posted 6 days ago on techdirt
Earlier this year, we discussed how UC Davis detailed in a report that it spent $175k with a reputation management firm to try bury the 2011 pepper-spraying incident that has become so infamous, as well as to bolster the positive reputation and search results of its former Chancellor, Linda Katehi. While Katehi was still Chancellor, she had issued something of a mea culpa that was unfortunately riddled with excuse-making and vendor-blaming, but in which she also appeared to take responsibility for the report's contents. Students protested anyway, as they should have, given how the report detailed that Katehi was far more interested in her own reputation online than she was in any kind of reform of campus police. Which, if you'll remember, was what kicked off all of the negative reporting starting in 2011 to begin with. But now a new report has been issued that makes it clear that the $175k with the one reputation management vendor was just the tip of the iceberg, and that Katehi's obsession with her own online reputation was far more serious than anyone had known. Indeed, her attempts to meddle in her own online search results started long before the 2011 pepper-spraying incident. When she was appointed chancellor, news accounts questioned her tenure at the University of Illinois at Urbana-Champaign, where she was provost and allegations emerged that children of politically influential backers were given preference in admissions. Katehi denied knowing anything about those admissions. The report found that she was so concerned she would be tainted by the scandal that she called an aide at UC Davis, whose name was redacted from documents, and asked him to take quick action. “Though Chancellor Katehi was on vacation, she contacted and asked him to edit her Wikipedia page concerning her knowledge of the Illinois admissions scandal,” the report found. “(The aide) advised the Chancellor that they should not edit her online biography because Wikipedia would attribute any edits to UC Davis. Staff made the revisions under protest.” In 2011, after a campus officer strolled past a line of seated protesting students and calmly unloaded a pepper spray can directly at them, the ensuing backlash was met by Katehi primarly with an expanded effort to control what the wider internet thought of her. While the initial reporting indicated a single vendor had been paid $175k on Katehi's request to try to control messaging about the school and herself through a barrage of good, but trumped up, press, UC Davis actually hired three different reputation management firms to do this, all to the tune of over $400k. And she appears to have been more concerned with her own reputation than that of the school she was to be stewarding. Katehi and her staff sought out firms on the East Coast and in Sacramento, meeting with them and discussing how to create a LindaKatehi.com webpage, edit Wikipedia posts and submit op-eds under her name to publications that might crowd out negative press from others. The report noted that improving Katehi’s reputation also would improve that of the university’s. But documents show that she constantly sought help in what one aide recalled as her desire that they “get me off the Google.” “Linda wants to understand generally how we plan to address the lingering negative pepper spray-related online search content associated with her name,” reads a September 2012 email from Barry Shiller, who was brought in after the pepper-spray incident to handle her communications strategy. All three firms eventually hired by UC Davis at Katehi's request promised to bury the 2011 incident through editing in positive content to the Wikipedia pages of Katehi and the school, by creating a brand new website bearing Katehi's name and filled with positive coverage, and to create "listening reports" to detail any news coverage that mentioned her or the school so that coverage could be further addressed by the outside reputation consultant. Included in all of this was an investigation into those who were creating negative edits on these pages. What Katehi intended to do with that information is unclear, but it hardly seems like the information could be used for anything but retribution. It goes without saying that as we, the link above, and several other online media outlets are discussing these revelations, and placing them alongside the original 2011 incident for context, the work of the three vendors and the nearly half a million dollars paid to them has failed. Reputation management of this sort rarely works. And when it blows up, as it usually does, the cover-up is always viewed as even more horrendous than the original crime, which is now thrust back into public discussion. And this was really easier than making an honest apology and trying to reform campus police abuse? Permalink | Comments | Email This Story

Read More...
posted 6 days ago on techdirt
Cody Poplin at Lawfare points out that the Defense Department has just issued an update on rules governing its intelligence collection activities -- the first major update in over 30 years. These would directly affect the NSA, which operates under the Defense Department. The most significant alteration appears to be to retention periods for US persons data. While everything is still assumed to be lawful under Executive Order 12333 and DoD Directive 5240.1, the point at which a record is deemed to be "collected" -- starting the clock on the retention period -- has changed. Under the new rules, “collection” occurs “upon receipt,” whereas the previous manual defined “collection” as occurring when the information was “officially accept[ed] … for use.” The change ensures that all protections governing even the incidental collection of U.S. personal information (USPI) applies upon receipt of that information. The clock starts to run as soon as information is collected, meaning that collected information must be promptly evaluated to determine the proper retention period. This should result in better minimization of incidentally-collected US persons info as the determination must be made shortly after harvesting, rather than waiting until the collected data is queried. This likely means the NSA may be making more efforts to head off incidental collection, as leaving things the way they are will now result in additional logistics headaches. This doesn't necessarily mean incidentally-collected info will be swiftly disposed of. The DoD can still hold onto this data for five years. And, if the target of the incidental collection leaves the country during that retention period, the DoD can hold onto the data for a quarter-century. Info on US persons/entities (still located in the US) is also being granted additional protections, including enhanced minimization procedures for dissemination of collected data to other agencies and other countries. The NSA will also be expected to make additional trips to the FISA court. [T]he new manual incorporates new physical search rules that reflect changes to the Foreign Intelligence Surveillance Act since 1982. These include requirements to obtain a FISA warrant for nonconsensual physical searches conducted inside the United States and for targeted collection of U.S. person information outside the United States. Most of this appears to be changes for the better -- something that likely wouldn't have occurred without Snowden's leaked documents. The last change to these rules was made back in 1982 when no one had any idea the wealth of communications content and data that would be travelling around the globe in digital form. But a closer look at the details -- especially the part pertaining to "special circumstances" that alter the rules of collection and retention -- suggests there still may be a few exploitable loopholes that would allow the NSA to target US persons and entities. If DoD agencies wish to target a US person (whether at home or abroad), they're instructed to use the "least intrusive" method of surveillance: public sources. If the information sought can't be found there, the next step is to seek cooperation from other sources that may have the same info. This is basically a consensual search, but involving third parties. The last step is to seek top-level approval from the DoD's general counsel. This will provide some additional oversight, but still makes it a mostly "in-house" process -- something that's not exactly comforting. The additional restrictions on the collection of US persons in the US seem to limit potential abuse/misuse of surveillance tools. Other specific limitations apply to collection of USPI inside the United States, including that the information may be collected only if 1) the information is publicly available or 2) the source of the information is advised or otherwise aware that he or she is providing the information. But the list of exceptions to these limitations appears to directly remove these two stipulations. In the event that neither or the two previous requirements are met, the Defense Intelligence Component may employ collection methods that are directed at the United States if a) the foreign intelligence is significant and the collection is not undertaken for the purpose of acquiring information about a U.S. person’s domestic activities; b) the intelligence cannot be obtained publicly or from sources who are advised they are providing information to the DoD; or c) the Defense Intelligence Component head concerned or a single delegee has approved as being consistent with the manual and its outlined procedures the use of techniques other than the collection of publicly available information or from an informed source. Reading these both together suggests that if the DoD can't obtain the info it's seeking from public/advised sources, it can use that limitation as a reason to deploy supposedly foreign-facing surveillance methods against US persons. If that's the correct reading (and the "or" -- rather than an "and" -- in the list of requirements suggests it is), the limitations on domestic surveillance are mostly meaningless. Permalink | Comments | Email This Story

Read More...
posted 6 days ago on techdirt
Over the years, we at Techdirt have tended to resist the kinds of "audience growth strategies" that many other news publications have taken -- perhaps to our own detriment. I remember when Digg was the new hotness and generating lots of traffic for news sites. Someone approached us about getting our stories highly promoted on Digg and I told them I didn't want to game the system, and would rather let people find us organically. I know plenty of other news sites did play plenty of games. The same thing happened once everyone (and more) left Digg for Reddit. Reddit did drive a lot of traffic to us for a few years, though it's tapered off in the past few years. And, obviously, over the last couple of years, all the publications have been talking about Facebook and how it drives so much traffic. A year or so ago, I was at an event and chatting with a guy from another news site who nonchalantly tossed off the claim that "well, every news site these days now knows how to game Facebook for an extra 10 to 20 million views..." and I thought "huh, actually, I have no idea how to do that." All of this might make me very bad at running a media site (I certainly know of some other news sites that used gaming social media to leverage themselves into massive acquisition offers from legacy media companies). But, to me, it meant being able to focus on actually creating good content, rather than figuring out how to game the system or who I should be sucking up to for traffic. I'll admit to struggling with this issue at times -- sometimes wondering if we're missing out on people reading our stuff that would like it. And, every once in a while, we'll do little things here or there to focus on "optimizing" our site for this or that source of traffic. But it's never been a huge focus. As mentioned above, much of this is because focusing on creating good content takes quite a bit of time, and is much more interesting to me than figuring out how to game this or that algorithm. Part of it is because I think this also tends to build a more loyal -- if potentially smaller -- core audience. People come to Techdirt because they like Techdirt (well, for some of you, because you hate it) not because someone gamed an algorithm to get you here. Some of this is because I've always been a bit wary of relying too heavily on any third party who could suddenly rip the rug out from under you. And that seems to be happening with Facebook and some news sites. Back in June, the company announced a big change to its newsfeed, which suggested it would start downplaying "news" and promoting more stuff about your family and friends. And the latest reports suggest that many media sites took a massive traffic hit in July in response to those changes. This has some in the media pulling out their hair over what to do, but really, it's kind of what you get for chasing someone else's algorithm. As some have noted, the only really important lesson here may just be people who use Facebook actually prefer interacting with friends' baby pictures, rather than cheap clickbait. People get more satisfaction from interacting w friends' baby pictures than cheap clickbait? Facebook is so evil. https://t.co/nQpYorJnbK — Parker Thompson (@pt) August 17, 2016 Indeed -- I certainly don't go to Facebook for news. And over the last few months, I've noticed that I'm gravitating more and more to Snapchat as a preferred social media platform for personal stuff, as it just feels more comfortable there. A great column by Farhad Manjoo at the NY Times does a pretty good job explaining why this is and also explaining why Facebook-owned Instagram recently launched something of a Snapchat clone. The short version is: But when you open Instagram or Snapchat, Mr. Trump all but disappears. While Facebook and Twitter have lately become relentlessly consumed with news, on these picture-based services Mr. Trump is barely a presence; he (and his Democratic rival) are about as forgotten as GoTrump.com, Mr. Trump’s failed travel search engine. FWIW, if you followed Manjoo on Snapchat (as I do), you would have seen him make this point -- that there's very little Donald Trump on Snapchat -- earlier, before this column appeared. But it's true that something like Snapchat feels more actually social and less "news" based. And part of that is the fleeting nature of Snapchat: The differences are instructive. On Facebook, my friends will post about their promotions; on Snapchat, they tell you about their anxieties at work. On Facebook, they show off smiling photos of their perfect kids on some perfect vacation. On Snapchat, they show pictures of their kids in the midst of some disastrous tantrum, throwing food all over the floor, peeing in the tub, covered in mud and paint and food, because hey, that’s life, O.K.? But, of course, nowadays, all I keep hearing about is how media organizations need to "have a Snapchat strategy." And Snapchat itself is promoting this rhetoric as well. Lots of news organizations have jumped on board Snapchat in a big way, and we've heard that some are having great success with it. But as cool as I find Snapchat, I'm probably going to continue to stick with my general strategy of trying to create good content and hope that you continue to find it worthwhile. I'll leave the "gaming" of social media to everyone else.Permalink | Comments | Email This Story

Read More...
posted 6 days ago on techdirt
Learn all about the art of penetration testing and hacking with the pay-what-you-want White Hat Hacker Bundle. The first two courses in the bundle include tutorials on pentesting Node.js and how to prevent XSS attacks. If you beat the average price ($17.14 at the time of writing), you gain access to five more courses covering WiFi security, ethical hacking, Windows exploits, and more. Ten percent of the profits from your purchase will go towards charity to help make the world a better place. Note: The Techdirt Deals Store is powered and curated by StackCommerce. A portion of all sales from Techdirt Deals helps support Techdirt. The products featured do not reflect endorsements by our editorial team.Permalink | Comments | Email This Story

Read More...
posted 6 days ago on techdirt
This isn't the first time he's said this, but on Monday, Presidential candidate Donald Trump once again insisted that part of his plan to "Make America Great Again" is to stop bad people from using the internet: My Administration will aggressively pursue joint and coalition military operations to crush and destroy ISIS, international cooperation to cutoff their funding, expanded intelligence sharing, and cyberwarfare to disrupt and disable their propaganda and recruiting. We cannot allow the internet to be used as a recruiting tool, and for other purposes, by our enemy – we must shut down their access to this form of communication, and we must do so immediately. Almost no one covered this because everyone was focused on other stuff in the speech about his new "tests" for letting foreigners into the country. But this still remains a pretty big concern, in part because of just how technically clueless this is. Sure, we've seen some others suggest similarly dumb ideas, but no one seems to bother to think through how this might be done and what a mess it would create. There's no way you can "disrupt" or block them from using the internet without also cutting off millions of innocent people -- many of whom almost certainly rely on the internet for all sorts of important things. And, on top of that, any solution would be of only limited effectiveness in the long run anyway. There are increasingly new ways and new paths to get online -- whether through wireless mesh networks or, eventually, from things like drones and satellites. Thinking that you can magically take an entire group of people off the internet is profoundly silly. At the same time, as we've noted, the most ridiculous part in this idea that we should kick terrorists off the internet is the fact that the intelligence community has said that tracking what they're saying online has been tremendously beneficial in tracking terrorists, their views and their plans. Why would you want to cut off such a source of intelligence gathering? The whole thing, like so much of this Presidential campaign, seems to be yet another example of a candidate saying what people want to hear with little to no thought about what it actually means, whether it would do any good or how to implement the plan.Permalink | Comments | Email This Story

Read More...
posted 7 days ago on techdirt
For gamers who are fans of Nintendo, it's always helpful to remember that Nintendo hates you. The general idea behind that mantra is that Nintendo, when faced between embracing the creativity and love that comes from its fans and acting like over-protective toddlers when it comes to any sort of its intellectual property, will always choose the latter. The company has issued takedowns for fan-made Mario Bros. levels just as it released Mario Maker, it as made a habit of shutting down fan-films depicting Nintendo characters, and it has even shut down fan get-togethers centered around beloved Nintendo properties just because they aren't "official." To be clear, Nintendo certainly can ensure that all of this free advertising for its products is never seen or enjoyed by the public legally, but it doesn't have to. It could instead embrace the love of its fans and work out an arrangement that would protect its IP while still allowing its fans to be fans. But that doesn't happen, because Nintendo just cannot help itself. And that continues to the present, with Nintendo shutting a fan remake of a 25 year old game just as it was released, citing intellectual property concerns. AM2R is a remake of Metroid II: The Return of Samus, a sequel to the popular Metroid on NES, which Nintendo released on the Game Boy back in in 1991. The fan remake, in development since 2012, adds improved sprite graphics and new gameplay in the style of Metroid Zero Mission -- a remake released by Nintendo -- on the Game Boy Advance. Released on August 6, and just in time for Metroid’s 30th anniversary, filesharing sites hosting AM2R were notified to remove the game by Nintendo’s legal counsel according to Polygon. “Nintendo’s broad library of characters, products, and brands are enjoyed by people around the world, and we appreciate the passion of our fans,” reads a statement provided to IGN by a Nintendo representative. “But just as Nintendo respects the intellectual property rights of others, we must also protect our own characters, trademarks and other content. The unapproved use of Nintendo’s intellectual property can weaken our ability to protect and preserve it, or to possibly use it for new projects.” As we have detailed entirely too many times in the past, that last bit about fans making fan works weakening IP protections and preventing new projects isn't remotely true. There are many avenues a company like Nintendo can pursue in reaction to this. DMCA takedowns and legal threats are but one of those avenues. Another would be to offer these projects a cheap license to make them "official" while still letting the projects go off unhindered. That Nintendo wishes to pretend like that avenue doesn't exist is disappointing, but not surprising. Keep in mind that this game is decades old and was released for free, making it a non-commercial venture that was little other than an expression of fanship and love from dedicated gamers who are (were?) fans of Nintendo. What business sense it makes to stomp on those fans' devotion is a complete mystery to me. Permalink | Comments | Email This Story

Read More...
posted 7 days ago on techdirt
Despite offering some of the worst customer service ever documented, Comcast has been busy lately trying to convince anybody who'll listen that it's on the cusp of becoming a Silicon-Valley-esque innovation giant. That's an uphill climb for those familiar with the company's often biannual TV rate hikes, attacks on net neutrality, or the company's ongoing quest to sock uncompetitive markets with usage caps. High prices aren't just a result of Comcast's monopoly domination, you see, they're reflections of the incredible value being delivered unto consumers by an innovation engine, the likes of which the universe has never seen. This argument that high cable and broadband prices reflect premium quality is an idea the cable industry has used for years. Before the company was acquired, Time Warner Cable CEO Rob Marcus tried to proclaim that the company's high prices were because it was the "Mercedes" of cable. Continuing this metaphor, Comcast recently told its hometown paper that it too only charged so much because it sees itself as the Mercedes or Tesla of the cable industry:"We kind of don't want to be Netflix. We don't want an $8 or $9 product," said Sree Kotay, Comcast's former chief software architect and now chief technology officer and executive vice president in the cable division. "Not to knock them or anything, but we want to be a Tesla or a Mercedes and be a premium product," Kotay said. "The point of empowering our product and development teams is fundamentally not just about direction and ambition, it's also about tapping into their creativity, and that's how you make great products."Yeah, not to knock a Silicon Valley company that has actually been innovative, but we're a luxury brand worth every penny because we say so. Obviously, reality doesn't work that way. Companies that deliver premium product also deliver premium support. Take a look, for example, at Comcast's rating on the American Customer Satisfaction Index (59), and then compare it to companies like Apple (81) or Amazon (83). Even the IRS scores higher than Comcast ever has. And that's thanks, of course, to Comcast having among the worst customer support in the history of modern American industry. Still, the Philadelphia Inquirer proceeds to do yeoman's work insisting that Comcast's now a hipper, riskier, more innovative company. Why? Because it now has foosball tables and its pricey, locked-down cable boxes suck slightly less than they used to:"It's part of a big transformation taking place at Comcast: converting a suit-and-tie cable company into a risk-taking Silicon Valley-like tech company that can drive revenue growth outside the cable bundle."Except so far there's no indication that's actually true. While Comcast continues to claim its new, modestly successful X1 cable box is the evidence of a profound sea change at the company, Comcast continues rumbling along with a primary focus on turf protection and harming companies actually busy disrupting. The cable giant has been fighting tooth and nail against the FCC's quest to bring more competition to the cable box, delivering cheaper, better set tops to all. It has been working tirelessly at capping and metering its broadband customers so that Netflix streaming is more cumbersome and costly. It lobbies for state laws that hamstring innovative public/private solutions to rural broadband gaps. It uses disgusting tactics to fight net neutrality rules protecting startups and consumers from entrenched monopolists. This is a company that thinks it has a right to charge broadband users more for basic privacy. But yes, other than historically low satisfaction ratings, violent disdain for its customers, and a well-documented history of screwing real innovators and disruptors at every conceivable opportunity, Comcast is just like any other, hungry and innovative Silicon Valley startup. Congratulations, Comcast.Permalink | Comments | Email This Story

Read More...
posted 7 days ago on techdirt
A couple of months back, I brought to you a trademark suit initiated by Citigroup against AT&T that amost perfectly distilled both how ridiculously litigious trademark law has become and exactly how facepalm-inducingly lax the standards for trademark approval are with our friends over at the USPTO. The summary of the lawsuit can be described thusly: Citigroup has sued AT&T because the latter has branded messaging that says "thanks" and "thank you," and Citigroup has a trademark on the term "thankyou." And if your forehead hasn't smacked your desk yet, you have a stronger constitution than this author. Included within Citigroup's hilarious filing was a request for an injunction by the court barring AT&T from continuing any of this gratitude towards its customers over the immense harm it was doing to the bank. Well, the court has ruled on that request by refusing to issue the injunction, all while patiently laying out within the court document all of the reasons why the court will almost certainly eventually dismiss this suit entirely. U.S. District Judge Katherine Forrest was perhaps politer to Citigroup than expected. Instead of just saying, “No, you cannot lay claim to the word ‘thanks,’ it is part of civil conversation, and you can’t own it. Next case,” Forrest actually took time to explain why Citigroup can’t own the word “thanks” and “thank you.” In a 30-page decision, she explained to Citigroup that “the law does not allow one company to own the word ‘thanks.'” Within the filing itself (pdf), Forrest goes on in a point-by-point and entirely too patient exposé on how little evidence there is for any customer confusion, why a company simply saying thank you to its customers doesn't warrant an injunction, and even details by color, font and size the differences between the messaging between the two companies. And, while the court takes pains within the document to note that the ruling on the injunction is not the place to rule on wider questions of the validity of the trademark as a whole or to make full determinations as to the likelihood of customer confusion, passages such as the following should give Citigroup a hint of what it's up against. AT&T has advanced evidence indicating that, both before Citigroup first began using its THANKYOU mark and since that time, there are and have been dozens upon dozens of goods, services, and entities that made use of variations on the words “thanks” and “thank you,” including by registering their marks with state and federal registers. (ECF No. 38 ¶¶ 35-43.) A number of these are explicitly registered as loyalty or reward programs. (See id.) Such evidence undermines the argument for distinctiveness. Estee Lauder, 108 F.3d at 1511. Indeed, Citigroup acknowledged that other corporations made use of the “common term” THANK YOU in its trademark prosecution, but argued at the time that consumers “can readily distinguish between such marks without confusion.” (ECF No. 39 Exh. 2 at 4.) The present evidentiary record does not permit the Court to draw firm conclusions regarding acquired distinctiveness. Citigroup’s loyalty programs are well-established, but seems to exist in a marketplace in which names similar to the THANKYOU marks are used by other producers, thus undercutting their distinctiveness. The court goes on to explain the difference between the telecom and banking industries to Citigroup, too, as well as to remind it that just because the bank did some co-branding with AT&T in the past, the fact that AT&T plastered its name and logo all over the "thanks" branding in question doesn't suddenly not differentiate the originator of the message for the consuming public. And if that feels like entirely too much effort to have gone into a single ruling within a broader scope of a trademark suit that is essentially over the ownership of the term "thank you" for business purposes, well, you're not alone. But it seems like we'll have to wait a bit longer for the full ruling and, hopefully, the eventual disbanding of Citigroup's insane "thankyou" trademark entirely. Permalink | Comments | Email This Story

Read More...
posted 7 days ago on techdirt
A few weeks back, we wrote about researchers calling for up to five years' exclusivity for clinical trial data derived from volunteers. That kind of information, typically derived from trials of a new drug, tends to be highly specific. But there's another kind which can potentially contain millions of valuable data points. In fact, the genetic information contained within every strand of DNA can not only provide important insights into countless diseases and medical conditions, but is the closest thing that exists to a digital summary of the person it comes from. Because of that unique ability to store key data about people, collections of DNA have become a hugely important scientific resource. And because DNA is so intimately bound up with a single, identifiable individual, they naturally feel a very strong connection to that digital string and how it is used. Both of those traits are evident in this fascinating story from the Guardian about Sardinia's "Blue Zone" with its unexpectedly long-lived inhabitants: The story starts nearly 20 years ago when Gianni Pes, a Sardinian scientist at Sassari University, visited nearly all of Sardinia’s 377 municipalities to try to prove that certain areas had an unusually large number of people who lived extremely long lives. When they found a town that met their criteria, they marked it on their map with a blue marker. When they were done, the Sardinian Blue Zone was established. Naturally, scientists are keen to understand whether there is some genetic characteristic shared by these exceptional individuals: In all, four databases of DNA samples have been collected over the years, with some researchers refusing to collaborate with others. That hints at the deepening bitterness that has engulfed this area of research, as two groups claim the right to investigate one of the region's DNA databases: One of them was Shardna, created by a scientist called Mario Pirastu. Another entity, a partly publicly funded group called Parco Genetico, was established at the same time to facilitate the data collection and act as an intermediary between Shardna and the Blue Zone towns. Now the two groups both claim rights to the database. It's a complicated tale, with many murky corners, and it's worth reading the whole Guardian feature to follow its twists and turns as various companies go bankrupt, and the precious database containing blood samples from 13,000 Blue Zone inhabitants keeps changing hands. But as the Guardian rightly points out, the real issue is not which outfit should get to own the database, but the following: The conflict has raised the kind of thorny ethical questions that are likely to become more pervasive as scientists tap into the promise of massive DNA databases to learn more about disease. Should a private company be able to profit from the study of a population’s DNA, when the DNA was voluntarily donated? Needless to say, lawyers are now involved in resolving the more mundane issues of ownership of the Blue Zone blood samples. But even if a court hands down its judgment for this particular case, the larger ethical issues will remain, and become ever-more pressing as the importance and value of DNA databases continues to rise. Follow me @glynmoody on Twitter or identi.ca, and +glynmoody on Google+ Permalink | Comments | Email This Story

Read More...
posted 7 days ago on techdirt
When Google Fiber jumped into the broadband market in 2011, the company knew full well that disruption of an entrenched telecom monopoly would be a slow, expensive, monumental task. And five years into the project that's certainly been true, the majority of Google Fiber launch markets still very much under construction as the company gets to work burying fiber across more than a dozen looming markets. Wall Street, which initially laughed at the project as an experiment, has been taking the project more seriously as Google Fiber targets sprawling markets like Atlanta, Chicago, and Los Angeles. This week however things took an interesting turn with the news that Google Fiber was pausing deployments in Silicon Valley and Portland, Oregon, to take stock of possible wireless alternatives. Neither deployment was formally official (both cities were listed as "potential" targets); and Google Fiber execs are simply considering whether or not it makes financial sense to begin using some fifth generation (5G) technologies to supplement existing fiber deployment. This isn't really surprising; Under the guidance of former Atheros CEO Craig Barratt, Google has filed applications with the FCC to conduct trials in the 71-76 GHz and 81-86 GHz millimeter wave bands, and is also conducting a variety of different tests in the 3.5 GHz band, the 5.8 GHz band and the 24 GHz band. The company also recently acquired Webpass in the hopes of supplementing fiber with ultra-fast wireless wherever possible. Wireless has been on Google's radar for several years. It's a great option in cities where construction logistics are a nightmare, or in towns where AT&T's using regulations to hinder fiber deployment. Oddly though, as the week wore on, the narrative in the press began to mutate from one focusing on Google Fiber's evolution, to one suggesting that Google Fiber was somehow in trouble. Reports sprung up arguing that Google Fiber was somehow shocked by the steep costs of deploying broadband, ill-prepared for the realities of the telecom market (certainly a narrative incumbent ISP competitors would prefer). Certain stock jocks were quick to proclaim that Google Fiber was somehow backtracking on the initiative:"Some analysts see the delays as indications that Google Fiber is more strategy than product -- an attempt to get competitors, cities and other service providers to install fiber networks that would foster faster and more widespread consumption of Google's online offerings. "It's not clear (Google was) ever all that serious about doing this at any real size," said MoffettNathanson Research analyst Craig Moffett.While Google Fiber was initially seen as a creative way to light a PR fire under lazy broadband incumbents (and that certainly is part of the goal), ongoing construction in Charlotte, San Antonio, Austin, Kansas City, Raleigh, Nashville, Atlanta and countless other markets is continuing slowly but largely as normal, with Google Fiber simply getting more bullish on wireless as the technology evolves. That's not really a "snag," especially if you consider that Google Fiber has been making its interest in wireless as a supplemental technology clear for several years now. Most of the narratives that Google Fiber is somehow in trouble appear to have originated with a Wall Street Journal story suggesting that Google Fiber was in over its head:"Google parent Alphabet Inc. is rethinking its high-speed internet business after initial rollouts proved more expensive and time consuming than anticipated, a stark contrast to the fanfare that greeted its launch six years ago."Except Google Fiber isn't "rethinking" the entire business, nor has it hit a "snag." It's simply riding the evolutionary currents, realizing that it needs to embrace multiple concurrent solutions if it wants to get many of these cities up and running sometime this century. In addition to wireless, Google Fiber has embraced a number of other new efforts for the ISP, such as its plan to offer service over a planned municipal fiber build in Huntsville, Alabama, or its plan to begin offering service in Atlanta and San Francisco over existing fiber networks. Building a nationwide network from the ground up in the face of regulatory capture is hard as hell, and only companies with Alphabet's deep pockets and lobbying muscle are even willing to try at any real scale. Incumbent ISPs certainly benefit from the narrative that the company is in well over its head, but at the moment Google Fiber's simply trying multiple concurrent solutions to see what works. And while it's certainly possible that Alphabet will someday get bored and sell the entire project off to the lowest bidder, at the moment the goal remains the same: deliver a swift kick in the ass to one of the least competitive markets in America.Permalink | Comments | Email This Story

Read More...
posted 7 days ago on techdirt
An interesting decision by a federal judge in Florida suggests this district, at least, may not be amenable to the warrantless use of Stingray devices… or any other method that harvests cell site location data in real time. Although the defendants lost their motions to suppress due to a lack of standing, the judge had this to say about the acquisition of cell site location info in this case. (via FourthAmendment.com) Here, I agree with the Defendants that law enforcement's seizure of precise realtime location information by surreptitiously monitoring signals from the cell phones in this manner is a search subject to the proscriptions of the Fourth Amendment. Such is the express conclusion of the Florida Supreme Court and the conclusion suggested by the Supreme Court. See Tracey v. Florida, 152 So.3d 504 (Fla. 2014); United States v. Jones, 132 S.Ct. 945 (2012). As such, law enforcement should have obtained a search warrant issued upon probable cause. The Government concedes that the practice in this Court requires a warrant based upon probable cause for such searches and that the these pen/trap applications did not establish probable cause. Originally, the defense claimed police used a Stingray to track five burner phones used by the defendants. This seemed to be the most logical conclusion, considering how closely and immediately the location data was acquired. But the government responded that no cell site simulators were used to track the devices. Instead, another tool that has long been available to law enforcement was deployed -- a tool created explicitly for law enforcement use by the cell provider. On July 21, 2016, the Court heard argument of counsel and took testimony from Detective Joseph Petta, the co-affiant on each of the applications at issue. In short, Detective Petta testified that law enforcement obtained pen/trap authorizations for the cell phone numbers at issue in order to obtain precise realtime location information that was used to track the whereabouts of these phones, to identify those associated with Defendants, and to identify locations of interests. He denies use of a Stingray or similar device, but acknowledges that he used a website offered to law enforcement by Sprint (the "L-site") to obtain such information. Such realtime information was available every fifteen minutes twenty-four hours a day. He further acknowledges that law enforcement used the realtime information to track the cellular phones, which they believed were used by this group. By his account, such applications were the usual way to obtain such realtime location information at the time these applications were submitted. [...] According to Detective Petta, the website allows law enforcement to log on and obtain realtime or contemporaneous and highly precise longitudinal and latitudinal information linked to GoogleMaps. A spreadsheet of all such location data is made available to law enforcement. Detective Petta testified that the pen/trap orders were not used for any other purpose than to obtain the realtime location of the cell phones. The information returned from L-site queries is likely not as timely or precise as a roving Stingray but can achieve the same objectives. (An example of L-site data can be seen here.) Sprint has made this tool available for law enforcement to use since at least 2009, tracking roughly with the rise in Stingray use by police departments. The difference here is any law enforcement agency can obtain this data, which opens the market to those who don't have these devices yet or a warrant requirement they'd rather work around. Obviously, this also aids those deploying parallel construction to keep Stingray use hidden. Either way, the court doesn't agree with the government's assertion that a pen register order is sufficient for obtaining real-time cell site location info. The order cites the Supreme Court's US v. Jones decision in support of its determination that real-time location tracking is a search and requires the use of a warrant -- something the original decision failed to state quite as explicitly. (It only found that placing a GPS device on a vehicle is a search under the Fourth Amendment. The issue of real-time location tracking remained mostly unaddressed.) But while this order may alter law enforcement's tactics (and even the government admits it should have acquired a warrant in light of other Florida district decisions), it does nothing for the two defendants. An expectation of privacy in real-time location data doesn't help two defendants with a handful of burner phones they're reluctant to claim as their own. The absence of any link between the tracked phones and the defendants means they have no standing to challenge the search. Defendants here have asserted no claim to or interest in the cell phones at issue. The cell phones were not registered in Defendants' names, and Defendants presented no evidence regarding their possession, use, or control of the phones. Instead, Defendants rely solely upon loose allegations in the pen/trap applications submitted by the Government, which suggested a link between the cell phones and Defendants in conclusory, unsupported fashion. In the circumstances and in the absence of contrary case law, I am obliged to conclude that they fail to establish standing to contest the searches at issue and the motions to suppress should be denied. A lack of standing tends to be fatal to motions to suppress. But the disavowal of ownership does shift the burden of proof back on the government, which makes it a little harder to prove the burner phones actually belonged to the defendants found carrying them. The court notes the "loose allegations" contained in the pen register applications are "conclusory" and "unsupported," which seems to indicate the government has a few more hurdles to overcome before it can tie the defendants to the phones they're not willing to claim. Permalink | Comments | Email This Story

Read More...
posted 7 days ago on techdirt
The internet is built on a solid foundation of open protocols: TCP/IP, HTTP and SMTP especially, plus more modern entrants like RSS and BitTorrent. But even those aren't so new anymore, and it seems like the era of the open protocol might be coming to an end, supplanted by the drive to create proprietary closed platforms. This week, we discuss whether the open protocol is dead, and what that means for the future of the open internet. Follow the Techdirt Podcast on Soundcloud, subscribe via iTunes, or grab the RSS feed. You can also keep up with all the latest episodes right here on Techdirt. Permalink | Comments | Email This Story

Read More...
posted 7 days ago on techdirt
The unprecedented deployment of a bomb-defusing robot by Dallas police to kill an armed suspect raised several questions. While these robots have sometimes acted as part of a negotiation team in the past, no police department had previously rigged one up with an explosive device to take a suspect out. One question that remains unanswered is whether this use of the Dallas PD's robot violated its own policies. Gawker's Andy Cush filed a public records request for PD policies on using robots to kill and discovered Dallas law enforcement was basically making things up as it went along. Gawker filed a request with the department under the Texas Public Information Act seeking any departmental doctrine for using a bomb-carrying robot against a suspect, including but not limited to the use of the Remotec model. Last week, the department responded via email that “A search was made within the Dallas Police Department by the respective Divisions(s) for this information and no records were found.” (Emphasis theirs.) Debra Webb, a public information officer with the DPD, told Gawker that based on the verbiage of the response, it is safe to assume that no records outlining departmental doctrine for the use of bomb-carrying robots against suspects exist. The apparent lack of any written plans would seem to confirm that officers on the ground came up with the killer robot strategy on the fly, as several experts suggested to the Intercept several days after the shootings. Jason Koebler and Joseph Cox of Motherboard are seeking more answers about this incident -- one that could be used as a blueprint (albeit one without its own policy blueprint) for similar situations faced by other law enforcement agencies. The Dallas PD does have several records pertaining to the incident but it's not interested in releasing them. I formally asked the Dallas police department for body camera footage taken by police and onboard footage taken by the robot of the operation. Motherboard reporter Joseph Cox asked for communications that took place in the aftermath of the event, as well as documents about the purchase of the robot. The police admitted in a response to me that it does have these videos, but told me in a letter that “all or part of the requested information may not be disclosed at this time.” The Dallas Police Department sent a separate letter to Texas Attorney General Ken Paxton asking him to exempt large parts of my request and the requests of 16 other journalists from “mandatory disclosure.” Whether Paxton will grant this blanket exception remains to be seen. But past events show he's amenable to covering up records that might be embarrassing or show local law enforcement agencies operating at less than peak efficiency. At least in this case, he won't be put in the position of representing the public and the agency suing him when the public records litigation begins. The problem with this request for a blanket exception covering these records is that the Dallas Police has, rather disingenuously, lumped public records from 17 different journalists into one big ball of presumptive nondisclosure. Each of these journalists has requested different things, and each of them should require a separate legal review. For example, one journalist asked for information about the network security of the link between the police’s robot control center and the robot itself—an interesting request, but one that has both future safety implications and nothing at all to do with Motherboard’s requests. Furthermore, as Jason Koebler points out, the Dallas PD thinks it should be allowed to withhold documents simply because it might look bad if anyone else but law enforcement officials viewed them. The Dallas Police Department tells the attorney general that some of the information requested could be “embarrassing” and subject to redaction under a “common law privacy” act, but does not state (at least in the part of the letter it released) which part of which request it believes could result in embarrassing records being released. Sorry, public officials, but potential embarrassment is not a legitimate reason to withhold public records. The "common law privacy" cited by the PD suggests the info would also have to be "highly intimate" and, more importantly, "of no public interest" to justify withholding under this exemption. This preemptive move by the Dallas PD -- one that treats multiple requests seeking different documents as an indivisible whole -- appears to be its way of throwing several wrenches into the public records machinery. Koebler reports the PD is asking as many questions as it can in hopes of creating a confusing mess out of multiple straightforward information requests -- even stupid things like whether or not it can redact credit card numbers. What it's really asking of attorney general Ken Paxton is how long it can get away with not complying with requests. Should Paxton fail to grant it the secrecy it seeks, the next move will likely be a blend of over-redaction and increased fulfillment fees. Granted, officers on the scene were less concerned with the generation of "embarrassing " public records than they were with neutralizing a hostile threat, but once the decision had been made to repurpose a bomb disposal robot into a killing machine, those up top knew the records requests would come rolling in. Dallas PD officials may not have had any policies in place for wiring up robots to kill, but they already have plenty of strategies on hand for fending off journalists and their records requests. Permalink | Comments | Email This Story

Read More...
posted 7 days ago on techdirt
Yesterday, the news broke that a "mysterious" hacking group had gotten its hands on some NSA hacking tools and was releasing some of the tools as proof (it was also demanding lots of Bitcoin to reveal more). The leak came with a neat little message that feels like it was written by a Hollywood script writer trying to sound Russian. How much you pay for enemies cyber weapons? Not malware you find in networks. Both sides, RAT + LP, full state sponsor tool set? We find cyber weapons made by creators of stuxnet, duqu, flame. Kaspersky calls Equation Group. We follow Equation Group traffic. We find Equation Group source range. We hack Equation Group. We find many many Equation Group cyber weapons. You see pictures. We give you some Equation Group files free, you see. This is good proof no? You enjoy!!! You break many things. You find many intrusions. You write many words. But not all, we are auction the best files. You break many things indeed! (For what it's worth, it appears that GitHub and Tumblr both killed the accounts where whoever hacked this stuff first posted it). The files that were leaked were mostly installation scripts, but also exploits designed for specific routers and firewalls. And, it's noted, that some of the tools named line up with previously leaked NSA codenames. One other interesting point from the Motherboard link above: the files are a bit dated: The most recent file is dated June 2013, though the hackers could have tampered with the dates. Dmitri Alperovitch, the co-founder of security firm CrowdStrike, theorized that “the leakers were probably sitting on this information for years, waiting for the most opportune time to release.” Of course, June 2013 is interesting for another reason. That's when Ed Snowden passed on his documents to a small group of reporters and the very first stories based on the Snowden leaks started. So it seems noteworthy that Snowden has put together a bit of a tweetstorm for his take on the hack and release of the hacking tools. To make it easier to read, we've put it all together here: The hack of an NSA malware staging server is not unprecedented, but the publication of the take is. Here's what you need to know: NSA traces and targets malware C2 servers in a practice called Counter Computer Network Exploitation, or CCNE. So do our rivals. NSA is often lurking undetected for years on the C2 and ORBs (proxy hops) of state hackers. This is how we follow their operations. This is how we steal their rivals' hacking tools and reverse-engineer them to create "fingerprints" to help us detect them in the future. Here's where it gets interesting: the NSA is not made of magic. Our rivals do the same thing to us -- and occasionally succeed. Knowing this, NSA's hackers (TAO) are told not to leave their hack tools ("binaries") on the server after an op. But people get lazy. What's new? NSA malware staging servers getting hacked by a rival is not new. A rival publicly demonstrating they have done so is. Why did they do it? No one knows, but I suspect this is more diplomacy than intelligence, related to the escalation around the DNC hack. Circumstantial evidence and conventional wisdom indicates Russian responsibility. Here's why that is significant: This leak is likely a warning that someone can prove US responsibility for any attacks that originated from this malware server. That could have significant foreign policy consequences. Particularly if any of those operations targeted US allies. Particularly if any of those operations targeted elections. Accordingly, this may be an effort to influence the calculus of decision-makers wondering how sharply to respond to the DNC hacks. TL;DR: This leak looks like a somebody sending a message that an escalation in the attribution game could get messy fast. Bonus: When I came forward, NSA would have migrated offensive operations to new servers as a precaution - it's cheap and easy. So? So... The undetected hacker squatting on this NSA server lost access in June 2013. Rare public data point on the positive results of the leak. You're welcome, @NSAGov. Lots of love. Sure, it's speculation, but it's pretty informed speculation and it makes a lot of sense. There's still plenty of talk about what to do about the DNC hack, and we've talked about "cybersecurity firms" (who profit from FUD and scare stories) arguing that we should "declare cyberwar" on Russia based on loose attribution. But, as Snowden notes, this hack and partial release could very well be a warning shot that escalation won't end up looking good for the US if they go that route.Permalink | Comments | Email This Story

Read More...
posted 7 days ago on techdirt
If you are new to programming, the $29 Perfect Python Programming Bundle can help you gain a solid foundation on which to build your skills. The four courses cover JavaScript, the fundamentals of operating systems, and two courses covering the popular Python 3. Note: The Techdirt Deals Store is powered and curated by StackCommerce. A portion of all sales from Techdirt Deals helps support Techdirt. The products featured do not reflect endorsements by our editorial team.Permalink | Comments | Email This Story

Read More...
posted 8 days ago on techdirt
We've already made it quite clear where we stand on Peter Thiel financing a number of lawsuits against Gawker Media as some sort of retaliation for some articles he didn't like. Lots of people who really hate Gawker don't seem to care how problematic Thiel's actions are, but you should be concerned, even if you dislike Gawker -- in part, because many of the lawsuits Thiel appears to be backing are clearly bogus and just designed to bankrupt the company, which happened a couple months ago. This week is the auction to see who ends up with Gawker, and Thiel is taking a weird victory lap with a silly and misleading oped in the NY Times where he argues that this was really all about making a stand for privacy and has nothing to do with shitting on the First Amendment. There's a lot in the article that's bullshit, and it deserves a thorough debunking, so here we go. First off, positioning himself as a champion of privacy seems laughable. After all, this is the guy who put the first money into both Palantir and Facebook. Palantir, of course, is the datamining operation used by governments and law enforcement around the globe to snoop through various databases and try to find magical connections. Palantir is rumored to be in trouble lately, in part because its technology isn't that good, and it may have built a multi-billion dollar business on convincing clueless government officials that by sniffing through a variety of databases, it could magically find important "connections." But Palantir is an entire business based on the idea of helping governments undermine citizens' privacy. And then there's Facebook. As for Facebook, I actually think the company has something of an unfair reputation as a "privacy destroyer," but it is true that the FTC dinged Facebook for a series of "unfair and deceptive practices" around respecting the privacy wishes of users, and the company is required to go through regular FTC privacy audits for a 20 year period over it. Whether this was due to carelessness of malfeasance (I believe the former, though many believe the latter), Facebook isn't exactly known as a paragon of protecting people's privacy wishes. Thiel remains on the board of both companies. If he were truly about standing up for people's privacy -- why not start with those two companies? From there, he talks about the Hulk Hogan lawsuit, Thiel insists that Gawker's editorial decision in publishing a heavily edited clip of a sex tape involving Hogan was "beyond the pale." Personally, I agree. I wouldn't have done it. But there were editorial reasons why Gawker did so, and as I've stated, I have tremendous concerns about juries retroactively determining if editorial decisions were appropriate or not. That seems to go very much against the First Amendment -- as a few courts have already found in the Gawker/Hogan case (though, yes, the judge and jury in the current case disagreed -- but if the case actually makes it to appeal, there's a fairly high likelihood of the original ruling being overturned). Sure enough, in October 2012 Gawker did something beyond the pale: They published a sex tape without the consent of the people in the video. Unfortunately for Gawker, they had targeted someone who was determined to fight back. Terry Bollea is better known as the wrestler Hulk Hogan, a fact that Gawker claimed justified public access to his private life. Mr. Bollea disagreed. At first he simply requested that Gawker take down the video. But Gawker refused. It was getting millions of page views, and that was making money. A few things on this. I think that Hogan would have a legitimate legal gripe against whoever filmed the sex tape, if it were truly done without his knowledge (there's some dispute on this), and possibly with whoever leaked it. But the decision to publish a few clips from it is protected by the First Amendment. Whatever privacy violation occurred, if there was one, was done by whoever filmed the video. Second, the reason that Hogan was willing to "fight back" was that he didn't have to pay for the lawsuit, and instead had a vindictive billionaire with an axe to grind to help him finance it. Not only did Hogan reject a supposed $10 million settlement offer from Gawker, his lawyer (who an organization owned by Thiel was paying regularly) deliberately made decisions designed to bankrupt Gawker, including dropping a specific claim to get an insurance company out from covering the lawsuit (which is the opposite of how these things normally work, where plaintiffs want the insurance company involved in order to get more money). Third, it's ridiculous to argue that Gawker kept the video up solely because it was making money. I'm sure that was part of the calculation, but it's pretty clear that they kept it up based on the principle of the thing -- which is that we live in a country that values freedom of the press, and you don't back down when someone doesn't like your coverage. It's the same thing we do when we receive bogus legal threats. We don't keep stories up because of "the clicks" but because we don't give in to bullies demanding we take down stories. Four years later, the financial calculus has changed. Gawker Media Group has put itself up for sale (bids are due Monday afternoon) in part to satisfy the legal judgment of a unanimous jury that ruled against Gawker and assessed damages of $140 million, proving that there are consequences for violating privacy. Mr. Bollea could not have secured justice without a fight, and he displayed great perseverance. For my part, I am proud to have contributed financial support to his case. I will support him until his final victory — Gawker said it intends to appeal — and I would gladly support someone else in the same position. Yeah, the calculus has changed due to a deliberate gaming of the judicial system by Thiel. As for Thiel being "proud to have contributed financial support" that's again misleading in the extreme. Thiel specifically had a law firm basically on retainer and told to go searching for lawsuits to bring down Gawker. It was not about "securing justice" for anyone. It was about destroying Gawker. And it's odd that someone so proud of funding such lawsuits hid that fact for many years until some reporters finally broke the story that he was behind it. As for the "gladly support someone else in the same position," Thiel has already noted that he's funding other lawsuits against Gawker, and as we've noted, if you look through all of the other lawsuits against Gawker, most of them are absolutely ridiculous including the patently silly lawsuit by Shiva Ayyadurai against Gawker for accurately reporting that Ayyadurai did not invent email, no matter how many times he insists he did. As a site that has regularly reported on Ayyadurai's ridiculous claims ourself, the fact that Thiel may be supporting his lawsuit against Gawker certainly hits home for us. And how the fuck does that have anything at all to do with "protecting privacy"? Ayyadurai has basically been a publicity hound for the last decade or so, effectively demanding credit for something he did not do. From there, Thiel shifts tone and pretends that he's a supporter of press freedoms -- despite the fact that he's funding a series of cases designed to destroy a media outlet. The defense of privacy in the digital age is an ongoing cause. As for Gawker, whatever good work it did will continue in the future, and suggesting otherwise would be an insult to its writers and to readers. It is ridiculous to claim that journalism requires indiscriminate access to private people’s sex lives. This is ridiculous on multiple levels. First off, it's crazy for Thiel to suggest here that Gawker's writers will "continue" to do what they do in the future when he's actively working to bankrupt them. Just last week, in the Hogan lawsuit, the reporter AJ Daulerio told the court that he was down to last $1,500 and Hogan (via Thiel funded lawyers) was trying to get whatever they could from him. Because of Gawker's bankruptcy, Daulerio could no longer rely on Gawker's lawyers, and he admitted that he could not afford to get his own. It appears that Thiel is doing the same thing to Sam Biddle, who worked at Gawker and is now at the Intercept. Personally, I think Biddle is one of the absolute worst reporters on the tech beat. He frequently confuses some basic things, draws connections that don't exist, exaggerates fiercely and misleads readers consistently. And yet, I'd side with him every day on the Thiel-funded lawsuits against him. And that's because that's how press freedom works. Even if I think Biddle is a terrible reporter, he should have every right to publish his terrible reporting without fear of being driven into bankruptcy by a vindictive billionaire. And, again, if this were just about "sex lives", why do so many of the other lawsuits against Gawker, that appear to be funded by Thiel (using the same lawyer, Charles Harder), have absolutely nothing to do with privacy or sex lives? And, also, the claim that this is about "indiscriminate access to private people's sex lives" is simply false. It's a false statement that Thiel has every right to publish because of the freedom of the press that he's currently spitting on. Gawker made it clear that they published the story because Hogan -- a very public person -- had a history of bragging publicly about his sex life. That's what made it newsworthy. Nowhere did Gawker claim that it would publish just anyone's sex tapes. A free press is vital for public debate. That must be why he told a law firm to find lawsuits with the specific goal of bankrupting a media company he disliked. Since sensitive information can sometimes be publicly relevant, exercising judgment is always part of the journalist’s profession. It’s not for me to draw the line, but journalists should condemn those who willfully cross it. Wait. Thiel is totally claiming to draw the line in this very article. And he put his money behind his line drawing. Shouldn't we all be a little concerned when a billionaire gets to decide which reporting is on which side of the line? The press is too important to let its role be undermined by those who would search for clicks at the cost of the profession’s reputation. I'd argue that the press is too important to let its role be undermined by a petty and vindictive billionaire who would then totally misrepresent the truth later (after hiding his involvement). This is why we have anti-SLAPP laws. And, from there, Thiel makes a weird pivot into backing an almost certainly unconstitutional anti-revenge porn bill put forth last month by Rep. Jackie Speier. The United States House of Representatives is considering the Intimate Privacy Protection Act, a bipartisan bill that would make it illegal to distribute explicit private images, sometimes called revenge porn, without the consent of the people involved. Nicknamed the Gawker Bill, it would also provide criminal consequences for third parties who sought to profit from such material. First of all, it's not nicknamed the Gawker Bill. I've been following both the Gawker lawsuits and various efforts to get revenge porn bills passed for years and until reading this article, I've never once heard anyone refer to it as the Gawker Bill. Even Rep. Jackie Speier has denied that anyone has called it the Gawker Bill. On top of that, as mentioned, the bill is almost certainly unconstitutional. In the last few months we've seen a few state revenge porn bills dumped as unconstitutional, and should Speier's bill actually go anywhere, it too would almost certainly be declared unconstitutional too. So now we have Thiel not just pretending to support the First Amendment, but he's both suing to kill a media property and supporting a law that is unlikely to live up to First Amendment scrutiny. This is a step in the right direction. Protecting individual dignity online is a long-term project, and it will require many delicate judgments. Those "delicate judgments" include suing a publication for accurately calling out a guy for pretending to invent email? Really? And for personally destroying the lives of reporters? Those don't seem like very good judgments. And, again, this sudden concern for "individual dignity" is coming from the guy who put the first money into both Palantir and Facebook. We can begin on solid ground by acknowledging that it is wrong to expose people’s most intimate moments for no good reason. That is the kind of clear moral line that Gawker and publishers like it have sought to blur. But they can’t do it if we don’t let them. I think it's wrong to try to stifle a free press. I think it's wrong to misrepresent the reasoning behind editorial decisions. I think it's wrong to pretend you support privacy when you're responsible for funding two multibillion dollar businesses built on doing the opposite. Here's the thing: until all of this came out, I had a lot of respect for Thiel. I thought he was one of the more interesting and principled entrepreneurs out there. I thought that his views on investments and entrepreneurship were a lot more intriguing and insightful than many gave him credit for. But these actions and this bogus after-the-fact justification for his actions are just a bunch of cowardly bullshit. Thiel should just admit that he set out to destroy Gawker because he could. There's nothing principled or honorable about it.Permalink | Comments | Email This Story

Read More...
posted 8 days ago on techdirt
It's been really unfortunate to see various internet companies that absolutely should know better, look to abuse the CFAA to attack people using tools to scrape public information off of their websites. In the past few years, we've seen Facebook and Craigslist do this (with Facebook recently winning in court). Now LinkedIn is doing the same thing, suing a bunch of anonymous users for scraping public information from LinkedIn. This is not the first time the company has done this. A few years ago, the company (using the exact same lawyers) filed a very similar lawsuit, eventually figuring out that the scraping was done by a wannabe competitor, HiringSolved, which pretty quickly settled the lawsuit, agreeing to pay $40,000 and erase all the data it collected. The latest lawsuit appears to be more of the same, claiming that the scraping violates both the CFAA and the DMCA: During periods of time since December 2015, and to this day, unknown persons and/or entities employing various automated software programs (often referred to as “bots”) have extracted and copied data from many LinkedIn pages. To access this information on LinkedIn’s site, the Doe Defendants circumvented several technical barriers employed by LinkedIn that prevent mass automated scraping, and have knowingly and intentionally violated various access and use restrictions in LinkedIn’s User Agreement, which they agreed to abide by in registering LinkedIn member accounts. In so doing, they have violated an array of federal and state laws, including the Computer Fraud and Abuse Act, 18 U.S.C. §§ 1030, et seq. (the “CFAA”), California Penal Code §§ 502 et seq., and the Digital Millennium Copyright Act, 17 U.S.C. §§ 1201 et seq. (the “DMCA”), and have engaged in unlawful acts of breach of contract, misappropriation, and trespass. This is bullshit. Courts have directly held that violating a terms of service does not equate to a CFAA violation for "unauthorized access" or "exceeding authorized access." Here, it appears that LinkedIn is hoping that the combination of claiming a terms of service violation with attempts to get around technological protection measures makes it a CFAA violation. I completely understand that LinkedIn may not like the fact that people are scraping its data, and that they've found ways around LinkedIn's attempts to block such scraping via technological means, but it's a dangerous slippery slope when a company is claiming that a terms of service violation violated the CFAA -- and that getting around simple blocks becomes a DMCA 1201 anti-circumvention violation. Both of these are problematic: saying that violating the terms of service violates the CFAA is a stretch and saying that violating the DMCA by getting around protection technology -- even if not for the purpose of infringing on copyrights -- is a problem. Of course, this lawsuit, like the last one, is probably really designed to just sniff out who's running the bots, and to push them into a settlement where they'll stop doing so. Still, this lawsuit seems particularly ridiculous coming just weeks after LinkedIn's founder and chairman, Reid Hoffman, funded a $250,000 disobedience award at MIT's Media Lab. The point of that award is to encourage people to engage in disobedience to change society in a positive way -- which is something that people often use scraping for. And yet, here his company is engaging in a legal battle that will make that kind of scraping much more risky. I know and like Hoffman, who is quite a smart, thoughtful and principled guy. And I have no idea if he even knew this lawsuit was going to be filed. But I think it sends the wrong message when he's encouraging useful hacking on the one hand, while his company (which, yes, was just sold to Microsoft) is suing people for doing the very same thing of hacking on the other hand.Permalink | Comments | Email This Story

Read More...
posted 8 days ago on techdirt
Earlier this month Comcast told the FCC that the cable company wanted to be able to charge broadband customers a premium for privacy, and that blocking the ISP from doing so would hurt broadband adoption, raise broadband prices, and harm consumers. While Comcast was justly mocked for this position, many didn't realize that this is something AT&T has been doing for years, the ISP charging its U-Verse broadband customers $30 to $50 more every month if they want to opt out of "AT&T Preferences," a deep packet inspection snoopvertising service that tracks user behavior all around the Internet. Prompted by Verizon's use of stealth tracking technology and this new troubling plan to make privacy a luxury option for consumers, the FCC has been cooking up some new, relatively basic broadband privacy protections. To derail these plans, AT&T and Comcast have turned to what I affectionately refer to as fauxcademia, or industry-funded think tanks specifically designed to pee in the public discourse pool influence regulatory policy under the guise of objective science. Enter the Information Technology & Innovation Foundation (ITIF), which in a new report tries to argue that forcing broadband consumers to pay more to protect their piracy is secretly a "pro consumer" position that will bestow countless, miraculous benefits to the internet at large. The ITIF's Doug Brake actually goes so far as to try and argue that only "absolutists" could possibly oppose paying their ISPs even more money just to keep their data from being collected and sold:"Consumers derive significant value from broadband service plans that offer discounts for data. Policymakers should allow providers to continue the practice,” said Doug Brake, telecommunications policy analyst at ITIF, who authored the report. “Privacy advocates have tried to tar any such business model as ‘pay-for-privacy,’ but they represent a small minority of absolutists. Prohibiting data-based price differentiation for the majority of consumers who are far more pragmatic would be terrible policy and a remarkably paternalistic departure from a common practice that is widely accepted throughout the economy."That charging users more money to protect their own privacy is somehow a "discount" is the same bullshit narrative not-coincidentally trotted out by AT&T to justify these glorified price hikes. But it's worth understanding that in AT&T's case, users not only have to pay a steep premium ($528 to $792 more every year) to opt out of being spied on, they have to navigate an intentionally confusing series of menus to complete the deal. AT&T's not offering a discount; it's actively deterring the majority of consumers from opting out, knowing full well most have only AT&T and Comcast to choose from. There's nothing remotely noble about what AT&T (and potentially Comcast) is doing here, and the ITIF's claim that only "absolutists" are bothered by the idea is embarrassing. Meanwhile, the study's "evidence" of the benefits of a new ISP privacy surcharge is a rotating crop of marginally related insights and citations to the ITIF's own work on the broadband privacy front, most of which has been equally laughable. Like when the think tank argued no broadband privacy rules are needed because ISPs have time and time again shown themselves to be nothing more than harmless sweethearts that don't really collect user data anyway. Ignore, of course, that Verizon and AT&T were found sneakily modifying user packets to track consumers around the Internet for two years before the practice was even discovered by security researchers, initially with no real warning or functional opt out tools. Incapable of justifying this behavior, the ITIF just keeps recycling the same, lazy argument with slight variation:"These price-differentiation models allow service providers to offer cheaper broadband Internet to those who choose to allow their data to be used in machine-based analytics that enable things like better ad targeting,” said Brake. “Discounts also put downward pressure on prices even for consumers who choose not to take the discount, and they help add users to the broadband ecosystem."Right, except that doesn't happen. You'll never find a broadband provider offering a discount below existing market pricing to users opting in to data collection, because without real broadband competition, there's simply no incentive to. Granted the ITIF is the type of for-hire nonsense factory that can't even admit that the U.S. broadband market isn't very competitive, so if you're wading into the "research paper" (read: a collection of spurious ISP claims scotch taped together under the pretense of real science) looking for valid supporting evidence, you'll be sorely disappointed. No, all we've got here is a broadband-industry tied think tank arguing that adding a steep privacy fee to what's already among the most expensive broadband in the developed world (OECD data) will somehow miraculously make the world better for everyone. To obfuscate the fact that the think tank is incapable of actually supporting such an absurd conclusion, it leans heavily on straw man arguments like the idea that critics of pay-for-privacy plans just don't want to pay their fair share for broadband:"Advocates calling for a ban want to have their cake and eat it too,” Brake noted. “They want ubiquitous, undifferentiated service for everyone, but they don’t want to pay for it. They bemoan the price of high-speed broadband as too high for low-income Americans. Yet they want to close off opportunities to lower prices. It makes no sense."Bullshit. Broadband prices remain high because of regulatory capture, too few broadband options, revolving door regulators, and a culture that prioritizes for-hire policy sockpuppetry over honest conversation. This collective dysfunction has spawned yet another attempt to hammer consumers with additional surcharges, and if the best supporting argument the ITIF can come up with is that raising broadband prices will magically lower broadband prices, it may want to give up on policy-for-hire and take up watercolors.Permalink | Comments | Email This Story

Read More...
posted 8 days ago on techdirt
One of the many revelations from the Snowden files was that Canada's spy agency has been tracking people as they connect to WiFi in different public locations. And if Canada is doing it, you can be pretty sure the NSA and GCHQ are doing the same, since neither is known for being backward in using whatever means it can to snoop on huge numbers of people. Of course, you'd expect spy agencies to be up to these kinds of tricks, and you might also be unsurprised to learn that shops are also tracking you using your WiFi connection. But we might have hoped that universities would have been a little more sensitive to privacy issues than the following news on the Australian ABC News site suggests is the case: The University of Melbourne has moved to allay privacy concerns amid revelations it is tracking students through their wi-fi usage. The university said the practice, which looked at where people were moving around campus, helped institutions improve retention rates and the experience of students. According to the article, the university is using the data for the following reason: The university is trying to work out where people move across the campus to help with planning the new Metro Rail project, which will run through the middle of the campus. That's certainly a reasonable goal, but the university seems blissfully unaware of the privacy dangers of its data gathering. In particular, the fact that it is interested in which campus room students are in at any given time means that it could probably work out the identities of those using a particular WiFi system by correlating the rooms visited with the different courses taken by each student. The university would then have a record of where all its students went during the day, who they met, and for how long. Apparently meaningless location information is actually incredibly revealing. There's no suggestion that the university is doing anything like this, or even thinking about doing it. But once advances in technology mean that something is theoretically possible, the pressure to put it into practice can become irresistible, as other students have discovered. Follow me @glynmoody on Twitter or identi.ca, and +glynmoody on Google+ Permalink | Comments | Email This Story

Read More...
posted 8 days ago on techdirt
We discuss trademark disputes centering on the beer and alcohol industry around here because that particular industry is finding itself at something of a barrier centered on how brews are named. Still, one story from a couple of years ago was particularly head-scratching. That story was that of Schlafly beer, made by Tom Schlafly's St. Louis brewery, and the opposition to his trademark application from his aunt and cousin, Phyllis and Bruce Schlafly repsectively. Both family members filed oppositions to the trademark application, claiming that having their last name associated with an alcoholic product would negatively impact them. Bruce is an orthopedic surgeon, making one wonder exactly how bone-shattering Schlafly beer actually is. Phyllis, meanwhile, is a super-conservative commentator with an audience particularly cultivated amongst Mormons and Baptists, therefore an alcohol product with her surname on it would be ultra negative for her commentating business. I said at the time that the brewery was going to win this fight. And, now, it certainly appears that it has. Earlier this month, the Patent and Trademark Office dismissed opposition filed by the St. Louis native and her son, Bruce Schlafly, rejecting the argument that a trademark shouldn't be allowed because it's primarily a surname, the St. Louis Post-Dispatch reported. The decision doesn't mean the trademark has been awarded to the brewery, but simply removes an impediment. The primary argument within the original opposition was that the trademark shouldn't be allowed because it consisted primarily of a surname, but this was really all about the other Schlafly's dislike of the alcohol industry. And that, thankfully, is not a basis for a trademark opposition. The opposition was especially perplexing because a lack of a trademark registration has not to date, and would not in the future, prevent Tom Schlafly from selling Schlafly-branded beer. What it would do is prevent anyone else from also doing so, meaning that preventing the trademark would potentially allow more exposure for the name to be used on alcohol products, not less. Despite the opposition running counter to Phyllis' desires, she apparently may not be done with this just yet. Phyllis Schlafly, who will turn 92 on Monday, declined comment, but her son and attorney, Andy Schlafly, said he may appeal. "I'm disappointed that the decision did not come to terms with the purpose of the statute that generally prohibits obtaining a trademark in a last name," he said. Must be a fun Thanksgiving dinner at the Schlafly house these past few years. Permalink | Comments | Email This Story

Read More...
posted 8 days ago on techdirt
We discuss trademark disputes centering on the beer and alcohol industry around here because that particular industry is finding itself at something of a barrier centered on how brews are named. Still, one story from a couple of years ago was particularly head-scratching. That story was that of Schlafly beer, made by Tom Schlafly's St. Louis brewery, and the opposition to his trademark application from his aunt and cousin, Phyllis and Bruce Schlafly repsectively. Both family members filed oppositions to the trademark application, claiming that having their last name associated with an alcoholic product would negatively impact them. Bruce is an orthopedic surgeon, making one wonder exactly how bone-shattering Schlafly beer actually is. Phyllis, meanwhile, is a super-conservative commentator with an audience particularly cultivated amongst Mormons and Baptists, therefore an alcohol product with her surname on it would be ultra negative for her commentating business. I said at the time that the brewery was going to win this fight. And, now, it certainly appears that it has. Earlier this month, the Patent and Trademark Office dismissed opposition filed by the St. Louis native and her son, Bruce Schlafly, rejecting the argument that a trademark shouldn't be allowed because it's primarily a surname, the St. Louis Post-Dispatch reported. The decision doesn't mean the trademark has been awarded to the brewery, but simply removes an impediment. The primary argument within the original opposition was that the trademark shouldn't be allowed because it consisted primarily of a surname, but this was really all about the other Schlafly's dislike of the alcohol industry. And that, thankfully, is not a basis for a trademark opposition. The opposition was especially perplexing because a lack of a trademark registration has not to date, and would not in the future, prevent Tom Schlafly from selling Schlafly-branded beer. What it would do is prevent anyone else from also doing so, meaning that preventing the trademark would potentially allow more exposure for the name to be used on alcohol products, not less. Despite the opposition running counter to Phyllis' desires, she apparently may not be done with this just yet. Phyllis Schlafly, who will turn 92 on Monday, declined comment, but her son and attorney, Andy Schlafly, said he may appeal. "I'm disappointed that the decision did not come to terms with the purpose of the statute that generally prohibits obtaining a trademark in a last name," he said. Must be a fun Thanksgiving dinner at the Schlafly house these past few years. Permalink | Comments | Email This Story

Read More...
posted 8 days ago on techdirt
For many years, while some journalists (and newspaper execs) have been insisting that a paywall is "the answer" for the declining news business, we've been pointing out how fundamentally stupid paywalls are for the news. Without going into all of the arguments again, the short version is this: the business of newspapers has never really been "the news business" (no matter how much they insist otherwise). It's always been the community and attention business. And in the past they were able to command such attention and build a community around news because they didn't have much competition. But the competitive landscape for community and attention has changed (massively) thanks to the internet. And putting up a paywall makes it worse. In most cases, it's limiting the ability of these newspapers to build communities or get attention, and actively pushing people away. And, yes, sure, people will point to the NY Times, the Wall Street Journal and the Financial Times as proof that "paywalls work." But earth to basically every other publication: you're not one of those publications. The paywalls there only work because of the unique content they have, and even then they don't work as well as most people think. Not surprisingly, more and more newspapers that bet on paywalls are discovering that they don't really work that well and were a waste of time and effort -- and may have driven away even more readers. Of the paywalls erected in the past few years, many have delivered lackluster results, said Ken Doctor, a media consultant who writes the blog Newsonomics. "The ones that were launched in 2012 to 2014 had good early results and they all largely stalled," he said. "They are no longer gaining much in the way of new digital subscriptions, and their print is in rapid decline." The article also quotes Alan Mutter who has been pointing out the fallacies around newspaper paywalls for probably longer than I have: Paywalls can backfire also "because they put a barrier between the newspaper and the casual reader," he added. "They are truncating the size of the digital market, when the most important factor for digital is scale." Meanwhile, as newspapers are realizing this, even the "successful" paywall folks at the Wall Street Journal appear to be changing up its paywall to make it easier for non-paying users to read the articles. This doesn't mean that you can't get money from readers -- but paywalls are a stupid way to do it. You're asking them to pay for the same kind of value that they can often get elsewhere. That's dumb. If you're charging, you should be charging for unique value and something different that only your publication can provide. General interest news is not that.Permalink | Comments | Email This Story

Read More...
posted 8 days ago on techdirt
The Wall Street Journal is reporting on a study that claims to show an increase in shootings by police officers is related to the increase in officer-worn body cameras. The heart of the study's [PDF] claims is this: Our empirical analysis produced several interesting findings. First, we found that in police departments that conduct statistical analyses of digitized crime data, there are 2.15% fewer fatal shootings, substantiating our theoretical prediction that criminal intelligence can prevent police officers from using lethal force. Similarly, the use of smartphones by officers for intelligence access is related to 2.72% fewer deadly shootings. We obtained similar results from the alternative data from killedbypolice.net and the FBI. Surprisingly, we found that the use of wearable video cameras is associated with a 3.64% increase in shooting-deaths of civilians by the police. We explain that video recordings collected during a violent encounter with a civilian can be used in favor of a police officer as evidence that justifies the shooting. While I don't doubt that some officers believe footage may assist them in justifying shootings, there's very little here that suggests anything more than a statistical blip. No such increase was noted in 2013 or 2014, and a 3.64% increase would seem to be a fluctuation, rather than anything correlative. The authors of the study note one issue that may be skewing the numbers slightly upward: there's very little data available to differentiate between justified shootings and unjustified shootings. Without this, it's difficult to draw the conclusion that officers have made conscious or unconscious decisions about the perceived exculpatory value of capturing deadly force incidents on tape. And yet, such a conclusion is being tentatively drawn. The professors found almost no link between cameras and shooting deaths in 2013 and 2014. The difference between those years and 2015, they surmise: Officers grew more comfortable using the devices in the field. “It could take a while for police officers to realize how helpful evidence from body cameras can be in justifying the use of lethal force,” they write. Maybe. Maybe not. A lot more data is needed to determine whether this tick upwards indicates a trend or just a mild diversion from the mean. There's lots of anecdotal data out there that suggests body cameras are having zero effect on limiting excessive force simply because many officers treat the devices as optional. Here are just a few reports involving shooting by police where footage hasn't been recorded. A Spokane police officer involved in the shooting of a domestic violence suspect last weekend was wearing a body camera but did not have it turned on, according to an initial investigation. [Source] Chittenden County State’s Attorney TJ Donovan announced Monday morning that two police officers have been cleared of any criminal wrongdoing in the shooting of a Colchester man in September. He said at the announcement that the officers were cleared without any body camera video of the incident. The body cameras were turned off, he said, because officers didn’t want the cameras’ red recording lights or audible recording beeps to jeopardize their safety. [Source] A Chicago police officer who fatally shot a black man in the back last week was wearing a body camera during the shooting, but the camera was turned off at the time, officials with the city’s police department said Monday. [Source] An Alabama police officer was wearing a body camera that was not turned on when he fatally shot a man who held a “large metal spoon in a threatening manner” as he approached the officer, according to Tuscaloosa County officials. [Source] A New Orleans police officer turned off her body cam before opening fire on a man who had escaped from her a week earlier. Lisa Lewis shot the man in the forehead during a traffic stop, then shot at him again as he ran away, according to the lawyer of the man who remains hospitalized. If shootings by police are trending up despite the use of body cameras, it's not the cameras that are at fault. It's the culture. Body cameras have been shown to decrease deployments of excessive force and reduce complaints by citizens, but only when used in conjunction with policies that hold officers accountable for not recording their interactions with the public. A slight rise in shootings may indicate what the officers suggest: that officers are "getting used" to the cameras -- not as a source of exculpatory recordings, but rather as a nuisance that can be ignored without fear of reprisal. A lack of solid policies and punishments would similarly generate a rise in deployments of excessive or deadly force, no matter what tech is forced on officers under the guise of accountability. Permalink | Comments | Email This Story

Read More...
posted 8 days ago on techdirt
The Democratic National Committee, still reeling from the hack on its computer system that resulted in a bunch of leaked emails and the resignation of basically all of its top people, has now created a "cybersecurity advisory board" to improve its cybersecurity and to "prevent future attacks." “To prevent future attacks and ensure that the DNC’s cybersecurity capabilities are best-in-class, I am creating a Cybersecurity Advisory Board composed of distinguished experts in the field,” interim DNC Chairwoman Donna Brazile wrote in a memo. “The Advisory Board will work closely with me and the entire DNC to ensure that the party is prepared for the grave threats it faces—today and in the future.” Sure. That sounds like a good idea. But, then there's this: Members include Rand Beers, former Department of Homeland Security acting secretary; Nicole Wong, former deputy chief technology officer of the U.S. and a former technology lawyer for Google and Twitter; Aneesh Copra, co-founder of Hunch Analytics and former chief technology officer of the U.S.; and Michael Sussmann, a partner in privacy and data security at the law firm Perkins Coie and a former Justice Department cybercrime prosecutor. I've met and/or dealt with Chopra (misspelled Copra in the article) and Wong -- and both are very smart and good policy people. The other two seem to have good policy chops as well. But none of them are actual cybersecurity experts. I have no problem with these people being on this advisory board, but it's insane to put together a cybersecurity advisory board that doesn't include at least a single (and probably more) actual technologist with experience in cybersecurity. And that's doubly true when the goal of the board is to help the DNC with its own cybersecurity. If the goal of the board was to advise on cybersecurity policy, then the makeup of it is at least slightly more understandable, but that's not the goal. It's to actually improve the cybersecurity of the DNC. Even if the goal were just policy, having someone with actual technology experience with cybersecurity would be sensible. Again, I don't think there's anything wrong with these four people on the board if they also included some actual technologists who understood this stuff at a core level. Instead, they're just asking for more problems.Permalink | Comments | Email This Story

Read More...
posted 8 days ago on techdirt
It appears there's still no shortage of quasi-reputation management efforts being deployed in the form of bogus DMCA takedowns issued by bogus "news" websites. Pissed Consumer uncovered this shady tactic back in April, noting that legitimate-sounding sites like the "Frankfort Herald" and the "Lewisburg Tribune" were issuing takedown notices on complaints posted to the gripe site. These fake news sites tended to be filled with a blend of scraped content and and negative reviews/posts from sites like Pissed Consumer and Ripoff Report copy-pasted in full and backdated to make them appear as if they'd appeared at the bogus sites first. Our article about this tactic, containing some additional details we tracked down, caught the eye of an entity called Web Activism, which is now digging up as many details as it can about this DMCA-abusing reputation management tactic. Web Activism notified Adweek that a couple of past articles hosted there were being targeted by bogus DMCA notices. AdWeek's Patrick Coffee notes that his website first treated these takedown requests as legitimate. This attempt was temporarily effective in that we unpublished the story. That’s not something we’d normally do, but given that the post was 6 years old and we weren’t aware of the context, we figured it was appropriate. We recently put the post back up, because the takedown request was a big lie. The targeted posts contained some unflattering depictions of Torrence Boone, who went from a sinking ad agency to a Vice President position at Google, working closely with its ad partners. The takedown requests weren't issued -- at least not directly -- by Boone. Instead, they came from a fake journalist at a fake new site: Jennifer Clandon at fox18news.com. As Coffee notes, there is no person named Jennifer Clandon working for Fox News… anywhere. Not only that, but the Fox 18 News site is now unreachable. The fake article cited in Clandon's DMCA takedown request is a word-for-word copy of AdWeek's original post. For what it's worth, Boone's lawyers deny he had anything to do with the bogus takedowns. Boone’s lawyers have repeatedly denied to AgencySpy that he was involved in the takedown requests or that he had any knowledge of the effort that appears to have been made on his behalf. They admit he has occasionally “hired digital marketing firms to manage his online profile” but claim that “they have not taken any action directed toward [your company] on behalf of Mr. Boone in March 2016, or at any other time.” Tellingly, though, his lawyers spent most of our exchange last week arguing against the content of the “unemployable” post rather than discussing the request to take it down six years later: “In reply to your email to Mr. Boone, he disputes the defamatory blog post reportef [sp] by AdWeek in 2010 that he was ‘unemployable’. Mr. Boone stands by his service at Enfatico.” But Coffee also points out that Boone has previously issued DMCA notices in his own name in an attempt to remove a photo of him from the internet. The Lumen database also includes a separate entry for a 2012 request made by Boone himself, who asked that Google remove the “Hot” post because it contains allegedly copyrighted materials in the form of “A picture of me at a Carnival parade in a costume that includes a blonde and orange clown wig.” It’s unclear whether Google responded to this request. The bogus Fox site may be down, but the Internet Archive has salvaged a few pages. None of them are the one cited in the bogus takedown notice, but there are others that seem very out of place in a TV channel's website. One is a very angry complaint about (gasp!) a reputation management service, Reputation.com. Another refers to a medication service as a pyramid scheme. Another DMCA notice issued by the FoxNews18.com site lists an email address of [email protected] -- likely another throwaway account that would reveal nothing about the true owners of the bogus news site. Going further back into the archives, it appears the URL once belonged to a legitimate news site that served Charlotte, North Carolina. For most of 2015-16, however, it was repurposed as a scraper site to generate bogus takedown notices. Web Activism also pointed AdWeek to further copies of its posts at another fake news site, Lewisburg Tribune. (This site was previously mentioned in our original post on the subject.) This site has also gone dead, leaving behind only what's been saved by the Internet Archive's Wayback Machine. Torrence Boone may have no direct knowledge that these actions are being performed on his behalf. He admits -- through his lawyers -- that he has outsourced his reputation management on previous occasions. The combination of scraped content, dodgy English, and zero shame seems to indicate somewhat-reputable reputation management firms are also outsourcing their reputation management work, possibly hiring people outside of US-governed jurisdictions (via any number of freelance services like Upwork or Fiverr) to whip up fake sites to plant content they want removed from Google's listings. Even if the reputation management firms haven't outsourced their bogus takedowns, there's very little risk involved. Fake names attached to fake sites are often almost impossible to link back to real individuals or companies. The worst thing that can happen when a bogus DMCA notice is issued is nothing -- at least to the shrouded reputation management firms. The reputations they're managing might get shredded by the Streisand Effect, but it's not as though the government has much interest in pursuing those who abuse the DMCA process. Shady reputation management firms will continue to be shady as those screwed by their bogus tactics aren't going to take the risk of further exposure by publicly calling them out for turning their already-damaged reputations into mini dumpster fires. Web Activism, however, claims to be doing something about this. It is investigating these bogus sites/takedown requests in hopes of uncovering the people/entities behind them. To date, it has rounded up 500 questionable DMCA notices, investigated 200 of those and published reports for 55 of these. It will continue to dig into these going forward, keeping an eye on the Lumen "Chilling Effects" DMCA database for new arrivals from bogus websites. Permalink | Comments | Email This Story

Read More...