posted 14 days ago on techdirt
We already wrote about the information sharing efforts coming out of the White House cybersecurity summit at Stanford today. That's supposedly the focus of the event. However, there's a much bigger issue happening as well: and it's the growing distrust between the tech industry and the intelligence community. As Bloomberg notes, the CEOs of Google, Yahoo and Facebook were all invited to join President Obama at the summit and all three declined. Apple's CEO Tim Cook will be there, but he appears to be delivering a message to the intelligence and law enforcement communities, if they think they're going to get him to drop the plan to encrypt iOS devices by default: In an interview last month, Timothy D. Cook, Apple’s chief executive, said the N.S.A. “would have to cart us out in a box” before the company would provide the government a back door to its products. Apple recently began encrypting phones and tablets using a scheme that would force the government to go directly to the user for their information. And intelligence agencies are bracing for another wave of encryption. In fact, it seems noteworthy that this whole issue of increasing encryption by the tech companies to keep everyone out has been left off the official summit schedule. As the NY Times notes (in the link above), Silicon Valley seems to be pretty much completely fed up with the intelligence community after multiple Snowden revelations revealed just how far the NSA had gone in trying to "collect it all" -- including hacking into the foreign data centers of Google and Yahoo. And, on top of that, the NSA's efforts to buy up zero day vulnerabilities before companies can find out and patch them: “What has struck me is the enormous degree of hostility between Silicon Valley and the government,” said Herb Lin, who spent 20 years working on cyberissues at the National Academy of Sciences before moving to Stanford several months ago. “The relationship has been poisoned, and it’s not going to recover anytime soon.” That Times article quotes White House cybersecurity boss Michael Daniel (the man who is proud of his own lacking of cybersecurity skills) trying to play down the "tensions" between Silicon Valley and Washington, followed by this anonymous quote from a Silicon Valley exec: “A stupid approach,” is the assessment of one technology executive who will be seeing Mr. Obama on Friday, and who asked to speak anonymously. Further, the article discusses how companies are trying to fight back against the NSA's abuse of zero days (another thing that Daniel has championed) by getting to them before the government does: And while Silicon Valley executives have made a very public argument over encryption, they have been fuming quietly over the government’s use of zero-day flaws. Intelligence agencies are intent on finding or buying information about those flaws in widely used hardware and software, and information about the flaws often sells for hundreds of thousands of dollars on the black market. N.S.A. keeps a potent stockpile, without revealing the flaws to manufacturers. Companies like Google, Facebook, Microsoft and Twitter are fighting back by paying “bug bounties” to friendly hackers who alert them to serious bugs in their systems so they can be fixed. And last July, Google took the effort to another level. That month, Mr. Grosse began recruiting some of the world’s best bug hunters to track down and neuter the very bugs that intelligence agencies and military contractors have been paying top dollar for to add to their arsenals. They called the effort “Project Zero,” Mr. Grosse says, because the ultimate goal is to bring the number of bugs down to zero. He said that “Project Zero” would never get the number of bugs down to zero “but we’re going to get close.” There's a lot more in the two stories ahead, but the angry feeling is real. In the past year, it's amazing how many conversations I've had with people around Silicon Valley who aren't just upset or disgusted over the intelligence community's actions, they're angry. And while the tech industry was never as buddy buddy with the government as some have tried to imply, things had undoubtedly become complacent in some circles, with little effort being made to make sure that information wasn't being misused or abused. But that's no longer the case. There are, of course, legal limits on what companies can do, but just as the NSA once explained how they play right up to the very edge of the limits that Congress puts around them (some of us believe they go beyond that...), the tech industry is rapidly learning that they, too, need to push back to the line that the law allows them to do so as well. And, of course, none of that would likely have happened without Ed Snowden revealing to journalists the nature of the NSA's overreach.Permalink | Comments | Email This Story

Read More...
posted 14 days ago on techdirt
There's a big "White House Cybersecurity Summit" down the road at Stanford today, where the President will release the details of a new executive order promoting "a framework for sharing information about cyber threats" which the administration hopes will lead organizations to better protect their data from malicious hacks. The new executive order encourages businesses to form "information sharing and analysis organizations," or ISAOs, which would gather data about hacking attacks and share it with companies and the government. And, of course, a bunch of companies are going to announce that they're doing just that: A number of companies will announce Friday that they are incorporating the administration's cybersecurity framework, which was created after a 2013 executive order, into their companies. The framework helps businesses decide how to use cybersecurity investments, ways to implement cybersecurity for new companies and measure their programs against others. Intel, Apple and Bank of America use framework and will announce that they will require all vendors to use it. Both QVC and Walgreens will say they will employ the framework in their risk management practices, while Kaiser Permanente will commit to using it as well. Of course, if you've been following the big fights over the past few years on cybersecurity legislation, you'll know that such "information sharing" has been a key component in most of the proposed bills, none of which have become law. Most of the bills have focused on one key thing: giving companies liability protection, so that they can't be sued over the information they share. From the beginning, however, we've asked a pretty simple question that no one has answered: what is currently preventing companies from sharing such threat information? The answer, as reinforced by this move today by the White House, is absolutely nothing. Companies can (and in some cases already do) share "threat" information, and having them do so in a more organized fashion to prevent malicious attacks is, in fact, a good idea. What's not needed is a law that basically gives blanket immunity for companies to share almost any information to any government agency. That's been the problem with CISPA, CISA and similar bills: they're not about truly making information sharing about threats easier, since that can be done already. They're about giving blanket cover for companies to share even more information with government agencies such as the NSA. With this new executive order and companies adopting the suggested framework, many of the "benefits" backers of cybersecurity legislation talk about will happen without the need for any new legislation. True threat information can be shared and companies can get wiser about protecting their information. But it doesn't give them blanket immunity if they start handing over other information to the government for other purposes, such as surveillance. That's important. Yes, working together to prevent the growing number of online attacks is important. But that should never be used as a backdoor process to enable greater surveillance. Doing it this way, rather than by passing a questionable law, seems like a much more reasonable first step.Permalink | Comments | Email This Story

Read More...
posted 14 days ago on techdirt
Dave Maass, over at EFF, has an absolutely insane story about how the South Carolina Department of Corrections (SCDC) added a special new level 1 felony charge (for reference: murder, rape, rioting and hostage-taking are all level 1 felonies) for... using a social network while in prison. Yes, these individuals are already prisoners, but this draconian law and even more draconian enforcement means that hundreds of South Carolina prisons are facing extended sentences and long stays in solitary confinement for... posting to their Facebook page. And that's not an exaggeration: In October 2013, Tyheem Henry received 13,680 days (37.5 years) in disciplinary detention and lost 27,360 days (74 years) worth of telephone, visitation, and canteen privileges, and 69 days of good time—all for 38 posts on Facebook.  In June 2014, Walter Brown received 12,600 days (34.5 years) in disciplinary detention and lost 25,200 days (69 years) in telephone, visitation, and canteen privileges, and 875 days (2.4 years) of good time—all for 35 posts on Facebook. In May 2014, Jonathan McClain received 9,000 days (24.6 years) in disciplinary detention and lost 18,000 days (49 years) in telephone, visitation, and canteen privileges, and 30 days of good time—all for 25 posts on Facebook. Why so harsh? The SCDC says that it's a separate felony for each day that an inmate uses a social media site (oddly, you can do as much as you want in a single day and it's just a single felony -- but new day, new felony). And, of course, "social media" is defined broadly as well: South Carolina adopted a Level 1 social media offense [PDF] to punish “Creating and/or Assisting With A Social Networking Site,” defined as: “The facilitation, conspiracy, aiding, abetting in the creation or updating of an Internet web site or social networking site.” SCDC defines “social networking” very broadly, covering everything from YouTube and Twitter to blogs and email, although all of the cases EFF reviewed [PDF] involved Facebook. Investigations are conducted by corrections officers and inmates are convicted during disciplinary hearings that often last mere minutes. Since the policy was implemented, SCDC has brought 432 disciplinary cases against 397 inmates, with more than 40 inmates receiving more than two years in solitary confinement [PDF]. There's a lot more to Maass's article, and it's well worth reading. He also takes Facebook to task for helping the SCDC takedown prisoners' Facebook profiles. Facebook has set up an easy form, which can lead to widespread abuse, and it doesn't appear that Facebook does much, if anything, to check to see if the accounts actually abuse the company's terms of service. There are lots of problems with the criminal justice and prison systems in the US, and there may be legitimate reasons to limit access to social media for prisoners (though that seems like a stretch in many cases). But to make it an additional felony and to lock up people for years because of it? How is that not cruel and unusual punishment?Permalink | Comments | Email This Story

Read More...
posted 14 days ago on techdirt
Because federal employees just can't seem to stop watching porn while on the clock, a legislator is stepping in to do something about it. Rep. Mark Meadows on Wednesday introduced the Eliminating Pornography from Agencies Act, which he said would prevent government employees from taking their eyes off their work. "Prevent" is a strong word, considering both the limitations of the nascent bill and federal employees' willingness to go above and beyond when it comes to porn-watching in the workplace. Meadows' statement on the bill points out one particular EPA employee who admitted to viewing porn up to 6 hours a day (indeed, he was watching porn when the Inspector General came knocking) and had accessed or downloaded more than 7,000 pornographic images. It's not just the EPA. The SEC and FCC also employ their fair share of (apparently) professional porn enthusiasts. But what Meadows is demanding in his bill [pdf] is little more than a reiteration of existing policies. Except as provided in subsection 9 (b), not later than 90 days after the date of the enactment of this Act, the Director of the Office of Management and Budget shall issue guidelines that prohibit the access of a pornographic or other explicit web site from a Federal computer. Subsection 9 (b) basically states "unless watching porn is your job" -- i.e., investigative work, etc. Given the amount of porn-watching occurring at federal agencies, it would seem that some new "Porn-Watcher Watcher" positions will be opening if Meadows' bill manages to snag a Presidential signature. But the bill -- as proposed -- will have little to no effect on ardent federal porn fans. New guidelines, or even a new firewall (if that's the direction the OMB goes), won't stop those intent on whiling away their work hours in a permanent state of arousal. Firewalls can be circumvented and, unless the guidelines contain significant punishments for violating them, new policies will be equally useless. It can safely be said that no current government policies allow for the accessing of porn with government computers, so we know the policy route is wholly ineffective. The addition of bolded print or ALL CAPS from the OMB isn't suddenly going to take the lead out of these government pencils. The longevity of the EPA's porn fan (both in terms of per-day consumption and continued employment) should be all the evidence needed to prove Meadows' bill useless -- something Meadows doesn't seem to have considered when writing his press release (or the bill itself). I'm in full agreement that it shouldn't take a new law to prevent federal employees from abusing themselves and their equipment while on the clock. But it won't be fixed by a more-disappointed-than-angry press release and bill demanding new policies within 90 days of enactment. The government actually needs to take control of this situation by booting its bored and frisky employees out of their all-too-comfortable positions and hire people willing to treat federal employment with the same respect millions of private employees are expected to treat their jobs. Enforce the policies already on the books. The nation really doesn't need more laws. Permalink | Comments | Email This Story

Read More...
posted 15 days ago on techdirt
Last year, we wrote about Rep. Blake Farenthold introducing a small, but important piece of copyright legislation, the You Own Devices Act (YODA), which just says that if you buy some piece of computerized equipment, you can sell it with any included software, without having to get permission from the software provider. As we noted, the reality is that this is just making it clear that the first sale doctrine applies to computer equipment too -- which shouldn't need a new law, but some tech companies (especially in the networking space) feel otherwise. Farenthold has now reintroduced YODA, this time with Rep. Jared Polis as a sponsor as well (giving the bill that necessary "bi-partisan" shine). It's unfortunate that these kinds of bills are even necessary, but such is the state of copyright laws today, that they often mean the devices you buy, you don't even really own. Also, kudos to Farenthold for playing on the YODA name in his tweet announcing the new version of the bill: Permalink | Comments | Email This Story

Read More...
posted 15 days ago on techdirt
No one would want to lick a handrail on the New York City subway because it's just gross -- and who knows what kind of germs and stuff are living in the urban grime? Well, now we have a better idea. Thousands of samples have been analysed, and the results are published. A city-wide metagenomic profile of NYC could tell us demographic data and confirm census polls, and a map of the data is available online. Follow a few of the links below for a bit more info. A biological study of the NYC subway system has mapped and identified (where possible) the DNA found on handrails, turnstiles, kiosks and other places commonly touched by gazillions of people all the time. They found at least 637 known species of bacteria -- as well as viruses, fungi, microscopic animals... and a bunch of DNA (48% of all their samples) that hasn't been identified yet. [url] Specimens of anthrax and bubonic plague were also found in NYC subway stations, as well as drug-resistant bacteria. Human DNA made it into the top five most abundant species in NYC subways, after insects and microbes. [url] This DNA study of a "healthy" ecosystem highlights just how little we actually know about the species all around us. It may be time to start sequencing the cockroach genome so we know what will still be alive when humans aren't around anymore. [url] If you'd like to read more awesome and interesting stuff, check out this unrelated (but not entirely random!) Techdirt post via StumbleUpon.Permalink | Comments | Email This Story

Read More...
posted 15 days ago on techdirt
Every day in the US, millions of license plate photos are scanned and stored in various third-party databases, accessible by hundreds of law enforcement agencies, including those at the federal level. Privacy concerns have been raised by groups like the EFF and ACLU, but these have been brushed off with two assertions: 1. Driving in public is, by definition, not a private activity. 2. The license plate/location data only identifies a vehicle, not a person. The first point can't really be argued. Your expectation of privacy pretty much ends when you start traveling on public streets. But the massive number of plate photos scanned and stored still creates privacy concerns. Most of the photos stored in law enforcement databases have nothing to do with ongoing investigations, and long-term storage of irrelevant plate/location data allows law enforcement to "track" anyone it wants to. Further concerns arise when agencies troll events like political rallies to add plates to their databases. It may not be a privacy violation, but it does raise questions about surveillance of First Amendment-protected activities. As for the second argument -- just cars, not people -- that one's apparently completely bogus. In addition to tracking license plates, the federal government has been taking and sharing photos of drivers and passengers inside the cars, documents obtained by the American Civil Liberties Union show. License plate readers (LPRs) are designed to provide “the requester” with images of license plate vehicle numbers, in addition to “photos of visible vehicle occupants,” one of the newly released documents reads. Another document obtained by the ACLU reveals the cameras have the ability to “store up to 10 photos per vehicle transaction including 4 occupant photos.” The reality of the situation doesn't mesh with law enforcement's statements. And with ALPR manufacturers like Vigilant Solutions hoping to add facial recognition technology to their products, law enforcement agencies will soon have access to millions of individuals' photos, a large majority of which aren't currently under investigation. The DEA's database alone holds at least 343 million LPR photos. Other law enforcement agencies are adding millions of shots to these shared databases daily. While the expectation of privacy is lowered in public settings, the millions of photos amassed turn these databases into long-term tracking devices. Surveillance of this scope used to be limited by personnel availability. Now, it's as easy as leaving camera running for the entire shift -- day after day after day. This low-effort process builds easy-to-use "maps" of citizens' movements -- where they work, where they live, which businesses they frequent, where they spend their "off" hours, which doctors they use, etc. And it's all at the fingertips of federal, state and local law enforcement agencies. No law enforcement agencies are willing to talk about the implications of storing millions of "non-hit" photos. Los Angeles law enforcement officials went so far as to claim all captured photos were "relevant" to investigations. What little has been uncovered has been the results of tenacious FOIA requesters or open records lawsuits. The efforts being made to keep this information out of the public eye has very little to do with "protecting law enforcement methods" and everything to do with minimizing the amount of scrutiny or criticism these agencies face. With the steady improvement of facial recognition technology, law enforcement agencies will soon know not only where your vehicle's been, but who was in it. The push back against this technology isn't so much about preventing its use, but preventing its abuse. Storing records unrelated to criminal activity for years is nothing more than stockpiling of data for its own sake -- nearly completely divorced from the actual business of enforcing laws. Permalink | Comments | Email This Story

Read More...
posted 15 days ago on techdirt
In the stupidest case of school administrators taking federal agencies' names in vain since a Huntsville, AL school swore a phone call from the NSA prompted its secret social media monitoring program, a middle school principal from Espanola, NM is threatening to sic the FBI on a student who threw an American flag out a classroom window. A middle school principal said a student was misbehaving with his friends and took things too far. The student threw an American flag out a second-story classroom window. Now the principal says the 14-year-old needs to be held accountable. Sure, maybe a stern discussion with him and his parents and a couple of weeks of detention would do the trick. But that's not enough for Principal Robert Archuleta. He has already suspended the student for 10 days and is now pushing for his expulsion. But he also wants the feds to take control of the situation... because jingoism. “He says, ‘Because I was just messing around,’ and he started to laugh,” Archuleta said. “Then the other kids were laughing, the kids that were with him. ‘There goes the flag.’ That was his last statement.” The principal is a veteran. His father is also a veteran who fought in World War II. “A lot of men have died over [the flag], men and women,” Archuleta said. “We fought to keep our country safe and to keep it free.” Well, let's stop you right there, Robert. Nobody "died over the flag." The flag is a symbol of this country and what it stands for, but it is not what people die "over." They die defending this country and the freedoms it affords its citizens -- among them being the right to throw a flag out the window. It's not as starkly effective as burning it, but it's pretty much the same thing. Archuleta believes this amounts to the federal crime of desecrating the flag… except that no such law exists. Sure, legislators who also mistakenly believe they've sent people off to "die over the flag" have repeatedly tried to pass laws making this a crime, and they have repeatedly been told "please stop doing this" by the Supreme Court. These same misguided lawmakers have also sought to dodge the court system entirely by proposing Constitutional amendments to the same effect, but have yet to see these ratified. So, turning this student over to the FBI to be "held responsible" for a non-existent crime will be completely fruitless and only side benefit will be the entertainment it provides to those who enjoy watching fools prove themselves foolish. (Which, granted, is a lot of us...) The FBI told KRQE News 13 they haven’t yet received the complaint yet, but if a federal crime was committed they will investigate and turn the results over to the U.S. Attorney’s office. But there hasn't been, so it won't. All that will happen is that Archuleta will continue to make one student's life completely miserable because he doesn't seem to comprehend nothing more than a personally-offensive incident has taken place. And he's apparently willing to wrap himself in the now-dusty flag to do it. Loving your country is one thing. Assuming it won't be able to weather this 14-year-old's assault on one of its many symbols without federal intervention is quite another. And using your misguided patriotism as the impetus for punishments that far outweigh the non-crime is an abuse of the power granted to you by the public. Permalink | Comments | Email This Story

Read More...
posted 15 days ago on techdirt
Sriracha, the beautifully flavorful pepper sauce, has a very special place in my fridge, right between the bloody mary mix and the hollandaise sauce. Why? Well, because it bunks with the other breakfast essentials in the Geigner household, that's why. Where else can you find Sriracha? Well, pretty much everywhere else, even incorporated in the products of other food companies, like Subway, Heinz and Frito-Lay. How is this possible? Through, as you might expect, a complicated series of licensing arrangements? No, it's possible because David Tran, the boss at Sriracha makers Huy Fong Foods, never filed to trademark the Sriracha brand. And he can't be bothered to give any shits about trademarking it today because he's too busy raking in roughly all the money. Tran, who now operates his family-owned company Huy Fong Foods out of a 650,000-square-foot facility in Irwindale, doesn't see his failure to secure a trademark as a missed opportunity. He says it's free advertising for a company that's never had a marketing budget. It's unclear whether he's losing out: Sales of the original Sriracha have grown from $60 million to $80 million in the last two years alone. "Everyone wants to jump in now," said Tran, 70. "We have lawyers come and say 'I can represent you and sue' and I say 'No. Let them do it.'" Tran is so proud of the condiment's popularity that he maintains a daily ritual of searching the Internet for the latest Sriracha spinoff. It's as though Tran were channeling a Techdirt writer with this kind of stuff. The infringement others want him to combat is instead seen as free advertising, propelling sales and spurring on growth coupled with a good-humor attitude towards "rip-offs." We'd accuse him of infringing on our playbook, but that just wouldn't be in the spirit of the example he's setting. Tran goes on to note his belief that more exposure through use of his product's name will mean even further growth. Some competitors of Tran are confused, and it's kind of funny to hear their reaction. Tony Simmons, chief executive of the McIlhenny Co., makers of Tabasco, said Tran's Sriracha sauce was the "gold standard" for Sriracha-style sauces, which has largely come to mean any dressing that packs a piquant punch of chili paste, vinegar, garlic and sugar. Simmons was reassured by his lawyers that Tabasco would have no problem releasing a similar sauce using the name Sriracha. "We spend enormous time protecting the word 'Tabasco' so that we don't have exactly this problem," Simmons said. "Why Mr. Tran did not do that, I don't know." Well, because he's too busy being the "gold standard" of the thing you're trying to get it on using his brand's name. This means that Tobasco, in this case, is advertising Tran's product for him, all the more so when his is admittedly the best around. How is Simmons not getting this? And the best part of this is that the USPTO has already issued several decisions stating that the single word "sriracha" on its own is now too generic for any of these pretenders to trademark for themselves. Chalk up another victory for Tran, who allowed the use of his brand name so widely that he's effectively protected against someone trying to come along and lock it up. Well done all around.Permalink | Comments | Email This Story

Read More...
posted 15 days ago on techdirt
The FBI definitely does not want the nation's law enforcement agencies to talk about their Stingray devices. Manufacturer Harris Corporation has aided and abetted this secrecy -- first by misleading the FCC on the intended use of the devices (emergencies only) and then by claiming the FCC required law enforcement to sign non-disclosure agreements with the FBI, something the FCC has denied. Other federal law enforcement agencies have also helped keep documentation on Stingray usage out of the public's hands. Last year, the US Marshals stepped in to physically remove documents from the Sarasota (FL) police department to prevent them from being turned over to the ACLU in response to a FOIA request. The US Marshals Service has also ordered local law enforcement agencies to lie about their use of Stingray devices -- not just in terms of FOIA requests but while presenting evidence in court. Ars Technica has come across another document involving the FBI, Harris Corp. and lying. Originally obtained and published by the Minneapolis Star Tribune, the memo (written by the FBI) states that any open records requests for Stingray-related documents must be routed through the FBI first [pdf link]: In the event that the Minnesota Bureau of Criminal Apprehension receives a request pursuant to the Freedom of Information Act (5 USC 552) or an equivalent state or local law, the civil or criminal discovery process, or other judicial, legislative, or administrative process, to disclose information concerning the Harris Corporation [REDACTED] the Minnesota Bureau of Criminal Apprehension will immediately notify the FBI of any such request telephonically and in writing in order to allow sufficient time for the FBI to seek to prevent disclosure through appropriate channels. As Cyrus Farivar points out, similar memos have very likely been sent out to other local law enforcement agencies. There's a lot more in the very restrictive agreement, most of it blacked out. The letter from the FBI opens by making the dubious claim that releasing this information would render the agency unable to "protect the public from terrorism and other criminal activities." This is the normal language of secrecy and it has very little to do with the public's protection and everything to do with withholding responsive documents. The capabilities and technology behind Stingray devices are already public knowledge. Criminals and terrorists are already aware that cell phones, while useful, are also little pocket narcs that generate tons of data easily obtained with little more than a subpoena -- or actively obtained with these devices. The "method and means" can't be further compromised. All the FBI is doing is burying information about legally-dubious devices in common usage. The FBI has dropped several restrictions on this particular law enforcement agency, including: The Minnesota Bureau of Criminal Apprehensions will not distribute, disseminate, or otherwise disclose any information concerning the [redacted] to the public, including to any non-law enforcement individuals or agencies. [...] The MBCA will not distribute, disseminate, or otherwise disclose any information concerning [redacted] provided to it to any other law enforcement or government agency without the prior written approval of the FBI. The FBI also states that it will intervene in court proceedings to keep this information secret. A copy of any court order in any proceeding in which the MBCA is a party directing disclosure of information concerning the Harris Corporation [redacted] will immediately be provided to the FBI in order to allow sufficient time for the FBI to intervene to protect the equipment/technology and information from disclosure and potential compromise. And who knows what the FBI is preventing here, but it would seem to be pretty expansive. Not only is there very limited value in withholding this information, considering how much has been exposed despite these entities' efforts, but there's every indication that law enforcement agencies (with the FBI's help) are sabotaging both accountability and the discovery process with these demands. Both are ethically unsound, and the latter borders on unconstitutional.Permalink | Comments | Email This Story

Read More...
posted 15 days ago on techdirt
I wanted to drop a note to the Techdirt community about an exciting new project that we're launching one month from today: The Copia Institute, a new network of future- focused innovators. Copia is Latin for "abundance" -- the hallmark of our time, and the source of many of its biggest opportunities and toughest challenges. We're working collaboratively with everyday internet users, business experts and technology policy leaders to focus on the challenges and opportunities we face in this age of abundance. Think of it as a think tank for the information era. While following and writing about issues related to innovation, business models and policy, we've seen up close the amazing power of innovative startups and pioneering technologies to change the world in powerful ways. It's hard to remember what things were like just a decade ago -- before Facebook, iPhones, YouTube, Twitter, Airbnb and more. Our lives have changed in profound and exciting ways -- and such change will continue to advance rapidly in the future. It's inspiring, exhilarating and wonderful. But it also presents unique challenges. Innovation can upset existing industries. It can collide with outdated regulations that were originally designed to protect us but now serve as roadblocks that slow progress and weaken the innovative spirit. And, sometimes, it creates ethical challenges and questions that deserve deeper levels of consideration. With Copia, we'll bring together innovators, internet users, policymakers and experts with diverse and distinct perspectives to discuss these issues. But we won't just talk, we'll act. We will work to resolve the issues of today while preparing to address the issues of tomorrow. We want to help innovators tackle issues early on -- and look where we, as a group, can develop creative ways to embrace opportunities that make the world a better place while minimizing downsides or negative consequences. We're launching Copia with an Inaugural Summit on March 12-13th at the Tech Museum of Innovation in San Jose. We'll host stimulating brainstorming sessions on disruptive innovations and policy challenges, as well as a special tech industry General Counsels' roundtable to discuss principles of innovation. We have an ambitious agenda, so stay tuned. We will share more details as the summit approaches, but until then, I look forward to seeing some of you there!Permalink | Comments | Email This Story

Read More...
posted 15 days ago on techdirt
We've seen a partial answer to the question: "what happens if my Silk Road shopping bot buys illegal drugs?" In that case, the local police shut down the art exhibit featuring the bot and seize the purchased drugs. What's still unanswered is who -- if anyone -- is liable for the bot's actions. These questions are surfacing again thanks to a Twitter bot that somehow managed to tweet out a bomb threat. This week, police in the Netherlands are dealing with a robot miscreant. Amsterdam-based developer Jeffry van der Goot reports on Twitter that he was questioned by police because a Twitter bot he owned made a death threat. As van der Goot explained is his tweets (all of which can be viewed at the above link), he was contacted by an "internet detective" who had somehow managed to come across this bot's tweet in his investigative work. (As opposed to being contacted by a concerned individual who had spotted the tweet.) So, van der Goot had to explain how his bot worked. The bot (which was actually created by another person but "owned" by van der Goot) reassembles chunks of his past tweets, hopefully into something approaching coherence. On this occasion, it not only managed to put together a legitimate sentence, but also one threatening enough to attract the interest of local law enforcement. The explanation didn't manage to completely convince the police of the bot's non-nefariousness. They ordered van der Goot to shut down the account and remove the "threatening" tweet. But it was at least convincing enough that van der Goot isn't facing charges for "issuing" a threat composed of unrelated tweets. The investigator could have easily decided that van der Goot's explanation was nothing more than a cover story for tweets he composed and issued personally, using a bot account to disguise their origin. The shutdown of the account was most likely for law enforcement's peace of mind -- preventing the very occasionally evil bot from cobbling together algorithmically-derived threats sometime in the future. It's the feeling of having "done something" about an incident that seems alarming at first, but decidely more banal and non-threatening by the end of the investigation. The answer to the question of who is held responsible when algorithms "go bad" appears to be -- in this case -- the person who "owns" the bot. Van der Goot didn't create the bot, nor did he alter its algorithm, but he was ultimately ordered to kill it off. This order was presumably issued in the vague interest of public safety -- even though there's no way van der Goot could have stacked the deck in favor of bot-crafted threats without raising considerable suspicion in the Twitter account his bot drew from. There will be more of this in the future and the answers will continue to be unsatisfactory. Criminal activity is usually tied to intent, but with algorithms sifting through data detritus and occasionally latching onto something illegal, that lynchpin of criminal justice seems likely to be the first consideration removed. That doesn't bode well for the bot crafters of the world, whose creations may occasionally return truly unpredictable results. Law enforcement officers seem to have problems wrapping their minds around lawlessness unmoored from the anchoring intent. In van der Goot's case, it resulted in only the largely symbolic sacrifice of his bot. For others, it could turn out much worse. Permalink | Comments | Email This Story

Read More...
posted 15 days ago on techdirt
Paul Ford, once again, has written up something fascinating. He discusses something I had no idea happened: when an iPhone user texts with another iPhone user using iMessage, the outgoing texts appear in calm blue bubbles. When an iPhone user texts with a non-iPhone user (or an iPhone user using something other than iMessage -- meaning mainly Android users, obviously), those outgoing texts are in a harsh green. Here are the two examples Paul shows, starting with the iPhone to iPhone: And then the Android to iPhone: As noted, I had no idea that this happened, because I don't own an iPhone. There is one slight functional reason for this: users may have to pay for SMS messages, but not for iMessages, and thus it could have an impact on a bill. But here's the more interesting tidbit, which is the crux of Ford's article: lots of people absolutely hate those green bubbles. As he notes, if you do a Twitter search on "green bubbles" you'll see an awful lot of anti-green-bubble sentiment. Here are just a few examples I quickly found (Paul has others in his article). Those are just some of the anti-green-bubble messages from the past 24 hours. There are actually a lot more, and it goes on and on. It's kind of amazing just how many people are tweeting about their hatred for green bubbles. Ford, then goes into a really interesting discussion on the nature of product management and design choices -- the kind of thing that Apple doesn't do on a whim -- to get to the real point: Apple is likely choosing harsh, ugly green bubbles on purpose. As a petty way to put down Android users: Apple must know by now that the people of the blue bubbles make fun of the people of the green. And I guess if I worked at Apple I’d be pretty psyched with this reaction. After all, what is a more powerful brand amplifier than social pressure? If people who converse in green bubbles start to feel relatively poor, or socially inferior, because they chose to use a less-expensive pocket supercomputer than those made by Apple, that could lead to iPhone sales. Ugly green bubbles = $$$$$ and promotions. But I think the ugly green bubbles are the result of a mean-spirited, passive-aggressive product decision, marketed in a mean-spirited way. Certainly it’s not a crisis in capitalism. This is not to say that Google is good and Apple is bad; they’re both enormous structures that have so much power that they can manufacture their own realities (except for Google Glass, then not so much). The bubbles are a subtle, little, silly thing but they are experienced by millions of people. That amplifies that product descision into a unsubtle, large, serious-yet-still silly thing. The people who are tweeting about green bubbles are following Apple’s lead. It’s not unprecedented; Apple has done stuff like this before, like giving Windows machines on its network a “Blue Screen of Death” icon. But people spend so much time texting that it adds up. Beyond highlighting Apple's apparent pettiness (and lack of ability to allow users to customize things for themselves), it also highlights how very minor design decisions do matter in a fairly big way. I recognize that some people like to get into tech fanboy wars: iPhone v. Android, Mac v. Windows v. Linux, Playstation v. Xbox, etc. That's going to happen, even if it mostly seems like a waste of time. But, really, using subtle design choices to highlight and further such fights seems to show such a childish attitude to competition. Good competitors focus on making their own products better, not demeaning the competition. It's when they run out of good ideas that the focus shifts to attacking the competition. Apple has done so many things right with the iPhone in pushing the barriers of innovation, it would be better if they just focused on making the overall customer experience better, rather than trying to offer subtle digs at non-iPhone users.Permalink | Comments | Email This Story

Read More...
posted 16 days ago on techdirt
Techdirt writes a lot about surveillance and its potential dangers. But if you want to see the reality of abusive governmental spying, look no further than Macedonia, where a huge surveillance scandal is unfolding (original in German, found via @Netzpolitik): In a press conference announced weeks ago, opposition leader Zoran Zaev accused Prime Minister Nikola Gruevski of being responsible for a massive wiretapping scandal. Those spied upon include government ministers, opposition politicians, journalists, entrepreneurs and many members of the judiciary and the security apparatus. "More than 20,000 people in Macedonia have been monitored over the years," said Zaev. "We have evidence that there has been a comprehensive, illegal wiretap program, on the direct instructions of the head of intelligence Saso Mijalkov and Prime Minister Nikola Gruevski." With targeted surveillance affecting 1% of the population, it is hard to believe that alongside immediately useful information about what political opponents and key figures in society were saying and doing, a certain amount of blackmail material wasn't collected by the government spies and squirrelled away for future use. According to the Deutschlandfunk story translated above, for his part, Gruevski alleges that Zaev threatened to release damaging material he had obtained unless elections were called immediately. The whole situation is a mess, and at its heart lies uncontrolled, abusive surveillance, where the inevitable leaks of incriminating material have now destabilized the entire political system. Sadly, there's no obvious way out. As the article notes, the lack of press freedom or even an independent judiciary in Macedonia means that it will be very hard to get to the bottom of what is happening here, and then move on. Follow me @glynmoody on Twitter or identi.ca, and +glynmoody on Google+ Permalink | Comments | Email This Story

Read More...
posted 16 days ago on techdirt
We've written in the past about how the National Institute of Health (NIH) requires any research it funds (and it funds a lot) to be published under open access rules via its own PubMed Central platform after a certain period of time. There have been some efforts in Congress to require other government funded research to go down the same path, and some other agencies have worked on some similar ideas on their own. Now, NASA has announced that it will be requiring all research published via the $3 billion NASA spends each year to to also be published on the PubMed system (and also within in 12 months, as the NIH requires) The provisions of NASA’s policy on articles track with those in the current NIH Public Access policy, and will require NASA-funded researchers to deposit articles into the PubMed Central database, to be made accessible with no more than than a 12 month embargo. However, the NASA plan notes that, “publishers may petition for longer embargo periods, but strong evidence of the benefits would be needed.” This language is notable, as it seems to suggest that any determination of changes in embargo length will be measured against the public good, rather than specific industry concerns. Also, it looks like the plan will include efforts to make the raw data more available as well: One final item that is tucked away at the end of the NASA plan, but is worth noting: the Agency will explore the development of a “research data commons” along with other departments and agencies, for storage, discoverability, and reuse of data with a particular focus on making the data underlying peer reviewed scientific publications resulting from federally funded scientific research available for free “at the time of publication.” This is an idea that appears to be gaining traction in the federal agency community, and is well worth tracking closely. It's good to see more government agencies moving in this direction. It would be even nicer to see shorter time frames for the embargo, and even further commitment to releasing the data beyond just "exploring," but this is good for science, data, learning and innovation.Permalink | Comments | Email This Story

Read More...
posted 16 days ago on techdirt
If you're only a couple decades old, you probably haven't experienced too many problems with your memory. But if you're more than a few decades old, you might have started to get "senior moments" as some call them -- where you forget why you went upstairs to your bedroom as soon as you get there, or you can't remember your ATM PIN, or the name of that guy is just on the tip of your tongue but you can't seem to recall it. These could be early signs of more serious memory loss, but the medical science is only just about to start really understanding how memory and aging works. Here are some links you might want to check out (and bookmark so you don't forget them). Resveratrol has been associated with a lot of benefits related to minimizing the effects of aging. It's not a cure yet -- or even an approved drug -- but a study with aging rats shows that it could help improve cognitive functions and memory. [url] There are some people who are "SuperAgers" -- people over 80yo who have the memory capabilities of those decades younger. Researchers are studying these SuperAgers and comparing their brain images to those of other seniors. They've found some significant differences which could lead to a better understanding of how these SuperAgers retain their cognitive abilities. [url] People with an AB blood type are more at risk for cognitive problems as they age. Fortunately, this isn't a common blood type, but if you've got it, there's not much comfort in this correlation. [url] If you'd like to read more awesome and interesting stuff, check out this unrelated (but not entirely random!) Techdirt post via StumbleUpon.Permalink | Comments | Email This Story

Read More...
posted 16 days ago on techdirt
Here's a horrifying statement: Asked whether the penalty for resisting arrest should be increased from a misdemeanor to a felony, [NYPD Commissioner Bill] Bratton said he supported the idea. “We need to get around this idea that you can resist arrest,” Bratton reiterated to reporters after the hearing. “One of the ways to do that is to give penalties for that.” The most half-baked "weapon" in any policeman's arsenal should never be raised to the level of a felony. "Resisting arrest" is the charge brought when bad cops run out of better ideas. This truism runs through nearly every law enforcement agency in the country. When you take a look at videographers and photographers who have been arrested for exercising their First Amendment rights (and backed by a DOJ statement), you'll see plenty of "resisting arrest" charges. When a San Francisco public defender tried to head off a detective who wanted to question and photograph her client without her permission, she was arrested for "resisting arrest." When someone has been brutalized by the police, the words "resisting arrest" are repeated nearly as frequently as the mantra that accompanies every taser deployment and baton swing ("stop resisting"). Resisting arrest is a dodge that makes bad cops worse and marginal cops bad. Turning resisting arrest into a felony shouldn't happen anywhere. But perhaps especially not in New York City. A WNYC investigation turned up these damning statistics. (via Vox) WNYC analyzed NYPD records and found 51,503 cases with resisting arrest charges since 2009. Just five percent of officers who made arrests during that period account for 40% of resisting arrest cases — and 15% account for almost 3/4 of such cases. If resisting arrest was a legitimate charge, the distribution would be much more even. But it isn't. It's a charge that's used most by abusive cops -- and law enforcement agencies know it. Many policing experts consider charges of resisting arrest to be the best broad measure of use of force in arrests. The department has tracked charges of resisting arrest as a way of identifying officers who may use excessive force, said a former senior department official who insisted on anonymity because he still works in law enforcement. To turn this into a felony is to grant bad cops a longer leash -- and allows them to do much more damage. Not only will the victims of excessive force have to deal with injuries and psychological trauma, they may also find their futures severely disrupted by a felony charge that will follow them around for years. The protests following the clearing of the officer involved in Eric Garner's death, followed shortly thereafter by the murder of two NYPD officers by a civilian, have turned the NYPD against the public. Bratton's support of this abhorrent idea makes it clear he's willing to put more power in the hands of his worst officers. However bad he feels the situation is now, this action will only make things worse. The answer lies in greater accountability from the NYPD, not additional punishments for members of the public.Permalink | Comments | Email This Story

Read More...
posted 16 days ago on techdirt
We just recently wrote about a troubling case in the 9th Circuit in which a court tried to "balance" free speech rights against state publicity rights. Now, over in the 7th Circuit, there's a troubling ruling that seems to suggest a particular privacy law might similarly override the First Amendment. The writeup at the Columbia Journalism Review (link in the previous sentence) is a really great overview of the case, or you can read the ruling itself. In short, the Chicago Sun-Times published a series of reports investigating whether or not Chicago Police "manipulated" an investigation into a manslaughter case, involving a nephew of then Chicago mayor Richard M. Daley. That nephew, R.J. Vanecko, had apparently punched another man, David Koschman, leading Koschman to fall over and hit his head -- leading to a brain injury from which he died a few days later. The Sun-Times report argued that the police investigation was designed more to protect Vanecko, rather than bring him to justice. In exposing the questionable nature of the investigation, the Chicago Sun-Times highlighted the key "police lineup" that the CPD had put together, showing Vanecko and five police officers. No eyewitness picked out Vanecko, but the Sun-Times report argued that the police had chosen officers who strongly resembled Vanecko to make it difficult to pick out who really was involved. In order to make this point, reporters at the paper used a public records request to get the lineup photos, but then also got the physical information about the other officers in the photo via the state's motor vehicle records database, controlled by the Illinois Secretary of State. The point, obviously, was to show the physical resemblance to Vanecko. However, the officers in question sued the Sun-Times, arguing that publishing the information from the motor vehicle database, violated the Driver's Privacy Protection Act (DPPA) of 1994. That law bars the disclosure of "personal information" from the various Department of Motor Vehicles' records. It was originally passed after people had been using information in those databases to find and harass people they disagreed with politically. The Sun-Times argued, reasonably, that the First Amendment should protect its right to publish this information. However, both the lower court and the 7th Circuit appeals court have now both disagreed. The appeals court starts out by first noting that the information that was published -- the police officers' "approximate date of birth, height, weight, hair color, and eye color" are "personal information" as defined by the DPPA. That seems ridiculous enough already, given that those aren't exactly things that are private information for the most part. From there we get to the First Amendment analysis. First, the court says that there's nothing unconstitutional about the DPPA's prohibition on obtaining the information, since that doesn't involve any expression. The Sun-Times argued that even so, the purpose here was to stifle reporting by denying the press access to such information. It pointed to the recent ACLU case we covered, where the court said a law banning the recording of police violated the First Amendment, but the court doesn't buy it: However, ACLU is distinguishable on several grounds. While the Illinois eavesdropping statute’s effect on First Amendment interests was “far from incidental” because it banned “all audio recording of any oral communication,”..., the same is not true of the DPPA’s prohibition on the acquisition of personal information from a single, isolated source. It can hardly be said that this targeted restriction renders Sun-Times’s right to publish the truthful information at issue here—much of which can be gathered from physical observation of the Officers or from other lawful sources (including, of course, a state FOIA request)—“largely ineffective.” Further, in forbidding only the act of peering into an individual’s personal government records, the DPPA protects privacy concerns not present in ACLU. If a member of the press observed one of the Officers in public—for example, during a traffic stop—he could publish any information gleaned from that interaction without offending the DPPA. By contrast, the Illinois eavesdropping statute operated as a total ban on recording police officers’ activities, even when they were “performing their duties in public places and speaking at a volume audible to bystanders.” Now, how about the restriction on disclosing the information -- which seems to fall even more squarely into the First Amendment arena? Again, the court doesn't buy it. It points out that while it would be protected in publishing the information if someone else got it and gave it to the Sun-Times, that doesn't apply if the Sun-Times itself broke the law in getting the information: The Supreme Court has established that “if a newspaper lawfully obtains truthful information about a matter of public significance then state officials may not constitutionally punish publication of the information, absent a need to further a state interest of the highest order.” .... Sun-Times, however, cites no authority for the proposition that an entity that acquires information by breaking the law enjoys a First Amendment right to disseminate that information. Instead, all of the many cases on which Sun-Times relies involve scenarios where the press’s initial acquisition of sensitive information was lawful. The court then has to do some rather fancy tap dancing to get around some of its previous rulings that said similar activity was protected free speech, by arguing that the "intent" matters. Sun-Times fares no better in its invocation of precedent from this circuit. Sun-Times points to our opinion in Thomas v. Pearl, 998 F.2d 447, 449 (7th Cir. 1993), in which a college basketball coach secretly taped conversations with a player about illegal perks offered by a rival university, as an example of what Sun-Times terms “theoretically unlawful news-gathering techniques inherent to successful journalism.” Yet in Thomas, we determined that the coach lacked the requisite intent to be found in violation of federal wiretapping laws, id. at 452–53, and thus had not unlawfully obtained the in-formation at issue. Sun-Times also cites Desnick v. American Broadcasting Cos., 44 F.3d 1345, 1355 (7th Cir. 1995), for the proposition that the First Amendment protects a broadcaster’s “surreptitious, confrontational, unscrupulous and ungentlemanly” investigatory tactics. But Desnick’s ruling applies only insofar as “no established rights are invaded in the process.” Id. Here, of course, Sun-Times’s acquisition of the Officers’ personal information invaded their established rights under the DPPA. This is a crucial distinction. Although Sun-Times claims that, in acquiring and disclosing truthful information, it engaged only in “perfectly routine, traditional journalism,” it cannot escape the fact that it acquired that truthful information unlawfully. The thing that I don't get is why it's the Sun-Times that is being seen as the one who broke the DPPA here. It seems more like it was the Secretary of State, who gave the Sun-Times the information which it controlled in the first place. But the Court seems blind to that concept: We would face an analogous scenario if a third party had obtained personal information in violation of the DPPA and transmitted that information to Sun-Times, who subsequently published it. But that is not our case. Here, there is no intervening illegal actor: Sun-Times itself unlawfully sought and acquired the Officers’ personal information from the Secretary of State, and proceeded to publish it. Where the acquirer and publisher are one and the same, a prohibition on the publication of sensitive information operates as an effective deterrent against the initial unlawful acquisition of that same information. Such acquisition carries little benefit independent of the right to disseminate that information to a broader audience. We therefore conclude that the government’s deterrence interest is both important and likely to be advanced by the DPPA’s ban on Sun-Times’s disclosure of the Officers’ per-sonal information. But that doesn't make much sense. Asking the Secretary of State for the information seems like a perfectly reasonable journalistic tactic in investigating a story. The court then goes into even more troubling waters, as the judges basically decide that the information here isn't that important anyway, and that also undermines the First Amendment claims. It notes that in other cases, courts have found that "privacy concerns give way when balanced against the interest in publishing matters of public importance." Again, we're back to this idea that there's some sort of mythical "balancing act" between the First Amendment and privacy rights. And, when the court puts these two things on the scales in this case, it thinks the balance goes to privacy, rather than the First Amendment. Why? Because it finds that the "personal information" about the officers really isn't that important to the story. While Sun-Times provided details of the Officers’ physical traits to highlight the resemblance between the “fillers” and Vanecko, most of the article’s editorial force was achieved through publication of the lineup photographs that Sun-Times obtained through its FOIA request—the value added by the inclusion of the Officers’ personal information was negligible. Each Officer’s height is evident from the lineup photographs, while their weights and ages are relevant only to the extent that they increase the Officers’ resemblance to Vanecko—a resemblance that the photographs independently convey. And, although identifying the Officers’ hair and eye colors may add some detail to the published black-and-white photographs, their personal information is largely redundant of what the public could easily observe from the photographs themselves. Therefore, Sun-Times’s publication of the Officers’ personal details both intruded on their privacy and threatened their safety, while doing little to advance Sun-Times’s reporting on a story of public concern. This seems immensely troubling for a variety of reasons, not the least of which is that it puts the court system into the editing business, deciding which facts are actually relevant to the story, and which are somehow unnecessary. The court notes that it's possible a case "involving less privacy concerns or information of greater public significance" would come up with a different result, but that's also ridiculous. First of all, how is someone's height and eye color such a great "privacy concern"? Second, this again seems like a pretty clear restriction on the freedom of the press. It's not something that you "balance." The First Amendment is pretty clear that Congress cannot pass a law abridging the freedom of the press. And yet here, the court seems to think that it's okay, as long as it's "balanced." Because of this, the police can now sue the paper for daring to reveal their eye color and whatnot. This seems like a terrible ruling for the First Amendment, and even while the court tries to limit it to the specific facts of this case, it seems likely that this particular ruling is now likely to be cited against reporters quite a lot.Permalink | Comments | Email This Story

Read More...
posted 16 days ago on techdirt
Fifty Shades of Grey, which is being released this Friday just in time for Valentine's Day, is sure to be one of the top grossing films of the year. Depending on your point of view, fair use is to blame—or thank—for the existence of the Fifty Shades franchise. The movie is based on the three erotic Fifty Shades novels, which have dominated (pun intended) book sales for the past three years. Over 100 million copies of the novels have been sold, the first novel of the series has been on the New York Times bestseller list for 140 weeks, and the novels have been translated into 51 languages. And to make sure that no dollar is left behind, Target just began distributing a line of Fifty Shades sex toys to coincide with the film's release. Similarly, Vermont Teddy Bear is offering a Fifty Shades of Grey Teddy Bear, featuring smoldering eyes, a suit and satin tie, a mask, and mini handcuffs. The British author of the series, E.L. James (a pseudonym for television executive Erika Mitchell), originally wrote the trilogy as fan fiction of Stephanie Meyer's popular Twilight series, and posted it in installments on the fan fiction site FanFiction.net under the title Master of the Universe. Some of the readers complained that it was too racy for the site, which tries not to host adult content, so James moved it to a website she created, FiftyShades.com. At some point the popularity of the story must have convinced James of its potential commercial value, so she eliminated the potentially infringing references to Twilight characters and plotlines while retaining her original bondage/discipline, dominance/submission, and sadism/masochism themes. She divided this revised version into three novels that were published as e-books by an Australian virtual publisher. Fan fiction is a quintessential fair use. It is highly transformative and does not harm the market for the original work. To the contrary, by allowing fans to engage and interact with the works they admire, fan fiction enhances fan loyalty and likely increases sales. For this reason, the vast majority of authors and media companies do not object to non-commercial fan fiction. (The little litigation involving fan fiction has arisen in circumstances when a commercial publisher distributed what started as fan fiction, e.g., the Harry Potter Lexicon.) It is unclear whether fair dealing, the UK version of fair use, permits fan fiction to the same degree as fair use. The copyright laws of other European countries likewise do not contain exceptions sufficiently robust to provide certainty about the legality of fan fiction. For this reason, the world's largest fan fiction websites are based in the United States. Thus, FanFiction.net, the website on which E.L. James first posted Master of the Universe, was established in California in 1998. Fan fiction websites, like search engines and social media platforms, are examples of how fair use has enabled the global leadership of U.S. Internet companies. Fair use and the fan fiction culture it enables nurtured the development of Fifty Shades. As she uploaded chapter after chapter of Master of the Universe, James almost certainly would have received constructive comments from other fans of "Twific" (Twilight fan fiction) recommending stylistic changes and plot twists, and urging her to continue writing. The fan fiction environment provided James with a platform for road-testing her work, and developing a following, without incurring infringement liability. The creative cycle continues. Thousands of "fanfics" inspired by Fifty Shades are now available on FanFiction.net and other fan fiction websites. Perhaps some day one of them will evolve into a bestselling novel or a major motion picture. Reposted from the Disruptive Competition Project Permalink | Comments | Email This Story

Read More...
posted 16 days ago on techdirt
In the world of pop starlets, apparently Taylor Swift and Katie Perry hate each other. And, now, it appears that both of them are trying to one-up each other in having their lawyers issue legal threats to fans for no good reason. We've already written about Katy Perry's lawyers' threatening letter over a 3D-printable plan for "the left shark" from her Super Bowl routine (an argument that is legally dubious). And now it comes out that Taylor Swift's lawyers are threatening the singer's fans on Etsy who have been selling products celebrating the singer. As one Etsy seller told Buzzfeed: We originally made the item for fun, we love Taylor and we had friends that love Taylor. We never intended for it to be a profit making item. The cost of the item covered shipping costs, and production costs with very little left over. When we got the e-mail that the trademark infringement occurred, we were pretty shocked because while our item was popular we didn’t feel as if it had become popular enough to cause harm to Taylor Swift’s empire. We were shocked. And we were scared. We didn’t even make enough money for a lawyer and this had seemed like such a harmless and fun idea. The Buzzfeed article also notes that it appears that Swift has hired MarkMonitor, the big player in sending takedown threat letters over copyright and trademark issues, to send such takedown letters. Depending on the specific products, there may be some legitimate trademark or copyright claims here, but it's hard to see how any of these actually create any real benefit for Swift, other than pissing off her fans, and angering people who actually wanted to celebrate their fandom of Swift and her music. Yes, these days popstars like Swift are "big businesses" who want to capture every possible penny that they can get from fans, but these kinds of products aren't doing any real damage to Swift or her brand. The takedowns, however, might be the opposite -- creating a real distaste among some fans for daring to try to display their fandom in a unique and creative way.Permalink | Comments | Email This Story

Read More...
posted 16 days ago on techdirt
Samsung has been doing a great job this week illustrating why consumers should want their televisions to be as dumb as technologically possible. The company took heat for much of the week after its privacy policy revealed Samsung smart TVs have been collecting and analyzing user living room conversations in order to improve voice recognition technology. While that's fairly common for voice recognition tech, the idea of living room gear that spies on you has been something cable operators have been patenting for years. And while Samsung has changed its privacy policy language to more clearly illustrate what it's doing, the fact that smart TV security is relatively awful has many people quite justly concerned about smart TVs becoming another poorly-guarded repository for consumer data. But it's something else stupid that Samsung did this week that got less press attention, but that I actually find far more troubling. Numerous Samsung smart TV users around the world this week stated that the company has started injecting ads into content being watched on third-party devices and services. For example, some users found that when streaming video content from PC to the living room using Plex, they suddenly were faced with a large ad for Pepsi that actually originated from their Samsung TV:"Reports for the unwelcome ad interruption first surfaced on a Subreddit dedicated to Plex, the media center app that is available on a variety of connected devices, including Samsung smart TVs. Plex users typically use the app to stream local content from their computer or a network-attached storage drive to their TV, which is why many were very surprised to see an online video ad being inserted into their videos. A Plex spokesperson assured me that the company has nothing to do with the ad in question." Now Samsung hasn't responded yet to this particular issue, and you'd have to think that the company accidentally enabled some kind of trial ad injection technology, since anything else would be idiotic brand seppuku (in fact it does appear like it has been working with Yahoo on just this kind of technology). Still, users say the ads have them rushing to disable the smart portion of Samsung TVs, whether that's by using a third party solution or digging into the bowels of the TV's settings to refuse Samsung's end user agreement. And that raises an important point: many consumers (myself included) want their TV to be as slack-jawed, glassy-eyed, dumb and dim-witted as possible. Like broadband ISPs and net neutrality, Samsung clearly just can't help itself, and is eager to use its position as a television maker to ham-fistedly inject itself into a multi-billion dollar emerging Internet video market. But that runs in stark contrast to the fact that most people just want their television (whether it's 720p or 4K) to simply be a dumb monitor they hook smart devices of their choice up to. Just like people want their broadband ISPs to get out of the way and provide a quality dumb pipe, many people just want a traditional, dumb television to do a great job displaying the signals sent to it and nothing more. Dumb TVs just make more sense for most users: many people own televisions for ten years, and the streaming hardware embedded in these sets quickly becomes irrelevant even with updated firmware. Dumb TVs, with less sophisticated internals, should also be cheaper to buy. And if you're any kind of respectable audiophile, you've got game consoles and devices like Roku hooked into a receiver and a decent 5.1 (or above) system, making the set's internals redundant. Swapping out a crop of the latest and greatest (not to mention relatively cheap) Rokus or Chromecasts every few years just makes more sense for most of us. Last I saw, around 50% of people who buy connected TVs aren't using the connected portion of the set. Yet if you peruse the latest sets (especially the ongoing standards minefield that is 4K or UHD) you'll find that buying a dumb television is getting increasingly more difficult. I won't even get into the problems with HDCP 2.2 DRM stifling 4K growth and confusing the hell out of consumers on the bleeding edge, as that's another article entirely. Bottom line: I want my pipes dumb, my TVs dumber, and my choice of a full variety of intelligent devices and services without bull-headed companies stumbling into my line of sight. Samsung's clumsy week simply couldn't have illustrated the growing need for dim-witted television sets any better.Permalink | Comments | Email This Story

Read More...
posted 16 days ago on techdirt
Facebook figures often enough on Techdirt, and most people here know what they are getting and giving when they sign up. But according to a fascinating article on qz.com, that's not true for everyone around the world who uses Facebook: It was in Indonesia three years ago that Helani Galpaya first noticed the anomaly. Indonesians surveyed by Galpaya told her that they didn't use the internet. But in focus groups, they would talk enthusiastically about how much time they spent on Facebook. Galpaya, a researcher (and now CEO) with LIRNEasia, a think tank, called Rohan Samarajiva, her boss at the time, to tell him what she had discovered. "It seemed that in their minds, the Internet did not exist; only Facebook," he concluded. Nor are Indonesian users alone in this view: In Africa, Christoph Stork stumbled upon something similar. Looking at results from a survey on communications use for Research ICT Africa, Stork found what looked like an error. The number of people who had responded saying they used Facebook was much higher than those who said they used the internet. The discrepancy accounted for some 3% to 4% of mobile phone users, he says. The rest of the article goes on to present more evidence that many people are unaware that Facebook is on the Internet, or believe that Facebook is the Internet, and to explore the consequences. For example, one survey shows that 56% of Indonesians who use Facebook but say they don't use the Internet never follow links out of Facebook, against 25% who are on Facebook but say they also use the Internet; for Nigeria, the figures are 69% and 21% respectively. That confirms the immense power of Facebook to act as a gatekeeper -- to people online, to information, and to the lucrative advertising that powers most of the Web. Although you can hardly blame Facebook for people's misunderstanding of how the Internet works when they use the social network, one major project from the company is likely to make things worse. Here's what the significantly-named Internet.org app hopes to achieve: Over 85% of the world’s population lives in areas with existing cellular coverage, yet only about 30% of the total population accesses the internet. Affordability and awareness are significant barriers to internet adoption for many and today we are introducing the Internet.org app to make the internet accessible to more people by providing a set of free basic services. With this app, people can browse a set of useful health, employment and local information services without data charges. By providing free basic services via the app, we hope to bring more people online and help them discover valuable services they might not have otherwise. The aim here is to provide low-cost access to the Internet for those who might not otherwise be able to afford it. In fact, Internet.org goes further: it provides totally free access to the Internet -- or rather, free access to a very small list of pre-selected sites, including, of course, Facebook. The intention is laudable, but Internet.org is a classic demonstration of why we need net neutrality. Providing free services may look great in principle, but effectively discriminates against everything not on the list, especially startups with limited resources. We certainly need to work on providing very low-cost Internet access to everyone who wants it, but not by creating a set of privileged services. One other risk with Facebook's Internet.org app is that it will probably encourage yet more people to think that those free services are not on the Internet, or that they are Internet -- all of it. Follow me @glynmoody on Twitter or identi.ca, and +glynmoody on Google+Permalink | Comments | Email This Story

Read More...
posted 16 days ago on techdirt
We've been discussing how law enforcement organizations have started ramping up their war on the Google-owned, traffic info crowdsourcing app, Waze, in the belief that it's hindering local revenue generation. More specifically, they've been trying to stop the app and its users from reporting police speed trap locations, going so far as to make the absurd argument that the app allows citizens to become police "stalkers." Of course as noted previously, these officers are usually in plain sight and obviously marked, meaning if you really had an insane hankering to annoy a cop you can certainly do it without an app. It's also worth reminding officers that Waze users are simply having a perfectly legal conversation (just like flashing headlights or even holding up signs is legal), at least for now. With the "mean old citizens are stalking us" defense apparently not working so well, some law enforcement agencies are turning to another, more clever (or so they think) solution: pollute Waze's data with false police speed trap locations. Officers in Miami have apparently taken to downloading the Waze app themselves just so they can flood the app with inaccurate data:"Hundreds of officers in the Miami area have downloaded the app, which lets users provide real-time traffic information and identify areas where police are conducting speed enforcement. The local NBC affiliate says the officers are flooding Waze with false information on their activity in an attempt to make the app's information less useful to drivers. Disclosing the location of police officers "puts us at risk, puts the public at risk, because it's going to cause more deadly encounters between law enforcement and suspects," Sgt. Javier Ortiz, president of the Miami Fraternal Order of Police, tells the news outlet."This was apparently something some Los Angeles homeowners tried as well late last year, when they reported false congestion to the app in the hopes of lessening local traffic load. Of course the very nature of crowd-sourced apps like this involves repeated false reports and unreliable users being weeded out not only by the system itself, but by more trustworthy reports from reliable Waze users with higher scores. Even if this dumb idea worked, and all Miami Waze users were confused into thinking speed traps were everywhere, wouldn't they drive slower and ruin revenue generation (what this is really about) anyway? All the Miami police force is doing is wasting time and taxpayer money in a war on perfectly legal conversation. In fact, you could argue they're doing something worse by eroding their own safety. As it stands the Waze app isn't specifically singling out speed traps -- it allows users to mark any police location. As in, it allows users to mark any emergency vehicle at the side of the road for any reason, notifying Waze users that they should slow down. If this was truly about public safety and not revenue generation, you'd think this would at least be part of the conversation. Still, law enforcement associations are increasing pressure on politicians (like Chuck Schumer), and Google's shown at least some flexibility on this. For me personally, it's all kind of a moot point anyway. I drove from New York to Seattle and back again last summer and found that police move positions so frequently, Waze probably indicated an accurate speed trap location around a third of the time anyway. Still, you'd hate to see any app made less useful just because it hurts a police department's ability to turn public protection into a major revenue stream.Permalink | Comments | Email This Story

Read More...
posted 16 days ago on techdirt
Recently, in an article discussing the arrest of a Brooklyn teenager for emoji-riddled "terroristic threats" (who is now free after the grand jury declined to return charges), I wondered just how "routine" the NYPD's stated "routine Facebook monitoring" was. Now, thanks to a FOIL (Freedom of Information Law) request by Chase Pashkowick of MuckRock, we have at least a partial answer. The policy [pdf link] -- Use of Social Networks for Investigative Purposes -- is still in force, which makes it somewhat of a miracle the intensely secretive NYPD released it at all. The policy states that the NYPD can freely access any information available publicly -- i.e., from any service not requiring a login or email account to view content. It also allows officers and investigators to dig even deeper by utilizing aliases. Or as MuckRock puts it, the NYPD has a license for catfishing. The operations order seeks “to instill the proper balance between the investigative potential of social network sites and privacy expectations." There is no prior authorization required to review publicly accessible information, such as party announcements blasted across Facebook or Twitter. But NYPD officers must seek approval before logging into social networks using any online identity other than their own. Such requests for an online alias must pass two levels of supervisory, letterheaded scrutiny. This includes a supervisor’s official sign-off on the username itself as well as the proposed profile photo, although the policy does not parse acceptable from forbidden photograph sources. There are nine steps officers must follow if they wish to utilize an alias. 2. Evaluate request to determine whether an online alias would serve an investigative purpose, and if so, prepare Typed Letterhead requesting an online alias to bureau chief/deputy commissioner concerned. 3. Include on Typed Letterhead: a. Purpose for the request type of investigation, etc.) b. Tax registry number of requesting member c. Username (online alias) d. Identifiers and pedigree to be utilized for the online alias, such as email address, username and date of birth. (1) Do not include password(s) for online alias and ensure password(s) are secured at all times. e. Indicate whether there is a need to requisition a Department laptop with aircard. 4. Review photograph to be used in conjunction with online alias, if applicable. a. Consider the purpose for which the photograph is being used and the source of the photograph. b. Attach a copy of the approved photograph and indicate on Typed Letterhead how photograph was obtained. 5. Forward request to commanding officer for review. 6. Review request(s) and consider the purpose and whether granting approval would serve an investigative purpose. 7. Endorse request(s) indicating within one day of original request and if APPROVED, immediately forward approval to bureau chief/deputy commissioner concerned, through channels, for informational purposes. 8. File copies of requests in command. 9. Maintain record of online alias in case records management systems or appropriate Department records. 10. Maintain folder for each APPROVED online alias. a. Designate an administrator for the online alias. All in all, a pretty tightly controlled system... unless terrorism is afoot, at which point the rules loosen up a bit. 11. Immediately contact Intelligence Division, Operations Desk supervisor and provide details regarding proposed investigation. 12. Determine if investigation should be conducted by the Intelligence Division and proceed accordingly. 13. Notify requesting supervisor to proceed with investigation if it has been determined that the investigation will not be conducted by the Intelligence Division. 14. Comply with steps 2 through 10 as appropriate, if investigation will not be conducted by the Intelligence Division. It would appear that the Intelligence Division can take this alias request and run with it, most likely subject to a minimum of oversight. If they turn it down, it's back to the previous page of rules and the stricter controls. If there are exigent circumstances (a handy term of art that is often deployed to assure exceptions swallow rules), all an officer needs to do is "confer" with the Intelligence Division and follow its instructions. If it's not both "exigent" and "terrorist-related," then it's back to the nine-step approval process. The policy also includes sensible rules for officers using NYPD internet connections and computers, including the admonition that every alias bears the risk of being exposed. To that end, investigators are instructed to use department laptops with aircards to help ensure an anonymous connection. They are also told to avoid using names and email addresses that can be traced back to the department, as well as to exercise the common sense Rules of the Internet: be wary of clicking links, delete spam rather than reading it, never open attachments unless you can verify who sent it, and avoid using home/public connections/computers to conduct police business. The social media monitoring policy also pays lip service to the Handschu Agreement the department's so-called "Demographics Unit" killed off in its pursuit of all things Muslim. The guidelines were meant to prevent the surveillance of non-criminal, politically-focused activity. The former CIA operative who headed the new surveillance unit managed to carve out large exceptions to this agreement on the way to placing several NYC mosques under round-the-clock watch. While it's nice to see a hat tip in its direction, it's a meaningless paragraph that only gives the document an air of First Amendment respect -- and only to those who are unfamiliar with the NYPD's neutering of this agreed-upon protection. Those inside the exception-to-all-rules Intelligence Division already know these words mean nothing. Most of those monitoring social media for anything terrorist-related know this as well. But given the department's not-so-secret affection for all things surveillance, the policy is surprisingly restrictive. Whether it's actually followed to the letter is still an unanswered question.Permalink | Comments | Email This Story

Read More...
posted 17 days ago on techdirt
Techdirt hasn't written much recently about the trade agreement between the EU and Canada, generally known as CETA. That's because it is "finished" -- at least, in theory. It is now undergoing what is known as the "legal scrub" to prepare it for the final ratification on both sides. One story we did write concerned questions about the agreement's compatibility with EU law, largely because of the corporate sovereignty provisions in CETA. Things have been fairly quiet since then, which makes the following story in the Canadian edition of Huffington Post, on a related aspect, particularly intriguing: German chancellor Angela Merkel will be in Ottawa for a visit on Monday, but she may not be bringing the news [Canadian Prime Minister] Stephen Harper wants to hear when it comes to the Canada-European Union Comprehensive Economic and Trade Agreement (CETA). That's because the German government wants to reopen CETA and amend the investor-state dispute settlement [ISDS] mechanism. No source is given for that claim, but the following explanation is offered: Merkel likely does not have an ideological problem with bestowing corporations with the hammer of the investor-state provision, but the political reality is that her Christian Democrats have 311 seats in the Bundestag and need the support of the 193 Social Democrats in that legislature to maintain her 'grand coalition' government. Her minister of economy is a Social Democrat and that party is very clear in its opposition to investor-state. Last year, that party's convention passed a resolution against investor-state. In other words, Merkel needs to keep her Social Democrat coalition partners happy if CETA and TTIP are to pass in the national vote that will be held at some point. That impacts CETA, because last month the same Social Democrat Minister of the Economy and Energy made a joint declaration with his French counterpart in which they said they wished to examine "all the options for changing" the ISDS chapter in CETA (original in French). The Huffington Post article also notes that what happens with CETA has big implications for TAFTA/TTIP: Beyond the challenge of coalition politics for Merkel, she also needs to contend with an electorate that may not have paid too much attention to a 'free trade' agreement with Canada, but is very attentive -- and critical -- of the European Union's current negotiations with the United States on another 'free trade' deal called the Transatlantic Trade and Investment Partnership (TTIP). If Merkel agrees to a corporate rights provision in CETA, voters in Germany know that the same powers would be extended to U.S. corporations too. If Merkel is indeed beginning to worry about the huge backlash in Germany against TTIP thanks to the corporate sovereignty provision it contains -- the main bone of contention for many people -- she knows that she must also deal with it in CETA, too. That would make a request to open up the ISDS section at least plausible, even if it would be pretty dramatic at this late stage, especially given statements by the Canadian Prime Minister that CETA's ISDS is non-negotiable. However, Harper has a general election coming up in October this year, and might prefer to accept CETA without corporate sovereignty rather than risk losing the political prize of a trade agreement with Europe altogether by refusing to renegotiate on this critical point. Follow me @glynmoody on Twitter or identi.ca, and +glynmoody on Google+Permalink | Comments | Email This Story

Read More...