Electronic Frontier Foundation

The Electronic Frontier Foundation (EFF) is the oldest and, in the US context, the most comprehensively operational civil-liberties organisation working at the intersection of law, technology, and democratic rights. Founded in 1990 in San Francisco, where it remains headquartered, EFF operates as a 501(c)(3) non-profit sustained primarily by member and individual donations — a funding structure that is itself a deliberate posture: the founding premise was that digital civil liberties would need a defender independent of both government and technology industry. The organisation's three-lane operation — litigation and legal defence, policy advocacy, and the direct production of open-source privacy tools and technical-safety guides — makes it distinctive in the corpus: most civil-society organisations do two of these three, and very few do all three at the scale EFF does. Its position in the make-AI-good movement flows from this combination: EFF is simultaneously a litigator in AI and surveillance cases, a coalition anchor for grassroots surveillance-accountability campaigns, and the producer of infrastructure (Privacy Badger, Certbot, the Surveillance Self-Defense guide) that non-technical users and at-risk communities depend on for protection against the surveillance systems EFF simultaneously challenges in court.

Founding

EFF was founded in July 1990 by Mitch Kapor (then former president of Lotus Development Corporation), John Perry Barlow (a Wyoming rancher, lyricist for the Grateful Dead, and author of the 1996 "Declaration of the Independence of Cyberspace"), and John Gilmore (an early Sun Microsystems employee), in direct response to a law-enforcement overreach: the United States Secret Service had raided the Austin offices of Steve Jackson Games — a tabletop role-playing game publisher — and seized computers and manuscript files under the erroneous premise that the publisher's electronic bulletin board was a site for distributing stolen materials. The raid's legal framing treated a private BBS's messages as having no civil-liberties protection, revealing to the founders a gap between existing law and the emerging world of networked digital communications that needed to be closed by litigation, advocacy, and clear principle-setting before agencies, courts, and legislators set the defaults by default. EFF's subsequent legal programme has produced some of the most consequential US digital-rights precedents: Bernstein v. Department of Justice established that computer source code is constitutionally protected speech under the First Amendment, effectively settling the legality of strong encryption in the US; the challenge to the Communications Decency Act produced the Reno v. ACLU Supreme Court ruling that the internet deserves the highest First Amendment protection; and sustained FOIA litigation and amicus brief practice has shaped the legal framework governing digital privacy across decades of changing technology.

Programme areas

EFF's three interlocking modes of work — litigation and legal defence, policy advocacy, and technology production — are each run at institutional scale.

The legal programme runs through a General Counsel, Legal Director, dedicated litigation staff, and a Threat Lab under a Director of Investigations that produces technical and investigative research informing both litigation and policy. The active caseload combines direct defence of individuals facing government digital overreach, FOIA litigation against federal agencies using opaque AI systems, and amicus brief practice in state and federal courts on facial recognition evidence, encryption, and algorithmic decision-making.

The policy programme maintains a Director of Federal Affairs for the US Congress and federal agencies, and an International Policy Director and Global Privacy Policy Director for engagement with EU institutions, the UN system, and bilateral processes. EFF does not sit inside the European Digital Rights (EDRi) network the way the EU-based organisations do, but its international staff maintain substantive engagement on cross-border AI and surveillance questions that European regulatory processes generate — particularly on facial recognition, biometric databases, and encryption policy where EFF has been building doctrine since the 1990s.

The tools and technology programme has produced infrastructure that much of the open internet depends on: Certbot is the standard command-line tool for automating Let's Encrypt certificate issuance, making HTTPS effectively universal for websites that could not afford commercial TLS certificates; Privacy Badger is a browser extension that automatically blocks cross-site tracking; Cover Your Tracks (formerly Panopticlick) tests browser fingerprint uniqueness; and Surveillance Self-Defense is the principal multi-language digital-security guide for at-risk populations — protesters, journalists, activists, LGBTQ+ youth, abortion access workers — providing practical guidance on encrypted communications, device security, and threat modelling for people whose safety depends on it. HTTPS Everywhere, EFF's browser extension that enforced HTTPS connections, was sunset in January 2023 once browser vendors integrated native HTTPS-first modes — an example of EFF retiring tools when the infrastructure they were compensating for has been fixed.

AI, surveillance, and grassroots mobilisation

EFF's AI-relevant work is primarily rooted in its long-running surveillance campaigns rather than emerging from the recent AI-governance wave. The organisation has been challenging government use of facial recognition for years, framing it as a civil-rights issue — not merely a privacy issue — on the evidence that the systems produce disparate error rates affecting women and people with darker skin, and that law enforcement use of facial recognition for identification in criminal proceedings has produced documented wrongful identifications. EFF's About Face campaign mobilises communities to oppose government facial recognition through a coalition that includes Lucy Parsons Labs, Oakland Privacy, and Media Justice; the campaign pursues both local ordinances and court interventions, including amicus briefs in criminal facial recognition cases seeking disclosure to defence counsel.

The Community Control of Police Surveillance (CCOPS) campaign, launched in 2016, is EFF's most directly grassroots-mobilisation-oriented programme: it pushes for local ordinances that require community approval — through city council votes — before police agencies can acquire and deploy surveillance technologies including facial recognition, automated licence plate readers, cell-site simulators, and drones. The jurisdictions that have enacted CCOPS laws include Santa Clara County, BART, Oakland, Berkeley, Palo Alto, San Francisco, and New York City. CCOPS is the campaign in EFF's portfolio most closely aligned with the "people outside AI being engaged in work to shape how AI is deployed" criterion of this corpus — it routes surveillance-technology acquisition decisions through democratic institutions where non-specialist community members participate, rather than allowing police agencies to acquire surveillance capability by procurement alone.

The Atlas of Surveillance is a crowdsourced research database documenting law enforcement surveillance technology deployments across the United States, built with more than 1,000 student and volunteer researchers in partnership with the Reynolds School of Journalism at the University of Nevada Reno. The database catalogues deployments of ALPRs, facial recognition systems, body cameras, drones, cell-site simulators, gunshot detection, and other surveillance technologies by agency, giving journalists, defence attorneys, and advocacy groups an evidence base for challenging deployment decisions. EFF's companion Street Level Surveillance guide explains how sixteen categories of law enforcement surveillance technology work — ALPRs, facial recognition, body cameras, cell-site simulators, drones, robots, gunshot detection, biometric surveillance, electronic monitoring, predictive policing software, real-time location tracking, social media monitoring, police databases, forensic extraction tools, community surveillance apps, and police access to IoT devices — for the same practitioner audiences.

AI policy position

EFF's stated regulatory philosophy on AI is distinctive among US digital-rights organisations: rather than treating AI as a sui generis regulatory subject requiring new AI-specific legislation, EFF frames it as a general-purpose tool set and argues that existing legal frameworks — FOIA for government AI use, privacy law for corporate AI use, competition law for platform concentration — should be extended and enforced rather than replaced. The practical priorities flowing from this position are: comprehensive privacy legislation covering all corporate surveillance and data-broker activity; antitrust enforcement to prevent incumbents from using AI capability as an entry barrier against competitors; and robust transparency requirements for government AI systems. In practice EFF has also filed suit directly: in March 2026 EFF filed a FOIA lawsuit against the Centers for Medicare and Medicaid Services over the WISeR program, an AI system that evaluates Medicare care requests and reportedly issues denials on their basis, citing the public's right to understand how a federal AI system makes consequential decisions about patient care.

Leadership

Cindy Cohn led EFF as Executive Director from 2015 through May 2026, having joined the organisation as outside lead counsel in 1993 for the Bernstein v. Department of Justice encryption case and having served as Legal Director and General Counsel from 2000 onward. Nicole Ozer succeeded Cohn as Executive Director in June 2026; Ozer was the founding director of the Technology and Civil Liberties Program at the American Civil Liberties Union of Northern California, where she led the legislative campaigns that produced the California Electronic Communications Privacy Act and the California Reader Privacy Act, and she subsequently served as the Inaugural Executive Director of the Center for Constitutional Democracy at UC Law San Francisco. The board is chaired by Gigi Sohn, the net-neutrality advocate and former FCC commissioner nominee, and includes Bruce Schneier (security technologist and Berkman Klein Center fellow, also on the Access Now board), Jonathan Zittrain (Harvard Law), Pamela Samuelson (Berkeley Law), and Anil Dash (CEO of Glitch), among others.

Position in the movement

EFF is the oldest anchoring organisation in the US digital-rights field and occupies a position in this corpus that no other US organisation matches: it combines the member-funded independence and international coalition reach of Access Now's model — compressed into the US jurisdiction — with litigation-and-precedent work that produces binding law, and with open-source tool production that makes EFF's influence concrete rather than symbolic. Its member-funded model — not foundation-dependent, not government-funded — provides structural independence that EFF explicitly frames as central to its mission, distinguishing it from think-tanks and policy-dependent organisations that must manage funder relationships with the same platforms they are challenging. The CCOPS and About Face campaigns represent EFF's clearest grassroots-mobilisation footprint — they move beyond litigation and policy briefing into coalition-building at the city level, engaging non-specialists in surveillance-technology decisions through democratic processes. EFF was also a founding member of the Access Now #KeepItOn coalition when it launched at RightsCon Silicon Valley in 2016 — the cross-organisational network working to document and oppose state-ordered internet shutdowns. That combination of litigation infrastructure, tool production, and demonstrated grassroots campaign capacity is why EFF anchors the movement-graph's US digital-rights coverage in a way that more narrowly focused organisations do not.