posted 16 days ago on techdirt
Part One Billion in "You Don't Own What You Pay For," the ongoing saga in which paying customers purchasing "licenses" find themselves in possession of products inferior to those purchased physically or, worse, to those never purchased at all (i.e., "pirates"). You might have noticed Steam downloading a sizeable update for Grand Theft Auto: San Andreas over the weekend and wondered what that was about. A fancy secret tying into GTA V's return to the west coast, perhaps? Not quite. The patch added support for XInput controllers like the Xbox 360 pad, which is nice, but also removed seventeen songs from various radio stations. No more angsting out and gunning it across Gant Bridge in the wrong lane listening to Killing in the Name, I'm afraid. There's no such thing as a perpetual or "forever" license, not when it comes to content. RockstarNexus has the full list, which seems to include the same 17 songs removed from the iOS versions prior to release. IPhone/iPad users will know these songs are missing going in. But those who purchased the game through Steam are only finding this out after the fact. Rockstar released no patch notes and any account set to auto-update went ahead and stripped content right out of purchasers' games. It's not like Rockstar didn't have options. It has dealt with music licensing issues before, but never in a way that has affected previously purchased games. When music rights expired for some songs in GTA: Vice City, Rockstar left them in for folks who already owned it then made a separate version without them for new purchasers. It's pretty unpleasant that they didn't do the same here too. This would have been the right way to handle this. Bundling in content removal with various bug fixes and notifying no one ahead of time is terrible way to treat paying customers. Add to that the fact that the pushed update seems to be responsible for a number of deleted/bricked saves, and you've got a bit of a PR problem on your hands. But underneath it all lies the absurdity of licensing. Rockstar licensed songs from labels only to see them expire more quickly than the game's marketability. This put it in the position of having to retroactively alter its game, and it was those who purchased nothing more tangible than a license who were negatively affected. Sure, Rockstar will never be able to "own" the recordings used in its game, but it seems like purchasers should be able to keep their purchased goods intact, even if the purchased item is nothing more than ones and zeros scattered across a variety of storage devices. Permalink | Comments | Email This Story

Read More...
posted 16 days ago on techdirt
Back in April, we wrote about massive protests that took place in Taiwan as a result of a lack of transparency during trade negotiations with mainland China. Those protests became part of what is now known as the Sunflower student movement, whose name refers to the use of sunflowers by the protesters as a symbol of hope. Techpresident has a fascinating article looking at the Taiwanese online community called g0v, which has been playing a key part in the Sunflower movement, and which is now trying to make government more open and accessible using open source tools: g0v believes that current online participation tools like social media outlets and online message boards fell short in creating offline action or collaboration. g0v places itself at the center of open-sourced, hands-on, and public-spirited activism with a desire to engage citizens to create real social change. g0v's work is proving that open-source communities can successfully open up and improve government. Ideologically, g0v does not believe that its activism needs to create an enemy out of government, but rather that everyone -- the government and the people -- wins when creative solutions improve existing public structures. The post goes on to describe g0v's hackathons, its first conference, and the Open Political Donation Project. This brought together 9,000 volunteers to digitize 300,000 political donation records as a pointed response to Taiwan's old Campaign Donation Act of 2004, which allowed the public access to campaign donation documents, but only as a paper copy, or in person at a government office. What's fascinating here is to see how the people involved in the Sunflower student movement have moved on from simply protesting against something -- Taiwan's secret trade negotiations with China -- to creating new tools to open up government and engage citizens. As the Techpresident piece concludes: g0v's brand of activism is about making sure government does its job better. g0v explains on its website, it substituted the "o" in gov for a "0" to change the way we see government working. Through civic tech, hacktivism, and a belief that government can and should work, g0v is already showing that it can change the way that government sees itself and the way that people can interact with their government. Follow me @glynmoody on Twitter or identi.ca, and +glynmoody on Google+ Permalink | Comments | Email This Story

Read More...
posted 16 days ago on techdirt
I imagine it must be very, very annoying to be the creator of a video game and to feel as though some other company came along, cloned your work, and is now making money off of that clone. It's this annoyance factor that likely leads to so many legal proceedings over game "clones", even if so many of them fail because the it's the expression that matters in copyright suits, not a general or generic idea. Unique expressions are what matter. Even in totally misguided legal attempts, those involved usually have the good sense to go after games that directly copy graphics and such, not the general ideas behind the games. Which is simply not the case when it comes to Glu Mobile's lawsuit against Hothead Games over the latter's production of Kill Shot and its supposed straight cloning of Deer Hunter. Glu Mobile is suing mobile game studio Hothead Games for copying it popular Deer Hunter 2014 mobile game. Hothead’s Kill Shot isn’t about hunting deer at all. Rather, you’re a sniper that hunts enemy soldiers. Nevertheless, Glu alleges in a federal lawsuit filed in San Francisco today that Hothead’s title violated copyright and trade infringement laws. “Kill Shot is effectively a complete ripoff of our game Deer Hunter 2014,” said Chris Akhavan, the president of publishing at San Francisco-based Glu Mobile, in an interview with GamesBeat. “The only difference is that in Kill Shot, you are shooting humans. In our game, you are shooting deer and other animals.” It's not the only difference, though. Let's get this started by saying that the games do indeed have similarities. They are both shooters undertaken from the first person perspective with realistic guns and aiming sights that are used to shoot living things. But those living things are different, the settings are different, the concepts and themes are different, and even the models of the guns, while both realistic, are different. This is straight copying only insofar as the copying is of common and generic shooter-game concepts. Even the image Glu Mobile hand-picked to include in their filing demonstrates this. Yes, similar, but not the same, and even the similarities are of the basic shooter-game style variety. Yes, you can scope in on targets, but the scopes are different and scopes don't equal copyright. Yes, there's bullet time animations, but that doesn't equal copyright either, or else everyone owes the Max Payne franchise a pretty penny. While similar, these games aren't really any more similar than, say, Doom and Duke Nukem 3D. Or any other first person shooter from the 90's, for that matter. And this is from the image in their filing. Videos of the games in action show the differences more starkly. Again, similar, but they're both shooters, so what did you expect? Generic genre similarities don't rise to copyright or trademark claims. The trade dress claim in particular seems misguided, since the themes involved are quite different and none of the names of the games or companies even come close to being similar. This should end up as yet another lesson that similar generic concepts, such as sniping and zooming, don't translate to cloning as far as copyright is concerned. And, while the filing accuses a lot of copying, the reader is left with the feeling that there isn't a whole lot of weight there. Glu alleges that Hothead Games, based in Vancouver, Canada, copied things like Deer Hunter 2014’s marketing, tutorial, user interface, controls, virtual economy, pricing of items, and even some of its flaws. Akhavan noted, for instance, that a miscategorized assault rifle in Deer Hunter 2014 was also miscategorized in Kill Shot. Glu’s tutorial has 21 steps, of which Glu says Hothead copied 18. Many player reviewers mistake Glu Mobile as the publisher of Kill Shot because of the similarities, Akhavan said. Again, similar, but not the same. It seems clear that Kill Shot was inspired by the type of game genre of which Deer Hunter is a part, but basic interface and control schemes are not creative expression of a protected kind, and pointing to similar mistakes within the games when it comes to whether a weapon qualifies as an assault rifle is a stretch (trust me, it's an easy mistake to make and get yelled at by gun activists for). I can see why Glu Mobile might be annoyed, but I think their time would be better spent building on the massive success of their gaming franchise than in court suing a competitor. Permalink | Comments | Email This Story

Read More...
posted 16 days ago on techdirt
The keyboard and mouse combination has been a standard for several decades now, but there's always room for some improvement. Touchscreens are a nice way to interact with phones and tablets (and phablets), and maybe someday we won't be able to keep our greasy fingers off our 5K desktop and laptop screens either. We're always looking out for interesting input devices, and here are just a few other input methods that might get popular. If you're using a small touchscreen, it doesn't always make sense to cover up parts of it with your finger. Apple will offer its "digital crown" as an alternative to the touchscreen, but there's also a gesture recognition app for devices that have a camera and some decent processing power. [url] Everything gets smaller and smaller, so what's smaller than a smart watch? A smart ring. An integrated accelerometer and some touch sensors could make a wearable ring a more convenient gesture input device. Battery life might be a bit of a challenge for such a small device, but then again the first "smart rings" don't actually look that small. [url] More advanced touchscreens may be able to tell the difference between a finger, a knuckle, a fingernail or a stylus. But will these futuristic devices be able to understand the frustration behind a closed fist banging on them? [url] If you'd like to read more awesome and interesting stuff, check out this unrelated (but not entirely random!) Techdirt post via StumbleUpon.Permalink | Comments | Email This Story

Read More...
posted 16 days ago on techdirt
Each year, CEA (the Consumer Electronics Association) inducts a new group of inventors, engineers, business leaders, retailers and journalists to our Consumer Electronics Hall of Fame. And it's not lost on us that we celebrate innovation and disruption tonight in New York City, where New York State Attorney General Eric Schneiderman has fired the most recent shots against creative disruption and the sharing economy in his ongoing attack against Airbnb. The term "sharing economy" refers to platforms that make it easy for anyone to become an entrepreneur by offering up an unused resource for sale or rent, be it an empty bedroom, a parked car or a skill. While still a fledgling industry, the sharing economy will have a substantial impact on our nation's overall economic success -- enhancing competition and consumer choice, lowering barriers to entrepreneurship and boosting consumption overall -- but that depends on regulatory atmospheres at the federal and local levels that promote, rather than stifle, innovation and entrepreneurship. More Choices, Greater Efficiency The sharing economy includes new platforms for existing providers of different goods and services (like transportation, lodging or cleaning) that let consumers compare prices and features before they buy. For example, some people may choose not to purchase a vehicle because they find their needs are met through ridesharing, while others who might decide to buy a new car using their supplementary income from ridesharing. There are also platforms for selling unique items (Etsy) or offering specific, freelance labor services (oDesk, TaskRabbit) – production and exchange opportunities not previously available to consumers. Lowering Barriers to Entry Suppliers in the sharing economy –- sometimes referred to as "micropreneurs" -- have backgrounds as varied as the goods and services available. Peer-to-peer businesses allow for flexibility in hours and payment for skills or basic services that may not constitute full-time employment. More, these jobs eventually may act as "on ramps" to full-time, sole proprietorships or other entrepreneurial activities. Growing the Pie The peer-to-peer businesses enabled by these new platforms can draw on underused human capital: People supplement their full-time jobs with extra work as Airbnb hosts or Lyft drivers, for example, or professional providers can find additional work via platforms like Uber and Kitchit. Technological change that generates more output from the same capital, or that facilitates a more efficient use of labor, increases productivity. This kind of productivity-enhancing, technological change typically contributes to long-term economic growth -- a "bigger pie" -- that can often boost other industries as well. The 2014 Consumer Electronics Hall of Fame induction celebrates the promotion of technology, the delivery of consumer products in new, exciting and profitable ways, and the importance of ensuring that innovation and entrepreneurship can thrive. But when this innovation threatens legacy businesses such as broadcasters, hotels, or taxis, these entrenched industries use their heft to influence regulation and enforcement to block competition. CEA stands with Airbnb and the countless other disruptive innovators that fuel the sharing economy and, in turn, drive our greater economic growth. Gary Shapiro is president and CEO of the Consumer Electronics Association (CEA), the U.S. trade association representing more than 2,000 consumer electronics companies, and author of the New York Times best-selling books, Ninja Innovation: The Ten Killer Strategies of the World's Most Successful Businesses and The Comeback: How Innovation Will Restore the American Dream. His views are his own. Connect with him on Twitter: @GaryShapiro.Permalink | Comments | Email This Story

Read More...
posted 17 days ago on techdirt
As we just got done stating, the wireless industry would have you believe that it doesn't need net neutrality rules applied to wireless because the sector is just so damn competitive, and all that competition will keep companies on their very best behavior. In a recent Wireless Week editorial, former FCC Commissioner-turned-Comcast-lobbyist-turned-wireless-industry lobbyist Meredith Attwell Baker proudly proclaimed that we don't need neutrality rules because of "82% of Americans having four or more providers competing for their broadband business." Except the number of major wireless carriers doesn't really mean much when AT&T and Verizon together dominate 85% of retail sales, and have an 80% plus market share of the special access market -- the lines that feed cellular towers. And while it's true that T-Mobile has disrupted the industry of late with some more consumer friendly policies and a lot of highly-entertaining rhetoric, there's only so much the company can do with that kind of duopoly in place. In a recent filing with the FCC, T-Mobile highlighted how AT&T charges them an arm and a leg for roaming. AT&T shot back insisting that T-Mobile should spend less time complaining and more time building their own network, but that can be hard to do when AT&T and Verizon also own the lion's share of available spectrum. While AT&T and Verizon fend off neutrality rules by over-stating competition, the press helps their case by repeatedly over-stating T-Mobile's impact on the overall market (price war! price war!). If you pay closer attention, all of the industry's big four players make it clear that despite all the noise, not much has changed. In an investor research note this week, several Jefferies analysts say they've spoken with Verizon Wireless, which doesn't plan to seriously compete with T-Mobile (or a growing chorus of MVNOs) because they feel they simply don't have to:"According to the note, Verizon's management "does not believe the wireless industry feels much different than in the past, contrary to the broad view that competition is intensifying to detrimental levels." Verizon Communications CEO Lowell McAdam and Fran Shammo have made similar comments in public at recent investor conferences. "Management again highlighted that it does not intend to broadly price down its subscriber base, but instead offer discounts to at-risk customers while making surgical plan changes," the Jefferies analysts wrote."And by "surgical," Verizon means "largely cosmetic." So far, Verizon Wireless has pretended to compete by offering superficial price reductions on only their most expensive plans -- with the goal of heavily upselling users. Even T-Mobile, whose escape from AT&T's hungry maw has resulted in a shift away from device subsidies (and toward phone financing plans that may not be any better a value), admits they're not eager to have a price war, even if they could get roaming issues sorted out. Underneath the dull roar of their faux-punk rock CEO Tom Legere, the company's CFO concur's with Verizon's take that meaningful pricing changes really haven't occurred:"The carrier says it has been competing more effectively by doing away with subscriber "pain points" like service contracts and international data fees. But its executives have also been signaling that they don't plan to start a price war. "When you really analyze a lot of the pricing moves that have been made, there has not been a significant repricing," (T-Mobile) Chief Financial Officer Braxton Carter said at a Morgan Stanley conference last week."It's rather nice for them that they have the choice. As we've long noted, you probably don't need net neutrality rules if you've got meaningful competition, but what the broadband industry generally engages in is superficial theatrics, or what I affectionately refer to as "wink wink, nod nod" competition. It's that lack of more meaningful competition that has allowed Verizon and AT&T to engage in all manner of anti-competitive behavior, whether that's attacking users for tethering, blocking Facetime, blocking competing mobile wallet platforms, disabling device GPS so you'll use their more expensive services, cramming, or just good-old fashioned ripping people off with false advertising and stealth charges. Limited competition from T-Mobile can't magically change these realities all alone, and it certainly can't automatically thwart the dumb, anti-competitive ideas to come. That's not to say things can't improve down the road (especially if Sprint can turn its fortunes around and MVNOs improve service coverage and reliability), but declaring that you don't need consumer neutrality protections on wireless simply because four carriers exist isn't much of an argument.Permalink | Comments | Email This Story

Read More...
posted 17 days ago on techdirt
The last few weeks have revealed a bunch of deceptive practices by law enforcement -- mainly the FBI. First, there was the revelation that the FBI had impersonated an online news story to install malware in trying to track a high school bomb threat. Then, there was a story from a couple of weeks ago about the FBI turning off internet access at some luxury villas in Las Vegas, and then acting as repair technicians to get inside and search the place (while filming everything). That was a story we had hoped to cover, but hadn't yet gotten to it. However, after the NY Times editorial board slammed that operation, FBI Director James Comey wrote a reply defending the FBI's "use of deception." First, Comey defends the fake news story, noting that it was perfectly legal... under "Justice Department and FBI guidelines at the time." As Scott Greenfield notes, this is the "Nixon answer" to questions of illegality by the executive branch: By Comey’s hand, he defines lawful as approved by the Department of Justice and FBI. To put this less tactfully, it’s lawful if he says it’s lawful. It’s the executive branch Nixon answer, that the president can commit no crime because he’s the president. Comey also defends the practice because it worked, as if that's the justification needed: In 2007, to solve a series of bomb threats and cyberattacks directed at a Seattle-area high school, an F.B.I. agent communicated online with the anonymous suspect. Relying on an agency behavioral assessment that the anonymous suspect was a narcissist, the online undercover officer portrayed himself as an employee of The Associated Press, and asked if the suspect would be willing to review a draft article about the threats and attacks, to be sure that the anonymous suspect was portrayed fairly. The suspect agreed and clicked on a link relating to the draft “story,” which then deployed court-authorized tools to find him, and the case was solved. No actual story was published, and no one except the suspect interacted with the undercover “A.P.” employee or saw the fake draft story. Only the suspect was fooled, and it led to his arrest and the end of a frightening period for a high school. Except, of course, all sorts of illegal and privacy-invasive investigative techniques may work to catch criminals, but we don't allow them, because of the impact on everyone else. That's what the whole 4th Amendment is about. And basic concepts like protecting privacy. Yes, we'd catch more criminals if the FBI had mandated microphones and cameras in everyone's house, but we don't allow that because it goes too far. The fact that "it works" makes no comment on whether or not it's appropriate or legal. As for the Vegas sting using fake internet technicians, Comey's response there is even more pathetic, chiding the press for reporting on public filings in the court case before the Justice Department has responded: The Las Vegas case is still in litigation, so there is little we can say, but it would have been better to wait for the government’s response and a court decision before concluding that the F.B.I. engaged in abusive conduct. Marcy Wheeler has the best response to that, highlighting how the FBI, in this very same case (but it's also true in lots of high-profile FBI cases) put out press releases that only gave its side of the story, and claimed things as fact that were misleading and inaccurate -- but didn't seem to have any problem with the press taking its one side of the story without considering the response from the accused: Jim Comey thinks the press shouldn’t report on this until after the government has had its shot at rebuttal? Does he feel the same about the army of FBI leakers who pre-empt defense cases all the time? Does Comey think it improper for his FBI to have released this press release, upon defendant Wei Seng Phua’s arrest, asserting that he is a member of organized crime as a fact and mentioning a prior arrest (not a conviction) that may or may not be deemed admissible to this case? According to the criminal complaint, Wei Seng Phua, is known by law enforcement to be a high ranking member of the 14K Triad, an Asian organized crime group. On or about June 18, 2013, Phua was arrested in Macau, along with more than 20 other individuals, for operating an illegal sport book gambling business transacting illegal bets on the World Cup Soccer Tournament. Phua posted bail in Macau and was released.  I didn’t see the FBI Director complaining about press stories, written in response to the press release, reported before the defense had been able to present their side. And, so, apparently, not only does the FBI director think it's proper to use deceptive practices if "it works," he also thinks that the press should only report on the FBI's side of the story, furthering the deceptive practices with what's effectively propaganda. The use of deception by law enforcement is already questionable enough. Asking the press to be a willing participant in that deception is simply ridiculous.Permalink | Comments | Email This Story

Read More...
posted 17 days ago on techdirt
For quite some time now, we've been concerned about the continued expansion of "secondary liability" concepts, adding more and more liability for copyright infringement to parties who are often far removed from any actual infringement. There are two major concerns with this. First, putting liability on one party for the actions of another just seems generally problematic. But, perhaps more importantly, when you put potential liability on an unrelated party, the end result is almost always excessive policing in a manner that hinders or entirely blocks perfectly legitimate activity and speech. That's why a recent court ruling in Germany is so problematic. It's the followup to an earlier ruling that found a domain registrar, Key-Systems, liable for actions done by the users of a torrent tracking site H33T. H33T just hosted the torrent (which, we should remind you, is not the actual infringing file), and some users used that tracker to torrent the album Blurred Lines. When H33T failed to respond to a takedown notice, Universal Music went after the registrar, and the court said it was Key-System's responsibility to stop the infringement. Of course, the only way for the registrar to do that is to yank the entire domain. The case was appealed, but the appeals court upheld the lower court ruling. Even though the registrar pointed out (accurately) that it had no way of knowing if the torrent was actually infringing, the court said that the registrar was responsible for assuming it must be infringing once it had contacted the domain owners and not received a response. That's an interesting shifting of the burden of proof. The court also seems unconcerned that the only way the registrar can remedy the situation is to take everything down, saying that if the website didn't want this to happen it should have responded promptly to the takedown notices it had received. Much of this seems to focus on assuming guilt unless one can prove innocence, and further believing that it's somehow "obvious" to recognize when someone is infringing on copyrights. As the Universal Music lawyer tells TorrentFreak in the link above, the company is quite excited about this new power, and will "have this in mind when looking at other domains."Permalink | Comments | Email This Story

Read More...
posted 17 days ago on techdirt
Recently Techdirt wrote about the extraordinary tirade by the new GCHQ boss, Robert Hannigan, which boiled down to: "however much we spy and censor online today, it's still not enough." It was so full of wrong-headed and dangerous ideas that it was hard to capture it all in one post. Here's one thing we didn't have room for last time: Isis also differs from its predecessors in the security of its communications. This presents an even greater challenge to agencies such as GCHQ. Terrorists have always found ways of hiding their operations. But today mobile technology and smartphones have increased the options available exponentially. Techniques for encrypting messages or making them anonymous which were once the preserve of the most sophisticated criminals or nation states now come as standard. These are supplemented by freely available programs and apps adding extra layers of security, many of them proudly advertising that they are "Snowden approved". There is no doubt that young foreign fighters have learnt and benefited from the leaks of the past two years. Leaving aside the rather pathetic dig at Snowden at the end there, and the unsubstantiated statement that terrorists have benefited from his leaks, the key message here is that strong encryption is now used routinely by the wrong people, and that it presents an "even greater challenge" to the world's security services. If that lament sounds familiar, it's because suddenly, over the last few weeks, it has become the persistent refrain of law enforcement agencies in both the US and UK. First we had the FBI Director James Comey talking about his agency's fears about things "going dark" because of encryption; then we heard from NYPD Commissioner Bill Bratton about how encryption "does a terrible disservice to the public"; a couple of weeks later, former NSA General Counsel Stewart Baker suggested the reason Blackberry had failed was because it used "too much encryption". Now it seems that the baton has been passed to the UK. The day after Hannigan led the way with his piece in the Financial Times, the head of London's Metropolitan Police added his voice to the chorus of disapproval, as the London Evening Standard reports: London's police chief today warns society against letting parts of the internet become a "dark and ungoverned" space populated by paedophiles, murderers and terrorists. In a call for action, Met Commissioner Sir Bernard Hogan-Howe says encryption on computers and mobile phones is frustrating police investigations, meaning parts of the web are becoming "anarchic places". What's particularly interesting is that as part of his visit to New York to make this speech, Hogan-Howe was also planning to meet all the senior US officials who had just voiced their concerns about encryption in precisely the same terms: Sir Bernard has spent several days in talks with New York and Washington police chiefs about the threat of terrorism and what he calls "the challenges and opportunities" of technology. Today he was meeting FBI director James Comey. He was also telling law enforcement experts behind closed doors at the New York police department that the internet is now a safe haven for criminality, adding: "Privacy is important but in my view the security of communications methods and devices is growing beyond what any genuine domestic user could reasonably require." It's hard not to see this as part of a concerted and organized counter-attack against growing calls to rein in US and UK surveillance in the wake of Snowden's revelations. The common line on both sides of the Atlantic is that encryption has gone too far -- that "the security of communications methods and devices is growing beyond what any genuine domestic user could reasonably require". The clear implication is that only "paedophiles, murderers and terrorists" would want strong crypto, and that for law-abiding citizens with nothing to hide, crypto with backdoors is good enough. But it isn't, of course. Law-abiding citizens with nothing to hide have a perfect right to real privacy online, just as they have a right to use doors, walls and curtains to screen off their private lives from the world's gaze. As Techdirt has noted before, placing backdoors in nominally secure systems simply makes them completely insecure, since there is no way to stop the bad people from using them too. Moreover, weakening crypto would not only make the Internet vastly less secure for billions of users, it would also undermine millions of online businesses and thus the economies with which they are now so deeply intertwined. We can expect more of these blatant attempts to demonize strong cryptography, and to paint its mere use as a sure sign of terrorism and depravity. But we have been here before. During the 1990s the US government tried to introduce backdoors into secure communications using the Clipper chip. Civil society won those first Crypto Wars; now it needs to gird its loins to fight and win Crypto Wars 2.0. Follow me @glynmoody on Twitter or identi.ca, and +glynmoody on Google+ Permalink | Comments | Email This Story

Read More...
posted 17 days ago on techdirt
President Obama has finally stepped up in the net neutrality battle, calling on the FCC to reclassify broadband as Title II, with forbearance, to create strong real net neutrality rules. Here's the key bit: I believe the FCC should reclassify consumer broadband service under Title II of the Telecommunications Act — while at the same time forbearing from rate regulation and other provisions less relevant to broadband services. This is a basic acknowledgment of the services ISPs provide to American homes and businesses, and the straightforward obligations necessary to ensure the network works for everyone — not just one or two companies. Investment in wired and wireless networks has supported jobs and made America the center of a vibrant ecosystem of digital devices, apps, and platforms that fuel growth and expand opportunity. Importantly, network investment remained strong under the previous net neutrality regime, before it was struck down by the court; in fact, the court agreed that protecting net neutrality helps foster more investment and innovation. If the FCC appropriately forbears from the Title II regulations that are not needed to implement the principles above — principles that most ISPs have followed for years — it will help ensure new rules are consistent with incentives for further investment in the infrastructure of the Internet. He also encourages the following setup, while acknowledging that the FCC is independent and can create whatever rules it wants. The FCC is an independent agency, and ultimately this decision is theirs alone. I believe the FCC should create a new set of rules protecting net neutrality and ensuring that neither the cable company nor the phone company will be able to act as a gatekeeper, restricting what you can do or see online. The rules I am asking for are simple, common-sense steps that reflect the Internet you and I use every day, and that some ISPs already observe. These bright-line rules include: No blocking. If a consumer requests access to a website or service, and the content is legal, your ISP should not be permitted to block it. That way, every player — not just those commercially affiliated with an ISP — gets a fair shot at your business. No throttling. Nor should ISPs be able to intentionally slow down some content or speed up others — through a process often called “throttling” — based on the type of service or your ISP’s preferences. Increased transparency. The connection between consumers and ISPs — the so-called “last mile” — is not the only place some sites might get special treatment. So, I am also asking the FCC to make full use of the transparency authorities the court recently upheld, and if necessary to apply net neutrality rules to points of interconnection between the ISP and the rest of the Internet. No paid prioritization. Simply put: No service should be stuck in a “slow lane” because it does not pay a fee. That kind of gatekeeping would undermine the level playing field essential to the Internet’s growth. So, as I have before, I am asking for an explicit ban on paid prioritization and any other restriction that has a similar effect. If carefully designed, these rules should not create any undue burden for ISPs, and can have clear, monitored exceptions for reasonable network management and for specialized services such as dedicated, mission-critical networks serving a hospital. But combined, these rules mean everything for preserving the Internet’s openness. The White House has also released the following video of President Obama discussing this: Make sure not to miss the first few seconds of the video, in which the White House appears to acknowledge the "internet slowdown day" with a mock buffering image: Many people engaged in the net neutrality fight had been annoyed at President Obama for not taking a strong stand on net neutrality -- a promise he had campaigned on. Instead, the White House was pretty quiet about things, and President Obama made a bunch of vague, non-committal statements about it. Making a clear and bold proclamation supporting reclassifying under Title II (with the important forbearance) is a big step forward. It won't sway Republicans who have fought against Title II from the beginning, but it may finally give folks who had been wavering and playing a political game of not fully supporting Title II in the past the political cover they need. And that includes those at the "independent" FCC... This won't necessarily change the end result here, but this is a big win for net neutrality supporters who had been feeling abandoned, and certainly provides some political support to full reclassification to protect an open internet. It could have and should have come much earlier, but better late than never.Permalink | Comments | Email This Story

Read More...
posted 17 days ago on techdirt
If you're like several law enforcement agencies here in the US, there's a good chance you've obtained a heavily-armored vehicle from the Dept. of Defense's 1033 program. Like much of the military equipment obtained through this program (often with the assistance of DHS grants), an MRAP doesn't so much address a need as it creates a problem: new law enforcement tools but nothing to use them for. So, rather than save it for terrorists or active shooters, MRAPS and other military gear are co-opted by SWAT teams or deployed against protesters. Ignoring much of what has happened over the past several months, 15-year police veteran Steve Rabinovich has posted an article (which is actually more of an advertisement for two tactical training companies) discussing the proper care and feeding of your PD's MRAP. Now, through the 1033 program, these officers and deputies are prepared to use the proper tools for what threats may come. We all understand that improper and ignorant application of these tools is not only a liability, its deliberate indifference. These trucks feel, drive, and act unlike anything most drivers and teams are used to — to simply put them to use without proper training is asking for people to get hurt or killed. Rabinovich details this MRAP training, most of which involves handling the heavy, unwieldy vehicles, as well as the unique bonding experience that is advanced tactical training at a "flagship Nebraska facility." One of the most unique things about this course was the positive attitude and genuine desire to learn which didn’t stop when the class was dismissed. Everything from class topics to shooting positions to medical equipment was discussed around the fire pit under the Nebraska moon. Moving on. Rabinovich linked to another article from this one, perhaps recognizing that an article unironically attaching an exclamation point to the sentence, "Your agency got a 1033 MRAP!" might be viewed as "tone deaf," at best. In this one, Rabinovich offers three justifications for any law enforcement agency that feels a mine-resistant vehicle is a worthy addition to its fleet of vehicles. 1. Better-equipped and trained police are a better asset to protect and serve their communities. 2. In some quarters, violent anti-government groups and individuals are targeting cops as scapegoats. 3. There has been a steady increase in deadly and violent assaults on cops — as well as acts of domestic and international terrorism — many of which are reported in limited scope or not publicly known. The "better-equipped" justification is tough to argue with. Arguably, a heavily-armored vehicle is protective but how does it "serve" the community? It's not as though endangered citizens get to shuttle in and out of crime scenes in bulletproof vehicles. The argument rests on the assumption that a more well-protected police force is a net win for the community. Maybe it is, but Rabinovich doesn't bother connecting those dots. Better training is also an essential part of protecting and serving the community. But how does the acquisition of an MRAP better train police? Rabinovich doesn't explore this logical dead end any further, so it's left up to the audience to make its own assumptions. "Violent anti-government groups" is a very recent talking point, one used to paint government accountability groups as "violent," using a very broad brush in hopes of destroying the credibility of Peaceful Streets or Cop Block. Rabinovich further cheapens this by portraying these groups as "scapegoating" police officers, but once again fails to clarifiy his choice of words. Nothing further is written that explains why these officers are being "scapegoated" and Rabinovich doesn't even bother to given any examples of this "targeting." The last argument is just as awful as the first two but has the additional feature of being factually wrong. Police work isn't becoming increasingly dangerous, even with the supposed corresponding uptick in "domestic and international terrorism." Rabinovich must know this assertion won't hold up because he adds the ridiculous claim that attacks on cops are ignored by much of the media or never reported at all. The exact opposite is the truth. In addition, the number of officers killed or wounded by civilians is a stat tracked by nearly every law enforcement agency. Civilians killed or wounded by police officers are stats tracked by amateurs, despite the fact that the Dept. of Justice has ordered these numbers to be reported annually -- an order that has been mostly ignored for the last thirteen years. Rabinovich offers these terrible justifications and follows it up with this: If these are the trucks being given away, these are the truck being implemented into law enforcement service. If someone thinks their tax dollars are better served letting these assets rust away or be given to foreign armies, maybe their cash is greener than yours or mine. If you're against police militarization then you must be for wasting tax dollars and arming foreigners. It's that simple. You could not be any less of an American. But what Rabinovich thinks we shouldn't do with excess military equipment is exactly what we do with excess military equipment. We don't hand off tanks to police departments just because the only other options are the scrapyard or an overseas army. We shouldn't be doing this with other military gear either. Law enforcement agencies don't need mine-resistant vehicles, assault rifles and grenade launchers. Law enforcement has existed without all three for several decades, including years when being a cop was much more dangerous than it is now. These justifications are nothing more than the cheapest of rationlizations. Permalink | Comments | Email This Story

Read More...
posted 17 days ago on techdirt
Back in May, the appeals court for the Federal Circuit (CAFC) enhanced its reputation of getting basically patent law wrong consistently by deciding to get copyright law wrong too, in declaring that APIs were copyrightable subject matter, in the Oracle v. Google lawsuit. As we explained at the time, the court appeared to make some rather serious fundamental errors, not understanding the difference between software and interfaces (and worse, totally misquoting some experts). Last month, Google asked the Supreme Court to review the case. On Friday, a bunch of interesting amicus briefs were filed, asking the Supreme Court to fix the CAFC's big mistakes. Perhaps the most interesting was put together by the EFF, but was signed by 77 computer scientists, including many of the most well-known and most respected computer scientists around, including Hal Abelson, Brian Behlendorf, Ward Cunningham, Peter Deutsch, David Dill, Dave Farber, Ed Felten, Mitch Kapor, Alan Kay, Brian Kernighan, Guido van Rossum, Avi Rubin, Bruce Schneier and Bjarne Stroustrup among others. There are a lot more, obviously, but those were just a few of the names that stood out. The key point made in the filing is that this upsets decades of what was considered a settled matter in computer science, while highlighting how much of computer history was built off of the recognition of non-copyrightable APIs, allowing for the creation of interoperable systems, much of which drove the early computer revolution. Here's the summary from the brief: For decades, computer scientists have relied on the open nature of APIs to enable rapid innovation in computer technology. For decades, circuit courts have supported that reliance, concluding that Section 102(b) of the Copyright Act protects a programmer’s source code as creative expression, but does not cover the processes, systems, and methods of operation that code may employ to interface with other software. The district court correctly followed that precedent and rejected Oracle’s claim that the Java APIs could be copyrightable. Sadly, the Federal Circuit chose to split with the other circuits and reverse the district court. That decision upended decades of industry practice and threatens the basic principles upon which our technology sector was built. Not surprisingly, the Federal Circuit’s decision has been harshly criticized. As many commentators have noted, if the Federal Circuit’s view had been accepted at the birth of modern computing, many important technologies would never have existed, and/or succeeded. For example, the widespread availability of diverse, cheap, and customizable personal computers owes its existence to the lack of copyright on the specification for IBM’s Basic Input/Output System (BIOS) for the PC. And open APIs were essential to many modern computing developments, including those of operating systems such as UNIX, programming languages such as “C,” the Internet’s network protocols, and cloud computing. Today, open, uncopyrightable APIs continue to spur the creation and adoption of new technologies. When programmers can freely reimplement or reverse engineer an API without obtaining a costly license or risking a lawsuit, they can create compatible software that the interface’s original creator might never have envisioned or had the resources to develop. Moreover, compatible APIs help enable people to switch platforms and services freely, and to find software that meets their needs regardless of what browser or operating system they use. Without the compatibility enabled by the open nature of APIs, consumers could be forced to leave their data and programs behind when they switch to a new service. The freedom to reimplement APIs also helps developers rescue “orphan” software or data—systems that are no longer supported by their creators. When a company stops supporting a computer platform or service, the ability to freely reimplement APIs protects the communities that rely on that software. Government entities and non-profi ts are especially susceptible to the orphan programs problem as they often cannot afford to upgrade and are left using legacy technologies for years or decades. Next up, is a filing from CCIA written in part by Jonathan Band, which is noteworthy in part because Band co-wrote the book on copyright and interfaces (first published nearly 20 years ago), explaining how interfaces aren't copyrightable and why that simple fact was responsible for so much of the computer revolution. This filing similarly notes how much of history was driven by interoperability, but also digs deeper into what a mess it would be if the CAFC's view was determined to be correct: If a company could exercise proprietary control over the interface specifications implemented by its products, that company could determine which products made by other firms – if any – would be compatible with its software. And should that company have a dominant position in a particular market, it could use its control over compatibility to expand its dominant position into adjacent markets. Moreover, such authority would extend the rights under copyright beyond what is necessary to protect the original expressive elements that have traditionally been offered protection under American copyright law, and it would override limitations on copyright crafted to protect the public good. Such a broad monopoly would have serious implications for consumer welfare. In the absence of competition during the effective lifespan of the product, the first developer would have little incentive to develop more innovative and less costly products. These negative consequences would be compounded by the fact that the personal computer revolution and the emergence of the Internet have produced an overwhelming need for interconnection between different elements of computer systems. Prohibiting competitors from accessing de facto standard interface specifications would lock users into a particular operating system or network software environment, and would inhibit the transfer of data between users with different computing environments.... The Petition shows a host of real-world problems and economic harms that would result if API copyright could foreclose compatibility, including the cost of rewriting interface code formerly understood to be unprotected, and lock-in costs resulting from consumers’ inability to switch operating systems or cloud computing providers.... Lock-in would deter competition, investment, and innovation in the burgeoning cloud computing industry, which is known to be sensitive to policy changes in copyright. In short, in the computer industry, overly broad intellectual property protection directly restricts competition and innovation. This was the status quo in the computing environment in the 1970s. Once a buyer purchased a computer system, the buyer was essentially locked-in to that system: the system was incompatible with products manufactured by other companies, and conversion costs were high. Although “locking in” was extremely profitable for dominant vendors such as IBM, competitors and users suffered from high prices, indifferent service, limited choice, and slow innovation. CCIA also reminds the Supreme Court that Oracle (and Sun) not to long ago were among those who fought strongly for the position that interfaces were not copyrightable and that interoperability should be allowed. The filing notes that Sun and Oracle fought hard against parts of the DMCA when it was introduced that would have blocked interoperability. For example: In a 1998 press release, Michael Morris, then Vice President and General Counsel of Sun Microsystems, argued that the DMCA as introduced would “impose[ ] a new and unnecessary layer of restraint on lawful access to those unprotected elements of computer programs that are necessary to achieve interoperability, thus placing developers of interoperable products at the mercy of proprietary vendors.” That resulted in changes to the DMCA to make sure that interoperability was allowed. And yet, now, Oracle (via its Sun acquisition) are trying to argue the exact opposite is true. Finally, Public Knowledge also submitted an interesting brief which lays out the ridiculous situation we're in today with an analogy using amusingly named stand-in and products: Say that Delphi Corporation manufactures screws. It hits upon a new design for a screw socket—the interface between screw and screwdriver—that is more efficient than the prevailing Phillips and flathead insertions. Capitalizing on this novel idea, Delphi manufactures a line of screws using this socket, which it calls Sumatra. The Sumatra socket is wildly popular. New lines of screwdrivers are made for the Sumatra socket. Engineering textbooks praise the Sumatra design. Wood-workers teach their sons and daughters to use it. And competing screw manufacturer Zillion decides to make its own screws compatible with the Sumatra socket. The screws otherwise differ, but use the Sumatra socket so that woodworkers need not purchase new tools. Only then does Delphi declare the Sumatra socket a sculptural work, suing Zillion for copyright infringement. Rather than focusing on more recent rulings concerning software, the Public Knowledge brief goes all the way back to Baker v. Selden from 1879, which found that you couldn't copyright a set of blank ledger forms. Oracle repeatedly points to the “intricate web of connections" of the Java API, in an effort to suggest that its structure, sequence and organization of the API is copyrightable. Oracle Brief, supra, at 26. But so too can uncopyrightable blank forms constitute an intricate web of connections. Selden’s book included 19 forms and 24 pages of demonstrative explanation designed “to compress almost innumerable accounts under a few specific, intelligible heads.” .... For either blank forms or APIs, intricacy does not confer copyrightability. Given that an API is factually on par with a blank form, it is unsurprising that the reasoning of Baker directly applies to the copyrightability of APIs. Baker held that blank ledger forms, including the “ruled lines and headings,” could not properly be the subject of copyright.... The Court said that copyright cannot cover “systems” or an “art”; the Java API is certainly a system, one that teaches the “art” of using the Java system.... The Java API is on all fours with the blank forms of Baker, both factually and legally. Since copying of the blank forms in Baker was permissible, copying of the Java API is too. It's also nice to see the Public Knowledge brief call out the simple factual errors in the CAFC ruling (some of which we pointed out in our post at the time): ... the Federal Circuit misunderstands arguments that interfaces are more properly protected by patent law than copyright law... Google, several amici below, and the district court merely proffered the unremarkable argument that functional elements should be excluded from copyright law by § 102(b) and the idea/expression dichotomy... But the Federal Circuit mistook them to mean that software may only be patentable or copyrightable, but not both. The Federal Circuit further assumed that criticisms of software patents equate to suggestions to expand copyrightable subject matter to cover interfaces. These propositions are flawed. First, the Federal Circuit t neglects that there is matter outside the realm of both copyright and patent; the court apparently supposed that every element of a software program must fit into one or the other. Second, the Federal Circuit fails to differentiate the discrete elements of a given software product that may be copyrightable and those that may be patentable, instead lumping those elements together into a single entity. Third, the Federal Circuit conflates programming interfaces with computer programs generally. Hopefully, these and other arguments convince the Supreme Court of just how wrong the CAFC was in its ruling. Recently, the Supreme Court has been pretty bad on copyright cases, while generally good on patent cases, so it's always a little nerve-wracking when copyright cases get there. The one bit of good news is that the Supreme Court has clearly found itself regularly questioning CAFC's interpretation of laws, since most of those patent cases come up via CAFC. The only reason this copyright case went to CAFC was because it started out as a patent case, though the patent issues got tossed out early on.Permalink | Comments | Email This Story

Read More...
posted 18 days ago on techdirt
This week, and our first place comment for insightful scored pretty high on the funny side too (though not quite enough to break the top two). After it was discovered that Islamic extremists were using the YouTube copyright dispute process to get personal data on critics, Jon Renaut noted that technically this fulfills an old fearmonger prophecy: They keep telling us that copyright infringement helps terrorists and now look - sure enough, the laws we made them pass to stop infringement are finally doing it. By comparison, our next example of abusing the law is less disturbing, but that doesn't make it any less stupid: a pianist is trying to use the (European) Right To Be Forgotten to take down a four-year-old bad review in the (American) Washington Post. Yeah. S. T. Stone summed up what this suggests about the artist: A man who believes they should have the right to edit the views of others is asking for censorship—and he is doing so only so he can comfort his own ignorance. I would rather read ten bad reviews of anything I've ever created than a single "edited" good review; at least the bad ones would tell me how I fucked up and give me ideas of how to improve in the future. Dejan Lazic would rather tell other people what to think about him than hear honest opinions about his work. That alone says more about why this man should not be called an ‘artist’ than any other work he has ever produced. And as long as we're talking about stupid legal reactions to Google like the right to be forgotten itself, let's use our first editor's choice for insightful to look at Germany, where a top publisher has admitted that blocking the search engine from using snippets caused its traffic to plummet — and is now seeking yet another legal solution, claiming Google is too powerful. David elegantly explained just how misguided this is: They fail to understand It's not "Google" with overwhelming power in the market. It's the value of search engines, in general, in the information market. They cannot seem to understand that no matter what they do to Google, or any other search engine, their content is simply undiscoverable without them. This is a perfect symbiosis. They provide content, Google provides the pathway for people looking for content to THEIR content! And they keep wanting to find some way to screw it up. Last up on the insightful side, we've got a response to one of our least convincing critics defending David Bowie's right to block astronaut Chris Hadfield from continuing to share his outer space rendition of Space Oddity. One anonymous commenter neatly (though, I'm sure, futilely) explained why the entire situation is absurd: We are talking about a song that was released in 1969, the year man first walked on the Moon. To many people the moon walk is an incident from history, but a song first released before they were born is still under copyright. Over on the funny side, we head to the rare news of a court telling the government it can't just use "state secrets" as a catch-all excuse. This doesn't happen very often, and AricTheRed took first place for funny when he thought of a great way to illustrate that: I'm Inspired! I'm going to teach my dog a new trick. I'll say "State Secrets" And he'll just lay down and roll over. It will be awesome! For second place, we head to a court battle about AOL's terms of service which led to a disturbing 4th Amendment ruling. Michael recognized that it was time to sound the alarm: All six of those people still using AOL should definitely stop right away. (Amusing, though the truth you might not expect is that 2-million people are still subscribed to AOL dialup.) For editor's choice on the funny side, we start with a response to the news that the CIA Torture Report may finally be released. Sorrykb took a shot at predicting what it might look like: ██████ CIA ███████████████ ████████ ████████████████████ because ███████████████ terrorism ██████████████████████████justified ███████████████████████ 9/11 ███████████████ terrorism ██████████████████████ bad guys ████████████████████████ children!████████████████████████████and ██████████████████ OMG terrorism ███████████████████ John Yoo █████████████████████████████████a ctions██████████████ really bad guys ███████████████entirely███████████ █ ███████legal. Last but not least, after UK libraries began protesting draconian copyright laws by putting empty display cases where they'd like to be showing historical documents like wartime letters from WW1 soldiers, one anonymous commenter reined us in and reminded us just how important copyright is to promote creativity in cases like this: The soldier who didn't write Soldier #1: Why aren't you writing letters to send home to your wife and family? Soldier #2: I don't want someone else to potentially profit off of my hard work writing that letter by putting it on display in a Library or something! Soldier #1: But how will you keep in touch with your family then? Soldier #2: I won't, it's a small price to pay for making sure that greedy people who want everything for free won't profit off of my writing without paying me. Soldier #1: But who would pay for a copy of your letters, besides your family? Soldier #2: Well... fans of me... if I ever hypothetically become famous... I wouldn't want to lose some of my hypothetical wealth to libraries just putting my letters on display for free! Scarcity is a good thing for increasing my potential hypothetical wealth! That's all for this week, folks! Permalink | Comments | Email This Story

Read More...
posted 19 days ago on techdirt
Five Years Ago We were looking at what it would take to really reform copyright law thanks to a great paper from Jessica Litman. Meanwhile, one of our readers argued that there was actually a moral argument in favor of file sharing (I found it interesting, but didn't fully agree). Speaking of sharing, the White House was trying to claim that you couldn't modify its official photos, but that's not what copyright law says, since federal government works are public domain. In more bizarre government copyrighting, we discovered that Canada and Europe actually claim a copyright on the design of their currency. A court found that answers to textbook questions were a derivative work of the original, and thus potentially infringing. The MPAA got some propaganda on 60 Minutes while we were wondering if any of this anti-piracy activity would actually make people buy. The MPAA was also claiming that if piracy wasn't stopped, the internet would die. And, of course, the FCC was looking at letting the MPAA break your TV and DVR because piracy. I was personally annoyed at Hulu for telling me I couldn't watch if I used my VPN. In other news, Glenn Beck was not allowed to seize the domain name GlennBeckRapedAndMurderedAYoungGirlIn1990.com, despite his attempts. Venezuela was blaming video games for violence. A court said that using a domain registration privacy service was "material falsification and David Brooks claimed that mobile phones were destroying courtship (I wonder what he thinks of Tinder). Comcast was sure that the solution to customer complaints was to change customers' behavior, rather than its own business model. Retailers wanted a law blaming eBay for shoplifters selling stolen goods. Germany was already looking for blame Google copyright laws to "save newspapers." Oh, and the Obama administration broke out its first attempt to use a "state secrets" claim to kill a lawsuit about warrantless wiretapping. And finally, we posted some results on our first experiment with asking you, our community, to support us. Ten Years Ago Time shifting TV was just catching on while voicemail was dying. Also, AOL was losing customers by the millions, which was funny for those of us who remembered its frequent press releases about each new million signups. Qualcomm spent nearly a billion dollars on a special TV system for mobile phones that absolutely no one wanted. Meanwhile a price war was breaking out in the DVD-by-mail space (remember that?). Oh and the broadband guys were already doing everything possible to block muni broadband competition. We were wondering if virus writers deserved jailtime while some spammers were getting many years in jail. Meanwhile the feds were trying to track down the fax.com spammers who had been fined many times and just ignored it over and over again. Bad patents were a big thing, with some company claiming a patent on international e-commerce and another on product recommendations. It was also one of the first times we'd seen a lawsuit over a negative review (and companies still don't seem to realize you can't really sue over that). Oh, and of course, the MPAA was copying the RIAA's bad strategy of suing file sharers. Fifteen Years Ago A court ruled that Microsoft was a monopoly while Webvan -- one of the classic dot com bubble startups -- had its IPO right at the height of the bubble era, just as competitor, HomeGrocer raised $100 million. Another classic of the bubble era was the online pet store category. While Pets.com was the most famous there were half a dozen or so competitors. One of them, Petopia, raised $66 million before launching and claimed its "differentiating factor" was it had more money than everyone else. And then, fifteen years ago this week two other online pet stores raised much more money, each breaking $100 million for unproven businesses in a highly competitive market. Think about that when people claim we're in a bubble today. Over in Europe, some folks were trying to copy Silicon Valley's bubble with the infamous boo.com -- and it wasn't going well (for the investors, at least). Back in 1999, Microsoft was already looking at ebooks while Barnes & Noble bought books.com, which had been an attempt to take on Amazon by Cendant (which, at one time, had been considered an up-and-coming internet company) as well as a big stake in a publishing on demand company. Fifteen years ago was also the week when we got one of the first absolute nutty web-meme/internet celebrities with the rise of Mahir, the "I Kiss You!!!" guy. His original web page has been moved, but you can see it here, and for you young kids who missed the Mahir phenomenon, you may immediately notice the resemblance to the later Sascha Baron Cohen character Borat -- something that apparently angered Mahir. Twenty Six Years Ago: The infamous Morris worm was unleashed on the internet, by Robert Morris -- who was just trying to measure the internet. Instead, it ended up taking down much of the internet, and Morris has the unfortunate claim to fame of being the first person convicted under the Computer Fraud and Abuse Act (CFAA). This represented the first of many abuses of the CFAA law, which still is in desperate need of fixing, and which Congress still refuses to fix. On a somewhat related note, years later, Morris went on to cofound YCombinator. Also, in the very first YCombinator class, one of the entrepreneurs was Aaron Swartz, who (as you well know) went on to kill himself while facing criminal charges under the CFAA for downloading too many journal articles from a website he had legal access to. Today would have been Aaron Swartz's 28th birthday (yes, he was born two years to the day before the Morris worm), and there are a bunch of hackathons in his honor going on.Permalink | Comments | Email This Story

Read More...
posted 19 days ago on techdirt
For this week's awesome stuff post of interesting crowdfunding projects, we've got various takes on home security and alarms. Point The Point is an interesting new take on "the internet of things" and sensors. It's a little device with a bunch of sensors designed to alert you on your phone, if it senses something is wrong in the house. If it hears breaking glass, for example, it can alert you. Or if the noise is too loud (and unlike some other devices it doesn't send the content over the internet, it just alerts you). It tracks noise, air (smoke), temperature, humidity and some other things and can send alerts and also light up differently in the home as well. It's a rather different take on these things, done in a way that doesn't feel as privacy-invasive as a number of other connected home offerings. rClock You kind of have to see the rClock in action to get it, but it's an alarm clock with a big plastic stick on it, that can swing down and "tap" you, to try to wake you up without making noise (though, I'd imagine that the tapping might make some amount of noise). I'm not sure I'd personally feel comfortable with a robotic alarm clock slapping me in the morning to wake me up, but it is a different sort of alarm... BeOn OK, the BeOn isn't an alarm, per se, but does some interesting things to hopefully mean you wouldn't need a home burglar alarm. It's a sort of smart lightbulb that pays attention to when and how you use the lights in your house -- and if you set it to "away" mode, it just mimics your usual lighting patterns, to make anyone looking from the outside think that you're home. A lot more clever than the standard trick of just using a regular timer. The other neat feature is that it can listen for the doorbell to ring, and then turn on lights, at various intervals, around the house as if it's someone coming to the door. Of course, while that might scare off a potential burglar, it might confuse the heck out of a friend stopping by unannounced to say hello... Permalink | Comments | Email This Story

Read More...
posted 19 days ago on techdirt
TANSTAAFL is usually true, especially if you're counting opportunity costs. However, some deals are too attractive for some people to pass up -- especially offers of free food. Occasionally, folks even get the better end of the deal by exploiting loopholes, and the "free lunch" turns out to really favor the eater. Here are just a few examples of getting some free food (with an asterisk). Some airlines offer free meals to their first-class customers, and one man from China ate for free in the VIP lounge of China Eastern Airlines for an entire year. Nice. But not quite as crafty as David Philips scheme that got him free airline miles for buying pudding. [url] Taco Bell ran a contest called "Eleven Everlasting Dollars" that offered free food for life (at Taco Bell). The fine print defined free food for life as $10,000 in gift cards -- which apparently was based on an average consumption of $216 per year for 46 years. [url] Alan Marin from North Carolina bought a "Never Ending Pasta Pass" from Olive Garden, and he's eaten over a hundred meals with it. It's a limited time pass, but he's already saved himself several hundred bucks (but on the other hand, he's had to eat nothing but pasta for over a month). [url] If you want to try getting as much free food as you can in a year, mark your calendars for all of the annual free food promotions from Ben & Jerry's and other retailers. Not too many free lunches, but you'll be eating a lot of desserts and donuts. [url] If you'd like to read more awesome and interesting stuff, check out this unrelated (but not entirely random!) Techdirt post via StumbleUpon.Permalink | Comments | Email This Story

Read More...
posted 19 days ago on techdirt
For a few years now, the FTC has talked about taking on patent trolls. In 2011, 2012 and 2013, we heard stories about the FTC putting patent trolls "on notice" and getting ready to crack down on them for deceptive practices. Last year, it finally "launched an investigation" into certain patent trolls, starting with notoriously crazy patent troll MPHJ, famous for its rather aggressive form of trolling, using a questionable patent on "scan-to-email" technology, sending out thousands of demand letters from a range of shell companies, telling lots of small businesses that they had to pay between $900 to $1200 per employee if they had a scanner with the "scan-to-email" function (most modern scanners). Sensing it was in trouble, MPHJ tried suing the FTC (along with each of the five commissioners personally), arguing that the investigation violated its constitutional rights. Yeah, right. A few weeks ago, the courts rejected that plan, and now the FTC has reached something of a "settlement" with both MPHJ and the law firm it used, Farney Daniels, P.C., which allowed MPHJ to send out its demand letters on its own stationary. Unfortunately, the "settlement" seems fairly weak. There's no money being paid. There's no admission of guilt. There's just a promise that MPHJ won't use certain deceptive tactics, such as claiming that others had already paid thousands of dollars for licenses, or threaten lawsuits unless the company is actually going to sue. It seems like a pretty minor slap on the wrist, getting at some of the worst behavior by MPHJ, but hardly doing much to stop lots of other egregious trolling actions. It's something, but a very minor something.Permalink | Comments | Email This Story

Read More...
posted 19 days ago on techdirt
The DOJ wants the FBI to have the ability to run amok, hacking overseas computers and accessing electronics wherever and whenever, with a minimum of hassle. The DOJ's proposal, which was presented to a judicial advisory committee in September, asks for some major alterations to Rule 41. As Mike explained back in September, what the DOJ is proposing is an expansion of power that takes the necessarily limited exceptions applied to terrorism investigations and applies them to everyday criminal investigations. Then it goes further, wiping out jurisdictional limitations. The provision, known as Rule 41 of the federal rules of criminal procedure, typically allows judges to issue search warrants only within their judicial district. But the government has asked to alter this restriction to allow judges to approve electronic surveillance to find and search a computer's contents regardless of its physical location, even if the device is suspected of being abroad. This expansion is supposedly justified by the technological arms race law enforcement agencies (like the DOJ and FBI) continuing to claim they're somehow losing, despite billions of tax dollars and years of perfecting their skills. Rather than work within the confines of the Fourth Amendment and other related considerations, the government is looking to create a broad and permanent downhill slope to ease its investigative burden. The DOJ is seeking expanded powers for the FBI, including the permission to implant malware and infiltrate overseas networks, just like its big brother, the NSA. In addition to asking for the codification of Fourth Amendment violations, the DOJ is also asking for permission to place the US in a number of diplomatically tenuous situations with other countries as a result of its agents' actions. Unsurprisingly, there's plenty of outside resistance to this proposed change. Technology experts and civil-liberties groups strongly oppose the proposed rule change. On Wednesday, several of them testified before the rule-making committee urging a rejection of the Justice Department's proposal. The rule change, they argued, would be substantive and not merely procedural, making it beyond the intended scope of the advisory panel. They also warned that the expansion would threaten the Fourth Amendment's strict limitations on government search and seizures, and allow the FBI to violate the sovereignty of foreign countries. The panel hearing the inquiry didn't seem very impressed with those taking the side of the American public. The judicial panel on Wednesday did little to tip its hand on the issue, but it did aggressively question several witnesses as to what alternative they would prefer that allows federal investigators to keep up with and catch elusive cybercriminals. This, too, is unsurprising. The courts have a long history of showing deference to law enforcement agencies, and the increasing use of terrorism as a rhetorical device has only made this tendency worse. While there has been some pushback in the wake of the Snowden leaks, by and large the judicial viewpoint is that fighting crime is a noble pursuit and those engaged in this battle should be given every tool needed to succeed, even if that means shaving a few inches off the top of Americans' civil liberties. But those arguing against this proposed change made a very valid point during their time in front of the panel: if we have to look to legislators for relief, so should the DOJ. "I empathize that it is very hard to get a legislative change," said Amie Stepanovich, senior policy counsel with Access, a digital-freedom group. "However, when you have us resorting to Congress to get increased privacy protections, we would also like to see the government turn to Congress to get increased surveillance authority." James Comey, of course, will be continuing his attempt to do exactly that. His speaking appearances are still largely composed of encryption complaints, and when not publicly demanding that tech companies get in bed with the FBI, he's meeting secretly with legislators in hopes of bending the nation's laws to his will. Oddly, the DOJ has previously claimed the FBI doesn't need warrants to hack foreign computers -- an argument it made during the evidentiary hearings in the Dread Pirate Roberts/Silkroad case. Now, it's petitioning to grant US judges the power to sign off on warrants that can be used anywhere -- even overseas. If the panel agrees to this alteration, it would actually limit the FBI's extraterritorial activities, at least as described in federal court. What this proposal sounds like is an attempt to expand its domestic powers, with a small nod towards extraterritorial activities thrown in as an expendable demand -- something to be given up to keep the domestic power expansion it really wants. Rights of foreigners are similarly expendable and are only respected when diplomatically expedient. Here in the US, it's a bit trickier, and that's the part the FBI actually wants to "simplify."Permalink | Comments | Email This Story

Read More...
posted 19 days ago on techdirt
Roca Labs just keeps going and going. If you don't recall, the company sued PissedConsumer (a part of Consumer Opinion Corp.), claiming that the site had engaged in "tortious interference" with Roca's business by encouraging people to complain about a Roca Labs product (a kind of goop that it claims will fill your stomach making you less hungry). In its response to Roca's lawsuit, PissedConsumer also supplied declarations from some former Roca customers who were unhappy with their experience, complained about it, and got threatened with lawsuits in response from Roca Labs. Soon after, Roca Labs threatened all three of those witnesses with defamation lawsuits, even though it had been years since the company had communicated with two of the three. It appears that Roca Labs finally made good on that threat and recently filed a lawsuit against all three individuals in Florida State Court. The lawsuit (pdf), which includes a demand for a temporary injunction, seems destined for federal court rather than state court since none of the defendants are in Florida. Either way, the lawsuit accuses all three of "breaching" the contract by daring to complain to the Better Business Bureau, tortious interference for alerting others to the fact that they didn't like Roca Labs' product and "defamation per se" based on Roca's rather interesting interpretation of defamation law. As we've noted in the past, the gag order in Roca Labs' terms of service does say that if you complain about its product, it will automatically be considered defamation per se, but that's not how "defamation per se" works. Roca Labs is seeking declaratory relief and a temporary injunction. Once again, the request for the temporary injunction is an interesting legal argument, seeing as the company is asking the court to prevent speech from the three individuals -- and it's generally considered improper to issue a temporary injunction for speech (the whole First Amendment/prior restraint thing becomes an issue). Frankly, this looks like a fairly standard SLAPP suit -- a lawsuit designed to shut someone up. Unfortunately, Florida only has a ridiculously narrow anti-SLAPP law, meaning that it won't be effective for the three women in question. On a separate note, in my last post on Roca Labs, I mentioned that the company appeared to have incorrectly told the court in Florida that its case against PissedConsumer there was unrelated to any other case, when that clearly was not the case, given the lawsuit in NY that PissedConsumer had filed against Roca Labs even earlier, seeking declaratory relief. Apparently, Roca Labs recognized its mistake the very next day after I wrote about it, and filed an amended filing, noting the case in NY. I'm sure it's a coincidence.Permalink | Comments | Email This Story

Read More...
posted 19 days ago on techdirt
Back in September, we reported on the Chinese authorities using man-in-the-middle attacks to spy on citizens who carry out Google searches over encrypted connections. That's done by using a fake security certificate to redirect traffic to a server where the traffic is decrypted, analyzed, and blocked if necessary. A new post on the Greatfire.org Web site points out that this approach can only work if the user's computer trusts the certificate's issuing authority, in this case the China Internet Network Information Center, and that it's curious that browsers from the West do so quite so readily: Microsoft, Apple and Mozilla among others, trust CNNIC (China Internet Network Information Center) to protect your communications on their platforms by default, regardless of whether or not you are in China. CNNIC has implemented (and tried to mask) internet censorship, produced malware and has very bad security practices. Tech-savvy users in China have been protesting the inclusion of CNNIC as a trusted certificate authority for years. In January 2013, after Github was attacked in China, we publicly called for the the revocation of the trust certificate for CNNIC. In light of the recent spate of man-in-the-middle (MITM) attacks in China, and in an effort to protect user privacy not just in China but everywhere, we again call for revocation of CNNIC Certificate Authority. Although the logic of revoking CNNIC as a trusted certificate authority might seem inarguable, the consequences of doing so are likely to be serious. For example, the Chinese government might decide to ban the use of any browser that did not include CNNIC. That's hard to police, but the threat alone would be enough to dissuade any software company from removing CNNIC's certificate from its browser. Perhaps the best solution is simply making users aware of the issue, and explaining how they can remove any certificate authority they have doubts about. And not just for China: these problems can arise in any country where a local trusted certificate authority is under the direct -- or indirect -- control of the government. Follow me @glynmoody on Twitter or identi.ca, and +glynmoody on Google+Permalink | Comments | Email This Story

Read More...
posted 20 days ago on techdirt
Jason Leopold has a big article at Vice detailing some more of what's in the Senate Intelligence Committee's CIA torture report, but the bigger news is that the long fought over, somewhat redacted executive summary may be released next week: ... the Senate committee is hoping to release its report as early as next week, when the US sends a delegation to Geneva, Switzerland where it will submit a report on compliance with the International Convention Against Torture. The release of the executive summary would be an effort to show "some form of accountability," one person familiar with the declassification negotiations said. Of course, it also notes that the fight over redacting pseudonyms still isn't settled, and that may muck things up. And, really, why wouldn't the CIA keep pushing back? Now that the GOP has won the Senate, it knows that if it can just stall until January, the whole report may get buried. As for the other leaks about the report, many of them confirm what had previously leaked about the report, but also go deeper into each of those areas. For example, earlier leaks had already talked about how the torture techniques used by the CIA went beyond what was approved, how the CIA tortured more people than previously admitted (and then hid those details), and then lied to Congress claiming that the torture was effective when it was not. Leopold has some more details about all of those, including how the CIA is responding to and challenging some of those findings. However, Leopold also highlights a variety of ways in which the report does appear to fall short, choosing to pull punches and avoid blaming top administration officials like former Vice President Dick Cheney (despite his previous admissions that he okayed the program), and also carefully avoiding placing any blame on a high-ranking CIA official who is described as "Feinstein's boy": Although he is identified in the Senate report, the committee did not level any criticism against Stephen Kappes, who was deputy director of the CIA while the interrogation program was up and running. Kappes allegedly played a role in covering up the death of a detainee who froze to death in 2002 at a CIA operated prison in Afghanistan called the "Salt Pit." The death of the detainee is highlighted in the Senate report. Kappes had been Feinstein's choice to head the CIA after Barack Obama was sworn in as president in 2009. Feinstein is on record stating she would not support Panetta's nomination unless Kappes was named as his deputy, a position he served in until 2010. One former CIA official said Kappes is "Feinstein's boy," suggesting that he was spared criticism because of his close relationship with the Intelligence Committee chairwoman. As for Cheney: The Senate report promotes the narrative that the CIA deceived the Bush White House into permitting the agency to use the controversial interrogation techniques against certain captives. This, despite the fact that former Vice President Dick Cheney admitted in 2008 that he personally "signed off" on the waterboarding of alleged 9/11 mastermind Khalid Sheikh Mohammed and two other high-value captives because he "thought that it was absolutely the right thing to do." "This is why the SSCI [Senate Select Committee on Intelligence] report is flawed and is not a full historical overview of the EIT program," said one person familiar with it. "Who in their right mind would believe that Dick Cheney does not bear any responsibility here?" Perhaps even more troubling is that the report does not say that the "enhanced interrogation techniques" were actually torture. We've questioned in the past why Senator Feinstein won't call torture "torture" and apparently that linguistic game continues in this report: However, the Senate report does not conclude that the CIA violated any domestic or international laws prohibiting the use of torture, contradicting Feinstein's public statements. People familiar with the document say the Senate didn't even use the word "torture" to describe the techniques to which detainees were subjected. In fact, Leopold claims that the report focuses on the "efficacy" of the torture program and doesn't even touch the questions of legality (or morality). The report also, apparently, skips over George Tenet's leadership in the CIA, but instead focuses a lot of Michael Hayden: The committee's executive summary, however, singles out Michael Hayden, who became CIA director in 2006 and is a staunch defender of the use of EITs. He is accused of lying to the panel during a briefing nearly a decade ago when he sought to revamp the CIA's interrogation program. People familiar with the executive summary said the committee obtained records about Hayden's briefings and carefully reviewed what he told committee members. The report concludes that the former CIA director erroneously told the committee that there were fewer than 100 detainees held captive by the CIA when in fact that number was higher. (The committee's full report says the CIA detained 119 men). Hayden is also criticized for telling the committee that the enhanced interrogation program was "humane." The committee's report concludes that Hayden misrepresented the scope of the program and was not being truthful. This probably explains why Hayden has been the most vocal and stringent critics of this report. He claimed that Feinstein was "too emotional" to judge the CIA's torture program, and also insisted that it was just a partisan attack. Still, Leopold's report also highlights how the CIA and its defenders are likely to hit back on the claims about the torture program not being effective. They're going to argue that the torture was the "bad cop" aspect of a "good cop/bad cop" scheme, and the useful information came out when the "good cop" was in the room, but wouldn't have happened without the "bad cop" (i.e., the torture). Retired Air Force psychologist James Mitchell, who has been credited with being the architect of the CIA's enhanced interrogation program — he's bound by a non-disclosure agreement he signed with the government and does not confirm, deny, or discuss his role in the program — said that his understanding of "the purpose of the enhanced interrogation program was to get the detainee to be willing to engage with a debriefer or a targeter who was asking a question, and that it wasn't designed so that you would ask questions about actionable intelligence… while the detainee was experiencing the enhanced interrogation program." In other words, Mitchell is saying the enhanced interrogation program was akin to a good cop, bad cop act. For example, a "bad cop" might use EITs on a detainee, then leave the room. A "good cop" might then enter the room and, without the use of any kind of force, get answers from the detainee, who had just been subjected to EITs. If the bad cop and good cop submit separate reports, it would appear on paper that the EITs were ineffective because the bad cop didn't get the answers — the good cop did. And the Senate would have used that intel in compiling its report. "If you could go in and read the individual pieces of intel that were written as a result of the debriefings and the interrogations, what would that look like in the database?" Mitchell says. "What that would look like is that all the actionable intelligence came from the good cop just like you would expect, and you wouldn't see a lot of actionable intelligence leading to things like capturing bin Laden coming from the enhanced interrogation program because it wasn't designed to do that." Still, from previous leaks, even that explanation seems questionable -- as it appears that much of the useful information came from people who weren't being tortured or before they were tortured, suggesting that argument is bunk. And, even if it were true, that doesn't magically make torture right in any way (legally or morally). Either way, all this speculation is getting ridiculous. The Senate should just release the damn report already.Permalink | Comments | Email This Story

Read More...
posted 20 days ago on techdirt
YouTube's infringement reporting system is -- like many others around the web -- fundamentally broken. Making bogus copyright claims is still an easy way to get channels shut down or to siphon ad revenue from existing videos. It can also be used as a censor -- a cheap and dirty way to shut up critics or remove compromising video. Apparently, Islamic extremists linked with Al-Qaeda have found another use for YouTube's mostly automated dispute process: low-effort doxxing. According to German news sites, a YouTube channel (Al Hayat TV) known for its criticism of Islam has had to send its listed contact person into hiding after bogus copyright claims filed by extremists led to the exposure of his personal information. On September 25th, someone using the name "First Crist, Copyright" filed bogus copyright complaints against Al Hayat TV. In order to prevent the channel from being shut down for multiple "strikes," Al Hayat TV was forced to file a counter notification. But in order to do so, the channel operators had to expose sensitive information. From the YouTube Help section on counter notifications: After we receive your counter notification, we will forward it to the party who submitted the original claim of copyright infringement. Please note that when we forward the notice, it will include your personal information. By submitting a counter notification, you consent to having your information revealed in this way. Some of the people behind the channel contacted YouTube and tried to explain the danger of releasing this personal information, especially considering a majority of its contributors operated anonymously for safety reasons. These pleas went unheeded, thanks to the automation of the copyright dispute process. Each request was greeted with pre-generated responses from YouTube support. Discussions with actual humans at YouTube only confirmed that the channel wouldn't be reinstated without following the counter notice procedure -- including handing over details on the channel's contact person. Unfortunately unaware of the fact that it could have used a legal representative to handle this, Al Hayat TV filed formal counter notices using one of its member's names. Shortly thereafter, it received threats from the supposed copyright holder warning the contact person to "watch your head" (a phrase basically understood to be a death threat in Arabic) and promising to spread this info across several extremist websites. The message also told the contact person to [paraphrased slightly] enjoy living in fear under police protection. The contact person has since gone into hiding. The quid pro quo of the copyright dispute process netted Al Hayat TV death threats and a completely bogus "First Crist, Copyright" contact person: Samuel George of 245 George Street in Sydney, Australia. Google Street View shows this address to be right in the middle of some prime downtown shopping. At this point, it would be beyond tedious to rehash the problems with these automated enforcement systems. But this story shows the system can be easily exploited to satisfy very twisted ends. YouTube's copyright dispute process is automated out of necessity. The fact that it instantly "sides" with the accuser contributes to the problem. Trying to sort out the legitimacy of copyright claims without chewing up thousands of man-hours would be a logistical nightmare and would quite possibly result in a system inferior to the irreversibly-broken one in place today. The unfortunate lesson to be drawn from this debacle is that those on the "inside" need to game the system as effectively as those on the "outside." If YouTube's going to treat copyright claims issued by "Crist" from the middle of the Establishment Bar in Sydney, Australia as wholly legitimate, Al Hayat TV should be shown the same disinterested "courtesy" and be allowed to issue a counter notices signed by an imaginary attorney residing at some random address. After all, if the dispute continues past this point, YouTube simply washes its hands of the entire situation and tells both parties to work it out themselves. Copyright isn't really the culprit here. It's the systems that have been developed in response to rights holders' complaints. They're too easily gamed and little to nothing in the way of deterrents. Unfortunately, unlike incidents where copyright enforcement has been clumsily deployed as a censor, there's no Streisand Effect equivalent for those who greet speech they don't like with threats and violence. Extremists like this simply don't care what others think of their irrational hatred and colossally stupid worldview. Permalink | Comments | Email This Story

Read More...
posted 20 days ago on techdirt
Over the last few years, Verizon has been ramping up its behavioral tracking efforts via programs like Verizon Selects and its Relevant Mobile Ad system, which track wireless and wireline subscriber web behavior to deliver tailored ads and sell your information to third parties. Unknown until a few weeks ago however was the fact that as part of this initiative, Verizon has started using what many are calling controversial "stealth," "super" or "perma" cookies that track a user's online behavior covertly, without users being able to disable them via browser settings. Lawyer and Stanford computer scientist Jonathan Mayer offered up an excellent analysis noting that Verizon was actively modifying its users' traffic to embed a unique identifier traffic header, or X-UIDH. This header is then read by marketing partners (or hey, anybody, since it's stamped on all of your traffic) who can then build a handy profile of you. It's a rather ham-fisted approach, argues Mayer, who notes that while you can opt-out of Verizon selling your data, you can't opt out of having your traffic embedded with the unique identifier. He also offered up a handy graphic detailing precisely how these headers work:As the story grew the last few weeks, ProPublica noted that Twitter's mobile advertising arm is already one of several clients using Verizon's "header enrichment" system, though Twitter didn't much want to talk about it. Several tools like this one have popped up since, allowing users to test their wireless connections (note it doesn't work if your cellular device is connected to Wi-Fi, and may be masked by the use of Google Mobile Chrome, Opera Mini, or if viewed through apps like Flipboard). Kashmir Hill at Forbes also has a great article exploring the ramifications of the system and asked Verizon and AT&T (who has started trials of a similar system) what consumer protections are in place. Both companies proclaimed that the characters in their headers are rotated on a weekly and daily basis to protect user information. But as we've noted time and time again, there's really no such thing as an anonymized data set, and security consultant Ken White argues that only part of the data in the headers is modified, if at all:"White has been tracked for the past 6 days across 550 miles with a persistent code from both Verizon and AT&T. He has a smartphone with Verizon service and a hotspot with AT&T service. In AT&T’s case, the code has four parts; only one part changes, he says. “It’s like if you were identified by a birth month, a birth year, a birth day, and a zip code, and they remove one of those things,” said White. You’d still be able to reasonably track that person with the other three. Verizon’s code meanwhile hasn’t changed for him, and it’s been almost a week."Amusingly, I remember back in 2008 when concerns about deep packet inspection and behavioral ads were heating up, Verizon declared there really wasn't any need for consumer protections or privacy rules governing such technologies, because, the company claimed, public shame and the oodles of competition in the broadband space would somehow keep them honest:"A couple of years back during the debate on net neutrality, I made the argument that industry leadership through some form of oversight/self-regulatory model, coupled with competition and the extensive oversight provided by literally hundreds of thousands of sophisticated online users would help ensure effective enforcement of good practices and protect consumers."Yet here we have an example where the behavior Verizon was engaged in was so surreptitious, even some of the best networking and security experts in the business didn't notice Verizon was doing it until two years after the effort was launched. Apparently, holding Verizon accountable is going to take a little more than a public scolding in the town square. The EFF has stated they've already filed a formal complaint with the FCC, and they're taking a look at possible legal action against Verizon for violating consumer privacy law.Permalink | Comments | Email This Story

Read More...
posted 20 days ago on techdirt
The Russian government's efforts to carve out its own internet continue. It's never been shy about its interest in accessing (and censoring) internet users' activity and data, what with its required registration for bloggers, demands for US-based companies to hand over user data and threats to block content stored on foreign servers -- and that's just since the beginning of this year. A law outlawing the use of offshore servers to store Russian internet users' data and content goes into effect at the beginning of 2015. That means popular products like Apple's iPhone and iPad will all be technically violating Russian law with their automatic iCloud syncing. This legislation can be partially blamed on the actions of Russia's most famous guest. As the adoptive home of Edward Snowden, Russia is all too aware that many of its citizens' communications are stored on servers owned by the scary giants of Silicon Valley. Ultimately, the Kremlin is likely to be worried that cloud services offer the NSA a way to snoop on Russian citizens, state apparatchiks and perhaps even high ranking politicians. The Russian government isn't that concerned about its citizens being spied on by foreign agencies. It probably just hates the competition. But even acts of unbridled self-interest (state apparatchiks, high ranking politicians) occasionally result in net gains for the otherwise ignored public. This ban will affect all US tech companies, but local coverage seems to imply that iPhone users will be the first to feel the results. The law effectively bans Apple's products unless it switches iCloud services off for Russian users or decides to rent some space on local servers. This is more Russian government control wearing the outward trappings of NSA backlash. As The Register notes, earlier this year the Russian government demanded Apple and SAP turn over source code, presumably to check it over for surveillance backdoors. Other countries have announced their intention to purchase network technology and services from non-US companies in the wake of Snowden's revelations, but much of the noise was there to deflect attention away from their own domestic surveillance programs. But in Russia's case, its surveillance/control desires lay much closer to the surface, if not out in the open completely. This law doesn't look much like NSA backlash. It looks like a convenient excuse for government expansion. Permalink | Comments | Email This Story

Read More...
posted 20 days ago on techdirt
While there has been some progress towards a restoration of the nation's Fourth Amendment rights, there have also been several steps back. A lot of this seems to be tied to a judicial reluctance to side with criminals. These Fourth Amendment issues generally boil down to law enforcement v. bad guys, usually delivered without nuance. Earlier this year, the 11th Circuit Court of Appeals found that tracking suspects using phone location info required a warrant. This wasn't a general ruling, however, and it was limited to several specifics in this case. The court found that cell phone location info carried an expectation of privacy despite also being a "business record" -- something that is normally stripped of privacy expectations thanks to the Third Party Doctrine. But here's where the decision ultimately falls apart. The Appeals Court arrived at a different conclusion, but refused to overturn the lower court's decision because it felt the lower court had "acted in good faith." Warrant requirements are now in place in the circuit court's jurisdiction, but the plaintiff was ultimately unable to have the illegally-gathered evidence thrown out. Similarly, the Third Circuit Court of Appeals found last year that warrantless GPS tracking was a violation of the Fourth Amendment. Again, this decision tiptoed around other similar cases and reached a rather narrow conclusion. This was immediately appealed by the government, which asked for an en banc hearing. The en banc hearing returned this decision October 1st: The Third Circuit Court of Appeals ruled today that evidence derived from warrantless use of a GPS tracking device can be used in court, even though law enforcement's failure to get a warrant before attaching the device to a car may have violated the Fourth Amendment. The 8-5 decision in this case, U.S. v. Katzin, applies an expansive interpretation of the so-called "good-faith exception" to the Fourth Amendment's exclusionary rule, holding that officers reasonably relied on decades-old cases dealing with primitive "beeper" tracking technology in concluding that no warrant was required for sophisticated GPS tracking. Once again, the court found that the search was in violation of the Fourth Amendment, but "good faith" nullified the remedy of excluding the illegally-obtained evidence. The court also vacated the earlier ruling that instituted a warrant requirement for GPS tracking. Nathan Freed Wessler, staff attorney for the ACLU, has a long piece at Slate describing how these decisions have turned the "good faith exception" into the rule. Under the “exclusionary rule,” when police engage in an illegal search, prosecutors can’t use the results. This penalty incentivizes police to abide by the Constitution and provides relief to victims of government misconduct. Indeed, as the Supreme Court explained a century ago, without the exclusionary rule the Fourth Amendment would be “of no value” and “might as well be stricken from the Constitution.” But in a series of decisions starting in 1984, the Supreme Court has retreated from this vital protection of our rights. The justices first held that if police were relying in good faith on a judicially issued warrant authorizing a particular search, the resulting evidence couldn’t be suppressed even if the search was later held to be unconstitutional. The court has since expanded this good-faith exception to cover police reliance on other forms of explicit authorization, including statutes later held to be unconstitutional and binding court rulings that are later reversed. Basically, the Supreme Court's new view is that the exclusionary rule is no longer a remedy, but a deterrent. The rule isn't there to ensure redress for those whose rights have been violated. It's there to steer law enforcement away from actions that would violate citizens' rights. But this doesn't work, and the main reason it doesn't work is the "good faith exception." The cumulative effect has been to turn the "good faith exception" into a blank check for Fourth Amendment violations. The exception gives all but the most egregious violations a pass, a fact recognized by the dissenting opinion in the Third Circuit hearing. "[T]his approach … expands the good faith exception to the point of eviscerating the exclusionary rule altogether by failing to provide any cognizable limiting principle. Now, law enforcement shall be further emboldened knowing that the good faith exception will extricate officers from nearly any evidentiary conundrum.” Those with valid Fourth Amendment complaints will find the courts nearly useless when seeking redress. Combined with the immunity routinely granted to law enforcement in civil cases, those whose rights are violated are left to hope for long-delayed settlements post-incarceration, rather than avail themselves of their rights when on trial for criminal charges -- the point where the exclusionary rule would be of most use. The good faith exception has swallowed the exclusionary rule and these compounding decisions allow law enforcement to predicate their defenses on uncertainty (even though the accused are never extended the courtesy of an "ignorance of the law" defense) and hide behind immunity while courts continue to defer to the judgement of John Q. Officer. Scott Greenfield, questioning decisions relating to both the exclusionary rule and the (always expanding) good faith exception, had this to say about the intertwined issues back in 2010: [T]he name “good faith exception” is problematic both from an application perspective as well as political perspective. It attributes a positive characteristic to the cops (good faith) making the idea of punishing them for it seem improper, if not downright disingenuous. Moreover, if the purpose of the exclusionary rule is limited to those situations where it serves only a deterrent purpose, and at the time of the search and seizure the cop’s conduct conforms with existing law, why would the law seek to deter compliance with precedent? The courts have painted themselves into a corner, with the ample assistance of government prosecutors more than willing to portray any minimal nod to the Fourth Amendment as something that allows criminals to elude justice. Even the language deployed plays into law enforcement's hands. The complications arising from technological advances have muddied the waters a bit, at least in terms of where Fourth Amendment protections begin and end. To prosecutors, these protections haven't changed at all. They're still almost nonexistent. Technology presents new challenges to law enforcement and these are greeted almost exclusively with pleas for further exceptions, as though they should also be immunized from keeping pace with the world itself. And, for the most part, they've been obliged by the judicial system. When the exception swallows the rule, the Fourth Amendment becomes nothing more than a bit of aspirational fluff cranked out by hotheaded revolutionaries nearly 250 years ago. At best, it's a hassle. At worst, it's clearly unsuited to handle the nuances of today's technology. That's the prevailing government viewpoint. Our rights are eroding, and the most corrosive force has been those sworn to uphold the nation's laws and protect its citizens' liberties.Permalink | Comments | Email This Story

Read More...