 1996 and would restore fundamental principles of due process and compassion to a deeply imbalanced immigration system.

Other important bills include Representative Jayapal and Senator Booker’s bill the Dignity for Detained Immigrants Act; Senator Durbin’s bill on solitary confinement; legislation by Senators Leahy and Murray to curtail the existing “100-mile border zone;” and Representative Brown’s bill on access to counsel for immigrants. 

And right now, funding for the Department of Homeland Security — specifically its sub-agencies ICE and CBP — is at the center of budget negotiations for the next fiscal year. Through extensive advocacy from organizations and constituents, there is an ongoing fight to ensure that our government’s budget does not give another raise to the president for continued attacks on immigrants. ACLU activists have made and sent almost 30,000 calls and emails to their representatives on the issue. 

Legislation, however, is just the tip of the iceberg. One of the best ways Congress wields its power is demanding answers of government officials through oversight hearings. Members can also call on non-government witnesses to provide a firsthand account of the impact of immigration laws and policies on real people. The ACLU has testified or been involved with numerous hearings this year — perhaps more than we’ve ever seen in a single calendar year. 

ACLU staff and clients provided expertise, submitted statements, and testified this year on numerous issues including: family separation; the deportation of veterans and service members; the lack of oversight, expansion, and abuses in detention; Trump’s attacks on asylum and immigrants along the border; deferred deportation for people with serious medical conditions; and the unprecedented Mississippi ICE raids. 

The threat to immigrants’ rights is far from over. The ACLU will continue the fight against Trump’s abuses and hold members of Congress accountable to our values and the Constitution. 

Part of an end of year wrap-up series. Read more:

2019 was a Watershed Year in The Movement to Stop Solitary Confinement

The Death Penalty in 2019: A Year of Incredible Progress, Marred by Unconscionable Executions

The 2020 Election Promises Record Turnout

Under Attack by Trump, Immigrant Justice is Advancing in the States

The Battle for Abortion Access is in the States

In 2019, We Fought Across the Country to Dismantle Mass Incarceration. We Won on Multiple Fronts.

Madhuri Grewal, Federal Immigration Policy Counsel, ACLU National Political Advocacy Department