posted 2 days ago on techdirt
Snowden's puzzling single-question Q&A with Russian president Vladimir Putin on the topic of domestic surveillance prompted many to believe this was an indication that he was, at the very least, under control of Russian intelligence, if not actually acting in concert with it. Putin took the apparent softball and lined it right down the middle, responding with a series of statements and denials that made Russia appear to be the antithesis of the US government: tightly controlled intelligence built on respect for its citizens' privacy. As Snowden later clarified, he was pulling a Wyden -- crafting a question about the mass collection and storage of communications that would either result in transparency or an easily-disproven denial. Putin delivered the latter. "Mr Snowden you are a former agent, a spy, I used to work for a intelligence service, we are going to talk the same language." He said Russia did not have a comparable programme, stating: "Our agents are controlled by law. You have to get court permission to put an individual under surveillance. We don't have mass permission, and our law makes it impossible for that kind of mass permission to exist." Putin's response was laughable. After all, his nation's intelligence services originally put the "surveillance" in Surveillance State. In the USSR, along with the Eastern Bloc, citizens were very closely watched and routinely punished for not toeing the Party line. Not much has changed, even if Russia is nominally a "free" country. The Russian Federal Service for Telecoms Supervision (Roskomnazdor) is continually expanding its internet censorship efforts and Russian intelligence services have made public announcements about their surveillance plans, like the collection of all foreign communications during the Sochi Olympics. While Roskomnazdor mans the front door, Russian intelligence lets itself in the back, according to information gathered by Privacy International. When the Soviet Union collapsed, many of the KGB’s regional branches became the security services of the newly independent states. But they didn’t stray far from the Kremlin’s lead. They modeled their governing laws after Moscow’s, and used similar technology, too. Namely, SORM — Russia’s nationwide system of automated and remote legal interception on all kinds of communications. SORM’s tactical and technical foundations were developed by a KGB research institute in the mid-1980s. Initially SORM was installed on analogue telephone lines. As new technologies developed, SORM did, as well. Today SORM-1 intercepts telephone traffic, including mobile networks, while SORM-2 is responsible for intercepting internet traffic, including VoIP. SORM-3 gathers information from all communication media, and offers long-term storage (three years), providing access to all data on subscribers. In addition, SORM enables the use of mobile control points, a laptop that can be plugged directly into communication hubs and immediately intercept and record the operator’s traffic. SORM also proved essential to spy on social networks based in Russia. “We can use SORM to take stuff off their servers behind their backs,” an FSB official told us. According to figures published by Russia’s Supreme Court, over the last five years the number of legal telephone intercepts alone has almost doubled, from 265,937 intercepts and recordings of phone calls and e-mails to 466,152 in 2011. Going back to Putin's statement, he claims that "court permission" is needed to put someone under surveillance. From the above paragraph, that statement would appear to be true. But further digging into SORM reveals that court orders and warrants are little more than surveillance blank checks. In Russia, an FSB operative is also required to get an eavesdropping warrant, but he is not obliged to show it to anyone. Telecom providers have no right to demand that the FSB show them the warrant. The providers are required to pay for the SORM equipment and its installation, but they are denied access to the surveillance boxes. Thus, the FSB does not need to contact the ISP’s staff; instead the security service calls on the special controller at the FSB HQ that is connected by a protected cable directly to the SORM device installed on the ISP network. This system is copied all over the country: In every Russian town there are protected underground cables, which connect the HQ of the local FSB department with all ISPs and telecom providers in the region. If the FSB needs to add targets to its existing "tap," it doesn't need to notify the court. The agent in place simply updates the SORM control device. So, one controller and one court order can easily trap the communications of an unlimited number of citizens, all without anyone but SORM knowing who's being surveilled. This technology has made its way to the former Eastern Bloc (which hasn't made those countries happy) and has been deployed to intercept communications from political opponents. The more things change, the more Russian intelligence appears to be happy to return to its KGB heyday. Beyond the fact that Putin's answer was simply (and knowingly) false, there's also the fact that his denials echo those delivered by NSA and GCHQ officials. Whenever a new leak surfaces, the routine denial is dispensed. Here's GCHQ's canned response: [A]ll of GCHQ’s work is carried out in accordance with a strict legal and policy framework which ensures that our activities are authorised, necessary and proportionate, and that there is rigorous oversight… Putin basically says the same thing while denying information that's already been made public. According to him, it's all legal and subject to oversight, something that clearly isn't the case. Certainly Snowden expected a canned answer, and he got one -- one in which Putin lied about his intelligence agency's capabilities and tactics. At one point, we in the US (and the UK) could have mocked such a clearly false denial, but after the events of the past nine months, we no longer have that luxury. The problem isn't that we don't expect Russia's government to have made a sea change in its relationship with its citizens. The problem is that we didn't expect ours had. Putting this on Snowden's head because a softball question was handled with a PR-savvy answer doesn't make him complicit with the FSB's surveillance activities. But our politicians and government agencies have made us unwillingly complicit with our own. "Legality" and "oversight" are mere buzzwords in the hands of surveillance state defenders. The words don't mean what they used to… if they ever meant anything at all. Permalink | Comments | Email This Story

Read More...
posted 3 days ago on techdirt
More evidence is being uncovered indicating that if the government wants access to privileged attorney-client communications, it will find a way to do so. This new incident, tied to the 9/11 trials, follows the news that the NSA gave Australian intelligence the go-ahead to intercept communications between an American lawyer and his Indonesian clients. This previous incident resulted in the American Bar Association sending a letter to the NSA asking it to uphold the sanctity of attorney-clients communications. Gen. Alexander's response was basically "of course we respect that, but we grab so much stuff there's no way for us to guarantee we'll never intercept privileged communications." Not much in the way of reassurance there, and this following story shows there's even less reason to believe that investigative and national security agencies won't insert themselves into the attorney-client relationship. Two weeks ago, a pair of F.B.I. agents appeared unannounced at the door of a member of the defense team for one of the men accused of plotting the 9/11 terrorist attacks. As a contractor working with the defense team at Guantánamo Bay, Cuba, the man was bound by the same confidentiality rules as a lawyer. But the agents wanted to talk. They asked questions, lawyers say, about the legal teams for Ramzi bin al-Shibh, Khalid Shaikh Mohammed and other accused terrorists who will eventually stand trial before a military tribunal at Guantánamo. Before they left, the agents asked the contractor to sign an agreement promising not to tell anyone about the conversation. With that signature, Mr. bin al-Shibh’s lawyers say, the government turned a member of their team into an F.B.I. informant. There's not much more available detail-wise, as the defense's motion informing the court of this subversion is -- like most of the documents related to this trial -- under seal. But everything leading up to this new revelation indicates the government views this trial to be a forum where the normal rules just don't apply. To begin with, this was never meant to be much more than a show trial. The special tribunal system was set up by President Bush after the 9/11 attacks, specifically for suspected terrorists. (Despite the stacked deck -- foreign terrorism suspects aren't afforded the same legal protections as US citizens -- the court has yet to secure a conviction in its 12+ years of existence.) This special system has resulted in several instances of access to attorney-client communications, some intentional and others (supposedly) more inadvertent. Last year, the government acknowledged that microphones were hidden inside what looked like smoke detectors in the rooms where detainees met with their lawyers. Those microphones gave officials the ability to eavesdrop on confidential conversations, but the military said it never did so… A botched computer update gave prosecutors and defense lawyers access to the other side’s confidential work. And the Pentagon acknowledged inadvertently searching and copying defense lawyers’ emails but said nobody read them. And it's not just the defense that's bothered by these incidents. Christopher Jenks, a Southern Methodist University law professor and a former military prosecutor, said he sympathized with the Guantánamo prosecutors, who appeared to have been just as surprised as defense lawyers by the appearance of the F.B.I. and C.I.A. in their cases. But even more troubling is the fact that an agency supposedly uninvolved in the proceedings has gone so far as to subvert the judicial process altogether. Last year, as a lawyer for Mr. Mohammed was speaking during another hearing, a red light began flashing. Then the videofeed from the courtroom abruptly cut out. The emergency censorship system had been activated. But why? And by whom? The defense lawyer had said nothing classified. And the court officer responsible for protecting state secrets had not triggered the system. Days later, the military judge, Col. James L. Pohl, announced that he had been told that an “original classification authority” — meaning the C.I.A. — was secretly monitoring the proceedings. Unknown to everyone else, the agency had its own button, which the judge swiftly and angrily disconnected. After witnessing the amount of effort the CIA has made in order to thwart the release of the torture report, it's of no surprise that it tried to control the narrative here as well. It's also no surprise the agency feels it should defer to no one, not even a presidentially-directed tribunal. The government does have a little more leeway, considering these aren't your normal, subject-to-due-process trials, but it's still problematic that despite the advantages of a quasi-tribunal set up by a presidential order in the wake of the 9/11 attacks, government investigative agencies still feel compelled to not only insert themselves into the process, but to subvert client-attorney privilege on top of it. All's fair in the War on Terror, it would appear, even when those suspects are safely locked up and going into their second decade of detention as the broken process labors on. Permalink | Comments | Email This Story

Read More...
posted 3 days ago on techdirt
A New York University trustee has found a way to chill speech critical of him and the companies he owns: subpoena the personal emails of two particularly outspoken opponents. A New York University Law trustee's company wants two students to hand over their personal emails after they circulated a letter criticizing him, according to a subpoena. The law students, second-year Luke Herrine and first-year Leo Gertner, were targeted after they helped circulate a letter denouncing NYU Law School trustee Daniel Straus, who owns Care One Management, a home health aide and nursing home company embroiled in a labor dispute. The two students started a petition asking for the removal of Straus from the Board of Trustees, pointing out that a law school should probably be associated with someone who respects the law, something Straus' companies seem to have trouble doing. His two companies, CareOne and HealthBridge Management, have been cited at least 38 times by the National Labor Relations Board for violating federal labor laws. In addition, HealthBridge was held in contempt of court for refusing to allow 600 workers to return to their jobs at their pre-strike pay levels. CareOne's current legal battle with a local labor union, Service Employees International Union (SEIU), something that has dragged on for years at this point, has seemingly turned into a convenient way for Straus to get back at his critics. Of course, CareOne claims otherwise. CareOne spokesperson Deborah Maxson said the deadline for the requested information is April 25. “Straus is not a party to the lawsuit and is not managing the litigation,” Maxson said. Straus may not be a party to this lawsuit, but these are his companies, and there can be very little doubt that Straus would prefer the ongoing criticism of his business efforts be halted. If CareOne wants to use the excuse that Straus isn't a "party" to this lawsuit, then it needs to extend that same courtesy to the two students, who also aren't a "party" to the ongoing legal fight. Then there's the content sought by the subpoenas. This, too, mentions Straus directly, even as CareOne claims this has nothing to do with him. According to a letter sent by the Board of Trustees to NYU administration, this is what CareOne is hoping to obtain: “The subpoenas requested information regarding any contact the students may have had with SEIU and any activity they may have engaged in, such as protests or meetings, relating to Mr. Straus or CareOne...” If Straus isn't "party" to this lawsuit, why does CareOne need information relating to Straus? Beyond that, the information requested bears all the hallmarks of trying to use the power of the court to silence free speech. Protests and meetings, both activities covered by the First Amendment, are mentioned specifically by the subpoena. For what it's worth, NYU has stepped up and has provided the students with the pro bono help of one of the school's lawyers. It also issued a very carefully-worded defense of the students, no doubt mindful of Straus' $1.25 million annual endowment. “The Law School is not a party to the litigation between Care One and SEIU, and will remain uninvolved in it," the school wrote in a statement to DNAinfo New York sent Thursday. "We vigorously support the right of our students to express their views and to organize and participate in lawful demonstrations and other protest activity, at the same time that we acknowledge that parties to litigation are permitted, subject to applicable rules and judicial oversight, to gather evidence in support of their case." Further statements reiterated NYU's support for its students' rights but also noted it considered Straus to be an "upright and honorable person." That said, it seems that there is a clear -- and somewhat massive -- conflict of interest for Straus to remain on the board of trustees at NYU Law at the same time he's using the legal process to demand the email contents from two of its students. As is noted by the students' new petition demanding the withdrawal of the subpoenas, this sort of activity, undertaken by a "victim" of criticism, will discourage others from approaching anything remotely controversial. Forcing students to turn over emails and other private communications in litigation that does not concern them can chill free speech on campus and make students think twice about raising their voice about controversial issues. This is antithetical to NYU's mission of open academic inquiry and commitment to the public interest. Rather than address these concerns, Straus is allowing (or directing) his company to shut down his critics by seeking personal communications from non-party NYU students. Straus also has additional leverage with the university should this fail to keep future criticism at bay. Of course, there's always a chance NYU will side with the students and decide that Straus' companies don't really reflect the culture it's trying to instill in its students. But until this all plays out, we're just witnessing the sort of tactics deployed by entities who would rather shut people up than address their concerns. Permalink | Comments | Email This Story

Read More...
posted 3 days ago on techdirt
A few weeks back, I read a Washington Post story "Inside the admissions process at George Washington University" and noted this interesting tidbit towards the end: GW also asks students to list a role model and two words to describe themselves. As for herself, Freitag said, she would list “Martha Stewart/Tina Fey” and “sassy/classy.” This year, she’s seeing a lot of Edward Snowden citations. I had thought about writing it up, but decided it was a pretty small thing, really. It's not secret that, as a group, younger people have a much more favorable impression of Snowden than older people. However, apparently it set off alarm bells in James Clapper's head. He recently gave a keynote speech at the GEOINT conference, and used the opportunity to vent about stupid kids and their stupid love of that stupid Ed Snowden. And apparently he's going to be doing a lot of that. “An admissions officer from George Washington University told The Post that for the admissions’ essay question, ‘Who’s your personal hero?’ the admissions officer observed that she was seeing a lot more of Edward Snowden citations. And the idea that young people see Edward Snowden as a hero really bothers me. So I thought I needed to talk about Snowden at Georgetown and Georgia and I am going to do the same elsewhere at colleges and universities.” His attempts to do so in the speech, not surprisingly, really seem to fall flat. He claims that "despite being a geezer" he gets why you stupid kids like Snowden: “I understand that a lot of young people see Snowden as a courageous whistleblower standing up to authority. I personally believe that whistleblowing in its highest form takes an incredible amount of courage and integrity. But Snowden isn’t a whistleblower,” To prove this, Clapper comes up with an example of a whistleblower that he thinks "did it right." The army reservist who alerted others to the photos of Abu Ghraib prisoners being abused. And that guy is a whistleblower too. But just because one whistleblower did things one way doesn't discount the experience of other whistleblowers. And the reason so many people look up to Ed Snowden and see him as a hero is that, unlike the Abu Ghraib situation, with the NSA setup, basically the whole system was stacked against him. Clapper insists Snowden had legitimate paths to go down. "Snowden said he felt NSA’s surveillance program was being used to violate privacy and civil liberties. If that was his concern, he had a lot of options on where to go with it. He could have reported it to seniors at NSA, which he didn’t do,” Of course, Snowden claims that this is a lie and that he did raise concerns through the proper channels, only to have them ignored. “There’s an inspector general for NSA and another one for the entire intelligence community. My office has a civil liberties and privacy protection officer. Snowden could also have gone to the Justice Department or the Congress. And as we’ve seen Snowden is superb at finding information so I think he could have tracked those people down had he given it a little thought,” Of course, the inspector general for the NSA has since made it clear that if Snowden had complained to him, he would have shut him down and insisted there was nothing to worry about. Okay, so what about the one for the entire intelligence community? You mean the one that has rejected Congress' request to investigate the NSA? Congress? Considering how much difficulty Senators Wyden and Udall had in getting anyone to listen to them over the past few years, that was clearly a dead end. The Justice Department has also been equally complicit in the whole thing, since the NSA works hand in hand with the FBI, and the DOJ itself is the one that goes to the FISA Court to request these secret interpretations of US law. It's pretty clear that the options Clapper listed were not options at all if you really believed that the intelligence community was in the wrong (as over half of the American public now believes). And of course, that's what Clapper really means here. He would have been much, much happier if Snowden had gone down a path that would have completely buried his concerns, making sure there was no debate about the US's creeping surveillance state, dismissal of the 4th Amendment and increasingly secret interpretation of laws to spy on everyone. And I'm sure he would have been a lot happier to never have had the fact that he flat out lied to Congress revealed. Clapper also repeated the old saw that because of the leaks, those darn terrorists are changing how they communicate: “We’re beginning to see changes in the communications behavior of our adversaries, particularly and most disturbingly terrorists, a trend that I anticipate will continue. And as a consequence our nation is less safe and our people less secure.” Of course, as Kevin Gosztola points out, the same claim has been made for nearly a year, so it's a bit bizarre to have Clapper say now that they're just "beginning" to see changes. Even more to the point, these claims are almost certainly bullshit anyway. Elsewhere, when no press was around, Clapper has admitted that the NSA isn't actually concerned about terrorists changing their communications practices, saying that they can track them just fine. Furthermore, the idea that any of the revelations really changed how terrorists view their communications habits seems unlikely. As we've pointed out a few times, it's pretty clear that terrorists were well aware of our intelligence capabilities over a decade ago, and have acted accordingly. The only new thing that has really been shown is how the US uses these same techniques across nearly all American citizens, as well as friends and allies. Finally, as Gosztola points out, Clapper's real guffaw-inducing statement in the speech is to argue that his "major takeaway from this whole experience though has been the need for transparency" followed by him taking credit for "the decision to declassify more than 2000 pages of documents beginning last summer because the best way to deal with the misconceptions that had resulted from the leaks was to increase transparency." Except, as we've pointed out a few times, nearly all of the documents he's released have not been because of any major epiphany by Clapper, but because of lawsuits from the EFF, ACLU and others, something Clapper's office almost never admits (though, the last few releases have sometimes acknowledged it -- the last one only acknowledged it on Twitter, though). And trying not to gag while reading this: But the same transparency that reassures our citizens comes with a cost. It hurts our capabilities because our adversaries go to school on that very transparency. But when we boil it all down, we felt I felt we needed to pay that cost. Even if it meant losing some sources and methods, we need to engage in the kind of national conversation that free societies have - to correct misunderstandings that lead to false allegations in the media and to counter misperceptions that the IC work force is violating civil liberties. So we made the painful choice to declassify critical documents in the interest of being more transparent Yeah, right. There's a reason people think Ed Snowden is a hero and James Clapper is a lousy liar. And this little tour to try to convince students otherwise isn't likely to change that.Permalink | Comments | Email This Story

Read More...
posted 3 days ago on techdirt
This is hardly a surprise, given that we'd already covered the brief submitted by the US Solicitor General's office in support of the broadcasters and against Aereo, but the Supreme Court has agreed to allow the office to argue in court tomorrow in the Aereo case. Again, not surprisingly, the Solicitor General's office tends to have a lot of sway with the Supreme Court, so this is effectively the US government tipping the scales of justice in favor of Hollywood and against the internet, where the impact of a ruling against Aereo may be quite severe. The Solicitor General's office has argued that a ruling for Hollywood won't impact the cloud, basically because they say so. But, as we've discussed, its argument there is truly bizarre, in that it just asserts that such a ruling "need not" impact the cloud, and never bothers to address the many reasons it will absolutely impact the cloud. In fact, many of the other briefs in support of the broadcasters' position insist that the broadcasters should win because all those other companies can "just get a license." Now think about that for a second. Imagine using your Dropbox if nothing can be uploaded until Dropbox confirms it has a license for the work. Right. That's not going to work. And, of course, this is what this case is all about. Broadcasters have always hated the internet, because they can't control it. Broadcasters have spent decades honing a business model that is based around a "broadcast" model. That is, they send out a signal, and the masses "consume" it. The internet has shaken that up in so many ways, because the internet is not a broadcast system. It's a communications system that allows anyone to communicate with anyone. For decades now, broadcasters have worked hard to reshape the internet into a better "broadcast" medium. That's what nearly every copyright challenge is about. Giving more control to the big broadcasters, while making it harder for the everyday internet user to do anything online without getting it shut down. Stifling cloud computing by pushing for every bit of content -- even those totally in control of an individual user -- to be "licensed" is just the latest such attempt to stifle the internet as a communications medium of the people, and to push it to be a broadcast medium for a few giant entertainment companies. So, really, the big question is why anyone thinks it's appropriate at all for the US government to weigh in here. We've already noted the significant conflict of interest in that the Solicitor General himself, Donald Verrilli, spent many years as Hollywood's top lawyer, even arguing in the Supreme Court on some key copyright cases. And while he recused himself from all of this, it at least smacks of the "too cozy" relationship between Hollywood and the US government. Also recused is Verrilli's top deputy who, prior to rejoining the government a few years ago, was a top lawyer at Jenner & Block, the very same law firm representing the broadcasters in this case. Yes, they've recused themselves, but given that it's rather bizarre that the Solicitor General's office decided to get involved in this case in the first place, it certainly raises eyebrows about the reasons. This is a dispute where the US government really has no role joining in the proceedings, but it has decided to assert itself, solely on the side of broadcasters and against the internet. Seems like an odd choice for an administration that has claimed to be so internet savvy.Permalink | Comments | Email This Story

Read More...
posted 3 days ago on techdirt
So, we already wrote about the RIAA's big new legal attack on Pandora over royalties on pre-1972 sound recordings. The legal issues there are complex and convoluted, involving a mix of state common law along with federal copyright law. However, the RIAA has clearly decided that it's not going to delve into the nuances there, preferring to go with totally bogus spin. This started with an opinion piece by SoundExchange's CEO, in which he claimed that it was unfair that artists from pre-1972 works weren't getting paid. And with the launch of this lawsuit, the RIAA is trotting out some artists who are making similarly bogus statements: The RIAA circulated the lawsuit on Thursday along with quotes from artists or their heirs. "It’s an injustice that boggles the mind," says Booker T. & the MG's Steve Cropper. "Just like the programmers who deserve to be paid for their work, I deserve to be paid for mine.” This depresses me, in part, because I'm a huge Steve Cropper fan -- and have spent tons of money purchasing a variety of music from Booker T. & the MG's over the years (and plenty of other of Cropper's work both at Stax and elsewhere). However, this is a really unfortunate and misleading argument. It's obviously an attempt to hit at those terrible "techies" at Pandora, implying that Pandora's engineering staff continually gets paid for their work. But it actually underlines how silly the RIAA's argument is here. Because no Pandora programmer expects to get paid for his work 50 years from now. They get paid today to work today. And that's it. If that person leaves Pandora tomorrow, then they don't keep getting paid for it. Nor do they expect their children and grandchildren to keep getting paid for it. Booker T. and the MG's biggest hit, Green Onions, came out in 1962. It would be great if Cropper could point to a programmer who is still getting paid for code he wrote in 1962. Because I would imagine it's not a very big list. This is also why many of the other quotes the RIAA is pushing concerning this effort are so misleading as well. Buddy Holly's wife, Maria Elena Holly, rightly notes that "Many artists from the 1950s are retired and struggling to support themselves or have families or heirs who are trying to make ends meet." That is, no doubt, true. But that's a different issue. Copyright was never meant to be a welfare system for artists. It was never meant to keep paying them in retirement. It was meant to be an incentive to create, and once it worked, that was it. In fact, under the copyright laws that were in place in 1958 when Buddy Holly released his hit "Everyday," the absolute longest that the copyright on that song could have lasted was 56 years. In other words, when Holly released that song, he knew that by 2014 (hmmm...) that song would be in the public domain. So it seems, well, a bit unseemly to suddenly be whining about it now. In fact, I'm sure that many programmers from the 1950s are similarly "retired and struggling to support themselves or have families or heirs who are trying to make ends meet." And many of those retired programmers created the underlying structure and systems for today's computers and internet, which has created so much value for the world. But we don't see them and their heirs whining about how the world owes them a living for work they did more than half a century ago. And this is the problem. There are almost no professions in the world in which you get to do some work (even if it's amazing work) half a century ago, and then still have people paying you for it today. To act like this is some sort of massive offense just seems silly and misguided.Permalink | Comments | Email This Story

Read More...
posted 3 days ago on techdirt
Our nation's singular focus on terrorism has led to various branches of the government and counterterrorism pundits declaring all sorts of things to be warning signs of terrorist activity. Here's a short (but by no means all-inclusive) list of activities that are supposedly indicators of terrorism-in-progress. Staying in a hotel and doing any number of "odd" things. Like not using the hotel's wifi, making requests in person at the front desk, not bringing enough baggage, using entrances/exits other than the one in the lobby area or turning down room service. Complaining about the TSA. Complaining about the water quality. Complaining. Contributing to Wikileaks (or even frequenting the site). Deploying glitter during a protest. Being a journalist. (UK edition) Encrypting your data. Expressing dissatisfaction with government policies. Having "money problems." Operating a food truck. Now, here's a new one to add to the list. If Lisa Monaco (White House Homeland Security and Counterterrorism Advisor) is to be believed, nearly every parent, especially those with stereotypical teens in the household, is harboring potential terrorists. “Parents might see sudden personality changes in their children at home—becoming confrontational. Religious leaders might notice unexpected clashes over ideological differences. Teachers might hear a student expressing an interest in traveling to a conflict zone overseas. Or friends might notice a new interest in watching or sharing violent material.” That's right, parents. If your child seems moody, unreceptive to your religious leanings, enjoys watching violent "material" or wants to travel nearly anywhere in the world (not a whole lot left outside of the First World that can't be described as war-torn), he or she is your family's very own "insider threat." Monaco understands this might be troubling for parents to hear, but it's all for the best. Remember, parents: only you can prevent terrorism. “The government is rarely in position to observe these early signals, so we need to do more to help communities understand the warning signs, and then work together to intervene before an incident can occur.” The nation's counterterrorism forces are profoundly sympathetic for these terrorist-raisers. They truly wish they could be in the position to catch these early warning signs, but our short-sighted predecessors have prevented them from observing first-hand, thanks to obstacles like the Third and Fourth Amendments. Not to worry. As Monaco points out, the nation has mobilized parents' neighbors against them, providing them with any number of see-something-say-something venues with which to turn in your confrontational, agnostic, R-rated movie-watching hellspawn -- just in case you don't love America enough to do it yourself. Oh, and P.S.: the DHS reiterates its commitment to flooding small towns with military vehicles and weaponry. Monaco said that in addition to citizen alertness, the Department of Homeland Security is increasing its partnerships across the country and making hundreds of millions of dollars in grant money available annually to local law enforcement to help improve anti-terrorism security at the municipal and county level. A terrorist in every household and a military assault vehicle in every unincorporated township. USA! USA! USA! Permalink | Comments | Email This Story

Read More...
posted 3 days ago on techdirt
The battle for countries wishing to take control over internet governance (either to increase control and censorship or to "reward" local state-owned telcos) didn't end with the whole WCIT debacle a year and a half ago. It's an ongoing process. This week is NETmundial, or the Global Multistakeholder Meeting on the Future of Governance, and the usual countries are making the usual noise about changing how internet governance works. There will be lots of talk about how meaningful these discussions will be, or if they'll just be a "farce" to enable authoritarian governments more control. Either way, there are some important proposals and discussions happening at the event. And some nutty ones. Take, for example, India's proposal that we rename the internet as the Equinet as a way to "challenge US hegemony." Because that will do it. In a major diplomatic initiative, India is all set to challenge the U.S.’ hegemony of the World Wide Web at a global meet on Internet governance in Sao Paulo (Brazil) next week. India has decided to propose renaming of Internet as ‘Equinet’ so that all nations can have equal say in its operations, besides calling for “internationalisation” of core Internet resources. Of course, the naming bit is the smokescreen attention-grabber for the other point. Setting up so that "all nations" (note: not all people) can have a say in the operations of the internet is a specific attack on the so-called "multistakeholder" model that is currently in place, in which it's not government entities making these decisions, but a broad group of folks from different backgrounds and specialties (including, many technical experts). Hand the internet over to "governments" and you have a recipe for disaster. If you want more evidence of how troubling this is, look at who India is "aligning itself" with in this proposal: India is likely to side with Brazil, Russia, China, South Africa and Iran to make its point. Brazil, which organized this event, has been pushing for stronger internet freedoms lately, but also has a history of going in the other direction. Russia, China and Iran, of course, are very much focused on greater control and censorship of the internet, not greater freedom. There are lots of important things worth discussing concerning internet governance, but renaming the internet as a challenge to US control (which isn't actually US control) is pretty silly. What's much more concerning is the underlying attempt to give some authoritarian countries with long histories of censorship more direct control over the internet. Equinet sounds ridiculous, but Censornet may be more accurate.Permalink | Comments | Email This Story

Read More...
posted 3 days ago on techdirt
It doesn't matter how you look at this situation. This is an abuse of power. No matter how much benefit of a doubt you give the protagonists -- even if you cut the Peoria, IL police so much slack you're both falling over backwards (to borrow a Sparks lyric) -- this situation looks like the end result of an overly-close relationship between city politicians and local law enforcement. How else would you explain the following? Illinois police seized computers and mobile phones while raiding a house whose owner was suspected of parodying the town mayor on Twitter. In all, five people following the Tuesday evening raid were taken to the Peoria Police Department station for questioning, local media report. The Twitter account, which had all of 50 followers, and had been already shut down by Twitter "weeks ago," became the flash point for a police raid that involved seven plainclothes officers and the detainment of five people - two of whom were cuffed at their place of employment. If the mayor felt there was something wrong with this "impersonation," he had plenty of other options available that wouldn't have resulted in this egregious show of force. For one, he could have contacted Twitter and asked for the account to be suspended. (And, for all we know, he did. [UPDATE: see below.] The account hadn't been active for "weeks" by the time the raid took place.) Second, he could have pursued this through civil action (if he felt the account was defamatory, etc.). There was no reason to involve the police in this -- unless, of course, this was the sort of thing the Peoria Police enjoy doing. Justin Glawe at Vice has a followup on this story which highlights the Peoria Police Department's shady misconduct record. Peoria is a town of 116,000 people. It has some problems with crime and also some problems with the police, which you can get a sense of if you follow my work or the work of Matt Buedel, the Journal Star crime reporter who broke a several stories last year detailing misconduct within the police department, including an attempt to catch a city councilman in a prostitution sting. The Illinois Attorney General’s Office ruled that an internal report regarding some of those acts of alleged misconduct should be released, but the city and the police department refused. (That report was apparently “lost” by Settingsgaard, and somehow ended up in the hands of a panhandler who, coincidentally, I used to work at a gas station with and know to be a pretty serious drug addict.) The prostitution sting involved 12 task force officers staking out a Red Roof Inn overnight in hopes of catching Dan Irving, a city council candidate, with a prostitute. This sting ran the day after a close primary election. (Irving went on to lose the general election.) The overnight stakeout was ultimately fruitless as Irving never arrived at the motel with or without a prostitute. Evidence exists that the Peoria Police Department is willing to be politically motivated. These officers trashed rooms and grabbed every device with an internet connection (including some Xboxes), proclaiming they were linked to an "internet crime." Although no one's been charged yet (other than an unrelated marijuana possession charge -- hooray for the fortuitous results of a bogus police search), the chief of the Peoria Police has dug deep enough into Illinois law to find something to use against the person running the long-suspended, inside joke of an account. Peoria Police Chief Steve Settingsgaard said the department was investigating misdemeanor charges of impersonating a public official, which carries a maximum one-year jail term and $2,500 fine. The chief, according to the Southern Illinoisan, said it "appears that someone went to great lengths to make it appear it was actually from the mayor." Really? "Great lengths?" How many Twitter users would have believed the following was issued by the Mayor or his office? Beyond that, the account bio was changed on March 10th to indicate the account was a parody. A couple of weeks later, it was suspended. Three weeks after that, Peoria police corral five people and their electronics in order to stop something that was already dead and never popular. Now, news of this has spread nationwide, and as Justin Glawes points out, it has led to the generation of several more fake Peoria Mayor accounts. The colossally stupid effort has done little more than given the nation a reason to dig into the misdeeds of the Peoria Police and an indication of just how thin Mayor Ardis' skin is. UPDATE: Confirmed: Mayor Ardis was behind the raid. The search warrant obtained by Peoria's Journal Star notes that Ardis approached the police department and told officials there he wanted to find out who was behind the Twitter account. He also told the PD he wished to pursue criminal charges. Warrants were also served to Comcast and Twitter in order to obtain additional information. [h/t to Jim Romenesko] Permalink | Comments | Email This Story

Read More...
posted 4 days ago on techdirt
When a Pennsylvania student recorded an incident of bullying and brought it to his school's administration, it kicked off a darkly farcical series of escalations, with the school calling the cops, the cops calling the attorney general, and nobody calling perspective or common sense. An anonymous commenter won most insightful comment of the week by summing it all up in a sentence: Kid gets bullied, goes to bigger bullies who then refer him to even bigger bullies. In last week's comments post, I had mentioned how infuriating it is that the rightsholder's word is so often taken as law when it comes to DMCA takedowns. That's just the tip of the iceberg though, and Loki won second place for insightful by delving below the surface: My issue with this is that in a lot of cases these claims aren't from actual rightsholder's and that these people can potentially violate MY rights whenever they feel like it without facing any of the penalties they insist I should face for doing the same. On top of that, even when they are the legal rightsholders, they like to ignore or pretend other rights I have, like fair use, simply don't exist (when they aren't trying to pay or cajole governments into actually voiding those rights) and then get upset when other people do the same to their rights. All from an industry that moved thousands of miles away so as to avoid what they felt was a totally unfair and restrictive patent system, so they could turn around and impose an equally unfair and restrictive copyright system. That sort of hubris, hyprocrisy, and arrogance is not even close to deserving of respect, but merely both of my middle fingers raised high in salute. For editor's choice on the insightful side, we head to our post about the RIAA trying to have its pre-1972 recording cake and eat it too. There were two comments on that post expanding on key related issues and exposing the broken thinking behind so much of copyright law. First up, PaulT on the fact that retroactive copyright changes make no sense: It's my opinion that copyright changes should never be applied retroactively. If the argument is that copyright encourages or even enables work to be created in the first place, then clearly the copyright terms in force at the time of creation were sufficient. The work wouldn't exist to argue over in the first place if the artist required today's copyright laws to create it.perhaps decades after his death - is just wrong. This is, of course, not the RIAA's argument, but they can't just come out and admit that they want to be able to collect huge sums of money for decades after an artist's death no matter when the recording took place. They have to play word games to pretend they have the moral high ground. As ever, "fairness" means "letting corporations make as much as possible" rather than anything that actually benefits a living human being not on the RIAA's board. Next, it's Ninja making the related point that paying people for decades-old work at all doesn't make much sense to begin with: So we are talking about songs that are at least 45 years old, right? Funny they talk about fairness. I don't see old engineers being paid continuously because structures were made based on their projects. In fact, I have yet to see a dead engineer whose estate still receives money for his/her work. You can replace engineer with any profession. Professionals usually earn money because they put their work, effort, sweat into it. Constantly. There's no reason for a 45+ yr-old song not to be in the Public Domain. Over on the funny side, we start out with our challenge to "find the fib" in some NSA statements. DannyB won first place for funny with a highly appropriate reaction to this scavenger hunt: That's like searching for a needle in a needlestack. Therefore, we need to collect all metadata. Meanwhile, the internet was abuzz this week after a bizarre discovery about Kate Mulgrew aka Captain Janeway aka that terrifying prison cook (just one more thing — aka Mrs. Columbo). She had (accidentally) lent her voice to a trailer for a documentary promoting geocentrism aka stupidity, leading G Thompson to question how such a thing was possible for anyone with a little fame: What celebrity would ever accept this stupid theory? Of course they all know that THEY are the absolute center of the universe. For editor's choice on the funny side, we start with Digger, who responded to General Mills' attempts to rope customers into bizarre legal agreements just for buying their product by drafting his own license agreement: CELA Cereal Eaters License Agreement States the following, and I tape it to every box of cereal that I eat. By allowing my CELA to stick to your box, you, the cereal provider, agree to the following terms. My agreement supersedes any and all previous agreements. My agreement can never be superseded, ever, even if forced to sign a new contract while someone holds a nuke over my head, my agreement will still be valid and enforceable over yours. My agreement allows me to sue you for over 1 quadrillion dollars if I so much as bite my cheek while chewing on your cereal, or burn my tongue if I overheat my coffee that I drink while eating your cereal. My agreement holds your corporate officers and board members fiscally and legally responsible for any and all effects of using your cereal and any activities taken while eating said cereal, no limitations apply. My agreement says that you owe me $1000.00 per bite of your cereal that I eat just to suffer through the crap you put in it. END OF AGREEMENT. THANKS FOR PLAYING. And finally, we've got a simple answer to a simple question. We asked if you'd trust the NSA's advice on fixing Heartbleed; an anonymous commenter replied: Short answer: No Long answer : Nooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo oooooooooooooooooooooooooooooooooooooooooooooooo Indeed. That's all for this week foooooooolks! Permalink | Comments | Email This Story

Read More...
posted 5 days ago on techdirt
Here we are again with another look back in Techdirt history. Five Years Ago: As we've noted, sometimes these look backs show that nothing ever changes. For example, one of our big stories five years ago was... the NSA abusing its surveillance powers. The NY Times revealed at the time that the NSA was collecting much more information on Americans than was allowed by law. And... basically no one paid attention. Similarly, we had a story about Swedish ISP Bahnhof deleting its log files to protect the privacy of its users. And -- just a week ago, we had nearly an identical story, as Bahnhof did it again, in response to a court ruling against the EU's data retention directive (which was put in place to stop ISPs like Bahnhof from protecting users privacy like that). This was also the week five years ago that the Pirate Bay lost its big case in Sweden and Nicolas Sarkozy ramped up his efforts to pass a three strikes law. Of course, today the Pirate Bay is still going strong, and France's three strikes law has basically been killed off. Funny how these things work out. We also had stories of people trying to use the DMCA for blatant censorship, including a news station trying to hide its own mistake and activist group trying to hide its fake political campaign (using actors instead of real people). Copyright as censorship is one of those issues that never changes. Also never changing: media dinosaurs acting like dinosaurs. Five years ago was when some big names in old media announced they were going to set up an "iTunes for news." That eventually turned into Journalism Online -- a paywall company that a bunch of newspapers now use (despite paywalls still failing to do much useful). Similarly, NBC was hard at work making it difficult to watch the Olympics online. Because NBC hates the internet. Finally, we had a story of a patent troll claiming patents on basically every technology product ever and sneaky lobbyists who were hired to fight against patent reform using underhanded tricks to get "groups" that have nothing to do with patent reform (an anti-communist Hungarian group, the Minutemen (vigilante border guards), and various religious groups) to come out against patent reform. Basically, people in those groups then admitted that the lobbyists more or less tricked them into allowing their names to be used. My favorite was the 87-year old "honorary chairman" of the National Federation of American Hungarians, who had agreed to let the group's name be used but had no idea why he was against patent reform: "It was in Chicago or Detroit, I can't remember. Somebody brought this up, I don't know for what reason... So I gave them permission to use my name." And then he admitted his group was being disbanded anyway, because they were all dying, though he promised to get more information by "trying to reach the still living members of the board." Ten Years Ago: Back before there were copyright trolls like Prenda and Malibu Media shaking down people via legal threats, there was DirecTV's infamous program shaking down anyone who bought a smart card reader (even if for perfectly legal purposes). Ten years ago, we wrote about a former employee of their "anti-piracy" division speaking out about how it was all "an elaborate extortion scheme" and that he was suing the company because they forced him to do illegal and unethical things in shaking people down. Down in Australia, they were talking about making ISPs liable for copyright infringement. Yeah, some things never, ever change. Also, ten years ago was the first we wrote about California state senator Leland Yee's quixotic attempt to ban violent video games. That, of course, eventually went to the Supreme Court and got completely shot down (just like about a dozen states before it). Yee wasted a ton of taxpayer money on this moralistic campaign and -- of course -- is now facing criminal charges for arms trafficking. Then there are the more dated items that show how the world was different ten years ago. Amazon launched its A9 search engine to take down Google. We were all excited about the idea of navigation systems on phones! And they only cost $6 month! Also, people were freaking out about phones on airplanes, and a few phone makers had started testing out this ingenuous concept known as "airplane mode" to let flight attendants know the phone part wasn't on. Oh, and it was exciting to see that one-in-six Americans had used wireless internet technology. Fifteen Years Ago: People were trying to make a bundle of money by trademarking Y2K. The big trend in the computer world was ISPs giving away cheap free computers if you signed a long-term contract for internet service (such offerings were everywhere). In the era before smartphones, we were excited about the idea of "web phones." Also, people were writing off Mozilla for dead because Microsoft IE had won the browser wars. Okay, sometimes things do change. One thing that never changes though, are sketchy activity online. Fifteen years ago this week, we wrote about the sex.com domain name being stolen -- a saga that went on for many years, and an entire book was eventually written about it. Also typosquatters were hitting the scene, and people were wondering if it was trademark infringement. Also, in one of the earliest "stock scams" online, an employee of the company PairGain, created a fake webpage that looked like a story from Bloomberg news about a buyout attempt, posted it on a free Angelfire account (remember those guys?) -- and watched the stock shoot up. The employee was quickly arrested. 49 Years Ago: We weren't publishing, but that's about when Moore's Law was coined following his prediction that the number of transistors on a chip would double every 18 to 24 months. The details of the "law" have shifted somewhat over time, but the basics have held true. Of course, it was also probably 48 years ago that people started fighting over when Moore's Law was obsolete.Permalink | Comments | Email This Story

Read More...
posted 5 days ago on techdirt
As some folks know, I'm a pretty big believer in standing while you work rather than sitting. It takes a little while to get used to, but these days I greatly prefer standing. While the first few weeks are a bit difficult on your legs and (especially) feet, once you get used to it, it's pretty easy. There's definitely been a trend in sit-stand setups lately, so for this week's awesome stuff post, I thought we'd look at three new crowdfunding projects concerning standing desks. First up, is a the StandDesk -- which is a standard sit/stand alternating desk. There are lots of these on the market, though they can get a bit pricey. StandDesk's sole claim to fame seems to be that it's a lot cheaper than the competition -- which is true. It's an automated sit-stand desk going for about $400 (not including shipping). Standard automated sit-stand desks tend to be closer to $1,000 or more. When I switched to a sit-stand setup a couple years ago, I deliberately didn't buy such a desk, because it seemed to expensive. Instead, I retrofitted an existing desk with one of these. But the StandDesk definitely brings the price down. It appears people are pretty excited about this cheaper sit-stand desk as it's already raised over $350,000 (much more than its $50,000 target) with nearly a month left to go. I'm always intrigued by people trying something new and different, so the ChairBot certainly caught my eye. It's an attempt to still let people get the best of both sitting and standing, while minimizing the harms. I have no idea if there's any real science behind it, but the idea appears to be to have the chair set at your standing height, and the chair splits in two, with either side going down to remove support from one leg or the other. The end result is that you end up "standing" with one leg while "sitting" with the other. And the ChairBot has a timer, so that every so often, you're prompted to switch. The theory is that you get the better posture associated with standing, but not the fatigue that often comes with it (though, again, I've found that goes away after a short adjustment period). You kind of have to watch the video to understand how this works: While new and different ideas may be interesting, that doesn't mean they're compelling. And this one definitely falls into the not-very-compelling camp. Especially at the insane price of $2,700 (which is apparently the "early bird" price before it goes to $3,700!). You'd have to (1) really, really believe that this is a better system (2) have extra money to throw away and (3) trust that this device that you haven't tested would really work for you in order to plunk down that kind of money. So, it's little surprise that almost no one has actually done so. As I write this, only 1 person has signed up, so it seems unlikely that this project will come anywhere near the $100,000 it seeks by the project completion in two weeks. Finally, many people point out that you don't need a fancy contraption to have a standing desk. You can just pile some boxes or a shelf on an existing desk and get basically the same thing. So it's interesting to see someone trying to offer a collapsible desktop riser for exactly that purpose. Of course, I'm confused why this is a Kickstarter project, as there are tons of similar desktop risers on the market, and this doesn't appear to be new or unique in any significant way. Nor does it appear the creator put much effort at all into the campaign. It's one of the rare Kickstarter campaigns that doesn't even have a video. Given that, it's not too surprising that so almost no one seems to be interested in buying one (there's just one backer). That's it for this week. Stand up and stretch.Permalink | Comments | Email This Story

Read More...
posted 5 days ago on techdirt
We've written a few times in the past about research done by Paul Heald on copyright and its impact on the availability of certain content. He's recently published an interesting new study on how the DMCA's notice-and-takedown regime facilitates making content available by decreasing transaction costs among parties. As we've discussed at length, the entertainment industry's main focus in the next round of copyright reform is to wipe out the notice-and-takedown provisions of the DMCA. The legacy recording and movie industries want everyone else to act as copyright cops, and hate the idea that notice-and-takedown puts the initial burden on themselves as copyright holders. However, Heald's research looks at music on YouTube and concludes that the notice-and-takedown system has actually enabled much greater authorized availability of music, by reducing transaction costs. The idea is pretty straightforward. Without a notice-and-takedown provision, someone who wants to post music to YouTube needs to go out and seek a license. Of course, getting permission from all the various rightsholders is frequently impossible. The transaction costs of getting permission make it such that it's way too high. Yet, with notice-and-takedown, the person can upload the content without permission, and then the copyright holder is given the option of what to do with it. On YouTube, that includes the option of monetizing it, thus "authorizing" the use. That creates a natural experiment for Heald to explore, in which he can see how much content is "authorized" thanks to such a setup. And the result, not surprisingly, is that this system has enabled much greater authorized (and monetized) access to music than an alternative, high transaction cost system, under which uploaders must first seek out permission to upload everything. In fact, the analysis shows a tremendous number of popular music hits from the US from 1930 to 1960 are available in what's likely an authorized (i.e., monetized) fashion, even thought nearly all of it was almost certainly uploaded by those without permission. Under the system that the RIAA and MPAA would like, this would be next to impossible. Instead, they'd want to negotiate deals first, making it nearly impossible for such works to be available, and meaning that both the availability and monetization of those works wouldn't be happening. As Heald concludes: Congress should resist calls to dismantle platforms like YouTube which take advantage of current limits on secondary liability to create a marketplace that radically reduces the high cost of negotiating over rights to music and visual content. The access YouTube provides to valuable cultural products is far from perfect, but it provides a partial solution to the problem of disappearing works, at least in the music context. In any event, no new legislative initiative should proceed in the absence of concrete data testing the claim of copyright owners that their proposals make works more, rather than less, available to the public. Permalink | Comments | Email This Story

Read More...
posted 5 days ago on techdirt
When we talk about the stupidity that are school-affiliated zero-tolerance policies, those stories usually revolve around an administration's inability to marry common sense with their reactions to non-issues. This can produce somewhat varied results, from really dumb stories about children being children and ending up in serious trouble, to a far more angering practice of victim-blaming. What it all boils down to, though, is an overreaction to certain tragic situations that results in bureaucratic lunacy on a level I never would have thought possible. School shootings and violence are the impetus in these cases, but we see this elsewhere as well. 9/11 resulted in the s#!*-show we know as airport security and NSA surveillance. The Boston Marathon bombing has resulted in the kind of militarized protection and media-blitzkrieg that would likely have other world nations that deal with far more terrorism shaking their heads. And, in each of these cases, we learn a simple truth that we should have seen coming all along: reactionary policies breed stupidity, corruption, and trouble. So let's get back to zero-tolerance policies in schools and witness the logical conclusion they offer: a college professor who had recently been at odds with his school's administration was just suspended for posting a picture of his child wearing a Game Of Thrones t-shirt. A popular community college professor was suspended after posting a photo of his daughter wearing an oversized T-shirt bearing a tagline from this season of Game of Thrones—Daenerys Targaryen's "I will take what is mine with fire and blood." Francis Schmidt, who teaches art and animation at Bergen Community College in New Jersey, shared the photo on Google+, where it was seen by several of his work contacts. One of them, a dean, decided the shirt was a veiled threat of some kind. In case you can't see the image, it's of Schmidt's daughter doing a handstand while wearing a Game of Thrones t-shirt that includes the tagline: "I will take what is mine with fire & blood." In case you think it's reasonable that such a picture being shared on social media could be interpreted as a threat to commit violence at a local community college, stop thinking that because that's a stupid thought. I imagine Schmidt said as much when he was called in to meet with the administration to explain why he'd sent a "threatening email", despite the fact that no email had been sent. At the meeting, Schmidt explained the shirt in the context of Game of Thrones and showed Miller that the "fire and blood" tagline has 4 million results on Google. The professor asked why his photo had caused such a reaction, and was told that "fire" could be a metaphor for "AK-47s." Schmidt was placed on administrative leave without pay later that week, and told he would have to pass a psychiatric evaluation before he could return. Now, like me, you should be even more confused. There's no way you could somehow interpret "fire" to mean "AK-47" any more than you could interpret "fire" to mean "Easter ham." They aren't related. And if you're thinking that there's so little sense being made here that there must be something more to this story, there sure as hell is. The head of the school's administration had just been delivered a vote of no confidence by the staff, including Schmidt, who had also filed a grievance recently for being denied a request for a sabbatical. You don't need to read between the lines much to understand that this is probably a trumped-up charge serving to punish a member of the teacher's union. Which brings us nicely back to my original point: it isn't just the stupid you have to worry about when it comes to zero-tolerance policies, it's also the corrupt. When we overreact to admittedly tragic occurrences, we almost invariably open up the possibility for abuse through that overreaction. Permalink | Comments | Email This Story

Read More...
posted 5 days ago on techdirt
Maybe you're not eating meat today or perhaps planning to avoid various foods that aren't kosher for Passover. (Or you're blissfully eating whatever you want...) People follow a lot of eating guidelines based on all sorts of issues -- religious, ethical or other. There are all kinds of diets: to lose weight, to prevent high blood pressure, to save animals' lives, to kill fruits. Whatever diet suits your fancy, you might want to check out some of these stories on dietary restrictions and food beliefs. Food labels could have a placebo effect -- making your body produce more or less of a hormone called ghrelin (depending on whether or not you believe the food you just ate was high or low in calories). Body metabolism might be adjusted significantly based on how unhealthy you thought your last meal was, but it's not clear what the long term, practical effect is. [url] Can you lose weight by only eating ice cream for four days straight? Sure. And apparently, consuming almost an order of magnitude more than the recommended amount of daily saturated fat won't kill you immediately. [url] One 38yo man claims to have eaten nothing but pizza for the last 25 years. Exclusively cheese pizza, with oregano as his only added topping. Tomato sauce is a vegetable, right? [url] If you'd like to read more awesome and interesting stuff, check out this unrelated (but not entirely random!) Techdirt post via StumbleUpon.Permalink | Comments | Email This Story

Read More...
posted 5 days ago on techdirt
It's sometimes amazing to me how many organizations have so much trouble with background checks. Granted, there's a lot to look through, and you don't want to inadvertently overstep the bounds of reasonableness. That said, it seems to me it's common practice these days to at least run a name through a Google search and make sure nothing horribly damning comes up as a result. I plan on doing this with my future children, in fact, shortly after I name them, just to make sure they weren't up to any gangster crap while in the womb. Actually, given this recent story about the University of Great Falls in Montana involving their hiring of a Sports Information Director and then firing him after a local paper Googled his name, perhaps there's a business opportunity in all this. UGF, whose athletic programs compete in the NAIA, introduced [Todd] Brittingham as the school's new SID and marketing director in a news release. The Great Falls Tribune set out to learn more about him. Presumably they first searched his name. Presumably they found what anyone can find, on the first page of the search results—stories from 2012 about Brittingham pleading guilty to charges stemming from a relationship with a 16-year-old student at the Kansas high school where he was teaching and coaching. In the end, Brittingham copped a plea to endangering a child and giving alcohol to a minor in exchange for the drop of felony diddling a child charges. Justice! In any case, as you can imagine, the university wasn't terribly pleased at learning about this and fired Brittingham post-haste. Gary Ehnes, athletic director at UGF, said he was stunned by the news. He said he was the one responsible for the hire. "I'm devastated. You do a background check on a guy and figure that's going to do it. But I guess we have to go further than that," Ehnes said. Go further? No, a Google search isn't going further than a background check, a background check is going further than a Google search. You probably shouldn't move to step two until you complete step one, especially when step one is the first thing we all do before going on a first date. That's why I'm thinking of opening Timothy Geigner's Step One Background Checks. Think of the money! I can contract with unwitting public institutions to perform simple Google searches for prospective employees. Sounds ridiculous, but there's obviously a need for this service, and for once it's a business need I can actually fulfill. Capitalism, people! Permalink | Comments | Email This Story

Read More...
posted 5 days ago on techdirt
So, we already highlighted the key information revealed and the newly unredacted version of the court's ruling in the Rehinah Ibrahim "no fly list" case (namely: that the US has a "secret exception" by which it can put people into the terrorist screening database despite no "reasonable suspicion" that they're a threat). However, seeing as we had noted some of the bizarre redactions in the original, and now that we have the unredacted version, I figured we could look at some of the more bizarre redactions now that they've been revealed. Let's start with what might have been the most hilarious redaction from the original If you can't read it, it's: Given the Kafkaesque [REDACTED] treatment imposed on Dr. Ibrahim, the government is further ordered expressly to tell Dr. Ibrahim [REDACTED] (always subject, of course, to future developments and evidence that might [REDACTED]). This relief is appropriate and warranted because of the confusion generated by the government's own mistake and the very real misapprehension on her part that the later visa denials are traceable to her erroneous 2004 placement on the no-fly list, suggesting (reasonably from her viewpoint) that she somehow remains on the no-fly list. Now those redactions have been uncovered, and here's what we see (with the redacted portions in yellow): And the text version, with redacted portions underlined: Given the Kafkaesque on-off-on-list treatment imposed on Dr. Ibrahim, the government is further ordered expressly to tell Dr. Ibrahim that she is no longer on the no-fly list and has not been on it since 2005 (always subject, of course, to future developments and evidence that might warrant reinstating her to the list). This relief is appropriate and warranted because of the confusion generated by the government's own mistake and the very real misapprehension on her part that the later visa denials are traceable to her erroneous 2004 placement on the no-fly list, suggesting (reasonably from her viewpoint) that she somehow remains on the no-fly list. Many people rightly mocked the original version as the Kafkaesque nature of the situation appeared to be increased by that particularly hilarious looking redaction. Of course, now having seen all the redactions, we can see the true reason behind it. It appears that, despite all of this, Ibrahim is still in the Terror Screening Database (TSDB), for some secret reason, even though everyone admits she's no threat. And that secret reason is apparently unrelated to the original mistake. In other words, the purpose of all those original redactions was to misleadingly suggest that Ibrahim had been cleared from all lists, but the "on-off-on-list" aspect was actually hidden in the redacted version. Now that it's all been revealed, reading between the lines, we see that Ibrahim is only being cleared from some lists and databases, while remaining in others that likely prevent her from ever returning to the US. In other words, the redactions were created to mislead the public into believing that Ibrahim has been totally cleared, when the reality is she's still in the same basic position -- other than the fact that she now knows she's in the TSDB rather than the no fly list, which she was removed from all the way back in 2005. Still, other redactions seem equally bizarre. Take this one: The unredacted version says: Government counsel has conceded at trial that Dr. Ibrahim is not a threat to our national security. She does not pose (and has not posed) a threat of committing an act of international or domestic terrorism with respect to an aircraft, a threat to airline passenger or civil aviation security, or a threat of domestic terrorism. This the government admits and this order finds. Why was that redacted? Perhaps the government thought the reasons someone might be put on the list needed to be secret? But, did anyone doubt that any of the things listed above were considered reasons why you might be put on the no fly list or the terrorist screening database? This identical redaction was done later in the ruling as well, again enforcing the idea that the government sought to hide the fact that you have to be a threat to one of those three things to be placed on the lists. But it also hid the fact that even if you were not one of those things, you can still be placed in the Terrorist Screening Database for a "secret exception" to the reasonable suspicion requirement. Another bizarre one, concerning an attempt in 2006 to have her removed from all lists: The unredacted version: In a form dated February 10, 2006, an unidentified government agent requested that Dr. Ibrahim be "Remove[ d) From ALL Watchlisting Supported Systems (For terrorist subjects: due to closure of case AND no nexus to terrorism)" (TX 10). For the question "Is the individual qualified for placement on the no fly list," the "No" box was checked. For the question, "If no, is the individual qualified for placement on the selectee list," the "No" box was checked. Can anyone explain why this was redacted? It makes no sense at all. There is also a lengthy discussion of how the US blocked Ibrahim's daughter, Raihan Binti Mustafa Kamal, from flying to the US for the trial and then lied about it. We noted how bizarre it was that Judge William Alsup's entire discussion of what happened there was redacted. Now seeing the full version, it is, once again, entirely unclear why it was redacted in the first place. The unredacted parts do show more screwups by the US, in which Homeland Security falsely flagged Kamal based on rules that are not supposed to apply to US citizens, even though she is a US citizen. In fact, it notes that Customs and Border Patrol realized in six minutes that she was a US citizen, but then there was a series of other confusions that resulted in her not being allowed to board the flight. Unfortunately, despite considerable anger on Judge Alsup's part, when all of this came out, it appears that, in the end, he did nothing about this, other than make sure that Kamal's own record in the TSDB was "updated... to reflect that she was a United States citizen." In the end, the revelation of these redactions do reveal that Ibrahim still appears to be unable to come to the US, and also suggests that the US government tried to use redactions to hide this fact -- allowing the public to believe that Ibrahim had been entirely cleared, when she had not been. It also sought to hide, as mentioned in our earlier post, that the DOJ has some "secret exception" that allows them to basically destroy someone's life, even if there's no reasonable suspicion that they're a terrorist threat of any kind.Permalink | Comments | Email This Story

Read More...
posted 6 days ago on techdirt
You would think that, at some point, people are finally going to get that there are such a things as satirical news organizations and that they're not serious in what they write. Yet it seems not a week goes by in which someone isn't either fooled by a parody story or rails against it as some kind of demonic funny-demon that ought to be outlawed. The latest to be caught up in this web of barely-veiled humorous deception is the Queen of Soul, Aretha Franklin, who has threatened to sue satirical news site News Nerd over a fictional story about Patti LaBelle opening up a can of aged whoop-ass on her. “The stories were not presented as satire or humor,” Franklin said through her publicist, Gwendolyn Quinn. “It was presented as a serious news story intended to depict me in a slanderous and derogatory way — defamation of character.” And for that, she's suggested she wants $10 million whole American dollars. The story that was not presented as satire or humor, according to Franklin, included such totally not funny or satirical lines as: Onlookers say Labelle quickly removed her wig and earrings as she approached Franklin. Aretha, knowing that the removal of earrings is a tell-tale sign that a fight is about to ensue, attempted to prepare herself for the confrontation. Franklin was quickly struck with a Mayweather style right and left and stumbled backwards, landing awkwardly. If you aren't now laughing, check yourself into the nearest mental health center and ask them what happened to your sense of humor. If you don't immediately realize that this is fictional, we, the people, politely request you promise us never to procreate and thereby poison the gene pool with your lack of basic comprehension and common sense. Or you could, you know, just check the bottom of any News Nerd page you might land upon, where it reads: The stories posted on TheNewsNerd are for entertainment purposes only. The stories may mimic articles found in the headlines, but rest assured they are purely satirical. And that should take care of that. It's worth noting that no actual law suits yet appear to have been filed, so perhaps Franklin's likely-frustrated lawyers have talked some sense into her. On the other hand, Franklin has been known in the past to demand respect, and that you think about what you're trying to do to her. Meanwhile, the story has gone viral because of course it has, countermanding her wish entirely. Permalink | Comments | Email This Story

Read More...
posted 6 days ago on techdirt
We already mentioned the amicus brief we submitted about the risks concerning intermediary liability (authored by lawyer Cathy Gellis) in the Garcia v. Google case. In it, we noted that the 9th Circuit had set up a page where all such filings are listed and that we planned to write about some of the other briefs. Of course Eric Goldman beat me to it, discussing all of the various amicus briefs and what they focus on. In short, though: Public Citizen's brief, submitted a while ago, focuses on whether or not an injunction against Google is appropriate, and explains why it is not. An excellent brief from EFF, ACLU, Public Knowledge, CDT, New Media Rights, American Library Association and the Association of Research Libraries covers a lot of ground in under 2,500 words, highlighting the "novel" nature of the copyright claim and its "dangerous implications." It also highlights how the focus on the potential harms to Garcia are not copyright-related harms. Finally, it notes that the gag order Kozinski ordered was unconstitutional. A bunch of news organizations, including the LA Times, the Washington Post, NPR, Scripps, Advance Publications, the California Newspaper Association, RCFP, First Amendment Coalition and DMLP, submitted a brief on both the First Amendment issues raised by the ruling, and how it might lead to news organizations being blocked from publishing newsworthy content. A separate brief from California broadcasters focused on the oddity of Kozinski's interpretation of copyright law, and how that will "create confusion." Another fantastic brief comes from a variety of tech companies, including Twitter, Automattic, Kickstarter, Facebook, Yahoo, Tumblr, eBay, Adobe, IAC, Gawker and Pinterest. It highlights how the injunction goes way beyond what the law allows, placing (again, as we noted in our brief) tremendous liability on intermediaries, such as requiring them to block all future uploads. It also challenges the gag order that was originally placed on Google as setting a very dangerous precedent. Then we have the academics. A brief from internet law professors (written by Eric Goldman and Venkat Balasubramani, but signed by many more) covers the intermediary liability issue (like ours did) and highlights how this appears to be Garcia trying to use copyright as an end-run around Section 230. Then there's a brief from IP law professors (written by Christopher Newman, Chris Sprigman and Julie Ahrens but signed by many more) focusing on the core ridiculousness of the claim that Garcia has a legitimate copyright interest in her performance. As they note: "the panel opinion in this case makes new law with corrosive implications for these foundational principles of copyright law." Netflix weighed in to point out that this creates a "new species of copyright" and would give "an effective veto right to any performer." Finally, a bunch of independent filmmakers, including the International Documentary Association, Film Independent, Morgan Spurlock and Fredrik Gertten, all submitted a brief about the "chaos" this will cause for filmmakers. The last one is especially powerful and worth reading. But those final two -- from Netflix and those indie filmmakers -- actually highlight a glaring omission: Where is the MPAA? As we noted when the original ruling came out, it was so bad and so ridiculous that it ought to have actually united Google and the MPAA on a single copyright issue. Because if it stands, both will suffer greatly. And yet, so far, the MPAA appears to be sitting this one out. Eric Goldman, in his post, speculated as to possible reasons, none of which look good for the MPAA: Noticeably absent from the amicus brief roster are the big entertainment companies, such as the major movie studios and the record labels. Given that this case involves video production, something Google/YouTube don’t know much about, where are the real experts on this topic? One possibility is that they are hubristic enough to believe that they run such a tight legal ship that they will never run into problems with the court’s holding. Another possibility is that they are spiteful enough to delight in Google’s misery, even if the rule ultimately hurts them too (i.e., the enemy of my enemy is my friend). Yet another possibility is that they are happy to free-ride on Google’s efforts, getting all the benefit of Google fixing the law without any of the financial or reputational costs of siding against Garcia or supporting a deceitful rogue film producer. Whatever the reason, I can’t say that I favorably regard their decision to stand on the sidelines as the Ninth Circuit is trying to wreck their industry. It is quite a glaring absence.Permalink | Comments | Email This Story

Read More...
posted 6 days ago on techdirt
Just a few days ago, we wrote about how the record labels were trying to have it both ways. That is, on the one hand, they are arguing in a variety of cases that the DMCA shouldn't apply to pre-1972 sound recordings, while also arguing against any attempt to treat pre-1972 sound recordings the same as if they were under federal copyright law. At the same time, they are claiming that it's somehow unfair that Sirius XM and Pandora aren't paying statutory licensing fees on those very same pre-1972 recordings. Having already sued Sirius XM over the issue last fall, the RIAA's record labels have now targeted a similar lawsuit at Pandora. The lawsuit itself is highly misleading, taking statements from Pandora totally out of context (the labels have a habit of doing this). The most obnoxious of these misrepresentations is the RIAA's claim that Pandora recently stated in SEC filings that there's a risk factor if the company is "required to obtain licenses from individual sound recording copyright owners for the reproduction and public performance of pre-1972 sound recordings." The RIAA presents this as if it's Pandora trying to get out of paying. But that's not what Pandora is saying at all. It's noting that because pre-1972 works are not covered by the various rates that it pays which are set by the Copyright Royalty Board, in order to secure the rates, it would need to negotiate individually with every copyright holder for the right to stream those works in every single state. But it's noting that as a risk factor -- because, as Sirius has pointed out in its own response to the similar lawsuit, decades have gone by and the labels have never been asking for licenses for performances of pre-1972 works. And those works have been used for years, license free, by TV and radio broadcasters, bars, restaurants and a variety of other places. The real risk is that Pandora, which has relied on the fact that it can take compulsory rates, would then suddenly have to negotiate with everyone, which would be a massive headache. And this is the mess caused by the weird way in which pre-1972 sound recordings are treated. Again, those works are not covered by federal copyright laws, which include specific rights over performances of works, which was something of a new concept when it was added to federal copyright law. The various state laws that these works are covered by are generally common law concepts around misappropriation and unfair competition. So the big question is whether or not "performing" a work falls under such common law concepts. Historically, these claims were mostly focused on making unauthorized copies. Performing the work has generally been considered a separate issue. This makes it a bit questionable that the RIAA is now suddenly seeking to reinterpret a big swath of history around how those works were legally used -- which also raises a concern about "laches" or how timely these lawsuits are. The RIAA has had decades to complain about these practices, and is just doing so now... And, of course, remember that this is all happening just a month or so after the publishing arms of the very same labels were found to have been colluding unfairly to jack up Pandora's rates. Basically, the legacy recording industry players are now looking for just about any way possible to make Pandora pay even more. This isn't a surprise. It's how the industry has always worked. When they're struggling to figure out ways to make money, they look at anyone successful and assume it's their fault that the legacy players are making less money. So, rather than innovating, they try to find legal ways to force more money out of the innovators and into their own hands. This is just the latest example in a very long line of such cases.Permalink | Comments | Email This Story

Read More...
posted 6 days ago on techdirt
Three years ago when the Supreme Court ruled in AT&T Mobility v. Concepcion, basically allowing binding arbitration clauses in contracts to exclude class action suits, we noted that it was an unfortunate pitting of a broken class action system against a broken arbitration system. Both arbitration and class action lawsuits may have some good features -- and the concepts behind each sound good, but both have been abused to extreme levels. On the class action side, often these lawsuits have little to do with righting wrongs, and very much to do with big paydays for lawyers (and some companies even turn class action lawsuits into marketing opportunities). On the arbitration side, while the theory of having a neutral third party settle the dispute without having to go through an expensive litigation process certainly sounds good, the reality is quite different. Since arbitrators are hired, and large companies are frequent employers, arbitrators have very strong incentives to side with those companies, in order to make sure they'll be hired in the future. When you have one party who is likely to be a frequent employer, and another who will only engage in the transaction once, guess where the bias is going to fall. And, indeed, multiple studies have shown that's exactly what happens. In one case 94% of rulings went against consumers. Another study showed that companies that regularly use arbitration get higher awards. So neither side in that fight necessarily could be said to "represent the good guys." However, as we noted when the Supreme Court ruling came out, it seemed likely that this would lead to companies putting arbitration clauses absolutely everywhere. At the time, we suggested a simple fix: have Congress make it clear that you can't give up your right to go to court based on a non-negotiated contract. And that still seems to make sense, but of course, nothing has actually been done. It should come as little surprise, then, that the prediction of seeing companies put arbitration clauses absolutely everywhere is happening -- and to ridiculous levels. The NY Times has an article about how General Mills, makers of Cheerios, Chex and lots of other cereals, has updated some legalese on their own website to basically say if you do absolutely anything related to its cereals -- including liking them on Facebook, or buying them -- you give up your right to go to court and are agreeing to arbitration: General Mills, the maker of cereals like Cheerios and Chex as well as brands like Bisquick and Betty Crocker, has quietly added language to its website to alert consumers that they give up their right to sue the company if they download coupons, “join” it in online communities like Facebook, enter a company-sponsored sweepstakes or contest or interact with it in a variety of other ways. Instead, anyone who has received anything that could be construed as a benefit and who then has a dispute with the company over its products will have to use informal negotiation via email or go through arbitration to seek relief, according to the new terms posted on its site. In language added on Tuesday after The New York Times contacted it about the changes, General Mills seemed to go even further, suggesting that buying its products would bind consumers to those terms. While one might argue that you get what you deserve when you "like" a cereal on Facebook, this still seems ridiculous and excessive. I can almost see the sense of saying if it's in a binding contract you sign as a subscriber (e.g., mobile phone service) such a clause can be considered legit, but something like this, which isn't even "clickwrap" but more "likewrap" can't possibly be legally binding. Not only has the person probably not read the details, from what's being said, this "binding arbitration" clause may appear on a website they've never visited at all. I can't see how that can or should be considered a true contract in any sense of the word.Permalink | Comments | Email This Story

Read More...
posted 6 days ago on techdirt
The Heartbleed computer security bug is many things: a catastrophic tech failure, an open invitation to criminal hackers and yet another reason to upgrade our passwords on dozens of websites. But more than anything else, Heartbleed reveals our neglect of Internet security. The United States spends more than $50 billion a year on spying and intelligence, while the folks who build important defense software — in this case a program called OpenSSL that ensures that your connection to a website is encrypted — are four core programmers, only one of whom calls it a full-time job. In a typical year, the foundation that supports OpenSSL receives just $2,000 in donations. The programmers have to rely on consulting gigs to pay for their work. "There should be at least a half dozen full time OpenSSL team members, not just one, able to concentrate on the care and feeding of OpenSSL without having to hustle commercial work," says Steve Marquess, who raises money for the project. Is it any wonder that this Heartbleed bug slipped through the cracks? Dan Kaminsky, a security researcher who saved the Internet from a similarly fundamental flaw back in 2008, says that Heartbleed shows that it's time to get "serious about figuring out what software has become Critical Infrastructure to the global economy, and dedicating genuine resources to supporting that code." The Obama Administration has said it is doing just that with its national cybersecurity initiative, which establishes guidelines for strengthening the defense of our technological infrastructure — but it does not provide funding for the implementation of those guidelines. Instead, the National Security Agency, which has responsibility to protect U.S. infrastructure, has worked to weaken encryption standards. And so private websites — such as Facebook and Google, which were affected by Heartbleed — often use open-source tools such as OpenSSL, where the code is publicly available and can be verified to be free of NSA backdoors. The federal government spent at least $65 billion between 2006 and 2012 to secure its own networks, according to a February report from the Senate Homeland Security and Government Affairs Committee. And many critical parts of the private sector — such as nuclear reactors and banking — follow sector-specific cybersecurity regulations. But private industry has also failed to fund its critical tools. As cryptographer Matthew Green says, "Maybe in the midst of patching their servers, some of the big companies that use OpenSSL will think of tossing them some real no-strings-attached funding so they can keep doing their job." In the meantime, the rest of us are left with the unfortunate job of changing all our passwords, which may have been stolen from websites that were using the broken encryption standard. It's unclear whether the bug was exploited by criminals or intelligence agencies. (The NSA says it didn't know about it.) It's worth noting, however, that the risk of your passwords being stolen is still lower than the risk of your passwords being hacked from a website that failed to protect them properly. Criminals have so many ways to obtain your information these days — by sending you a fake email from your bank or hacking into a retailer's unguarded database — that it's unclear how many would have gone through the trouble of exploiting this encryption flaw. The problem is that if your passwords were hacked by the Heartbleed bug, the hack would leave no trace. And so, unfortunately, it's still a good idea to assume that your passwords might have been stolen. So, you need to change them. If you're like me, you have way too many passwords. So I suggest starting with the most important ones — your email passwords. Anyone who gains control of your email can click "forgot password" on your other accounts and get a new password emailed to them. As a result, email passwords are the key to the rest of your accounts. After email, I'd suggest changing banking and social media account passwords. But before you change your passwords, you need to check if the website has patched their site. You can test whether a site has been patched by typing the URL here. (Look for the green highlighted " Now Safe" result.) If the site has been patched, then change your password. If the site has not been patched, wait until it has been patched before you change your password. A reminder about how to make passwords: Forget all the password advice you've been given about using symbols and not writing down your passwords. There are only two things that matter: Don't reuse passwords across websites and the longer the password, the better. I suggest using password management software, such as 1Password or LastPass, to generate the vast majority of your passwords. And for email, banking and your password to your password manager, I suggest a method of picking random words from the Dictionary called Diceware. If that seems too hard, just make your password super long — at least 30 or 40 characters long, if possible. Republished from ProPublica Permalink | Comments | Email This Story

Read More...
posted 6 days ago on techdirt
Over the past few months, we covered the bizarre trial concerning Rahinah Ibrahim and her attempt to get off the no fly list. In January, there was an indication that the court had ordered her removed from the list, but without details. In February, a redacted version of the ruling revealed that the whole mess was because an FBI agent read the instructions wrong on a form and accidentally placed her on the no fly list, though we noted that some of the redactions were quite odd. However, earlier this week, the court finally released the unredacted version, and we'll have a few things to say about the choice of redactions in a later post. But first, there were three main "reveals" from the newly unredacted version. The first is that Ibrahim was actually put on multiple lists by mistake (and never for any clear reason) and was actually dropped from the no fly list years ago (though the other lists created the same effective problem in barring her from being allowed to travel to the US). The second is that the US government has a "secret exception" to the requirement that there be "reasonable suspicion" to put someone in various terrorist databases, and that secret exception was later used on Ibrahim. And third, that despite the implications from the redacted versions, the fully unredacted ruling shows that Ibrahim is still likely blocked from coming to the US for separate undisclosed reasons, even though the government fully admits that she is no threat. All of these things were hidden by the redacted version. Let's start with the first issue -- that Ibrahim was not just on the no fly list, but multiple other lists and databases. This all stemmed (at first) from that initial mistake from FBI Agent Kevin Michael Kelley. The yellow highlighted portions on this form were redacted in the original version, but now they're public: As you can see, Agent Kelley was supposed to be checking which lists NOT to put Ibrahim on, and did the reverse of what he intended to do, meaning that she got placed on both the no fly list and the Interagency Border Information System (IBIS). In the redacted version, all mentions of IBIS were redacted. Note that, from this, Kelley did intend to put her on the Selectee list. Later, an unredacted portion reveals that at the time she was removed from that selectee list, she was added to the lists the US gives to Australia and Canada (TACTICS and TUSCAN -- though no reason for that was ever provided). The court also notes that all the way back in 2006, a government agent requested that Ibrahim be removed from all lists, and she was removed from some, but not the others. However -- and here's where it gets really sketchy -- the government started putting her back into the terrorist screening database (TSDB). She was added back in 2007... and then removed three months later, for no clear reason. But then, in 2009 she was added back to the TSDB "pursuant to a secret exception to the reasonable suspicion standard." Let's repeat that. In order to be put into the TSDB, the government is required to show a "reasonable suspicion" that the person is a terrorist. However, what this court ruling has revealed is that there is an unexplained secret exception that allows people to be placed on the terrorist screening database even if there's no reasonable suspicion, and the government used that secret exception to put Ibrahim back on the list. Later in the ruling it notes that the terrorist screening center knows Ibrahim is not a terrorist threat. This line was revealed back in February: The TSC has determined that Dr. Ibrahim does not currently meet the reasonable suspicion standard for inclusion in the TSDB. However, the next two sentences were redacted until now: She, however, remains in the TSDB pursuant to a classified and secret exception to the reasonable suspicion standard. Again, both the reasonable suspicion standard and the secret exception are self-imposed processes and procedures within the Executive Branch. The ruling also makes it clear that Ibrahim has not been on the actual no fly list (even if she is on other lists) since 2005, and that she should be told this (and, indeed, to comply with the law, the government has now told her solely that she's not on the "no fly" list and hasn't been since 2005). It also tells the government to search for all traces of her being on all such lists and correct all of those that are connected to Agent Kelley's initial mistake. However, it's not at all clear if this applies to the later additions to the TSDB, which was done for this secret and undisclosed exception, and might not be directly because of Agent Kelley's mistake (though, potentially is indirectly because of that). In fact, a different unredacted section now says that the reasons why Ibrahim was denied a visa (which were revealed to the court in a classified manner) were valid, and thus it appears that Ibrahim will still be denied visas in the future (unredacted portions underlined) -- and, indeed, as we explain below that has already happened: The Court has read the relevant classified information, under seal and ex parte, that led to the visa denials. That classified information, if accurate, warranted denial of the visa under Section 212(a)(3)(B) of the Immigration and Nationality Act, 8 U.S.C. 1182(a)(3)(B). (That information was different from the 2004 mistaken nomination by Agent Kelley.) Therefore, under the state secrets privilege, any challenge to the visa denials in 2009 and 2013 must be denied Thus, it appears that while Ibrahim has been told she's been taken off the no fly list (and has been for nearly ten years), she's still not going to be able to travel to the US, because she's still in the TSDB for an unrevealed secret reason -- even though everyone admits she's not a threat. And, indeed, Ibrahim tried to apply for a visa to the US on Monday and was denied (with the apparent reason -- if you read between the lines -- being that she is related to someone "engaged in a terrorist activity.") Either way, what sort of country is this where there's a secret exception to "reasonable suspicion" that will put you on a set of secret lists that get you treated like a terrorist for wanting to travel?Permalink | Comments | Email This Story

Read More...
posted 6 days ago on techdirt
One of the most high profile victims of the Heartbleed vulnerability was the Canadian tax service, Canada Revenue Agency, which shut down its online tax filing offering. A few days later, the agency admitted that about 900 Canadians had information copied from the site via someone exploiting the vulnerability, prior to the site being shut down. And, from there, it was just a day or so until it was reported that a teenager, Stephen Arthuro Solis-Reyes, had been arrested for the hack. Given the speed of the arrest, it would not appear that Solis-Reyes did very much to cover his tracks. In fact, reports say he did nothing to hide his IP address. He's a computer science student -- and his father is a CS professor, with a specialty in data mining. It seems at least reasonably likely that the "hack" was more of a "test" to see what could be done with Heartbleed and (perhaps) an attempt to show off how risky the bug could be, rather than anything malicious. It will be interesting to see how he is treated by Canadian officials, compared to say, the arrests of Aaron Swartz and weev.Permalink | Comments | Email This Story

Read More...
posted 6 days ago on techdirt
Yesterday we, like many, were perplexed by Ed Snowden's decision to go on a Russian television program, and to ask Vladimir Putin a question about whether or not the Russians do mass surveillance like the NSA does (which was, of course, exposed by Ed Snowden). It was clearly playing into Putin's propaganda efforts, because Putin immediately took the opportunity to insist that no, Russia does not do mass surveillance like that. Of course, Putin's answer was not true. Many of Snowden's detractors immediately jumped on this as an example of how he was working for the Putin propaganda machine -- and many (including us), wondered if he was, at the very least, pressured to play a role in order to keep his temporary asylum. Others thought he was just being naive. Some Snowden supporters, however, insisted that we should hear him out, and see if there was some more specific motive behind his question. Apparently, we didn't have to wait long. Snowden himself has now directly called Putin out for lying about Russian surveillance, and said that his question was designed to act similar to Senator Ron Wyden's now famous question to James Clapper, leading to Clapper's lie, which (in part) sparked Snowden's decision to finally release the files he'd been collection. Snowden, writing in the Guardian, explained: On Thursday, I questioned Russia's involvement in mass surveillance on live television. I asked Russia's president, Vladimir Putin, a question that cannot credibly be answered in the negative by any leader who runs a modern, intrusive surveillance program: "Does [your country] intercept, analyse or store millions of individuals' communications?" I went on to challenge whether, even if such a mass surveillance program were effective and technically legal, it could ever be morally justified. The question was intended to mirror the now infamous exchange in US Senate intelligence committee hearings between senator Ron Wyden and the director of national intelligence, James Clapper, about whether the NSA collected records on millions of Americans, and to invite either an important concession or a clear evasion. (See a side-by-side comparison of Wyden's question and mine here.) Clapper's lie – to the Senate and to the public – was a major motivating force behind my decision to go public, and a historic example of the importance of official accountability. From there, he explains why he thinks Putin was lying, and how he expects this to now be exposed in Russia, as it was in the US: In his response, Putin denied the first part of the question and dodged on the latter. There are serious inconsistencies in his denial – and we'll get to them soon – but it was not the president's suspiciously narrow answer that was criticised by many pundits. It was that I had chosen to ask a question at all. I was surprised that people who witnessed me risk my life to expose the surveillance practices of my own country could not believe that I might also criticise the surveillance policies of Russia, a country to which I have sworn no allegiance, without ulterior motive. I regret that my question could be misinterpreted, and that it enabled many to ignore the substance of the question – and Putin's evasive response – in order to speculate, wildly and incorrectly, about my motives for asking it. The investigative journalist Andrei Soldatov, perhaps the single most prominent critic of Russia's surveillance apparatus (and someone who has repeatedly criticised me in the past year), described my question as "extremely important for Russia". It could, he said, "lift a de facto ban on public conversations about state eavesdropping." Snowden also pointed out the remarkably similar response from Putin and Obama when asked about their domestic surveillance programs, and noted that he expects the Russian press to finally start challenging Putin on this assertion. When this event comes around next year, I hope we'll see more questions on surveillance programs and other controversial policies. But we don't have to wait until then. For example, journalists might ask for clarification as to how millions of individuals' communications are not being intercepted, analysed or stored, when, at least on a technical level, the systems that are in place must do precisely that in order to function. They might ask whether the social media companies reporting that they have received bulk collection requests from the Russian government are telling the truth. Finally, he notes that his position continues to remain entirely consistent: I blew the whistle on the NSA's surveillance practices not because I believed that the United States was uniquely at fault, but because I believe that mass surveillance of innocents – the construction of enormous, state-run surveillance time machines that can turn back the clock on the most intimate details of our lives – is a threat to all people, everywhere, no matter who runs them. Last year, I risked family, life, and freedom to help initiate a global debate that even Obama himself conceded "will make our nation stronger". I am no more willing to trade my principles for privilege today than I was then. I understand the concerns of critics, but there is a more obvious explanation for my question than a secret desire to defend the kind of policies I sacrificed a comfortable life to challenge: if we are to test the truth of officials' claims, we must first give them an opportunity to make those claims. I don't think many people -- other than perhaps the most diehard Snowden supporters -- expected something quite like this. For months, many Snowden detractors have repeatedly criticized Snowden for not speaking out against Russian authoritarianism and surveillance. Many of us have felt that those criticisms were significantly off-base, in part because that wasn't Snowden's particular fight (nor did he have any unique knowledge of Russian surveillance, as he did with the US). It seemed like a stupid false equivalency to try to make Snowden look bad. And when he asked his question to Putin, some people argued that this showed he was actually "questioning" Russian surveillance. Except that the TV question felt like such a softball, so designed to allow Putin to spin some propaganda that this didn't really seem like Snowden challenging anything. However, this latest response suggests that Snowden is (once again) playing a game where he's several moves ahead of many folks. The question may have set up a propaganda answer, but it appears there was a bigger strategy behind it -- and one that remains entirely consistent with what Snowden has claimed his position has been since the beginning. Frankly, while this possibility was raised about his original question to Putin, many people (myself included) thought it was unlikely that Snowden would so directly go after his current hosts (who only became his hosts thanks to the US pulling his passport). Putin is not known for gracefully handling those who directly challenge him, and I don't think it would be surprise anyone if Snowden had continued to stay out of the question of Russian surveillance, simply out of basic necessity. Snowden, however, has said from the beginning, that this story has never been about him, and he accepts that the end result of his starting the process may not be good for himself. He's made it clear that he was willing to effectively sacrifice himself to get this debate going -- and having done it once, he apparently has decided he can do it again in another context. While I was confused by this move 24 hours ago, I'll admit it was because I never thought Snowden would go this far (and so quickly) to criticize Russia while he was there. Already, given what Snowden did in releasing the NSA documents, he's shown that he's much braver (and in many ways, patriotic to the public) than just about anyone. In now questioning --and then calling BS on Putin's answer -- he's shown that bravery was not a one time thing, but a position he intends to live by going forward. Snowden likely made a lot more powerful enemies today -- including more who could make life very uncomfortable for him very soon. But he also showed why the public, around the globe, owes him an incredibly large debt of gratitude, one which it's unclear we'll ever be able to pay off.Permalink | Comments | Email This Story

Read More...