posted 19 days ago on techdirt
We've noted for months how an unknown party has been using bots to bombard the FCC website with entirely bogus support for the agency's planned attack on net neutrality. Inquiries so far have indicated that whatever group or individual is behind the fake support used a bot that automatically pulled names -- in alphabetical order -- from a compromised database of some kind. Earlier this year one reporter actually managed to track down some of these folks -- who say they never filed such comments or in many instances had no idea what net neutrality even is. Earlier this year, some reporters discovered that some of the biggest fans of the FCC's myopic assault on net neutrality appear to be dead: "As the war over the fate of America's free and open internet lumbers on, it appears that opponents of net neutrality will do anything in their power to turn control of the internet over to massive telecom companies—including committing fraud. As detailed in a letter sent to the FCC Thursday morning, people are pissed that their personal information was used without their knowledge to post anti-net neutrality comments to the FCC's website, which includes at least two people who are recently deceased. Others have since continued to dig through the names used to support Ajit Pai's attack on net neutrality -- and continue to find that many of them had never visited the FCC website, had no idea what net neutrality is, or were no longer breathing. Like John Skalski of Sharpsburg, Georgia -- who back in May purportedly submitted this (factually incorrect) comment to the FCC comment proceeding. Note its content is different from the bot-generated comments that had been methodically submitted already: Which is interesting because John is, well, dead: "However, if you go to his house on 11 Tee Pee Row, you will unfortunately speak to a kind person who will tell you that John has been passed away since 2016 and no one else there has the same name. Unfortunately, that is a fake public comment. I found Mr. Skalski’s obituary later: This is where we'll remind you that the FCC has shown no interest whatsoever in investigating any of this. Similarly, when I contacted the agency to tell them someone else had written a fraudulent comment in my name supporting the attack on net neutrality, I was told there was simply nothing that could be done. Combined with the agency's apparently fabricated DDoS attack, there's more than a few indicators that the agency is eager to malign the integrity of the public feedback period in order to try and downplay the massive public backlash to its handout to the telecom industry. While the FCC is expected to unveil its full plan ahead of Thanksgiving for what will likely be a vote right before Christmas, it seems more than likely that this year's ongoing necromancy will play a starring role in the inevitable lawsuits to come. Permalink | Comments | Email This Story

Read More...
posted 19 days ago on techdirt
As we noted a couple of months ago, the topic of corporate sovereignty -- also known as investor-state dispute settlement (ISDS) -- has rather dropped out of the public eye. One post on the subject from earlier this year pointed out that an editorial in the Financial Times had called for ISDS to be "ditched". That was welcome but surprising. At the time, it seemed like an outlier, but it now looks more as if it was simply ahead of the field, as many more have started to call for the same. For example 230 law and economics professors are urging President Trump to remove corporate sovereignty from NAFTA and other trade deals (pdf). From a rather different viewpoint, here's Dan Ikenson, a director at the Cato Institute, calling for ISDS to be absent from a re-negotiated NAFTA: U.S. negotiators should offer to drop their rules-of-origin and sunset provision demands in exchange for agreement to expunge the controversial dispute settlement provisions under Chapters 11 and 19. These provisions are unnecessary, raise fundamental questions about sovereignty and constitutionality, and fuel trade agreement opposition on both the political left and right. It's all very well for professors and pundits to call for corporate sovereignty to go, but what do the people who have the power -- the politicians -- think? Well, here's the newly-elected prime minister of New Zealand, Jacinda Ardern, speaking on the topic: We remain determined to do our utmost to amend the ISDS provisions of TPP. In addition, Cabinet has today instructed trade negotiation officials to oppose ISDS in any future free trade agreements. Finally, and arguably most importantly, this is what the US Trade Representative, Robert Lighthizer, said recently (reported on Forbes): It's always odd to me when the business people come around and say, 'Oh, we just want our investments protected.' … I mean, don't we all? I would love to have my investments guaranteed. But unfortunately, it doesn't work that way in the market. … I've had people come in and say, literally, to me: 'Oh, but you can't do this: you can't change ISDS. … You can't do that because we wouldn't have made the investment otherwise.' I’m thinking, 'Well, then why is it a good policy of the United States government to encourage investment in Mexico?' … The bottom line is, business says: 'We want to make decisions and have markets decide. But! We would like to have political risk insurance paid for by the United States' government.' And to me that's absurd. You either are in the market, or you're not in the market. Whether that extraordinarily sensible analysis is ultimately converted into action remains to be seen: there will be plenty of lobbying against the idea. But the fact that so many are now making the call for corporate sovereignty to be dropped from existing and future trade deals does, at least, make it much more likely that it will happen soon. Follow me @glynmoody on Twitter or identi.ca, and +glynmoody on Google+ Permalink | Comments | Email This Story

Read More...
posted 20 days ago on techdirt
At the height of the first dot-com bubble, many patent applications were filed that took common ideas and put them on the Internet. This month's stupid patent, U.S. Patent No. 6,738,155 ("the '155 patent"), is a good example of that trend. The patent is titled "System and method of providing publishing and printing services via a communications network." Generally, it relates to a "printing and publishing system" that provides "workflow services...using a communication network." The original application was filed in 1999, and the patent issued in 2004. The '155 patent has a significant litigation history. Starting in 2013, its owner1 CTP Innovations, LLC, filed over 50 lawsuits alleging infringement, and told a court it intended to file as many as 200 additional cases. CTP claimed [PDF] that infringement of its patent was "ubiquitous" by the printing and graphic communications industry. In response to CTP's claims of infringement, several defendants challenged the patent at the Patent Office, using a procedure called "inter partes review" (or "IPR" for short). The IPR procedure allows third parties to argue to the Patent Office that a patent shouldn't have been granted because what was claimed in the patent was either known or obvious (two requirements for being awarded a patent) at the time it was allegedly invented. The challenger presents what's called "prior art," that is, material known to the public before the alleged invention. The challenger uses the prior art to show that the patent's claims weren't new or non-obvious when the application was filed. A patent owner is then given the chance to show why they are entitled to a patent. Here is claim 10 of the '155 patent, one of the claims challenged by the defendants: 10. A method of providing printing and publishing services to a remote client in real time using a communication network, the method comprising: storing files on a computer server, the files containing information relating to images, text, art, and data; providing said files to a remote client for the designing of a page layout; generating a portable document format (PDF) file from the designed page layout; generating a plate-ready file from said PDF file; and providing said plate-ready file to a remote printer. Here's how the Patent Office presiding over the IPR described [PDF] claim 10: Claim 10 is drawn to a method that requires: (1) storing files; (2) providing the files to a remote user for designing a page layout; (3) generating a PDF from the designed page layout; (4) generating a "plate-ready file" from the PDF; and (5) providing the plate-ready file to a remote printer. In order to show that this claim should be cancelled, the challenger relied on several pieces of prior art to show that claim 10 of the '155 patent was obvious. During the IPR, the parties generally did not dispute that steps (1)-(4) were disclosed by the prior art. The only dispute noted by the Patent Office about what was disclosed by one particular prior art combination known as "Dorfman and Apogee" was whether sending a file to a remote printer (step (5)) was new or non-obvious. The Patent Office originally found [PDF] that even though the prior art disclosed all the other parts of the alleged invention, the prior art didn't disclose sending files to a remote printer. That was enough to rule that claim 10 was new and non-obvious, and in favor of the patent owner. We don't think that minor difference from the prior art should matter. The '155 patent doesn't claim to have invented how to send files to a remote printer (nor could it in 1999, as a quick search reveals). Such a trivial change shouldn't allow someone to claim a monopoly, especially when everyone was doing things "on the Internet" in 1999. For this reason, this patent is worthy of our award. Fortunately, the Patent Office changed its mind [PDF] on the patentability of claim 10 and sending files remotely, after the challenger pointed out that the prior art did disclose doing exactly that. In January 2017, the Patent Office ruled that claim 10, as well as claims 11-7, 19 & 20, should be cancelled, and CTP did not appeal that decision. Thanks to IPR, CTP can no longer use many of the claims of the '155 patent to sue others. Indeed, it does not appear that CTP has brought suit against the 200 parties it threatened to sue. IPR is currently facing an existential threat: the Supreme Court is currently deciding whether it is constitutional for the Patent Office to double-check its work after a patent has issued. We think it is. As this short story shows, the Patent Office sometimes misses things in the prior art, and unsurprisingly then, often allows patents that it shouldn't. The public should be able to point out those mistakes to the Patent Office and not have to pay patent owners for things that rightfully belong to the public. Republished from the EFF's Stupid Patent of the Month series. 1. It turned out that at the time CTP filed its lawsuits, it didn't actually own the patent [PDF]. Permalink | Comments | Email This Story

Read More...
posted 20 days ago on techdirt
With several reports about data breaches occurring over the past few years, we've developed something of a mantra around here: it's always, always worse than first reported. Yahoo just went through this having finally admitted that literally every email account was compromised way back in 2013 after having first said it was only a few hundred thousand accounts that were impacted. Deloitte and Equifax followed this same playbook with their own breaches, trickling out little by little just how wide an impact those hacks had achieved. And now we're seeing something of a spinoff of that mantra when it comes to the impact Russian trolls and the now infamous Internet Research Agency (IRA) advertising buys had on Facebook. You may recall that everything about this story seemed fairly minimalist in the initial reporting. The amount of money spent on the ad-buy itself was low enough to induce eyerolls from many. Facebook itself estimated that 11.4 million people saw ads bought by the IRA over the course of two years or so, which is not the kind of number that sets off all four alarms at the democracy firehouse. But Facebook has now given everyone a better idea of how much reach these ads actually had. And these numbers are far more alarming. Facebook will inform lawmakers this week that roughly 126 million Americans may have been exposed to content generated on its platform by the Russian government-linked troll farm known as the Internet Research Agency between June 2015 and August 2017, CNN has learned. In written testimony to the Senate Judiciary Subcommittee on Crime and Terrorism, a copy of which was obtained by CNN, Facebook General Counsel Colin Stretch says that 29 million people were served content directly from the Internet Research Agency, and that after sharing among users is accounted for, a total of "approximately 126 million people" may have seen it. Facebook does not know, however, how many of those 126 million people actually saw one of those posts, or how many may have scrolled past it or simply not logged in on the day that one of the posts was being served in their News Feed. The inability to nail down just how many eyeballs viewed these ads is, of course, due to the nature of social media. Buying the ads and targeting primary viewers of them is one thing, but it's the sharing and re-sharing of those ads that extend their reach exponentially. And it's quite nice of Facebook to come right out and admit that it actually has no idea how many people viewed these ads, even as it offers up estimates to the contrary. This is a feature of a social media platform like Facebook, not a bug. And, to the IRA's credit, it's a brilliant and inexpensive method for having some measure of influence in a foreign country's democracy. Facebook builds a sharing tool and these folks take advantage of the very nature of that tool. Which is what makes Facebook's attempt to downplay all of this all the more perplexing. Nevertheless, Facebook says in its testimony that the posts from those pages represented "a tiny fraction of the overall content on Facebook." "This equals about four-thousandths of one percent (0.004%) of content in News Feed, or approximately 1 out of 23,000 pieces of content," Stretch writes. "Put another way, if each of these posts were a commercial on television, you'd have to watch more than 600 hours of television to see something from the IRA." Except, as Facebook and Colin Stretch damned well know, Facebook doesn't operate anything remotely like television. Nor do its ads. The engagement process of those ads is wildly different. The ability to share those ads is not a feature of television. The granular targeting for eyeballs of those ads is simply not something that can be achieved by television advertising. The geographic targeting specifically, with an eye on influencing votes and the outcome of an election, is simply not a feature available to traditional television advertising. I know why Facebook wants to pretend otherwise in this instance, but it simply isn't true. So, even as some are trying to downplay the impact, and even the existence, of this foreign intervention into our election cycle, it's worth acknowledging that these things, like data breaches, tend to be worse than first reported. And no obfuscation from Facebook about how much like television it is can change the raw numbers, or its acknowledgement that it doesn't actually know how many people saw this stuff. Permalink | Comments | Email This Story

Read More...
posted 20 days ago on techdirt
For the second time in less than a month, a judge -- the same judge -- has tossed out lawsuits from anonymous law enforcement officers filed against the social movement known as Black Lives Matter. Much like the no-name cop in the other idiotic lawsuit, this anonymous cop swore up and down (as one tends to do in legal filings) Black Lives Matter was responsible for injuries he sustained during an ambush. Judge Brian Jackson warned the unnamed plaintiff his suit was on its way to the dustbin of history shortly after tossing the first officer's suit -- one that included a hilarious attempt to hold a Twitter hashtag responsible for injuries sustained during a protest. Finding this suit to be more of the same, the judge warned the officer to start making some actual actionable claims or face dismissal. No such claims have been stated apparently, as Courthouse News Service reports. “Based on the facts alleged, plaintiff’s counsel has failed to plead a plausible claim that defendants can be held liable for Officer Smith’s injuries,” the judge wrote in Friday’s ruling. “Instead, plaintiff’s counsel simply asserts—without pointing to any supporting facts—that the shooter was acting ‘as [‘Black Lives Matter’] leaders had directed its followers.’” Jackson ruled that isn’t enough to assert a claim against the movement and McKesson. He said Grodner had not shown that there was “any contact either directly or indirectly” between Black Lives Matter and the shooter, Gavin Long, a 29-year-old former Marine from Kansas City, Mo. Gavin Long shot and killed three officers a few days after Alton Sterling was killed by Baton Rouge police officers. The anonymous officer suing Black Lives Matter was injured in the shooting. As tragic as the whole situation is, it still doesn't justify suing a non-entity with allegations a social movement somehow pushed a person to kill and injure police officers. There's no case to be made, as the court points out in a paragraph both devastating and succinct. From the opinion [PDF]: All of Plaintiff’s Counsel’s allegations against Defendants suffer from the same deficiency: the facts pleaded do not give rise to a plausible inference that Defendants are liable for the conduct alleged. Plaintiff’s Counsel’s rambling Complaint focuses almost exclusively on events in other states, in other cities, and at other periods of time entirely unconnected to the shooting that gave rise to this cause of action. To the extent the Complaint describes allegations against named Defendants, such general allegations consist either of protected free speech activity or wholly conclusory statements that do not meet the plausibility standard required to survive a motion to dismiss. Suing Black Lives Matter for being shot at by some rando criminal is like suing Blue Lives Matter every time an officer kills or wounds a citizen. Neither nebulous entity is responsible for the actions of an individual. Both are social movements incapable of being sued, even if someone could somehow provide a credible link between the movement's rhetoric and the plaintiff's injuries. It's an impossible bar to reach because this sort of evidence simply does not exist. Attorney Donna Grodner -- the same attorney behind the other failed v. Black Lives Matter lawsuit -- asked the court for a mulligan. Denied. The Court finds that leave to amend would be futile. In response to the Court’s Order to Show Cause, Plaintiff’s Counsel requests the opportunity to amend the Complaint only to add more of the same: allegations against Defendants unconnected to the incident giving rise to the tragic shooting of Officer Smith. Plaintiff’s Counsel states that it can provide “more factual allegations about each of the leaders and what each has done personally in his/her role as a founder/leader to invoke violence against police . . . to provide ample evidence that the leaders and founders incited a nation to violence against police.” Notably, Plaintiff’s Counsel still does not offer to provide any facts that connect the words or actions of named Defendants to the actions of the individual who ultimately shot Officer Smith. Generalized allegations that named Defendants expressed anti-police sentiments, without temporal or causal connection to the shooting, are insufficient to state a plausible claim for relief. Perhaps the court was already well aware of what laid ahead if it allowed Ms. Grodner to better explain herself. Here's Judge Brian Jackson's statement on a motion filed by Grodner in a case brought against her for professional misconduct. The Court granted Ms. Grodner's request, ordering that Ms. Grodner's Response be entered as "a new docket entry." (Doc. 3 at p. 1). Despite its styling, Ms. Grodner's rambling 18-page pleading was largely unresponsive to the Court's Show Cause Order, devoting significant portions to irrelevant issues, (Doc. 4 at pp. 3-4, 10-17 (discussing whether Ms. Grodner is subject to sanction for violation of Federal Rule of Civil Procedure 11, 28 U.S.C. § 1927, and/or her performance in unrelated cases)), non sequiturs, (see id. at p. 14 n.17 ("The secretary, who made this error, no loner [sic] works for Ms. Grodner, because she had to leave once she was accepted into the Harvard Law School on a full scholarship."), and ad hominem attacks, (see id. at p. 15 ("This Court, itself, is not immune from human error."); id. at p. 15 n.21 ("The undersigned has not attempted to comb the docket of this Court to see if other human errors may be found, but suspects that there are other harmless errors."); id. at p. 17 ("There are a couple of admitted instances of human error, but this Court itself has committed human error.")). That's the second loss for Grodner in two consecutive, spectacularly bad lawsuits -- both argued in front of a judge that has had his patience tested by the attorney in earlier cases. It's unclear who's money she's wasting filing these suits. It could quite possibly be her own. If her anonymous cop clients were paying in full, it's unlikely she would have attempted to crowdfund their legal offense. Her YouCaring fundraising page for the lawsuits was deleted by the platform earlier this year for violating its rules. “In alignment with our mission, we removed this fundraiser because it was not within our community guidelines around promoting harmony,” YouCaring Chief Marketing Officer Maly Ly told PBS NewsHour Weekend in an email. “We are not the right platform to air grievances, or engage in contentious disputes or controversial public opinion.” Hopefully, this will deter copycat lawsuits. As amusing as the judicial smackdowns are to witness, they're a waste of everyone's time, including this particular judge's. Permalink | Comments | Email This Story

Read More...
posted 20 days ago on techdirt
Former revenge porn site owner Craig Brittain is now a Senate candidate in Arizona. He's not a viable candidate, mind you, not even with Arizona senator Jeff Flake recently announcing his retirement. But he has filed the proper paperwork and is now engaged in a charm offensive offensive offensive to win the hearts and minds of whatever demographic feels the public would be best served by someone who reacts to every perceptible slight with unhinged personal attacks. As a former revenge porn entrepreneur, Brittain has a bit more pre-run reputation management to engage in than most candidates. Just shortly after his candidacy was announced, Brittain issued two bogus "privacy" takedown requests targeting videos criticizing his ridesharing vaporware and his voluntary interview with journalists about his revenge porn site operations. Brittain followed this up with more reputation mismanagement, raining down insults on a Twitter user who dared to unfollow him. He's continued to poll the electorate in similar ways on Facebook, telling people they're wrong about everything if they don't agree with him, but especially about free speech and the concept of consent. That's what's happening above ground. Behind the scenes at Facebook, Craig Brittain is engaged in more bogus takedown efforts, this time in an attempt to scrub the web of a string of insults he sent to a woman via Facebook Messenger. The following comes from Shooting the Messenger, with an assist by Asher Langton. Earlier this week, social media expert Michael Palladino from Phoenix, Arizona, posted potentially damaging screenshots of abusive messages Brittain allegedly sent to a woman on Facebook last year. "A woman I know got these messages early last year from a guy who is now running for AZ senate. He most likely doesn't stand a chance against Ward or Krysten Sinema but the fact that he's running at all is disgusting given the kind of guy he is. And now that Flake is out, he might get more media visibility. So it's important that this shit is known. He has his supporters and their response to things like this is that he's the victim of some kind of conspiratorial hoax revenge machine, as if he would be so important as to catch the eye of the Illuminati or the Lizard People or whoever they think is responsible for their lives being shit. Or they agree with his views on women. Or they just don't care. Applauding anti-politicians who "tell it like it is" and "don't care about being P.C." can easily become the shallow backyard pool that breeds diseased mosquitoes like this. Enough is enough. Fuck this." Palladino's post is no longer accessible on Facebook. Someone came by and nuked it, using Facebook's reporting options. Shortly thereafter, this was posted on Craig Brittain's Senate race page: We've heard an impersonator is harassing people. Those messages aren't from us. While it's adorable Brittain's pretending he's got some sort of Senate race team operating out of Brittain HQ, the simple fact is Brittain reported Palladino's post to make it go away. In the process, he has possibly nuked one of his own personal accounts, which Facebook may decide belongs to an imposter. The account referenced in the Brittain's takedown request belongs to none other than Craig R. Brittain. As Sterling Jones points out, Brittain really shouldn't be reporting his own Facebook accounts as belonging to impersonators. I'm sure Facebook has compiled enough data to determine who actually owns the "Craig R. Brittain" account Craig R. Brittain For Senate now claims is a fake. This is ammo for FTC sanctions. As part of his settlement with the FTC, Brittain is permanently restrained from misrepresenting himself in connection with goods or services. So far, Brittain has used the account to push at least one (still nonexistent) ride sharing company and is engaged in a Senate run -- arguably a public "good/service," even if the list of candidates leaves something to be desired. There's no reason to believe the FTC will step in, though. And we really don't need it to. (Unless our schadenfreude reserves have run dangerously low.) It appears Brittain's perfectly capable of sabotaging his own future without government intercession. Permalink | Comments | Email This Story

Read More...
posted 20 days ago on techdirt
Here's one I certainly didn't expect. A group known for spreading a bunch of bogus RIAA talking points about the evils of YouTube seems to be admitting two odd things: (1) that it's impossible to expect YouTube to accurately police all the content on its site and (2) that sharing entire published news articles is clearly not copyright infringement. The group in question is the "Content Creators Coalition" -- last seen around these parts whining about the DMCA's safe harbors on a site that only exists because of them. And it seems that bizarre and self-contradictory publicity stunts are basically the norm for this group. They've specifically been whining about how one of their videos got taken down on YouTube over an apparent terms of service violation. They complained, and YouTube reviewed it, and put the video back up. But, the Content Creators Coalition is using this to argue... something about how YouTube is trying to censor criticism? It really doesn't make much sense, because it actually seems to be a pretty blatant admission by the Content Creators Coalition that their other bugaboo -- about how YouTube doesn't take down infringing content fast enough -- is completely silly as well. Proactively policing the millions upon millions of videos uploaded to the site (for free, mind you) is nearly impossible to do correctly. The article itself (published by the Google-hating News Corp.-owned NY Post) tries to attack YouTube's moderation features, but actually makes the perfect argument for why it's silly to expect an open platform like YouTube to police everything: While videos of ISIS beheadings somehow slipped past YouTube censors, the video streaming site didn’t have any problems finding a playful ad campaign by some indie musicians — and promptly pulling the plug on it. Right. Which is why it's great that we can now add the Content Creators Coalition to those who think that forcing YouTube to police and filter content on its platform is silly and will lead to unnecessary and misguided takedowns. Glad to have them on board. Now, the only reason I even know about this article is that it was sent to me by Eric Jotkoff at Law Media Group. If you don't remember Law Media Group, they're the secretive lobbying PR shop that seems to specialize in attacking Google with really sketchy practices, such as insisting that corn farmers will be hurt by Google partnering with Yahoo, or by publishing faked op-eds, such as one about how awful net neutrality was -- but "written" by a guy who actually was in favor of net neutrality. And when I say that Jotkoff and Law Media Group sent me that NY Post article, I do mean sent it to me. He sent me the entire article in an email. So that appears to be Law Media Group, on behalf of the Content Creators Coalition, admitting that sending around entire news articles is not infringing. Now, I'd argue that there's a good fair use case to be made for sharing full articles via email in such situations. But I wouldn't really expect a group like Law Media Group, which regularly sends me emails about the importance of stronger copyright on behalf of a whole bunch of groups that all seem to parrot the RIAA's talking points (coincidence, I'm sure?), to basically admit that reposting full articles from companies like News Corp. is fair use. I've asked Eric to confirm that this is the official stance of the organization, but, perhaps not too surprisingly, I have not heard back at the time of publication. Permalink | Comments | Email This Story

Read More...
posted 20 days ago on techdirt
Windscribe VPN is a VPN desktop application and browser extension that work together to protect your online privacy, unblock websites, and remove ads and trackers that follow you across the websites you visit every day. There are 3 subscription lengths of access with unlimited data available for an unlimited number of devices: $22.49 for 3 years, $40 for 5 years, and $49 for lifetime access. Windscribe's privacy policy can be found here for more information. Note: The Techdirt Deals Store is powered and curated by StackCommerce. A portion of all sales from Techdirt Deals helps support Techdirt. The products featured do not reflect endorsements by our editorial team. Permalink | Comments | Email This Story

Read More...
posted 20 days ago on techdirt
Law enforcement agencies aren't going to stop using cheap, faulty field drug tests. But they might soon be spending a lot more of the public's cash settling lawsuits springing from false arrests. NPR has rounded up a few stories of field drug tests declaring normal, legal "substances" to be illegal contraband, starting with a man whose Krispy Kreme donut residue led to an arrest… and a $37,500 payout. Here's how the plaintiff's story began: As Rushing drove away from the convenience store, police pulled him over. The officer said he had been driving 42 miles an hour in a 30 zone and had failed to come to a complete stop before entering the roadway. When Rushing handed over his driver's license, Officer Shelby Riggs-Hopkins noticed his concealed-weapons permit. Rushing confirmed he had a pistol, and she asked him to step out of the car for her safety. The officer then asked if police could search his car, and Rushing said sure — if it meant he wouldn't be ticketed. Rushing watched as the officers, who now numbered four, conducted a very thorough inspection of his car. Finally, Riggs-Hopkins said to him, "You want to tell me about what we found?" "There's nothing to find," he said, confused. But Riggs-Hopkins had noticed some crystals on the floorboard of the car, and when officers used a field testing kit, the white substance tested positive for methamphetamine. The supposed meth was actually glaze from a Krispy Kreme donut. But the faulty test the officers relied on swore it was drugs. Combined with Rushing's legal possession of a handgun, the charges mounted: possession of an illegal substance while armed with a weapon. Rushing spent 10 hours in jail before being released. It wasn't until much later that lab tests confirmed Rushing's "it's a donut" story. All charges were dropped. As NPR notes, this would be almost funny if it were a one-off. But it isn't. Field drug tests fail repeatedly. Another Florida resident was hauled off for cocaine possession over a substance later proven to be nothing more than drywall dust. (The "suspect" was a self-employed handyman.) Repeated inaccuracy in the cheap drug tests (less than $2 per) led the Orlando police to conduct an internal investigation of the tests. But the only outcome was additional officer training. The Orlando PD continues to use the NIK narcotic field tests despite their obvious unreliability. The manufacturer insists it instructs law enforcement users the tests are not meant to replace lab work but only to establish probable cause. That's a weak excuse, considering the false assumption of probable cause leads to Fourth Amendment violations at the absolute minimum. At best, people may have their vehicles and persons searched thanks to a test's bogus results. At worst, they're subjected to additional constitutional violations, jailed for days or weeks over innocuous, legal substances. Lab tests may clear this all up, but it takes time falsely-accused people don't have to get this straightened out. In some jurisdictions, turnaround time on lab tests may be more than two months. The accused are normally presented with two unpalatable choices: take a plea bargain involving admission of criminal activity they didn't actually commit or sit in jail until the test results come back. Some may be able to afford bail, but it's still money out of their pockets and a serious dent in their permanent records. Plea bargains may get them out of jail quicker, but it comes at the expense of the rest of their lives, detrimentally affecting their future employment and housing prospects. According to the PD's own stats, the field tests return false positives 20% of the time. Considering what's on the line for the falsely accused, this supposedly acceptable error rate is obscene. The NPR piece ends with the falsely-accused man joking he never eats donuts in his car anymore. Maybe it's a joke, but the punchline relies on citizens altering their habits because cops are willing to let a provably-fallible $2 field test determine the outcome of the rest of someone else's life. There's nothing funny about that. Permalink | Comments | Email This Story

Read More...
posted 20 days ago on techdirt
So if you've followed the debate over net neutrality for much of the last decade, you probably remember images like these, purporting to show what the internet might look like if we let broadband duopolies like AT&T or Comcast dictate internet access pricing structure: And while these mock ups were tongue in cheek, large ISPs have given every indication that this idea of freedom costing extra isn't too far from their ideal. And abusing a lack of broadband competition to force users to shell out additional funds to access to the content and services of their choice isn't too far off of what has already happened, whether we're talking about AT&T's decision to block Facetime from working unless users shelled out for more expensive plans, or Verizon's recent decision to charge users $10 more just to avoid arbitrary video throttling. In Portugal however, there are no net neutrality rules. And ISPs there have already started taking advantage of it in a way that eerily echoes the warnings net neutrality advocates have been making for years. Lisbon-based mobile and fixed broadband provider MEO has been selling broadband service tiers for some time that cap your internet data usage, after which they're happy to sell you additional buckets of data depending on which types of services you traditionally use: In Portugal, with no net neutrality, internet providers are starting to split the net into packages. pic.twitter.com/TlLYGezmv6 — Ro Khanna (@RoKhanna) October 27, 2017 It's important to note that capping usage then doling out additional data based on types of content isn't the same idea as blocking users from accessing parts of the internet unless they pay up, but it's still detrimental to the health of the internet. As we saw with T-Mobile's Binge On, these plans are designed to create the illusion of a bargain. But these types of plans not only raise questions about ISP power to dictate which companies and services are whitelisted, but they're based on a fundamentally incorrect premise that these restrictions are necessary in the first place. Usage caps and overage fees aren't based on network or economic realities. They aren't useful to manage congestion. Their entire function is to creatively drive up costs via arbitrary barriers to entry, after which ISPs convince consumers they're somehow getting a deal by providing additional data "for free" or "at a discount." ISPs have often falsely tried to equate this as the same thing as 1-800 numbers or free shipping, which is bullshit. All that's really happening is that internet access is being artificially limited, and users are being forced to pay more money to access the internet as intended. While people often like to focus on the threat of ISPs blocking access to content, ISPs know that's a surefire way to earn public scorn. That's why ISPs have developed a myriad of more creative ways to (ab)use the lack of competition in the space to ill effect, whether that's imposing arbitrary and unnecessary usage caps and overage fees, exempting an ISPs own services from said caps, or hamstringing competitors elsewhere in the network, as we saw when ISPs began intentionally clogging peering points to drive up costs for streaming competitors and transit operators (interconnection). With the Trump administration rushing forward with its plan to kill net neutrality here in the States, and a rise in cable's monopoly over fixed-line broadband, you can expect a whole lot more U.S. broadband pricing and package "creativity" in the not so distant future. That may not involve outright blocking your access to content, but it's more than likely to involve entirely arbitrary, uncompetitive and harmful limits you'll be told are somehow necessary and for your own good. Permalink | Comments | Email This Story

Read More...
posted 20 days ago on techdirt
Sen. Ron Wyden is again raising concerns about NSA tactics, this time through his recently-submitted Section 702 reform bill. The USA RIGHTS Act contains a number of improvements, including addressing backdoor searches of NSA data by federal agencies and increasing the reporting requirements for access of US persons communications and data. It also permabans the NSA's "about" collection -- one it shut down voluntarily after years of misuse but recently expressed an interest in restarting. There's another form of surveillance being eyed by Wyden's bill: technical assistance. Marcy Wheeler points out some of the limitations imposed by the bill, which appear to target compelled assistance by tech companies. (B) LIMITATIONS.—The Attorney General or the Director of National Intelligence may not request assistance from an electronic communication service provider under subparagraph (A) without demonstrating, to the satisfaction of the Court, that the assistance sought— (i) is necessary; (ii) is narrowly tailored to the surveillance at issue; and (iii) would not pose an undue burden on the electronic communication service provider or its customers who are not an intended target of the surveillance. This could refer to FISA-enabled pressure to backdoor encryption or allow the NSA to otherwise compromise hardware and software. And it may be Wyden's way of sending out a heads up to the general public. This suggests that Wyden is concerned the government might use — or has used — FISA to make sweeping onerous technical demands of companies without explicitly explaining what those demands are to the Court. No one should be surprised the government is -- or intends to -- use the FISA court to compel compliance. This is another tool it has at its disposal, going hand-in-hand with All Writs orders to cover government requests not explicitly allowed by existing law. As we saw in the government's most famous All Writs case -- its legal battle with Apple over the contents of the San Bernardino shooter's iPhone -- these expansive orders predicated on a 1789 law still have their limits. As more companies fight back against government overreach, the NSA will need to keep its options open if it hopes to compel compliance. But if it's going to do this, it needs to be on the record. This is what Wyden's bill would do: force the NSA (and other IC agencies) to detail their plans for compelled assistance and seek explicit approval for these actions from the court. Permalink | Comments | Email This Story

Read More...
posted 21 days ago on techdirt
The so-called "impact factors" of journals play a major role in the academic world. And yet people have been warning about their deep flaws for many years. Here, for example, is Professor Stephen Curry, a leading advocate of open access, writing on the topic back in 2012: I am sick of impact factors and so is science. The impact factor might have started out as a good idea, but its time has come and gone. Conceived by Eugene Garfield in the 1970s as a useful tool for research libraries to judge the relative merits of journals when allocating their subscription budgets, the impact factor is calculated annually as the mean number of citations to articles published in any given journal in the two preceding years. The rest of that article and the 233 comments that follow it explain in detail why impact factors are a problem, and why they need to be discarded. The hard part is coming up with other ways of gauging the influence of people who write in high-profile publications -- one of the main reasons why many academics cling to the impact factor system. A story in Nature reports on a bold idea from a top Chinese university in this area: One of China's most prestigious universities plans to give some articles in newspapers and posts on major social-media outlets the same weight as peer-reviewed publications when it evaluates researchers. It will work like this: articles have to be original, written by the researcher and at least 1,000 words long; they need to be picked up by major news outlets and widely disseminated through social media; and they need to have been seen by a large number of people. The policy requires an article to be viewed more than 100,000 times on WeChat, China's most popular instant-messaging service, or 400,000 times on news aggregators such as Toutiao. Articles that meet the criteria will be considered publications, alongside papers in peer-reviewed journals. The university has also established a publication hierarchy, with official media outlets such as the People's Daily considered most important, regional newspapers and magazines occupying a second tier, and online news sites such as Sina, NetEase or Sohu ranking third./blockquote> One of the advantages of this idea is that it recognizes that publishing in non-academic titles can be just as valid as appearing in conventional peer-reviewed journals. It also has the big benefit of encouraging academics to communicate with the public -- something that happens too rarely at the moment. That, in its turn, might help experts learn how to explain their often complex work in simple terms. At the same time, it would allow non-experts to hear about exciting new ideas straight from the top people in the field, rather than mediated through journalists, who may misunderstand or distort various aspects. However, there are clear risks, too. For example, there is a danger that newspapers and magazines will be unwilling to accept articles about difficult work, or from controversial academics. Equally, mediocre researchers that hew to the government line may benefit from increased exposure, even resulting in them being promoted ahead of other, more independent-minded academics. Those are certainly issues. But what's interesting here is not just the details of the policy itself, but the fact that it was devised and is being tried in China. That's another sign that the country is increasingly a leader in many areas, and no longer a follower. Follow me @glynmoody on Twitter or identi.ca, and +glynmoody on Google+ Permalink | Comments | Email This Story

Read More...
posted 21 days ago on techdirt
The fever-pitch from those that claim that violent video games lead to real-life malicious activity is such that it produces some truly dumb diatribes and soundbites. Despite vast evidence that human beings are at least intelligent enough to separate digital violence from real-world violence, and given how rife with error and purposeful obfuscation the opposing research has been, we still get the silliness. Dr. Oz spouts off about the harm video games do to teenagers, forgetting to back it up with anything resembling evidence for his position. Dan Brown was sure video games lead to real-life violence, forgetting apparently that his own novels are stuffed with violent episodes. And Pat Robertson told his addled audiences that killing in a game is no different at all than killing someone in real life, indicating that we are a nation chock full of mass murderers that will be judged harshly by the Lord his god. But it's something of a new low to see oil-business advocacy group Energy Builders attempt to label the creator of a video game an "eco-terrorist" because the game includes some mild violence against oil pipelines. “Thunderbird Strike” is a Windows PC game that allows players to take the form of a thunderbird. The mythological creature, rooted in indigenous culture, flies from the Alberta’s tar sands to the Great Lakes, where environmentalists are currently challenging Enbridge’s Line 5, a 645-mile-long crude oil pipeline. Players use lightning strikes to gain points by destroying pipeline equipment, but they can also revive animal skeletons. The game sends an obvious message in support of political activism, offering advice on its website for users who want to take action against fossil fuel extraction. That’s not pipeline-advocate Energy Builders’ apparent problem, though. Its issue it has is with users blowing up pipelines, according to a press release. Energy Builders considers this signature move “an act of domestic terrorism.” First off, it's been quite nice to not hear form Energy Builders on all the other violent video games out there that allow you to perform actions much more insidious compared with fantasy-striking an oil pipeline with a lightning-bird. I guess all the fictional and virtual murder out there that got Pat Robertson's sin-detector humming is of no concern to Energy Builders, whereas virtual violence against some metal and plastic is a bridge too far. It's tempting to wave off these comments as simple oil industry silliness, except that calls for anything resembling eco-activism as terrorism have become a kind of sport for the industry, often with dire consequences at the federal level. Linking environmentalists with terrorism is becoming a popular way of attacking activists. In Congress, 84 members (including four Texas Democrats) sent Attorney General Jeff Sessions a letter Monday asking him to label environmental activists as terrorists. They don't use the term explicitly, but mention 18 U.S. Code 2331, which is all about defining international and domestic terrorism. It's quite easy to see how an innocent game-maker might be "accidentally" lumped in with groups far more extreme in their actions. That's the real danger with an energy group happily throwing around words it knows are irresponsible. Meanwhile, I imagine the game's creator might want to send a fruit basket to Energy Builders for propelling the game into the public consciousness with all of this silliness. This kind of Streisand Effect is almost classic in nature, with news coverage of the game so hated by Energy Builder supercharging the attention it is receiving. Permalink | Comments | Email This Story

Read More...
posted 21 days ago on techdirt
There are a lot of people out there that don't understand intellectual property issues. But perhaps no one misunderstands them quite as badly as internet marketing guru Dan Dasilva. And Dasilva has no excuse. He's been on the losing end of a copyright infringement lawsuit. Despite this, Dasilva continues to express his ignorance -- and proclaim his victimhood -- publicly on his YouTube channel. (h/t Techdirt reader Andy Gural) Dasilva snagged an image from Google's image search and used it on a website he set up for one of his clients. The photographer who took the picture -- Michael Grecco -- sued Dasilva for infringement, ultimately ending up with $27,000 settlement and $10,000 in legal fees. Dasilva has seemingly learned nothing from this experience. In fact, it appears the lawsuit may have actually made him stupider. "The reason I was sued was because I used a picture that I found on Google Images," Dasilva says in his warning to other content creators. But instead of simply warning people about the dangers of infringing on photographers' copyrights, Dasilva decides to warn people about "malicious" people out there who are trying to profit off their copyright. "I never really thought that there are malicious people out there… there are people out there who maliciously put pictures on the Internet," Dasilva states. "They copyright pictures that they take, and what they do is, they'll get a copyright on it, and they'll put it out on the Internet, and it's freely available on the Internet. If you run a Google search their image will appear." Yes, Dasilva somehow believes copyrighted photos returned in Google image searches are honeypots created by photographers. But that only scratches the surface of Dasilva's ignorance. He also appears to believe photos need to be watermarked clearly with copyright symbols in at least 12 point text so people like him won't fall into the trap of being sued for grabbing images off the internet and treating them as their own. There are more gems to be found in Dasilva's video, including his assertion he's not going to slow down his infringing use of other people's photos. But then again, what do you expect from a video that leads off with "my lawyer told me not to make this video?" Dasilva appears to believe he should have been given a warning by Michael Grecco, rather than sued. But given his grasp of the underlying issues (and his plan to continue his infringing acts), it's hard to believe a mere cease-and-desist would have been sufficient. He does suggest viewers search for Creative Commons images, which is a start, but seems to imply it's a last-ditch option for people with a reasonable disinterest in being sued. He also fails to clarify that Creative Commons is not nearly the same thing as public domain. Some CC licenses forbid commercial use. If Dasilva knew anything about Grecco, he would have known the photographer is an aggressive litigant. He's sued plenty of publishing industry giants for alleged infringement. Grecco's litigation history may appear troll-like, but he's not in the business of suing IP addresses en masse or targeting individuals who may have posted his photos on their personal blogs. Grecco's aggressive litigation stance in no way validates Dasilva's claims he's the real victim here. And it must be noted Grecco has taken a far more progressive stance than many engaged in the business of infringement litigation. When he noticed PDFs of his photography book being shared at filesharing sites, he took it to mean he needed to create an electronic version to serve this underserved market. If Dasilva finds himself sued again, it's doubtful he'll be able to secure the same representation. Unfortunately, the fallout from his lawsuit means thousands of people looking to him for e-commerce advice have just been made stupider. Permalink | Comments | Email This Story

Read More...
posted 21 days ago on techdirt
The war on security researchers continues. But then, it's never really shown any sign of abating, has it? Report after report comes in of security researchers being threatened with lawsuits or arrest simply for finding and reporting security breaches. The war on Jean Camp continues to this day, with the researcher on the receiving end of multiple legal threats from the American law firm representing Kremlin-linked Alfa Bank. Camp came under fire from the bank last year, after a story came and went mistakenly insinuating a Trump server was in engaged in lively conversation with Alfa Bank's servers during the run-up to the presidential election. That was back in March. Law firm Kirkland & Ellis sent legal threats and communication retention demands to Camp. In addition to demanding she retain all communications possibly relevant to Alfa Bank's vendetta, the firm also threatened to file CFAA charges. Nothing has improved over the last several months. The law firm's tactics now apparently include the use of FOIA laws to grab even more of Camp's communications. The Intercept reports on the latest developments in the Alfa Bank case. Alfa’s lawyers went beyond scary lawyer boilerplate, demanding that Camp not only turn over all of her related communications with members of the media, but also divulge her full correspondence with the anonymous Tea Leaves, presumably for the purpose of unmasking and pursuing them. As a professor at a publicly funded university, Camp’s official correspondence is subject to public disclosure. Alfa Bank seems keen on discovering who the mysterious security researcher "Tea Leaves" is. The pseudonymous researcher was instrumental to the mistaken claims published by Slate in its original report on the supposed link between Trump and the Russian bank. A letter sent by the law firm in May demands Camp turn over "Tea Leaves'" real name, title, and work address if she's in possession of that information. Another letter in June expanded Alfa's demands, ordering Camp to turn over communications and other information related to her work with other security researchers. The latest letter, dated August 3, shows Alfa -- through Kirkland & Ellis -- serving up a public records request for "All emails sent, received, or deleted by Professor Camp from University computers or systems using her University or personal email accounts that include any of the keywords "Alfa," "Alpha," "Alfa Bank," "Alpha Bank," "Trump," "Clinton," "Russia" or "Tea Leaves." Considering this all took place shortly before the election, this request has the potential to sweep up a great number of communications not directly related to Alfa Bank's case. But even if it were more limited, it would still be disturbing. Alfa is looking to out other security researchers Camp has been in contact with, presumably in hopes of nailing a few of them to the wall for drawing mistaken conclusions about Trump server traffic. The Intercept's Sam Biddle notes this clearly isn't what legislators had in mind when crafting public records laws. Although public records laws typically don’t distinguish between U.S. citizens and foreign entities that use them, the purpose and spirit of such laws are generally understood to be a means of making government activities transparent for the public interest. Camp works for a public university and is a government employee, of course, but it’s hard to imagine laws like Indiana’s Access to Public Records act drafted with the well-being of Russian financial mega-institutions in mind. This is likely true, but ultimately it makes no difference. The law cannot forbid companies from using public records laws to obtain information. (And companies know it.) After all, companies are made up of people and proxy records requests aren't just for bullying by foreign banks. Muckrock does this all the time, acting as an intermediary for requesters who don't live in the states they're requesting records from. Some laws prevent out-of-state requests. Muckrock's proxies work around this limitation. The use of a US law firm is more of the same, even though most records requesters aren't normally looking to destroy the target of their requests. Oddly, the PR firm representing Alfa Bank has been the only entity to respond to requests for comment. And it has done so with as much spin as possible. As Biddle reports, BGR Public Relations claims the nearly-yearlong issuance of threats and demands to Jean Camp isn't illustrative of Alfa Bank's end goals. It just wants to "get the facts straight." Apparently, straightening things out means endangering Camp's career and, potentially, the livelihoods of every researcher she spoke to about Alfa Bank server traffic. Permalink | Comments | Email This Story

Read More...
posted 21 days ago on techdirt
Last week, the DOJ changed its policy on gag orders. In the past, the DOJ loved attaching indefinite gag orders to nearly everything it submitted to service providers. This prompted some backlash in the form of courtroom challenges. It appears the DOJ has decided to choose its battles more carefully. Gag orders can still accompany warrants and subpoenas, but they now have a more definitive end date. Barring exceptional circumstances, prosecutors filing§ 2705(b) applications may only seek to delay notice for one year or less. Naturally, the government has taken its own policy to mean it should ask for the new maximum in every case. A subpoena gag order requested by the US Attorney's Office asks for a year's worth of silence from Google. But Judge Orenstein -- one of the members of the post-Snowden "magistrates revolt" -- doesn't find the government's boilerplate persuasive. (h/t Riana Pfefferkorn) From the order [PDF]: The government seeks an order requiring subpoena recipient Google Inc. ("Google") not to notify any person (aside from Google's counsel) of the subpoena's existence for a period of one year. Docket Entry ("DE") 1 ("Application"). For the reasons set forth below, I deny the motion without prejudice to renewal. In short, the government has not made the factual showing necessary to secure the relief it seeks, and it does not explain why non-disclosure is needed for an entire year. Judge Orenstein then goes on to deconstruct the government's boilerplate. First, the government continues to rely on its earlier formulation that the investigation it seeks to advance through the issuance of a subpoena "is neither public nor known to all of the targets of the investigation." That suggests that there are investigative targets who do know of the investigation's existence. If that is the case, then the risk already exists that such targets will take steps to flee, alter or destroy evidence, or otherwise impede the investigation's progress; at a minimum, I cannot infer that Google's disclosure of the subpoena's existence would create or exacerbate any such risk. Second, the Application provides no information concerning the person about whom the government seeks to secure information from Google: I know nothing of his or her status as a witness, victim, subject, or target with respect to the investigation; nor does the record reveal whether the person has any relationship with any subject or target that might give him or her an incentive to reveal the subpoena's existence and thereby potentially impede the investigation. Third, while the Application reports that the subject account "is believed" (by some unidentified person) to be held or used by an individual not in custody who lacks full knowledge of the investigation, it provides nothing to shed any light on the basis for that belief. Fourth, even assuming the belief to be well grounded, it is too vague to support the finding the statute requires. The proposition that the account holder or user does not yet know "the extent of the investigation" suggests that that person does know something about it – but whether that knowledge suffices to provide the ability or motivation to take any action that would impede the investigation is impossible to discern. I assume the government's concern is genuine, and that it may well have a sufficient factual basis, but the existing record gives me no way to predict, as I must to grant the requested relief, that Google's disclosure of the subpoena will have any adverse effect on the government's investigation. The whole order is a fun read, with Orenstein showing his displeasure with the government's automatic demand for the maximum allowable-gag order length despite providing zero factual assertions backing its claimed need for 365 days of secrecy. Orenstein also denies the government's request to have the docket sealed indefinitely, explaining this makes no sense when it's only asking for a yearlong gag order for the subpoena. Then he cuts straight to the heart of the matter: the government would undoubtedly ask for a longer gag order (without any specific justification) if it could. But it can't. So it's chosen to ask for the maximum allowed right out of the gate. Until very recently, when the government sought non-disclosure orders under the SCA, it would typically avoid placing any temporal limit on the scope of the proposed order – thus effectively imposing a permanent gag on the subpoena recipient where the request was granted. The instant Application, however, seeks to compel non-disclosure "for a period of one year from the date of the proposed Order." That change appears to reflect a new policy that, "[b]arring exceptional circumstances, [such] applications may only seek to delay notice for one year or less." But while the government plainly understands that determining the duration of non-disclosure is a discretionary matter for the court, it provides no reason for seeking the maximum duration consistent with its new policy. Thus, for example, I have no information as to the anticipated length of the remainder of the investigation to which the subpoena pertains, or whether the government anticipates that any events other than the arrest or trial of any remaining targets will obviate the need for continued secrecy. In addition to hobbling the court's ability to reach a reasoned decision, that lack of information seems inconsistent with the government's own policy. As the Rosenstein Memo makes clear, "[i]n applying for a § 2705(b) order, prosecutors should tailor the application to include the available facts of the specific case and/or concerns attendant to the particular type of investigation." Id. at 2. Accordingly, should the government renew its application, I respectfully direct it to include an explanation of the need for the proposed duration of the non-disclosure order it seeks. The government will have to fix its application before Orenstein will consider approving its gag order request. This is some very good pushback from the magistrate -- one who's often held the government's feet to the fire. The new policy is supposed to prevent automatic requests for max gag with every subpoena and warrant, but the government has interpreted it to mean placing an opening bid for one year's silence and negotiating from there. Orenstein makes it clear he won't be accepting boilerplate justifications for lengthy gag orders. Of course, it could be this application wasn't meant to be seen by Orenstein. It almost looks like the government hoped to slide it by the New Guy on the SDNY staff: Judge Sanket Bulsara. Its gag order request [PDF] came with a canned proposed order -- one that includes a blank line for Bulsara to sign it. Somewhere in New York, there's an US Attorney cursing the magistrate rotation. Permalink | Comments | Email This Story

Read More...
posted 21 days ago on techdirt
Learn how to master databases with the Certified Oracle Database Administrator Bundle. Even if you have never coded before, these 7 courses will help get you up to speed running Oracle databases in no time. The first course covers general programming foundations featuring JavaScript. The next two courses cover the basics of writing Oracle SQL statements, and using the advanced features of SQL in order to query and manipulate data within a database. Then you'll be introduced to PL/SQL, Oracle's proprietary database language over the next two courses. Finally, in the last two courses, you'll get a full-scale introduction to using and administering databases with Oracle software. This bundle comes with lifetime access and is on sale for $199 for a limited time. Note: The Techdirt Deals Store is powered and curated by StackCommerce. A portion of all sales from Techdirt Deals helps support Techdirt. The products featured do not reflect endorsements by our editorial team. Permalink | Comments | Email This Story

Read More...
posted 21 days ago on techdirt
MuckRock has been digging into a large pile of declassified CIA documents for the past several months and has come up with some surprising finds. It recently liberated nearly 13 million pages of CIA documents -- known as the CREST archive -- via a FOIA lawsuit. Since this monumental release, MuckRock has covered everything from a CIA report on an Italian pasta shortage to deeper, darker topics like a CIA asset in Mexico being linked to a long list of atrocities. Digging through the CIA's archives has dug up dirt on other agencies as well. Emma Best details another MuckRock/CIA gem -- one that shows the NSA attempting to prosecute a journalist for obtaining documents via FOIA requests. Declassified documents in the Central Intelligence Agency’s archives show that while the CIA was looking to include the Freedom Of Information Act in its war on leaks, the National Security Agency was seriously considering using the Espionage Act to target target Puzzle Palace author James Bamford for using FOIA. While Bamford has briefly discussed this on a handful of occasions, the declassified memos and briefings from NSA confirm that this was more than just an intimidation tactic or a passing thought - the NSA had truly wanted to jail a journalist for his use of public records. When the Agency determined that this was unlikely to happen, they moved on to exploring other legal avenues which could be used to punish Bamford for his FOIA work. The chain of events leading up to the NSA's discussion about prosecuting someone for doing something the law specifically allowed unsurprisingly includes legal violations of its own the agency was hoping to keep hidden. What Bamford had obtained was a DOJ Inspector General's report detailing the CIA and NSA's abuse of electronic surveillance. The NSA felt it should have been notified and given a chance to redact or withhold the documents. The DOJ, understandably, felt no compunction to share the documents with the subject of its investigation while the investigation was still underway. (This makes it surprising the documents ever made their way into Bamford's hands considering ongoing investigations make for handy FOIA exemptions.) Despite the documents being made public, the NSA tried to argue they were still classified. And if Bamford was in possession of classified documents -- even ones obtained legally through FOIA requests -- he could be made to face espionage charges. Due to “the serious consequences” of the FOIA disclosure, the NSA Director asked that the DOJ immediately contact Bamford to retrieve the documents along with all copies and to learn who else had that information. The NSA Director also requested that the DOJ tell Bamford “that his retention or disclosure of such information could result in his prosecution under 18 U.S.C. 793 or 798,” which are better known as the Espionage Act. The government has never been shy about prosecuting whistleblowers and leakers. But in most cases, the documents at the center of the cases haven't been handed over to journalists as the result of a completely legal process. That the NSA would consider pushing for an espionage prosecution over legally-obtained documents shows how far the Intelligence Community is willing to go to protect its reputation. Permalink | Comments | Email This Story

Read More...
posted 21 days ago on techdirt
The DOJ's reps -- along with the new FBI boss -- keep making noises about device encryption. They don't like it. What they want is some hybrid unicorn called "responsible encryption," which would keep bad guys out but let law enforcement in. The government has no idea how this is supposed to be accomplished, but it has decided to leave that up to the smart guys at tech companies. After all, tech companies are only in it for the money. The government, however, answers to a higher calling: public safety -- a form of safety that apparently has room for an increase in criminal activity and nefarious hacking. There's one cellphone company that's been conspicuously absent from these discussions. A lot of that conspicuous absence has to do with its conspicuous absence from the cellphone marketplace. Pretty much relegated to governments and enterprise users, Blackberry has been offering encrypted messaging for years. But it's been offering a different sort of encryption -- one it can remove if needed. Enterprise users hold their own encryption keys but individual nobodies have their encryption keys held by Blackberry. Blackberry would likely be held up as the "responsible encryption" poster boy by the DOJ if only it held enough marketshare to make an appreciable difference. Instead, it's of limited use to the DOJ and FBI. But that doesn't mean Blackberry isn't willing to submit multiple height bids whenever government says jump. Over the past couple of years, it has come to light Blackberry routinely decrypts messages for inquiring governments. Apparently, there's some sort of golden key law enforcement can use to access communications -- one multiple governments seem to have access to. There are still some unanswered questions about enterprise accounts -- the ones Blackberry doesn't hold the keys to. This poses the same problem for law enforcement other, more popular phones do. But rather than point out the problems with the government's demands for "responsible encryption," Blackberry has irresponsibly chosen to proclaim its willingness to hack into its own customers' devices if the government asks. [CEO John] Chen, speaking at a press Q&A during the BlackBerry Security Summit in London on Tuesday, claimed that it wasn't so simple for BlackBerry to crack its own protections. "Only when the government gives us a court order we will start tracking it. Then the question is: how good is the encryption? "Today's encryption has got to the point where it's rather difficult, even for ourselves, to break it, to break our own encryption... it's not an easily breakable thing. We will only attempt to do that if we have the right court order. The fact that we will honor the court order doesn't imply we could actually get it done." Oddly, this came coupled with Chen's assertions its user protections were better than Apple's and its version of the Android operating system more secure than the one offered by competitors. This proactive hacking offer may be pointed to in the future by DOJ and FBI officials as evidence Apple, et al aren't doing nearly enough to cooperate with US law enforcement. Of course, Chen's willingness to try doesn't guarantee the company will be able to decrypt communications of certain users. But I'm sure Chen's positive attitude will be used as leverage in talks with tech companies the DOJ clearly believes have added encryption to their devices solely as a middle finger to US law enforcement. This belief clearly isn't true, but the DOJ in particular has already show it's willing to be completely disingenuous when arguing for weakened encryption. Finally, Blackberry may be opening up to law enforcement but it won't be sharing anything more with its remaining users. Chen also said there were no plans for a transparency report that would reveal more about the company's work with government. "No one has really asked us for it. We don't really have a policy on whether we will do it or not. Just like every major technology company that deals with telecoms, we obviously have quite a number of requests around the world." This seems a bit unfair. Blackberry will be offering more to the government and telling the public less. Then again, the general public is likely no more interested in a Blackberry transparency report than it is in Blackberry smartphones. Permalink | Comments | Email This Story

Read More...
posted 21 days ago on techdirt
Techdirt has mentioned a couple of times the EU's important ePrivacy Regulation that is currently working its way through the legislative process. It's designed to complement the EU's new General Data Protection Regulation (GDPR), which comes into force next year, and which is likely to have far-reaching effects. Where the GDPR is concerned with personal data "at rest" -- how it is stored and processed -- the ePrivacy Regulation can be thought of as dealing with personal data in motion. That is, how it is gathered and flows across networks. Since that goes to the heart of how the Internet works, it will arguably have an even bigger impact than the GDPR on the online world -- not just in the EU, but globally too. That's led to lobbying on an unprecedented scale. A recent report on the Regulation by Corporate Europe Observatory quoted a source in the European Parliament as saying it was "one of the worst lobby campaigns I have ever seen". Despite that pressure, and a last-minute attempt to derail proceedings, the European Parliament has just agreed a text for the ePrivacy Regulation. That's not the end of the story -- the other parts of the European Union legislative machine will weigh in with their views, and seek to make changes, but it's an important milestone. The European Parliament has produced an excellent briefing on the background to the ePrivacy Regulation (pdf), and on its main elements. A key feature is that it will apply to every business supplying Internet-based services, not just telecom companies. It will also regulate any service provided to end-users in the EU, no matter where the company offering it may be based. There are strict new rules on tracking services -- including, but not limited to, cookies. Consent to tracking "must be freely given and unambiguous" -- it cannot be assumed by default or hidden away on a Web page that no one ever reads. Cookie walls, which only grant access to a site if the visitor agrees to be tracked online, will be forbidden under the new ePrivacy rules. IAB Europe, the main European-level association for the digital media and advertising industry, says giving the public the right to refuse to be tracked amounts to "expropriation": "The European Parliament's text on the ePrivacy Regulation would essentially expropriate advertising-funded businesses by banning them from restricting or refusing access to users who do not agree to the data collection underpinning data-driven advertising," warned Townsend Feehan, CEO of IAB Europe. The press release then goes to make the claim that online advertising simply must use tracking, and that visitors to a site are somehow morally obliged to give up their privacy in order to preserve the advertiser's "fundamental rights": "Data-driven advertising isn't an optional extra; it is online advertising," explained Feehan. "Forcing businesses to grant access to ad-funded content or services even when users reject the proposed advertising value exchange, basically deprives ad-funded businesses of their fundamental rights to their own property. They would be forced to give something in return for nothing." However, IAB Europe graciously goes on to say it "will continue to engage constructively with the EU institutions in hopes of meaningfully improving the draft law in the remaining legislative process." Translated, that means it will lobby even harder to get the cookie wall ban removed from the text during the final negotiations. IAB Europe is naturally most concerned with the issues that affect its members. But the European Parliament's text -- not the final one, remember, so things could still change -- includes some other extremely welcome elements. For example, the Regulation in its present form would require EU Member States to promote and even make mandatory the use of end-to-end encryption. Moreover, crypto backdoors would be explicitly banned: In order to safeguard the security and integrity of networks and services, the use of end-to-end encryption should be promoted and, where necessary, be mandatory in accordance with the principles of security and privacy by design. Member States should not impose any obligation on encryption providers, on providers of electronic communications services or on any other organisations (at any level of the supply chain) that would result in the weakening of the security of their networks and services, such as the creation or facilitation of "backdoors". As the above extracts indicate, the European Parliament's text offers strong support for the user's right to both encryption and privacy online. For that reason, we can expect it to be attacked fiercely from a number of quarters as haggling over the final text take place within the EU. Unfortunately, unlike the European Parliament's discussions, these negotiations will take place behind closed doors. Follow me @glynmoody on Twitter or identi.ca, and +glynmoody on Google+ Permalink | Comments | Email This Story

Read More...
posted 22 days ago on techdirt
There were a few posts that dominated the comments this week, with the attempts by Charter's CEO to blame Netflix for all its problems delivering all our comments on the insightful side. In first place, it's an extremely long and thorough anonymous comment discussing many things more deserving of the cable industry's focus: "Cable providers could easily combat streaming video competition by lowering rates and offering more flexible channel bundles" Agreed, and to add other things that they ought to do (but almost certainly won't): Modernize the set-top-box mess. Currently, they fight very hard to ensure that your set-top-box is just barely adequate. Some of these are problems with the hardware they choose to use. Some are problems with the software they run. Some are problems with how the provider serves the cable box. All are irritating to the user, regardless of cause. It's expensive for what you get. It's power-hungry / runs hot for what you get. It reboots very slowly. I've seen 10+ minutes from connecting wall power to when the box is ready to serve. Doubtless some of this is waiting to download something from the provider, rather than pure internal problems. It hangs (requiring a reboot) in reaction to external events (rare, but still disruptive when they happen) such as provider maintenance temporarily interrupting service. It hangs in a way that isn't obvious until you try to watch content through it. Glancing at the front-panel clock LED isn't enough to be sure it's in good order. Combine this with the pathetically slow reboots, and you need to pre-check its viability well before the start of anything you want to access with it. Major functionality can only be driven through using the remote to navigate the on-screen overlay (so you can't configure a PVR to autonomously record a show through the "On Demand" offering). The on-screen overlay is itself slow and cumbersome to use, even by hand. Minor functionality, such as anti-idle, is also driven purely through on-screen overlays. It's unnecessarily complicated to have a PVR perform unattended recording of a long piece of content (usually movies, but sometimes a block of several back-to-back shows on the same channel). Partway through the content, the PVR will begin inserting an on-screen "Are you there? We want to shutdown now." prompt. The PVR faithfully records this prompt, but has no idea it's there, and doesn't answer yes. You lose the latter part of the recording. I understand the reason they want not to stream to an unattended device. I disagree with the implementation that makes it so inconvenient for a PVR to keep the set-top-box going. For a really radical approach, revert to practice of a few years ago when set-top-boxes were not required to view live streams, but live streams could instead be tuned and viewed directly on a television or PVR. Clean up the "On Demand" offering. Clearly document in an easy-to-find place, for every channel in your subscription package: Whether content from the channel is ever published through On Demand If it is published, what are its terms (some of these may vary per-show, depending on licensing; each show with unique terms would need its own block): How many days delay between live airing and appearance in On Demand? How many days is it available through On Demand before it is removed? On what date the contract providing access to this content will expire, since the cable provider might be forced by contractual issues to change the above terms after that date. Provide machine-readable scheduling data direct to the customer, updated on a best effort basis when special events interfere (breaking news, sports programs running long, etc.). This would require some collaboration with the networks, but the networks already sell this data to third-parties, so making it available to customers is just a distribution problem. Currently, this data has to be fetched through third-party Internet sites that, while surprisingly effective, usually don't handle well when the provider changes the schedule within a day of the program in question. Worse, this data is often only approximately accurate. Some channels are very bad about moving the first or last 30-90 seconds of a program across the half-hour/whole-hour boundary, so if you don't start recording early and end recording late, you lose part of the program you tried to record. Combine a network that runs late with another network that starts early and you get a scheduling conflict (assuming you know to adjust your times, rather than recording for the published times and discovering later that you lost the ending). Some of this is on the networks, not on the cable providers (in those increasingly rare cases where the cable provider doesn't own the network), but decisions by the cable providers make it unnecessarily difficult for customers to compensate for networks getting this wrong. This list deliberately avoids anything that involves them actually investing in infrastructure that they should have upgraded a decade (or more) ago, because shots there are just too easy. In second place, we've got aerinai with some oversimplified but still telling math: Charter has 30 million customers. Dude made $98.6 million in a year... That is quite literally $3 dollars PER CUSTOMER just for this dude's salary! This is not the entire support staff keeping the internet working, the customer support staff, the salesmen... That is $3 for one guy... Charter, your next below-the-line-fee can be a $0.25 CEO tax... now THAT is transparecy! For editor's choice on the insightful side, we've got another response from Jason, offering a key takeaway: Leaving aside the argument about whether the reason you're losing customers matters, the part I found most interesting was this: And because of password sharing and multiple-stream products … You have 35 million one-person households in the U.S. The multiscreen products sold to those households also [allows?] them to purchase one product and share it with multiple users. Is the problem he's lamenting here that every single pair of eyes (adult, child, visiting friend, pet cat, etc.) watching video "products" isn't paying for their own subscription, and should have to be in order to watch? Because it sure sounds like it. I'm sure the cable TV industry, along with many others, would love to boil things down to a permanent pay-per-view model. (Everyone pays each time they open a book, everyone pays each time they watch an old rerun, everyone pays each time they crank up a song...) But aside from a few specific situations (e.g., theater tickets) that kind of wishful thinking just doesn't reflect reality. And next, a comment from Vidiot responding specifically to the idea that Netflix doesn't have "control over the content": The providers' content is perfectly controlled, just the way they want it... 3, 4 or 5 streams per account. And it's working really well. Stop whining, and start innovating. Over on the funny side, both our winning comments came in response to the DOJ's subpoena of Twitter about Popehat and others, over a smiley emoji tweet. Roger Strong was wry to say the least: The obvious explanation for issuing that Twitter user data subpoena is that someone at the DOJ thinks that tweeting a smiley emoji at others indicates conspiracy or collaboration. I expect they'll invoke RICO. That one of those users is Ken White is required by narrative convention. In second place, it's an anonymous commenter with some thoughts on the situation: It's a good thing it was only a smiling emoji, a winking face may have had him killed. For editor's choice on the funny side, we start out with another nod to Roger Strong for his other comment on the same post, responding to Faircom's rebranding of its 'Standard Encryption' as 'Data Camouflage': Denuvo should rebrand its DRM as "Data Speedbump." And since Roger was all over the funny leaderboards this week, he gets one final editor's choice for his comment on our post about Dennis Prager's lawsuit against YouTube, simply for coining (I think?) an excellent term for people with a particular unimpressive approach to their faith: Prager's followers are EULA Christians. Folks for whom the Bible is like a software license. Not to be read or understood. Just assume that you know what it means, scroll down to the bottom, and click "I Agree." That's all for this week, folks! Permalink | Comments | Email This Story

Read More...
posted 23 days ago on techdirt
Five Years Ago This week in 2012, we noted that the US was remaining steadfast in its opposition to a treaty promoting access to creative works for the disabled, and it was beginning to become clear that negotiators were holding it hostage in order to demand a new ACTA or SOPA-like regime. Meanwhile, the Librarian of Copyright announced the new anti-circumvention exceptions... and denied DVD ripping rights, and knocked phone unlocking off the list. Aereo was pointing out that it was being accused of infringement specifically because it closely followed the law, while the infamous John Steele was giving extremely stupid justifications for his copyright trolling activities. Also, this was the week that some Italian scientists were (shockingly and unbelievably) convicted of manslaughter for failing to predict an earthquake. Ten Years Ago This week in 2007, the UK made the highly questionable move of arresting the operator of TVLinks for "facilitating infringement", right as the IFPI was celebrating its whac-a-mole success of shutting down the OiNK torrent tracker — and, seemingly high off these "victories", the UK parliament started mulling over the idea of forcing ISPs to block file sharing. (Sadly all this anti-filesharing sentiment seemed to be succeeding in making everyone forget that P2P is a powerful concept with all sorts of applications). Fifteen Years Ago Speaking of P2P, this week in 2002 it appeared that the pushback against the horrible "Hollywood Hacking" bill was having at least some impact, even as movie studios and the RIAA were going around trying to warn everyone they could about the dangers of file sharing — though they apparently were successfully confusing everyone, what with some writers thinking that any act of burning a CD must be music piracy and eBay blocking a musician from selling his own music under the assumption it was infringing. The copyright fight was so annoying it was even slowing down broadband growth, so amidst all this it was nice to see at least one person fighting the good fight, with Lawrence Lessig doing everything possible to spread a better understanding of intellectual property. Permalink | Comments | Email This Story

Read More...
posted 24 days ago on techdirt
It used to be a laughable claim: that the US should emulate the Great Firewall of China and support much greater internet censorship. Sure, you'd have people like the MPAA's Chris Dodd or U2 frontman Bono cheer on Chinese censorship as a good example of how to censor the internet (in their cases, to block infringing content), but most people still remained rightly horrified by the idea that the answer to "bad" content online is a massive censorship regime. But, apparently, that may be changing. Last year, right after the election, we directly warned that everyone freaking out about "fake news" on Facebook would eventually lead to calls to censor the internet a la China. And, now the NY Times has taken a big step in that direction, by posting a ridiculous article talking about how China has been "vindicated" by its approach to censoring the internet: For years, the United States and others saw this sort of heavy-handed censorship as a sign of political vulnerability and a barrier to China’s economic development. But as countries in the West discuss potential internet restrictions and wring their hands over fake news, hacking and foreign meddling, some in China see a powerful affirmation of the country’s vision for the internet. “This kind of thing would not happen here,” Mr. Zhao said of the controversy over Russia’s influence in the American presidential election last year. Of course, as Ben Thompson pointed out, the reason it won't happen in China is because there are no Presidential elections in China: THAT'S BECAUSE THERE ARE NO PRESIDENTIAL ELECTIONS pic.twitter.com/fdso1ntybP — Ben Thompson (@benthompson) October 17, 2017 While the NY Times does attempt to present some "balance" in the form of "concerns" from human rights activists, it also celebrates some of the internet's censors in China, and says that the success of Chinese internet companies is proof that censorship doesn't appear to harm innovation. The article closes on a chilling example of a "volunteer" spying on fellow internet users, and handing them happily over to the police -- and suggesting that this is a good way to stop bad people online: In a restaurant called Europa, Mr. Zhao — who declined to disclose details of where and how he works — described China’s system not as “Big Brother” so much as a younger brother, which he is, protecting children, like those of his sister, from harmful material. “Even though the internet is virtual, it is still part of society,” he added. “So in any space I feel no one should create pornographic, illegal or violent posts.” In his new capacity, he scours Weibo in search of the lurid and illicit. Some posts, he explained, are thinly veiled solicitations for pornography or prostitution, including one message he reported to the police the other day for using what he said was a euphemism for selling sex. When he reports abuse, it is the police who follow up. He excitedly displayed his smartphone to show the latest of his more than 3,000 followers on Weibo: the division of the Beijing police that monitors the internet. “Normally, if you don’t do bad things, you don’t get followed by the police,” he said. “I think this — for someone who has been online for so many years — is really special.” Those paragraphs should be chilling for those who believe in free speech or who have even the slightest knowledge of the history of authoritarianism and how governments -- including China's -- stamp out alternative and reformist viewpoints with an iron fist. It should be antithetical to how we operate here, and to have the NY Times post a pretty glowing profile of the Great Firewall of China is downright frightening. Permalink | Comments | Email This Story

Read More...
posted 24 days ago on techdirt
The Xbox One has been back in the news recently as Microsoft has rolled out an update that makes the system backwards compatible with some original Xbox games. Much as with the backwards compatibility roll out for Xbox 360 games that Microsoft performed in 2015, fans of the system have been cheering this on. It's something a no-brainer, with this functionality making the system all the more appealing and increasing brand loyalty for the console as gamers will be conditioned to expect that the investments they've made in gaming titles won't go to waste once the shelf-life of a particular generation of systems runs its course. Which raises the obvious question: why in the world did Microsoft wait until 2015 to put backwards compatibility in place? The answer, it seems, is that Microsoft suddenly became too busy cleaning up after the backlash to its always-online plans for the Xbox One to roll it out. That nugget comes from a wide-ranging behind-the-scenes look at Microsoft's backward compatibility efforts posted on IGN this morning. Amid quotes from an array of Microsoft employees involved in the backward-compatibility development and rollout, writer Ryan McCaffrey includes this tidbit (emphasis added): The fan-first feature has evolved from an experiment conducted by two separate Microsoft Research teams into a service planned for Xbox One's launch—complete with hardware hooks baked into the Durango silicon—until the well-publicized changes to the Xbox One policies (namely, stripping out the always-online requirement for the console) forced it to be pushed to the back burner. Another way to put this would be: Microsoft had to spend so much time disabling a "feature" in its console that it should have known pretty much everyone would hate that it delayed enabling a feature it knew everyone would love. If that isn't a lesson in why companies should put their customer desires first and foremost in their minds, I don't what is. If you don't remember what the console wars of 2013 were like, they were pure pandemonium for the Xbox. The always-online requirement was the headliner for this whole fiasco, but there were also questions about whether or not the Xbox One would allow used games to be played on it at all. Sony, meanwhile, took happy delight in reminding the public that its Playstation console had none of these questions attached to it. The result was a predictable loss for Xbox from a sales perspective, even as Microsoft then had to spend time and money to remove the always-online requirement. And earlier this year, former Xbox Chief Marketing Officer Yusuf Mehdi reflected in a LinkedIn posthow "it required great technical work" to change course and reverse "a few key decisions regarding connectivity requirements and how games would be purchased that didn't land well with fans." That kind of "great technical work" isn't free in terms of time or worker attention, and IGN's reporting suggests that Xbox 360 backward compatibility was an initial victim of that change in focus. Maybe next time give your customers what they want rather than telling them what they want? Permalink | Comments | Email This Story

Read More...
posted 24 days ago on techdirt
It isn't unusual or unwarranted for Section 230 to show up as a defense in situations where some might not expect it. Its basic principles may apply to more situations than may necessarily be readily apparent. But to appear as a defense in the Cockrum v. Campaign for Donald Trump case is pretty unexpected. From page 37 of the campaign's motion to dismiss the case against it, the following two paragraphs are what the campaign slipped in on the subject: Plaintiffs likewise cannot establish vicarious liability by alleging that the Campaign conspired with WikiLeaks. Under section 230 of the Communications Decency Act (47 U.S.C. § 230), a website that provides a forum where “third parties can post information” is not liable for the third party’s posted information. Klayman v. Zuckerberg, 753 F.3d 1354, 1358 (D.C. Cir. 2014). That is so even when even when the website performs “editorial functions” “such as deciding whether to publish.” Id. at 1359. Since WikiLeaks provided a forum for a third party (the unnamed “Russian actors”) to publish content developed by that third party (the hacked emails), it cannot be held liable for the publication. That defeats the conspiracy claim. A conspiracy is an agreement to commit “an unlawful act.” Paul v. Howard University, 754 A.2d 297, 310 (D.C. 2000). Since WikiLeaks’ posting of emails was not an unlawful act, an alleged agreement that it should publish those emails could not have been a conspiracy. This is the case brought against the campaign for allegedly colluding with Wikileaks and the Russians to disclose the plaintiffs’ private information as part of the DNC email trove that ended up on Wikileaks. Like Eric Goldman, who has an excellent post on the subject, I'm not going to go into the relative merits of the lawsuit itself, but I would note that it is worth consideration. Even if it's true that the Trump campaign and Wikileaks were somehow in cahoots to hack the DNC and publish the data taken from it, whether and how the consequences of that disclosure can be recognized by law is a serious issue, as is whether this particular lawsuit by these particular plaintiffs with these particular claims is one that the law can permit to go forward without causing collateral effects to other expressive endeavors, including whistleblower journalism generally. On these points there may or may not be issues with the campaign's motion to dismiss overall. But the shoehorning of a Section 230 argument into its defensive strategy seems sufficiently weird and counterproductive to be worth commenting on in and of itself. For one thing, it's not a defense that belongs to the campaign. It's a defense that belongs to a platform, if it belongs to anyone, and the campaign was not a platform. Meanwhile the question of whether Wikileaks is a platform able to claim a Section 230 defense with regard to the content at issue is not entirely clear; like most legal questions, the answer is, "It depends," and it can depend on the particular relationship the site had with the hosting of any particular content. True, to the extent that Wikileaks is just a site hosting material others have provided the answer is more likely to be yes – although even then there is an important caveat: as Eric pointed out, Section 230 doesn't magically make content be "legal." It's simply an immunity from liability for certain types of claims. It's not even all claims. There's no limitation, for instance, on liability for claims asserting violations of another's intellectual property, nor is there any limit to liability for claims arising from violations of federal criminal law. While the Cockrum plaintiffs are bringing forward tort claims, which are the sorts of claims that Section 230 generally insulates platforms from, Section 230 would do nothing to shield the exact same platform from a federal prosecution arising from its hosting of the exact same information. But the bigger issue is whether Wikileaks is just a platform merely hosting information others have provided, particularly with respect to the DNC emails. If it had too much agency in the creation of the information that ended up hosted on it, it might not be a Section 230-immune "interactive computer service provider" and instead might be found to be a potentially liable "information content provider." The Trump campaign is correct that a platform can exert quite a bit of editorial discretion over the information that appears on it without being considered an information content provider, but at a certain point courts become unwilling to regard the platform's interaction as editorial and instead find it to be authorial. There are reasons to champion drawing the line on what counts as editorial expansively, but it is naïve to pretend that courts will deem all interaction between a platform and the content appearing on it to be so. There is simply far too much caselaw to the contrary. In fact, a great deal of the caselaw suggests that courts are often particularly unwilling to simply assume that a platform lacked creative agency in the content at issue in cases where the optics surrounding the platform and the content at issue are poor. As Eric has noted in previous posts, this reluctance is problematic, because forcing a platform to go through discovery in order to satisfy the court that there is no evidence of the platform's authorship of the content at issue, which would disqualify the platform from Section 230's protection, raises the costs of being a platform to the sort of crippling level that Section 230 is supposed to forestall. There is reason to worry that the optics surrounding this case may potentially encourage courts to create unpleasant precedent that will make it harder for other platforms to raise Section 230 as a defense in order to quickly end expensive, Section 230-barred lawsuits against them in the future. But it's the discovery issue that makes the campaign's raising of Section 230 as a defense seem so odd: on page 1 of the motion to dismiss they complain the lawsuit was brought as "a vehicle for discovery of documents and evidence," but by raising Section 230 as a defense it only invites more of it. If any of the plaintiffs' claims were to go forward there would already be plenty of discovery demands to explore the relationship between the campaign and Wikileaks, which the campaign would appear to not want. The objective of the campaign should therefore be nothing more than making the case go away as quickly and quietly as possible. But by gratuitously throwing in Section 230 as a defense, one in which Wikileaks' authorship role is inherently in question and potentially contingent on its relationship with the campaign, rather than provide a basis for dismissal, the campaign has instead provided the court with a reason for why the case should continue to the discovery stage. It seems like a tactical error and one that does not appear to understand the jurisprudence surrounding Section 230. It glibly presumes that Section 230 applies to any situation involving a platform hosting content, and that simply isn't correct. While we have encouraged it to be liberally applied to platform situations, it obviously is not always, and sometimes even for good reason. Permalink | Comments | Email This Story

Read More...