posted 9 days ago on techdirt
In recent days, megalith digital games platform Steam found itself making headlines with a tweak to its game reviews system. At issue was Steam's prioritizing reviews from customers who bought a game on Steam over anyone else. Asked for an explanation for the move, Valve suggested that some game developers were attempting to game the reviews system by exchanging download codes for positive reviews. While this explanation omitted the prevalence of crowdsource funding of games, such as Kickstarter funding, Valve at least was putting on a public face of trying to treat its gaming customers well. And now we have the second such story of Valve looking out for its gaming customers, as the platform has chosen to entirely drop a game developer known for its anti-consumer behavior off of the Steam store. You may recall that Digital Homicide is a game developer that has been featured on these pages before, having decided that the best way to deal with some mildly scathing reviews of its games was to sue the reviewer for ten million dollars, alleging emotional, reputational and financial distress. It seems that lawsuit wasn't a one-off, as Digital Homicide has now apparently filed suit against a whole bank (at least 100) Steam users, who reviewed Digital Homicide games, to the tune of $18 million, with a court recently granting a subpoena requesting that Steam turn over identification data for those users. And, as a result, Valve dropped Digital Homicide completely from the Steam platform. By Friday evening twitter user "lashman" discovered Valve had removed all of Digital Homicide's games from Steam. Games like Wyatt Derp, Temper Tantrum, and The Slaughtering Grounds (the first game Sterling reviewed)—are all gone along with their community pages, reviews, and associated downloads as if they'd never been there. You needn't worry if you've already bought the games in the past. They're still there, accessible through your account's library. But if you have a pressing desire to playWyatt Derp in the coming days, you'll have to look somewhere else besides Steam. "Valve has stopped doing business with Digital Homicide for being hostile to Steam customers," Valve VP of marketing Doug Lombardi told Motherboard in a brief email. He didn't say how Valve plans to handle the subpoena or if "being hostile" even directly refers to the lawsuits. Valve went as far as to allow community groups and past purchases to remain up on Steam, but everything else is gone. No more games for sale. No more reviews of any kind. No promo videos or early access projects. It's gone. Digital Homicide, as is its wont, is attempting to wrap itself in the blanket of victimhood, throwing all kinds of accusations at its targets and doing everything it can to pretend that this legal action doesn't revolve around negative reviews of its products. On Saturday night, Digital Homicide responded with a lengthy post on the studio's homepage, suggesting it targeted Steam reviewers who harassed them. "The lawsuit recently filed is solely in regards to individuals where no resolution was able to be obtained from Steam to provide a safe environment for us to conduct business," Digital Homicide said. "We submitted numerous reports and sent multiple emails in regards to individuals making personal attacks, harassment, and more on not only us but on other Steam customers who were actually interested in our products." The post then goes on to show screenshots of posts on the Steam community boards illustrating these personal attacks. Two of the biggest examples, in which one user says he wants "to murder every single person responsible for this [game]" and another that tells Digital Homicide chief James Romine he should "kill himself for making me waste 0.14 for your ****** game," don't appear in the leaked documents from a few days ago. They don't appear there because these lawsuits have nothing to do with the kind of over-the-top vitriol that any game developer ought to have fashioned a thick enough skin to wave off in this digital era. This is all about the reviews and nothing but. Were the court to suddenly find itself burdened with lawsuits against every game review that included nasty language, the system would collapse on itself. Everyone knows this, everyone deals with this. It may not be pleasant, but it isn't a reason for a lawsuit. Yet Digital Homicide's suit claims harassment, alongside -- swear to god -- disorderly conduct, stalking, criminal impersonation, tortious interference, libel, unjust enrichment, restitution, negligence, damages, and conspiracy to commit civil rights violations. In its response to being dropped from Steam, the developer goes on to claim that Valve's siding with its customers is an indication that Steam is not a "safe environment", before suggesting that some form of legislation is needed. It better come quick, along with a win against every John Doe it is suing in court, because the prospects for Digital Homicide making any money from selling its games to a public now informed of these actions are bleak indeed. Valve meanwhile, and its Steam platform along side it, have built up just a little more goodwill with that same public in siding with customers over an abusive game developer. Permalink | Comments | Email This Story

Read More...
posted 9 days ago on techdirt
Cyrus Farivar of Ars Technica reports that another federal judge has found the warrant used by the FBI to deploy its Tor-busting malware is invalid. This finding isn't unique. Multiple judges in various jurisdictions have found the warrant invalid due to Rule 41, which limits execution of warrants to the jurisdiction where they were issued. But only in a few of the dozens of cases stemming from the FBI's child porn investigation has a judge ruled to suppress the evidence obtained by the FBI's NIT. A federal judge in Iowa has ordered the suppression of child pornography evidence derived from an invalid warrant. The warrant was issued as part of a controversial government-sanctioned operation to hack Tor users. Out of nearly 200 such cases nationwide that involve the Tor-hidden child porn site known as "Playpen," US District Judge Robert Pratt is just the third to make such a ruling. In other cases, judges have found the warrant invalid, but have granted the FBI the "good faith" exception or found that the information harvested by the agency's hacking tool isn't protected under the Fourth Amendment. In one particularly memorable case, the presiding judge wandered off script and conflated security and privacy, suggesting that because computer hacking is so commonplace, the FBI should be allowed to peek into compromised computers (and compromise them!) and extract whatever it can without worrying about tripping all over the Fourth Amendment. With hundreds of cases all over the nation (and many more handed off to foreign law enforcement agencies) stemming from a single warrant, this collection of rulings is far from coherent. But, more often than not, judges have found that the reach of the FBI's NIT deployment far exceeded its Rule 41 grasp. That all could change by the end of the year, making future investigations handled in this manner (running seized websites to deploy hacking tools) much less likely to be successfully challenged in court. Judge Pratt's ruling [PDF], however, did at least shut down the government's Third Party Doctrine arguments. There is a significant difference between obtaining an IP address from a third party and obtaining it directly from a defendant’s computer. [...] If a defendant writes his IP address on a piece of paper and places it in a drawer in his home, there would be no question that law enforcement would need a warrant to access that piece of paper—even accepting that the defendant had no reasonable expectation of privacy in the IP address itself. Here, Defendants' IP addresses were stored on their computers in their homes rather than in a drawer. Analogies to physical objects are seldom perfect, but Pratt's does better than most. "Judge Pratt correctly interpreted the NIT's function and picked the correct analogy," Fred Jennings, a New York-based lawyer who has worked on numerous computer crime cases, told Ars. Jennings continues: [Pratt] correctly points out that the usual analogies, to tracking devices or IP information turned over by a third-party service provider, are inapplicable to this type of government hacking. A common theme in digital privacy, with Fourth Amendment issues especially, is the difficulty of analogizing to apt precedent—there are nuances to digital communication that simply don't trace back well to 20th-century precedent about physical intrusion or literal wiretapping. The evidence suppression will likely result in charges being dropped, as anything located on the defendant's devices would have stemmed from the invalid NIT warrant. Outcomes like these don't do much to appease the general public, as the actions alleged are often viewed as indefensible. But the ugliness of the crime has no bearing on the Constitution and the rules governing search warrants. The FBI can't play by different rules just because the targets are less sympathetic. That's why the push back against the proposed Rule 41 changes is important, because alterations to jurisdictional limits won't solely be used to chase down the worst of the worst. It will greatly expand the reach of questionable search warrants and investigative tools and encourage magistrate shopping by law enforcement to lower the level of scrutiny their deficient affidavits might otherwise receive. Permalink | Comments | Email This Story

Read More...
posted 9 days ago on techdirt
Support Techdirt and get Math Is Not A Crime gear! Order by Oct. 3rd » Our latest Techdirt t-shirt is the Math Is Not A Crime shirt (also available as women's tees, hoodies, v-necks, mugs and stickers), which was initially inspired by some of the debates around outlawing strong encryption -- but also refers to much, much more. One of the key points that defenders of strong encryption have been making in response to attempts to outlaw strong encryption or to demand backdoors is that encryption is just math, and it should never be a crime to do math. But the message actually goes beyond that. It's pointing out that since it is just math, someone else can do the math too and create their own encryption. One of the key legal fights around encryption, Bernstein v. United States, basically centered around the question of whether or not the government could declare a mathematical encryption algorithm a "munition" in order to block its export. Eventually it was determined that source code (and with it, math) are protected by the First Amendment. But it's not just about encryption. The issue of outlawing math has come up in other contexts that we talk about as well. For example, the patenting of software is one that has raised concerns about outlawing math. Algorithms are basically just mathematical formulas and not being able to write an algorithm because someone has patented some of it seems particularly stupid. Over a decade ago, Ben Klemens wrote a great book called Math You Can't Use. And, of course, this enters the copyright realm as well. We're constantly talking about DRM, and a key bit of law that props up bogus DRM systems is Section 1201 of the DMCA, which outlaws any circumvention of DRM. But, many of those circumventions are little more than math as well. This should be concerning to all of us. Attempts to hold back innovation, privacy and progress by outlawing math is a problem, and that's the reason behind our shirt. Oh, and it's also cool for math teachers and students too. Get yours today, and don't forget to check out the other gear in our super-early holiday sale. Permalink | Comments | Email This Story

Read More...
posted 9 days ago on techdirt
It often seems like the modern cable industry often goes out of its way to remain decidedly un-modern. Thanks to regulatory capture and limited competition, the sector consistently ranks among the very worst industries in terms of customer satisfaction and support. And whether it's opposing net neutrality or fighting efforts to bring competition to the cable box, you'll often find the industry's top lobbying organization -- the National Cable and Telecommunications Association at the forefront of fighting nearly every pro-consumer initiative that comes down the pike. That's why it's more than a little amusing to see the NCTA announce this week that it's eliminating the word "cable" from its branding and overall vernacular, apparently as an attempt to modernize the cable sector's image in the Netflix age. According to a statement by the NCTA, the migration away from even using the word cable (despite coaxial very much remaining in use) is a reflection of "how the marketplace is no longer defined by silos of the past." This is how former FCC boss turned top cable lobbyist Michael Powell explained the shift:"Just as our industry is witnessing an exciting transformation driven by technology and connectivity, NCTA’s brand must reflect the vibrancy and diversity of our members,” Powell said. “While our mission to drive the industry forward remains the same, our look now reflects a renewed proactive and energized spirit."And by "driving the industry forward," Powell of course means supporting initiatives that do the exact opposite. Most recently that has included using a massive sound wall of disinformation (including some help from the US Copyright Office and the likes of Jesse Jackson) to demonize attempts to bring competition to the cable box. The NCTA has also been busy working overtime to derail the FCC's attempt to apply some relatively basic privacy protections to the cable sector, has also supported protectionist state laws that hinder broadband competition, and has even fought raising the base definition of broadband to 25 Mbps. "Proactive and energized," indeed. And while the cable industry is quick to argue it's facing more direct competition than ever before, the reality is notably different. As AT&T and Verizon give up on unwanted DSL customers, it's creating a stronger cable monopoly than ever before in many areas. As cable providers consolidate and their telco competitors crumble, cable is seeing 99% of the broadband net additions each quarter. The end result is a cable industry that intends to take full advantage of this lack of competition to impose draconian usage caps on consumer broadband connections in the hopes of thwarting Internet video competitors like Netflix. All told it's going to take a lot more than a vernacular change to shift consumer and cross industry perception away from the reality that the cable industry -- and specifically the NCTA -- is an anti-consumer, anti-innovation, antiquated turf protection machine.Permalink | Comments | Email This Story

Read More...
posted 9 days ago on techdirt
Wish you had the time to read more, but find that you're simply too busy? Audible's large library of audiobooks and intuitive app are here to help you soar through your reading list while on-the-go. With this limited-time offer, you can try out Audible for 60 days completely free. Plus, you get to choose two free audiobooks to keep and you'll get discounts on unlimited additional books. After the 60 days, Audible's monthly rate is $14.95, which you can cancel at any time. Note: The Techdirt Deals Store is powered and curated by StackCommerce. A portion of all sales from Techdirt Deals helps support Techdirt. The products featured do not reflect endorsements by our editorial team.Permalink | Comments | Email This Story

Read More...
posted 9 days ago on techdirt
A thread on Reddit is getting a fair bit of attention today, claiming that Lenovo has set up some of its Yoga laptops to block anyone from installing Linux -- and a Lenovo representative then pointed the finger at Microsoft, saying that it's part of what Lenovo was required to do as part of the Microsoft "Signature Edition" Windows 10 program, though there are reasons to doubt this is true. What is clearly true is that there's a problem installing Linux on a bunch of Lenovo machines. Here's a giant thread on the problems (which apparently disappeared for a while, but is back as I write this). And here's another. And here's another. Some of these threads go back many months. But the issue that has suddenly made it big news is a comment supposedly from a Lenovo "product expert" that the company is forced to block it as a part of the Signature Edition program: If you haven't heard of the Windows "Signature Edition," it's a program from Microsoft to offer a "clean" (read: no annoying bloatware) version of Windows. Think of it like a Google Nexus phone with a clean Android install, as compared to one from a carrier or handset maker stuffed with annoying bloatware you'll never use. The Signature Edition PCs have received some fairly glowing reviews -- and many (ironically given this story today) of the news stories about the Signature Edition program use the Lenovo Superfish malware fiasco as a reason for why people should look at a Signature Edition computer if they want to run Windows. So, yeah, based on this storyline so far, you have Microsoft making a clean install of its operating system without bloatware (good idea!), but then being accused of making Lenovo design its BIOS to block the installation of Linux (bad idea!). There is at least some reasonable skepticism that the problem here is really because of the Microsoft Signature Edition program. First of all, Signature Edition computers are supposed to only be available directly via Microsoft's stores -- and the laptop that kicked this off was purchased at Best Buy. Also it wasn't labeled as a Signature Edition PC. And it's certainly not unheard of for low level employees in forums to post incorrect information -- and there is even some question as to whether or not the "Lenovo Product Expert" in the forum post above is even a Lenovo employee or a third-party contractor anyway. So whether Microsoft is truly to blame here is still an open question. At the very least, it does seem like Lenovo has some questions to answer -- and one hopes that the company will be more forthright and honest than it was back during the Superfish episode when it basically lied through its teeth until it couldn't lie any more.Permalink | Comments | Email This Story

Read More...
posted 9 days ago on techdirt
With the explosive devices in NY and NJ from this past weekend, Hillary Clinton has decided, once again, that it's time to blame Silicon Valley for not doing more to magically stop terrorists from terroristing. “The recruitment and radicalization that goes on online has to be much more vigorously intercepted and prevented. I have been saying this for quite some time,” the Democratic presidential candidate said at a news conference Monday during which she responded to the bombings in New York and New Jersey over the weekend. “The government cannot do this without the close participation of tech companies and experts online who can give us the tools and lead us to those who are attempting to promote attacks like we’ve seen.” Let's leave aside, first of all, the fact that (as of this writing) there hasn't been any evidence that the individual arrested and charged with this was recruited and radicalized online. Instead, let's focus on what's being asked here: to "intercept and prevent" certain forms of speech online. Not only does this seem... to go completely against American values around freedom of expression, it's also impossible. Sure, you can kick people off of services, but anyone with an ounce of understanding of how the internet works will recognize how ineffective that is. Not only would such a system fail to stop people who wish to plan attacks from communicating, such a plan would, inevitably, also block perfectly normal and protected speech. Even worse, it would likely block important counterspeech in which people are able to respond to calls for violence and terrorism with arguments as to why that approach is a bad idea. It remains amazingly troubling that both of the major party candidates for President seem to think that a good response to attacks in this country is to silence people online. Putting the onus on Silicon Valley to magically "fix" this by "preventing" bad people from talking to one another online is not a credible, reasonable or workable strategy for dealing with those who wish to attack the US.Permalink | Comments | Email This Story

Read More...
posted 9 days ago on techdirt
As you may have heard, earlier this week, Donald Trump Jr. tweeted out a ridiculous image comparing Syrian refugess to poisoned Skittles. No, really. FWIW, this is an old and a dumb and meaningless meme. It's not always Skittles, though. Last year failed Presidential contender Mike Huckabee used the same concept, but with Peanuts -- and John Oliver mocked him for it, noting that "peanuts themselves have killed far more people than terrorist refugees." Another version involved M&Ms, and it was used by a variety of groups -- including a feminist "Yes All Women" campaign. Some are arguing that the switch from M&Ms to Skittles is even more racist, because it's based on the fact that when Trayvon Martin was shot dead by George Zimmerman, Martin had a pack of Skittles in his pocket. And, of course, the Intercept argues that this meme goes all the way back to a top Nazi propagandist making sure that the meme is sufficiently Godwined. But... of course, most of that has little to do with what we normally cover around these parts. But what we do often cover is copyright related issues -- so it's interesting to find out that the image used in that Skittles graphic that Trump Jr. posted was copied from Flickr, where it pretty clearly has an "all rights reserved" copyright notice on it. Oh, and the guy who took the photo, David Kittos, happens to be a former refugee himself, who is not at all pleased that his image is being used in this manner. "This was not done with my permission, I don't support his politics and I would never take his money to use it," Mr Kittos told the BBC. "In 1974, when I was six-years old, I was a refugee from the Turkish occupation of Cyprus so I would never approve the use of this image against refugees." So, yeah. But what can he do? Well, apparently he's considering taking legal action, though he (rightly) notes that that may be a hassle: "I would like the Trump campaign to delete the image, but they are probably not interested in what I have to say," he said. "I was thinking about getting lawyers involved but I don't know if I have the patience. "This isn't about the money for me. They could have just bought a cheap image from a micro stock library. This is pure greed from them. I don't think they care about my feelings. They should not be stealing an image full stop." While I might disagree on the use of the term "stealing an image" there, it certainly could create an interesting copyright legal battle -- raising serious questions about fair use in political discussions. Thankfully, though, it seems unlikely that any lawsuit will actually happen. Instead, we can just sit back and think about the number of meetings and conversations that must have happened before Mars Inc., makers of Skittles, decided to put out this statement: Skittles are candy; refugees are people. It's an inappropriate analogy. Indeed. But is it copyright infringement...?Permalink | Comments | Email This Story

Read More...
posted 9 days ago on techdirt
It's not like many of us haven't been saying this for years: but fighting piracy through greater copyright enforcement doesn't work. It's never worked and it's unlikely to ever work. A year ago, we released our big report, The Carrot or the Stick? that explored at a macro level what appeared to lead to reduced levels of piracy -- enforcement or legal alternatives -- and found overwhelming evidence that enforcement had little long-term impact (and a small short-term impact), but that enabling legal alternatives had a massive impact in reducing piracy. This should sound obvious, but it was important to look at the actual data, which backed it up. Now, there's a new and different study that further supports this idea. Researchers at the University of East Anglia, Lancaster University and Newcastle University have a new report saying that promoting legal alternatives is much more effective in stopping piracy than the threat of legal consequences. The researchers say that in order to compete with unlawful file sharing (UFS), easy access to information about the benefits of legal purchases or services should be given in a way that meets the specific benefits UFS offers in terms of quality, flexibility of use and cost. The team looked at the extent to which the unlawful sharing of music and eBooks is motivated by the perceived benefits as opposed to the legal risks. Involving almost 1400 consumers, the research explored people's ability to remain anonymous online, their trust in the industries and UK legal regulators such as Ofcom, and their downloading behaviour. It's a very different approach to our own research, but the conclusions remain almost identical. In short, the researchers found that for people who really "trust" regulators, then the threat of punishment was effective. The problem, however, is that not that many people actually trust regulators. That leaves officials with two choices: increase trust in regulators, or... figure out ways to incentivize more legal, innovative alternatives. And, of course, one way to destroy trust in regulators is to support policies like expanding copyright enforcement. Co-author Dr Piers Fleming, from UEA's School of Psychology, said: "It is perhaps no surprise that legal interventions regarding UFS have a limited and possibly short-term effect, while legal services that compete with UFS have attracted significant numbers of consumers. "Our findings suggest that it may be possible to diminish the perceived benefit of UFS by increasing risk perception, but only to the extent that UFS is considered emotionally, and users trust industry and regulators. Increasing trust in industry and regulators may be one route toward encouraging UFS to be considered in emotional rather than rational terms. However, given the limited impact of risk perception upon behaviour, a better strategy would be to provide a desirable legal alternative." So, that's common sense and two very different studies with very different approaches -- all suggesting the same thing. And yet, politicians, regulators and legacy industry folks still insist that ratcheting up enforcement is the way to go. What will it take for them to actually follow what the evidence says, rather than continuing with faith-based copyright policies?Permalink | Comments | Email This Story

Read More...
posted 9 days ago on techdirt
As Techdirt noted back in January, it is astonishing that the TPP negotiations proceeded for years with almost no detailed analysis of whether they would be beneficial. It was only recently, after the text had been finalized, that a number of studies started to appear which explored the likely impact of TPP in some depth. Strikingly, every single one of them predicted almost no benefit for the US economy from the deal. The situation for TPP is rather better than for the other big US trade negotiations currently underway, TAFTA/TTIP, where attempts to model its impact are thin on the ground. The same is true for CETA, the EU-Canada trade deal that was supposedly "finished" two years ago, and yet still hasn't been passed because of the text's deep problems, not least because of its corporate sovereignty provisions. Despite the fact that CETA may be quite close to final ratification -- although growing resistance to it in Europe may still stop it -- we have very few studies of what benefits it might bring. The main one is the official analysis that was used to kick off the talks (pdf) in the first place, published in 2008. Here's the key result: The annual real income gain by the year 2014, compared to the baseline scenario, would be approximately €11.6 billion for the EU (representing 0.08 percent of EU GDP), and approximately €8.2 billion for Canada (representing 0.77 percent of Canadian GDP). Total EU exports to Canada go up by 24.3 percent or €17 billion by 2014 while Canadian bilateral exports to the EU go up by 20.6 percent or €8.6 billion by 2014. Leaving aside the fact that 2014 has come and gone, it's clear even from these figures that CETA will produce almost negligible annual GDP uplift for both sides, since the quoted figures are cumulative extra growth that would come from CETA. But an important question is just how reliable even these small gains are, since they implicitly form the main justification for the whole deal. A new study from the Global Development And Environment Institute at Tufts University, which also conducted one for TPP last year, offers a useful perspective. Its results are pretty damning, and include the following: CETA will lead to wage compression. By 2023, workers will have foregone average annual earnings increases of €1776 in Canada and between €316 and €1331 in the EU depending on the country. Countries with higher labor income shares and unemployment, such as France and Italy, will experience the most pronounced wage compression. CETA will lead to net losses of government revenue. Competitive pressures exerted by CETA on governments by international investors and shrinking policy space for supporting domestic investment, production and investment will reduce government revenue and expenditure. Government deficits will also increase as a percentage of GDP in every EU country, pushing public finances closer or beyond the limits set by the Maastricht treaty. CETA will lead to job losses. By 2023, about 230 thousand jobs will be lost in CETA countries, 200 thousand of them in the EU, and 80 thousand more in the rest of the world, adding to the rising dependency ratio (the average number of people supported by one job). CETA will lead to net losses in terms of GDP. As investment and foreign demand remain sluggish, aggregate demand shortfalls nurtured by higher unemployment will also hurt productivity and cause cumulative welfare losses amounting to 0.96% and 0.49% of national income in Canada and the EU, respectively. While the United Kingdom (-0.23%) and Germany (-0.37%) may be least affected, France (-0.65%) and Italy (-0.78%) will lose more than other EU countries (-0.53%). The full 40-page paper (PDF) goes into the details. Along the way, it provides a highly critical analysis of the underlying econometric model used for almost all of the official studies of CETA, TPP and TTIP -- the so-called "computable general equilibrium" (CGE) approach. In particular, the authors find that using the CGE model to analyze a potential trade deal effectively guarantees that there will be a positive outcome ("net welfare gains") because of its unrealistic assumptions: In these CGE analyses, the Canadian and EU economies instantaneously and costlessly adjust to the trade reform, and as any increase in unemployment or loss of aggregate income, even temporarily, is ruled out beforehand, CGE analyses can only point to net welfare gains. Blinded by such strong but palpably unrealistic priors, neoclassical CGE modelers have merely defined away the problem. In light of such a lack of intellectual diversity and empirical realism, this paper contends that, already by their design, these studies do not represent a reliable basis for assessing CETA and meaningfully informing policy-makers. Another new paper on CETA (pdf) points out a further issue with existing analyses of the economic impact: the fact that CETA -- like TTIP -- is mostly about regulatory convergence, rather than simple tariff reduction. And yet no account whatsoever is taken of the negative consequences of these moves in the official study or in those that follow its approach: The additional burden on regulators from the various additional steps due to CETA -- and even more after its potential extension to other countries -- in the context of diminished regulators' resources, is likely to lead to delays, blockages and a reduction in the standard of regulation. Use of the precautionary principle is likely to be under great pressure in a number of areas. All of this is done in the name of economic gains which turns out in the official impact assessment to be vanishingly small -- the equivalent of a cup of coffee every three months for each European in terms of disposable income -- and if the omitted effects of constrained regulations in the areas of climate change, finance, toxic chemicals, etc., were included in a more thorough assessment, then the economic evaluation would turn out to be heavily negative. Locking such provisions into an international treaty would turn out to be the height of folly. These two new studies offer valuable perspectives on CETA. It's a pity they weren't produced years ago, when more might have been done to mitigate the harmful effects they reveal. As it is, it seems the only option now is to reject CETA completely. Follow me @glynmoody on Twitter or identi.ca, and +glynmoody on Google+ Permalink | Comments | Email This Story

Read More...
posted 10 days ago on techdirt
Usually, when we see stupid and dangerous DMCA errors like Warner Bros. taking down its own website and Paramount taking down legitimate Linux torrents, it's the studios we call out first for their wanton abuse of the system. But of course that's only part of the story — there is a system of broken incentives both inside and outside the studios that has created an entire "anti-piracy" ecosystem. It started with the third parties that many studios and other rightsholders hire: self-styled copyright enforcement experts who charge a fee to piss an endless stream of DMCA notices into the wind of piracy. Some studios, like NBCUniversal (who we'll be talking about in a moment) choose instead to build this function into their internal structure with anti-piracy divisions staffed by the same kind of folks. Thanks to the willingness of copyright holders to pay out for this pointless service, it's grown into a whole industry — and it's an industry for which the never-ending, whac-a-mole nature of the takedown game is a plus, since it means the job will never be done. While there's plenty of blame to go around among media companies and lawmakers, it's these takedown "experts" who are the most directly responsible for the epidemic of botched and fraudulent takedown notices. And it's easy to see why: they need to pad the numbers. If we accept that the whole exercise is pointless (it is) and there's no actual end goal (there isn't) then what makes one anti-piracy outfit better than another? Why, sheer volume of pointlessness, of course! The executive who hired the firm that takes down two-million links can brag about his competence compared to the executive who only got one-million for the same price, and the executive who designed the internal division that hit three-million for even less is a damn hero — even though they're all just futilely pecking away at "infinity". And so, since there's no real penalty for abusing the DMCA, these groups have zero incentive to fret about only sending fair and accurate takedowns. But that's not all — they also have every incentive to actively pad their numbers with takedowns they know are bullshit, and as TorrentFreak discovered last month and recently demonstrated again in pretty undeniable terms, that's exactly what they're doing: ... this may look like a proper notice. However, upon closer inspection it’s clear that the URL structure of the links is different from the format Torrentz2 uses. The notice in question lists this URL: http://torrentz2.eu/dv/2012+dvdrip+battleship+mp4-q On Torrentz2, however, the search “2012 dvdrip battleship mp4” generates the following URL, which is clearly different. https://torrentz2.eu/search?f=2012+dvdrip+battleship+mp4 The link NBC Universal reports has never existed and simply returns a blank page. TorrentFreak reached out to the operator of the site who confirmed that they have never used this URL format. This ‘mistake’ can be explained though. The URL structure NBCUniversal uses comes from the original Torrentz site, meaning that NBC simply did a search and replaced the old domain with a new one, without checking if the URLs exist. In other words, they fabricated these links. And this isn't some isolated incident. TorrentFreak found plenty of new notices targeting URLs where the whole site had been taken down last year, and the URL didn't even exist when it was up. It's clear what's happening: they're just subbing out various known torrent domains into big lists of URLs that maybe, once, sorta, in a similar format on a different site, actually pointed to infringing material — and then billing their masters per URL targeted, regardless of whether it turned out to actually exist or not. Counting up all the fraudulent notices is next to impossible, but TF estimates there were tens if not hundreds of thousands of such URLs included in notices in the past few months alone. Now, these takedowns of fake URLs might not seem as worrying or embarrassing as the notices that target legal material or a copyright holder's own website, but they are further evidence of just how stupid the whole system is, and how badly it needs to be fixed. In a world where takedown notices are automatically generated by the millions without concern for whether or not the URLs are even valid, can we ever expect them to stop targeting legitimate speech and legal distribution? No. The DMCA needs teeth when it comes to punishing abusers, but giving it those teeth means dismantling this entire automated, slapdash anti-piracy industry — and don't expect them to go without a fight. Permalink | Comments | Email This Story

Read More...
posted 10 days ago on techdirt
The Intercept has obtained user manuals for Harris Corporation's IMSI catchers, colloquially known as Stingrays, thanks to an anonymous leaker. The documents appear to have come from a Florida law enforcement agency. This would be the public's first chance to see these documents in unredacted form. These operating manuals have been held onto tighter by law enforcement agencies than nondisclosure agreements or info on investigations utilizing this technology. The documents show what's so attractive about Stingrays: their power and their ease of use. Richard Tynan, a technologist with Privacy International, told The Intercept that the “manuals released today offer the most up-to-date view on the operation of” Stingrays and similar cellular surveillance devices, with powerful capabilities that threaten civil liberties, communications infrastructure, and potentially national security. He noted that the documents show the “Stingray II” device can impersonate four cellular communications towers at once, monitoring up to four cellular provider networks simultaneously, and with an add-on can operate on so-called 2G, 3G, and 4G networks simultaneously. The tech can be deployed easily thanks to a relatively user-friendly interface and offers an array of tools to be used that go beyond simply tracking the location of a targeted phone. Not only can these devices snag every phone that happens to be in range of the device, but the IMSI catcher can force every phone in the area to come down to its level, so to speak. In order to maintain an uninterrupted connection to a target’s phone, the Harris software also offers the option of intentionally degrading (or “redirecting”) someone’s phone onto an inferior network, for example, knocking a connection from LTE to 2G. However one might feel about the lawfulness of deploying mass surveillance to track -- in most cases -- a single suspected criminal, there has to be at least some concern that law enforcement can downgrade paying customers' connections while performing an investigation. The user's manual [PDF] uses telco jargon almost ironically, referring to targeted phones as "subscribers" (who haven't intentionally signed up for law enforcement tracking) and the towers officers will be spoofing as "providers" (the cell companies whose connection will be replaced/downgraded as law enforcement sees fit). Lists of "subscribers" and "providers" can be imported and exported. "Subscribing" numbers can be given nicknames to more easily separate them from the countless other cell phone numbers swept up during the device's deployment. Much of what's in the documents isn't exactly surprising. A lot of this has been sniffed out by FOIA requesters and defense lawyers, but until this point, the underlying details have mostly been implied -- read between redactions and parsed from deliberately-obtuse law enforcement testimony. Harris can't be happy these documents have leaked. A warning on the Gemini control software manual [PDF] states that Harris must be allowed to challenge any disclosure of the contents of these documents -- which presumably includes law enforcement compliance with defense production requests. Law enforcement agencies can't be happy either, as it shows just how much power many of them have at their fingertips. But nothing stays a secret forever, especially when the surveillance technology in question has gone from overseas deployment against enemy combatants to chasing down fast food thieves in local neighborhoods. Three can keep a secret if two of them are dead, as the saying goes. With hundreds of law enforcement agencies deploying cell tower spoofers thousands of times, the FBI's bullshit nondisclosure demands are apparently no replacement for a pile of silenced corpses. Permalink | Comments | Email This Story

Read More...
posted 10 days ago on techdirt
Facebook's efforts to moderate content that appears on the social network have run into numerous problems, most recently with a famous war photo and a bunch of blog posts. Some have made absurd demands in response, such as giving old-school media editors special posting privileges, while others have objected to the idea of Facebook censoring any content whatsoever. But is that objection realistic? This week, we discuss the complicated question of Facebook moderation, and what the company's role can and should be. Follow the Techdirt Podcast on Soundcloud, subscribe via iTunes, or grab the RSS feed. You can also keep up with all the latest episodes right here on Techdirt. Permalink | Comments | Email This Story

Read More...
posted 10 days ago on techdirt
We've been talking about how the next great battlefield in broadband is utility pole attachment reform. In many cities, the incumbent broadband provider owns the utility poles, giving them a perfect opportunity to hinder competitors. In other cities, the local utility or city itself owns the poles, but incumbent ISPs have lobbied for laws making it more difficult for competitors to access them quickly and inexpensively. Google Fiber has been pushing "one touch make ready" rules in several cities aimed at streamlining this bureaucracy by letting a licensed, third-party installer move any ISP's gear (often a matter of inches). And while incumbents like AT&T and Comcast will often breathlessly proclaim they're all for streamlining regulations, in this instance they're actively preventing the streamlining of these rules in a feeble attempt to slow Google Fiber down. In Louisville, AT&T sued the city after it passed one touch make ready rules. And in Nashville, both Comcast and AT&T have been actively working to prevent Google Fiber from getting similar rules passed. In a recent blog post explaining the stand off, Google Fiber highlights just what this entrenched, anti-competitive regulatory capture looks like in graphical form: This week Nashville's city council is planning the final in a series of votes to approve Google Fiber's one touch make ready rules. But AT&T has already promised to sue the city if Nashville passes the ordinance. Meanwhile AT&T and Comcast have taken another route to try and delay Google Fiber; they've urged a Nashville city council member to propose an alternative city resolution that would supplant Google Fiber's plan with a plan that doesn't appear to actually do anything outside of stalling the Google Fiber proposal. Under this alternative "right touch" proposal, pole attachment would see only modest changes, leading Nashville city councilman Jeremy Elrod to deride the move as little more than a last gasp effort by AT&T and Comcast to protect their duopoly fiefdom: "Google Fiber service and other competitors will be forced to rolling out their service at a trickle, when under the One Touch ordinance it will be like opening the floodgates," Elrod said in an emailed statement. "This resolution coming at the last minute, to be considered the same night as third reading of the One Touch bill, just shows it’s the last gasp of Comcast and AT&T, desperately trying to hold on to their top place on the utility pole. "These two companies should not be the gatekeepers that get to decide when and where their customers get access to a competitor, but (a Memorandum of Understanding) like this one enshrines that they stay that way. Comcast and AT&T would win, and competition and consumers would lose." AT&T and Comcast's competing resolution was proposed by Nashville council member Sheri Weiner, who amusingly admits to Ars Technica that the incumbent ISPs wrote the proposal, and while she intended to edit some of it herself, that just didn't happen: "I told them that I would file a resolution if they had something that made sense and wasn’t as drastic as OTMR,” Weiner told Ars in an e-mail today, when we asked her what role AT&T and Comcast played in drafting the resolution. Weiner said she is insisting on some changes to the resolution, but the proposal (full text) was submitted without those changes. When asked why she didn't put her suggested changes in the version of the resolution published on the council website, Weiner said, “I had them [AT&T and Comcast] submit it for me as I was out of town all last week on business (my day job)." Weiner said an edited resolution will be considered by the council during its next meeting. Yeah, whoops-a-daisy. If the AT&T and Comcast proposal passes, it will likely delay Google Fiber's market entry by a notable margin. If it doesn't, AT&T will simply sue the city of Nashville, insisting the city council overstepped its authority. Either way, Google Fiber gets delayed thanks to regulatory capture. And note this is all occurring while AT&T lobbyists happily mock Google Fiber for receiving "government favoritism." Again, this is all par for the course for American broadband, where beholden lawmakers on every level from city council to state legislature work tirelessly to make sure incumbent ISPs like Verizon, Comcast, AT&T and Charter never have to work too hard, lest the campaign contributions stop flowing. And again, while any day of the week you'll find these companies' executives and lobbyists prattling on at length about how they despise "onerous regulation," when push comes to shove you'll repeatedly find them aggressively supporting just such regulation -- if it protects them from having to actually compete.Permalink | Comments | Email This Story

Read More...
posted 10 days ago on techdirt
Every so often, we see (probably) well-intentioned, but incredibly stupid, attempts to "fight" online harassment and bullying through laws that make saying things that are "offensive" against the law. In the US, such laws (if they actually get passed) are usually thrown out once someone makes a First Amendment challenge over them, but elsewhere in the world there's no First Amendment to fall back on. Over in Italy, some officials have proposed what may be one of the dumbest such laws in history, written so broadly that it will outlaw a lot more than the kind of "cyberbullying" it's supposedly intended to combat: Under the proposed law, the "site manager" of Italian media, including bloggers, newspapers and social networks would be obliged to censor "mockery" based on "the personal and social condition" of the victim -- that is, anything the recipient felt was personally insulting. The penalty for failing to take action is a fine of €100,000. Truthfulness is not a defense in suits under this law -- the standard is personal insult, not falsehood. Yes, mockery on the internet could get you a €100,000 fine. Mockery. The internet. The internet is made for mockery. And now is the time that everyone should be mocking this idiotic law -- and the politicians who proposed it without having the slightest idea of how such a thing would be abused all the time. As Cory Doctorow at BoingBoing notes: ... what it will do is create a tool for easy censorship without due process or penalty for misuse. The standard proposed in the bill is merely that the person on the receiving end of the argument feel aggrieved. Think of the abuse of copyright takedowns: online hosts already receive millions of these, more than they could possibly evaluate, and so we have a robo-takedown regime that lets the rich and powerful routinely remove material that puts them in an unflattering light. As bad as that is, at least it makes censorship contingent on something specific and objective: copyright infringement, which has a wealth of caselaw defining its contours. Indeed, so much that you need to be a trained expert to adjudicate a claim of infringement. But at least you can objectively assess whether a copyright infringement has taken place. The standard set by the proposed Italian law allows for purely subjective claims to be made, and for enormous penalties to be imposed on those who question them before undertaking sweeping acts of censorship. There are some efforts under way to "improve" the law by making it not quite so draconian, but maybe, just maybe, the "improvement" should be to recognize that you're never going to successfully outlaw mockery on the internet.Permalink | Comments | Email This Story

Read More...
posted 10 days ago on techdirt
The PDF Expert 2.0 for Mac allows you to edit PDF text, images, links, and outlines quickly and easily. For $29, this handy app helps you to annotate PDFs extensively with numerous tools, merge and sign documents, fill out PDF forms, and password protect sensitive documents. It works with Mac OS X 10.10 or later. Note: The Techdirt Deals Store is powered and curated by StackCommerce. A portion of all sales from Techdirt Deals helps support Techdirt. The products featured do not reflect endorsements by our editorial team.Permalink | Comments | Email This Story

Read More...
posted 10 days ago on techdirt
For decades now, consumers have been lured into a sour deal: pay for a relatively inexpensive printer, then spend a lifetime paying an arm and a leg for viciously overpriced printer cartridges. As most have learned first-hand, any attempt to disrupt this obnoxious paradigm via third-party printer cartridges has been met with a swift DRM roundhouse kick to the solar plexus. In fact if there's an area where the printer industry actually innovates, it's most frequently in finding new, creative and obnoxious methods of preventing cartridge competition. Hoping to bring this parade of awfulness to its customers at scale, HP this week unearthed the atomic bomb of printer cartridge shenanigans. HP Printer owners collectively discovered on September 13 that their printers would no longer even accept budget cartridges. Why? A firmware update pushed by the company effectively prevented HP printers from even detecting alternative cartridges, resulting in HP printer owners getting messages about a "cartridge problem," or errors stating "one or more cartridges are missing or damaged," or that the user was using an "older generation cartridge." As Cory Doctorow over at Boing Boing notes, this behavior is simply par for the course, with Lexmark engaging in similar behavior back in 2003. By embedding an "I am empty" bit in their cartridges, they were similarly able to ensure that users couldn't use third-party cartridges or they'd be told the cartridge lacked ink. Lexmark leaned heavily on Section 1201 of the DMCA to support its behavior, a tactic HP is likely to mirror but evolve:"Lexmark invoked Section 1201 of the DMCA, which makes it a criminal and civil offense to bypass an "effective means of access control" for a copyrighted work. The DC Circuit court asked Lexmark which copyrighted work was being protected by its access control, and it argued that the checking routine itself was copyrighted, as well as the "Empty" bit. The court found that the DMCA could only be invoked where there was a copyrighted work apart from the access control, and that a single bit didn't qualify as a copyrightable work. Lexmark lost."In this case, HP's DRM time bomb firmware update was apparently deployed back in March, but HP didn't activate the "improvement" until this month. And as is usually the case in this space, HP isn't saying much outside of a misleading quote proclaiming the company was simply protecting its "innovations" and intellectual property:"HP said such updates were rolled out "periodically" but did not comment on the timing of the last instalment. "The purpose of this update is to protect HP's innovations and intellectual property," it said in a statement."But rejoice! HP claims that users can still refill cartridges, as long as those cartridges contain an HP-approved security chip:"These printers will continue to work with refilled or remanufactured cartridges with an original HP security chip. Other cartridges may not function."Well, at least until HP figures out a way to DRM the printer fluid itself, which surely can't be too far along on the horizon.Permalink | Comments | Email This Story

Read More...
posted 10 days ago on techdirt
We've had a lot of talk lately about the idiocy of automated content blocking, whether done by Facebook or by big movie studios like Warner Bros. issuing automated DMCA takedowns on its own site. Paul Sieminski*, the General Counsel for Automattic, was asked by Corporate Counsel magazine for his opinions on the WB takedowns (warning: possible registration or paywall). In it, Sieminski notes: In the first six months of 2016, WordPress received 4,258 DMCA takedown notices, 9 percent of which were rejected as abusive, according to the company's Transparency Report. And though those numbers are nowhere near the volume of, say, Google, the costs of those abuses are high, Sieminski says. "There's really a big chilling effect on speech, especially controversial speech, because there's a very handy tool to use to remove that type of reporting from the internet," he says. "And as a company, we have to invest in the human resources … to sift through the mountain of notices we get." There are some more interesting quotes in there as well. Having himself featured in Corporate Counsel Magazine seems like reason enough for a Facebook post, so Paul posted a link to the story on Facebook as well, with a little blurb noting how it was "fun" to be quoted, and how such automated takedowns "happen hundreds of times a day, but make the news only occasionally." Can you guess what happened next? Of course you can... Facebook's automated takedown algorithms decided that Paul's brief post and link about how bad automated takedowns are... got taken down, because irony lives. Meta. Posted an article about erroneous, bot driven, internet takedowns. Post was just wrongly removed by Facebook. https://t.co/XSmX2weHf3 — Paul Sieminski (@pesieminski) September 18, 2016 Facebook claims that posting about automated takedowns and how they're problematic somehow violates its Community Standards. Obviously, this is a mistake (yet another one) by Facebook's autotakedown system, but it really does help highlight the point of how problematic this kind of system can be, when perfectly legitimate speech is silenced, because a bot thinks it's bad. * Full disclosure: Automattic recently sponsored & hosted our event on copyright reform, and Paul was our main contact there for that event.Permalink | Comments | Email This Story

Read More...
posted 10 days ago on techdirt
We already know that the Washington Post editorial board has some cognitive dissonance when it comes to Ed Snowden. Three years ago, right after the Washington Post itself, via reporter Barton Gellman, broke a bunch of the initial stories around the Ed Snowden documents -- including the first public report on the Section 702 PRISM program -- the editorial board wrote a piece condemning Snowden's leaks. Now, it's true (as many point out) that the editorial board is separate from the reporters who work at the paper, but it still is really quite amazing that the editorial board would not only burn a source like that but basically complain about its own journalism. It appears that three years later, the Post's editorial board has not changed its perspective. In response to the campaign to pardon Snowden, the Washington Post has come out with a tone deaf editorial against pardoning Snowden, calling for him to be prosecuted, and insisting that Snowden caused real harm with the revelations. Here's the really incredible part. The Post focuses its complaint on the revelation of the PRISM program -- and that is the story that the Post broke. Glenn Greenwald and the Guardian had the first story, about the Section 215 mass phone records surveillance program. But it was the Post that had the first story about PRISM. And yet, the Washington Post now says that while revealing the 215 program may have been a public service, revealing PRISM was a crime. The complication is that Mr. Snowden did more than that. He also pilfered, and leaked, information about a separate overseas NSA Internet-monitoring program, PRISM, that was both clearly legal and not clearly threatening to privacy. (It was also not permanent; the law authorizing it expires next year.) Worse — far worse — he also leaked details of basically defensible international intelligence operations: cooperation with Scandinavian services against Russia; spying on the wife of an Osama bin Laden associate; and certain offensive cyber operations in China. No specific harm, actual or attempted, to any individual American was ever shown to have resulted from the NSA telephone metadata program Mr. Snowden brought to light. In contrast, his revelations about the agency’s international operations disrupted lawful intelligence-gathering, causing possibly “tremendous damage” to national security, according to a unanimous, bipartisan report by the House Permanent Select Committee on Intelligence. What higher cause did that serve? Except it wasn't Ed Snowden who publicly revealed information about PRISM. It was the Washington Post. And it won a freaking Pulitzer Prize for that reporting as well. And now it says that the revelation of that program should never have happened? Really? Remember that, while many people falsely think that Snowden is the one who revealed these programs to the public, that's not the case. He gave the documents to certain journalists, saying that he trusted them to sort through them and determine what was newsworthy, what was not, and what should be kept secret. It was the Washington Post that determined the PRISM program -- which is still subject to legal challenges (though so far has been found to be legal) -- was serious enough for news coverage. Not Ed Snowden. And yet now the Post says Snowden should be prosecuted for the journalistic decision it made, which earned it a Pulitzer. Yes, the Post editorial board is free to make such a stupid decision, but it's only going to harm its journalistic staff. What source is going to go to the Washington Post now, when it's the very paper that took all the glory from publishing stories from a source -- and then called for him to be thrown in jail? Here's what the Washington Post's Executive Editor Marty Baron said about the Pulitzer Prize when it was announced: Post Executive Editor Martin Baron said Monday that the reporting exposed a national policy “with profound implications for American citizens’ constitutional rights” and the rights of individuals around the world. “Disclosing the massive expansion of the NSA’s surveillance network absolutely was a public service,” Baron said. “In constructing a surveillance system of breathtaking scope and intrusiveness, our government also sharply eroded individual privacy. All of this was done in secret, without public debate, and with clear weaknesses in oversight.” Baron added that without Snowden’s disclosures, “we never would have known how far this country had shifted away from the rights of the individual in favor of state power. There would have been no public debate about the proper balance between privacy and national security. As even the president has acknowledged, this is a conversation we need to have.” Hmm. That doesn't seem to fit with what his own editorial board is now saying about Snowden's revelations. When asked about this now, in response to the editorial, Baron suddenly came down with a case of the "no comments." In an email response to Fortune, Post editor-in-chief Marty Baron said: “I don’t comment on editorials. As you know, that department is entirely separate from the newsroom. You should contact Bart Gellman.” Gellman, of course, is the reporter who wrote those stories for the Post and who has said he "profoundly" disagrees with the Post's editorial. As he should, because the editorial is not just tone deaf and ridiculous, it's cowardly bullshit that massively harms the reputation of the Post itself, and certainly undermines its credibility with sources.Permalink | Comments | Email This Story

Read More...
posted 10 days ago on techdirt
German website Netzpolitik might be headed for another treason investigation. The German government went after the site once for publishing leaked documents detailing mass surveillance operations and it may do so again after its latest publication. The site has obtained a classified report from the country's intelligence oversight office that shows the BND (Germany's intelligence service) illegally collected and stored data and information obtained via its partnership with the NSA. The report’s executive summary describes serious violations of the law [emphasis added]: The BND has illegally and massively restricted my supervision authority on several occasions. A comprehensive and efficient control was not possible. Contrary to its explicit obligation by law, the BND has created [seven] databases without an establishing order and used them (for many years), thus disregarding fundamental principles of legality. Under current law, the data saved in these databases have to be deleted immediately. They may not be used further. Although this inspection was only focused on the BND station in Bad Aibling, I found serious legal violations, which are of outstanding importance and concern core areas of the BND’s mission. The BND has collected personal data without a legal basis and has processed it systematically. The BND’s claim that this information is essential, cannot substitute a missing legal basis. Limitations of fundamental rights always need to be based on law. German (constitutional) law […] also applies to personal data which the BND has collected abroad and processes domestically. These constitutional restrictions have to be strictly abided by the BND. Some of what was illegally gathered and stored was obtained via the NSA's XKeyscore program, which harvests email, online chats, and browser histories in bulk. The report notes that the indiscriminate collection of data and communications was subject to very little in the way of minimization, resulting in plenty of non-targets being swept up in the dragnet and their data/communications dumped into the BND's databases. Because of its […] systematic conception, XKEYSCORE – indisputedly – collects […] also a great number of personal data of irreproachable persons. The BND is not capable of substantiating their number […]. In one case I checked, the ratio was 1:15, i.e. for one target person, personal data of fifteen irreproachable persons were collected and stored, which were – indisputably – not required by the BND to fulfill its tasks […]. The collection and processing of these data are profound violations of [the] BND law. These infringements of constitutional rights are conducted without any legal basis and thus harm the constitutional right of informational self-determination of irreproachable persons. Furthermore, these infringements of constitutional rights result from the inappropriately – and thus disproportionately – large scale of these measures, i.e. the inappropriately large number of irreproachable persons surveilled […]. Not only did the BND harvest in bulk, but it also passed on this 1:15 collection unminimized to the NSA. The amazing part of this leaked report is that it only details the violations of a single BND collection outpost. There are seven more in Germany yet to be examined. On top of that, the oversight body couldn't even get a clear picture of the illegal activities occurring at this single station. There were just too many of them. This "storage and processing of personal metadata in VERAS is subject to the BND law and subsidiarily to the Federal Data Protection Act". But in many aspects the Data Protection Commissioner was hindered from examining the data properly. When requesting only the retained data of individuals protected by fundamental rights, the database had too many be displayed. Thus, she gradually reduced the time frame: "90 days, 30 days, 1 day". Still too many hits: In none of the these cases, the system was able to display the hits because the number exceeded the limit of 15,002 – not even in the case of the least possible time restriction of one day. This means the Federal Data Protection Commissioner was not able to examine the contents of the massive meta data retention. Additionally, she was not able to check how the BND used personal data, because: There are no logs. The BND is neither aware of the kind or the scope of logs, nor was it technologically possible to access the log data of VERAS 6. Further, there existed no technical capability to analyze the logs. Unfortunately, the violations found by the Data Protection Commissioner have since been codified into law. The BND is harvesting even more than it was when it was inspected, having just finished a 300 million euro revamp of its surveillance tech. Much like here in the US pre-Snowden, the oversight in Germany is relatively toothless. Whatever exists will be actively thwarted by intelligence agencies (the report states that BND deleted logs the Commissioner asked to examine) or by other legislators who are always willing to sacrifice the public's rights for national security. Permalink | Comments | Email This Story

Read More...
posted 11 days ago on techdirt
Today is "International Talk like a Pirate Day." While it's a lot of fun to act like a pirate, drink rum and catch up on Errol Flynn movies, piracy is also a serious issue with real economic and legal significance. As electronic devices become an increasingly ubiquitous part of our lives, the content we consume has moved from analog to digital. This has made copying – as well as pirating – increasingly easy and prevalent. Adding fuel to the flames of this rising "pirate generation" has been the content industry's recalcitrant and often combative attitude toward digital markets. Piracy, and the reactions to it, has had an immense impact on the daily lives of ordinary Americans, shaping their digital experience by determining how they can share, transfer and consume content. As soon as electronic storage and communication technology was sufficiently developed, digital piracy became accessible. Whether it's a song, movie, video game or other piece of software, you could suddenly reproduce it without having to steal it off a shelf or obtain any specialized machinery to counterfeit it. Additionally, if you wanted to listen to an mp3 of the latest Britney Spears album on your computer, there weren't many lawful options. This led to a surge in online piracy and helped foster a culture of online file-sharing. Out of this period came some ridiculous anti-piracy campaigns, but also major legislation both good and bad (such as the Digital Millennium Copyright Act, the Sonny Bono Copyright Term Extension Act and the Communications Decency Act) as well as legal battles that would set key precedents for how we access the digital world. The music industry historically has a reputation for being hostile to, or at least slow to embrace, digital markets. Yet there were also some major artists who were early innovators in the space. Before Spotify or iTunes, there was BowieNet. This music-focused internet service provider launched in July 1998 and gave users 5MB of space to create and share their own websites, content and chat. On BowieNet, according to Ars Technica: "[f]ans could get access to unreleased music, artwork, live chats, first-in-line tickets, backstage access, tickets to private, fan club-only concerts." David Bowie saw the potential to help his fan base access his content and discuss it in a social way in the early days of the internet, before Facebook or Myspace. He remarked at the time: "If I was 19 again, I'd bypass music and go right to the internet." Bowie wasn't the only early music pioneer of the internet. Prince was also an early unsung hero. In the early 2000s, he created NPG Music Group, later Lotusflow3r. He even won a Webby Lifetime Achievement Award in 2006. Unlike BowieNet, NPG and later Lotusflow3r provided releases of full albums. As musicians and users were experimenting with new ways to share content on the internet, the United States was working with other World Intellectual Property Organization (WIPO) member countries to create the most comprehensive "digital" update to the Copyright Act. In 1998, President Clinton signed into law the Digital Millennium Copyright Act, which implemented U.S. WIPO treaty obligations, as well as several other significant titles (including the Vessel Hull Design Protection Act – which pirates of the nautical variety might care about). Of particular importance were the sections providing for "safe harbor" (Sec. 512), which protected service providers from infringing content generated by their users, and "anti-circumvention" (Sec. 1201), which was meant to stop pirates from hacking digital rights management (DRM) and similar restriction technologies. Indeed, it has not been smooth sailing. The DMCA has subsequently generated great controversy from civil society groups, internet companies and the content industry itself. As Cary Sherman, chairman and CEO of Recording Industry Association of America, stated back in 2015: Unfortunately, while the system worked when isolated incidents of infringement occurred on largely static web pages—as was the case when the law was passed in 1998—it is largely useless in the current world where illegal links that are taken down reappear instantaneously. The result is a never-ending game that is both costly and increasingly pointless. While lawmakers were hard at work trying to find ways to quell online piracy, the courts weren't taking a nap. Indeed, going back to the 1980s, there were important judicial fights that would set the stage for how content would be handled on our electronic devices. The U.S. Supreme Court's 1984 Sony Corp. of America v Universal City Studios Inc. decision coined what is known as "time shifting," referring to a user's ability to record a live show using the Betamax to watch it later. The court's decision set the precedent that a manufacturer would not be held liable for any contributory negligence or potential infringement where they did not have actual knowledge of infringement and their devices were sold for a legitimate, non-infringing purpose. As Justice John Paul Stevens wrote in the majority opinion: One may search the Copyright Act in vain for any sign that the elected representatives of the millions of people who watch television every day have made it unlawful to copy a program for later viewing at home, or have enacted a flat prohibition against the sale of machines that make such copying possible. It may well be that Congress will take a fresh look at this new technology, just as it so often has examined other innovations in the past. But it is not our job to apply laws that have not yet been written. But not everyone was so enthusiastic. Jack Valenti, former president of the Motion Picture Association of America said in a congressional hearing two years prior [regarding VHS technology]: We are going to bleed and bleed and hemorrhage, unless this Congress at least protects one industry that is able to retrieve a surplus balance of trade and whose total future depends on its protection from the savagery and the ravages of this machine. The 9th U.S. Circuit Court of Appeals would take another approach in 2000s A&M Records v Napster. The court affirmed the district court's ruling that peer-to-peer services could be held for contributory infringement and vicarious liability. Even though their service merely facilitated the exchange of music as an intermediary, they were on the hook. Judge Marilyn Hall Patel wrote in the district court's ruling: …virtually all Napster users engage in the unauthorized downloading or uploading of copyrighted music; as much as eighty-seven percent of the files available on Napster may be copyrighted, and more than seventy percent may be owned or administered by plaintiffs Napster lodged several defenses, including fair use, but the most important (in lieu of the Sony decision) was the concept of "space-shifting," referring to the process of a user converting a compact disc recording to mp3 files, then using Napster to transfer the music to a different computer. Patel concluded Sony did not apply, because Napster retained control over their product, unlike Sony's Betamax, which was manufactured and sold, but not actively monitored. The courts would continue ruling in a similar manner as other peer-to-peer services found themselves in the courtroom. At times, users would be targeted. And in the 2003 case of In re: Aimster, the pirates' bluntness for wanting to bring the music industry to its knees did not help the situation What you have with Aimster is a way to share, copy, listen to, and basically in a nutshell break the law using files from other people's computers…. I suggest you accept aimster for what it is, an unrestricted music file sharing database – (posted by zhardoum, May 18, 2001) Naturally with all of the music-sharing services were being shut down, the pirates found a new way to connect, share files and shape the industry. Which brings us to BitTorrent and websites like The Pirate Bay and Swepiracy. Torrenting does not require a central server, does not require direct streaming from one peer to another and the host does not contain any full file contents. All of the content received is from other users. Sweden brought Pirate Bay to trial for both civil and criminal penalties. Per E. Samuelson, the site's attorney, lodged the now-famous (and familiar, for U.S. copyright scholars) King Kong defense: EU directive 2000/31/EC says that he who provides an information service is not responsible for the information that is being transferred. In order to be responsible, the service provider must initiate the transfer. But the admins of The Pirate Bay don't initiate transfers. It's the users that do and they are physically identifiable people. The defense was unsuccessful. Which brings many questions to mind for future cases — how will courts begin to rule with such complex systems of file transfer as fragmented torrents? Targeting users is widely unpopular, especially in the United States, where statutory penalties range from $750 to $300,000 per willful infringing use and $200 to $150,000 for non-willful infringement. Efforts around the world have continually been made to combat piracy. But maybe it's time we take a fresh look at the market. As the Copia Institute observed in a recent report, whenever there are new ways to share content legally, users ultimately respond by employing those technologies. On this International Talk like a Pirate Day, let's take a moment to remember the pirates and how they have helped shape the internet era. While CD sales and digital downloads may be declining, new streaming services are on the rise (vinyl records are also doing remarkably well). The digital revolution has, indeed, changed how we consume and access our music. It has given us access to (nearly) everything, through services like Spotify and Apple music, at a reasonable price and with unparalleled convenience. From the consumer's perspective, you now carry hundreds of hours of music on your phone and listen to it whenever you want – no need for one of those bulky CD binders. The slot where the CD used to go in your car is now an auxiliary cable jack. From an artist perspective's, these are new challenges that require adaptation. Particularly in the case of music licensing, our pre-existing laws are unnecessarily complex, cumbersome and antiquated. However, innovative technologies and services are not to blame. Instead, we should seek new and equally innovative ways for artists to be compensated through more direct and transparent payments (such as Ujo). While our copyright laws are far from perfect, we still have substantial freedom to remix, repurpose and share creative content online in a social context. This is essential to online free expression, digital commerce and the proper functioning of the internet itself. As additional discussions in Congress and in the courts move forward, let's make sure we keep it that way. Obtained from the Library of Congress: http://www.loc.gov/exhibits/bobhope/vaude.html This post was "pirated" from the R Street blog Permalink | Comments | Email This Story

Read More...
posted 11 days ago on techdirt
So this is interesting. MuckRock, the really useful FOIA platform (that I regularly use for filing FOIA requests), has announced what it's calling MuckRock's Thiel Fellowship, in which it's offering to give free service to between one and three "Thiel Fellows" who decide to do FOIA projects involved in investigating some Peter Thiel-connected companies: MuckRock is offering a grant of 250 requests (a $1,000 value), plus our invaluable FOIA expertise, to between one and three inaugural Thiel Fellows who propose projects that help the public better understand organizations or areas of research and public policy connected with Thiel. As MuckRock notes, many of Thiel's efforts touch on government activities (which would make them open to certain FOIA requests): Peter Thiel - co-founder of both PayPal and Palantir and an early Facebook investor - has profoundly reshaped industry after industry and, ultimately, remade the world to fit his radical vision of the future. Unfortunately, despite his impact in industries ranging from digital payments and mass government surveillance to radical life extension and seasteading, the media has done relatively little reporting on the details of his companies, often leaving the public in the dark on his contributions to society. Vice's Motherboard tech site has also stepped up and agreed to double the amount so that even more people can file Thiel-related FOIAs. Of course, the name MuckRock chose for this is a clear play on the well-known Thiel Fellowship, in which he gives $100,000 to entrepreneurial college students to work on building companies, rather than completing school. And while I'm not so sure how much Thiel-related info is really FOIA-able, this may put to the test Thiel's stated claim that he wasn't against journalism that made him look bad, in funding lawyer Charles Harder to sue Gawker into oblivion, but rather to "send a message" about protecting privacy. Of course, when you try to silence the press, there's always a chance that the press decides to turn an even bigger spotlight on you. I guess now we have to wait and see if Harder starts threatening MuckRock with trademark infringement claims over the name...Permalink | Comments | Email This Story

Read More...
posted 11 days ago on techdirt
Just a few weeks ago, we had lawyer Ira Rothken on our podcast (it's a really great episode, so check it out if you haven't heard it yet). Rothken has been involved in lots of big copyright cases, but is probably most well-known these days as Kim Dotcom's US lawyer. In that episode we talked a lot about the Kim Dotcom situation, but also spent a fair amount of time on the case of Artem Vaulin, who was arrested in Poland for running the search engine KickassTorrents. The US is seeking to extradite him to stand trial in Illinois. On the podcast, Rothken expressed some concerns that he hadn't been able to speak directly to Vaulin and noted that he was working on it. Nearly a month has passed, and it appears that officials are still blocking Vaulin from communicating with Rothken. TorrentFreak has the story: Even though nearly two months have passed, the alleged KickassTorrents owner still hasn’t been allowed to meet with his U.S. defense team. A clear due process violation, according to Rothken. “We still have not had an opportunity, nor have we been granted access, to meet with Artem Vaulin in prison in Poland. So we now believe that this has ripened into an international due process problem. “We believe that Artem’s rights are now being impacted with his inability to communicate with U.S. counsel,” Rothken tells TF. Vaulin is allowed to meet with his Polish lawyer, but since the charges against him are in the US, under US law, and the key issue involves extradition to the US, it's ridiculous that he's unable to consult with a US lawyer. “There’s no way that there could be a fair trial in the United States, or a fair extradition process, without Artem being able to have access to U.S. counsel, to learn his rights, to be able to galvanize the evidence, and to do so in a robust and expedient manner,” It seems quite bizarre that Vaulin is being denied access to his lawyer. Once again, as with the Dotcom case, it feels like a situation where officials are purposely stacking the deck against the person they're accusing, doing everything possible to make sure that they're pressured into cutting a deal, rather than actually being able to fight for their rights.Permalink | Comments | Email This Story

Read More...
posted 11 days ago on techdirt
A couple of weeks ago, we wrote about a victory in the courts for Creative Commons licenses, noting that such judgments were still rather few and far between. That's unfortunate, in the sense that some people still think CC licensing is weird, rarely-used or even invalid. The situation regarding Wikipedia is similar. Even though it has been around for 15 years -- just like Creative Commons -- it too suffers from continuing doubts about its aims and methods, and a relative dearth of legal cases helping to clarify the status of both. Here's one from Brazil, which has recently been settled in favour of Wikipedia's parent organization, the Wikimedia Foundation. It concerns the Brazilian musician Rosanah Fienngo, who had brought a lawsuit objecting to information about her personal life being included on her Portuguese Wikipedia page. Wikimedia pointed out: The Portuguese Wikipedia article about Ms. Fienngo contained information about her as a notable public figure in Brazil. This information included some details of her personal life, but this information was derived from public sources, most of which Ms. Fienngo had provided herself, such as an interview Ms. Fienngo gave to the gossip website O Fuxico. You would have thought that someone who had provided details about her personal life to a gossip website would (a) realize that people might pass on that public information -- that's how gossip works -- and (b) be grateful to those who spread details she herself had chosen to make public. Fortunately, the judge seems to have understood the situation: The court stated that although the information available on her Wikipedia page concerned her private life, Ms. Fienngo had already disclosed that information to the media herself, so its inclusion on Wikipedia was not an invasion of her privacy. It's ridiculous that it required a court case to establish that, but the good news is the judgment should help to discourage others from bringing more such suits. Well, probably. Unfortunately, another similarity between the Brazilian Wikipedia case and the earlier Creative Commons one is that Ms. Fienngo could make an appeal, although Wikimedia notes: We believe that the decision was strong enough that community members should feel free to make editorial decisions to write articles like the one about Ms. Fienngo. Let's hope they're right. Follow me @glynmoody on Twitter or identi.ca, and +glynmoody on Google+ Permalink | Comments | Email This Story

Read More...
posted 11 days ago on techdirt
We've talked about online electronics retailer Newegg quite a few times here on Techdirt, usually in the context of its noble fight against patent trolls. I, personally, have a lot of respect for Newegg's Chief Legal Officer, Lee Cheng. So it surprised me a bit to see that Newegg is suing another lawyer for copyright infringement on one of its briefs. And, so far Newegg is winning, as the judge has ruled that using the brief is not fair use. The details here do matter. The defendant, lawyer Ezra Sutton, had worked alongside Newegg in one of the many patent troll lawsuits. Sutton was representing another company sued in the same lawsuit as Newegg by a patent troll, Adjustacam. They had won the case against the troll, and both Newegg and the company Sutton represented, Sakar International, filed motions seeking attorneys' fees. Here's where things get iffy on Sutton's part, as described by Alison Frankel via the Reuters link above: As Newegg general counsel Lee Cheng recounts the story, he told Sutton early on that Newegg would be willing to file a joint brief with Sakar if Sakar paid a share of the legal fees. Sutton said no thanks, but, as the filing deadline approached, he came back to Newegg. Cheng agreed to show Sutton a draft of the brief Newegg intended to submit to the Federal Circuit to help him write a complementary brief for Sakar. Instead, the day before Newegg’s brief was due, Sutton filed a brief that was largely copied from Newegg’s draft. When Newegg realized what he’d done and protested the filing, Sutton withdrew the brief and subsequently filed a shorter version focused on Sakar’s argument. So, first off, what a shitty thing to do by Sutton. I think that's pretty clear. At the very least it potentially would have made a mess for Newegg who would have looked bad filing a nearly identical brief as Sutton after he did (especially considering he wrote it). But, then there's the question of what to do about it. Newegg decided to sue Sutton for copyright infringement -- and this is where I'm a lot less comfortable with Newegg's decision. I think it's the wrong move. We've actually discussed the question of whether or not legal briefs should be subject to copyright before. A few years ago, some lawyers sued the big legal publishing companies, Westlaw and LexisNexis, for republishing briefs when they published compendiums of cases. That was ridiculous, and thankfully the court tossed out the lawsuit, finding that the republishing in this case was easily fair use. Admittedly the facts in Newegg's case against Sutton are very different. This isn't republishing dockets for lawyers and scholars to access and review. The situation here seemed more like plagiarism, with Sutton more or less trying to take credit for Newegg's work (which had the knock on effect of potentially making Newegg look bad). And I get all of that, but it still troubles me that copyright was the tool here. It feels inappropriate. Copyright is supposed to be about the incentives to create. And no one needs a copyright incentive to create a legal brief -- something that Newegg's Cheng agreed about when I reached out to him about this case. He more or less admits that they're just using copyright here for a clearly non-copyright purpose. As he told me: "We didn't file this case for profit or money. It's for principle and justice (corny but those values truly motivate me). However, we do believe that Sutton's action did cause us monetary harm and that we are entitled to remedies, but it clearly wasn't the focus of this suit. This suit was to send a message, strictly directed at unethical and lazy lawyers, to do what they learned in the first year of law school in terms of properly crediting others' work, and to do what anyone with common decency would do. Lawyers should be held to, and should hold themselves to, higher rather than lower standards." I don't disagree with any of that -- but it's still troubling to me that copyright is the tool here, because that's a decidedly non-copyright thing that it's being used for. In fact, this seems to be one of those situations where the complaint is really about plagiarism rather than copyright, but where there's enough overlap that the legal mechanism of copyright is enabled to come into play. I fear that this will then be used by others in even more abusive ways -- though Cheng seems confident that the specific facts of this case would likely limit such a potential result. I'm even bothered a bit by the fair use analysis here where the judge denied Sutton's fair use claims. I would think that the question of whether or not a legal brief should be covered by copyright would be a pretty big factor here. And the judge does agree that this point weighs somewhat in Sutton's favor (and points to that earlier case). The judge also finds, correctly, that the 4th factor -- the impact on the market -- weighs in favor of Sutton since Newegg doesn't have a market for selling its legal briefs. But while many courts often point to that 4th factor as a key one, this court basically just decides that it doesn't matter as much: Upon consideration of all four factors, with more weight given to the first and third factors based on the facts, circumstances and particular nature of this case, Sutton did not meet his burden of establishing a prima facie case that his copying of Newegg’s draft brief was fair use. So, yes, he's saying because of the specific facts in this case, but it does feel like -- as is all too often the case in fair use cases -- the judge has basically determined what result he wants, and then weighs the four factors accordingly. Admittedly, this might not be a huge deal. The facts are pretty specific, and plagiarizing is sleazy. But, I'm still troubled with the use of copyright to punish even sleazy behavior if it's not related to the reasons for copyright existing.Permalink | Comments | Email This Story

Read More...