posted 29 days ago on techdirt
It seems like common sense. The person legally responsible for defamatory statements is the person making the defamatory statements. But since pursuing that person often seems too difficult, legislators, courts, and disingenuous plaintiffs have engaged in mental/litigious gymnastics in hopes of finding third parties responsible for the statements of others. We've seen a long list of lawsuits filed against service providers in response to defamatory content hosted on their platforms. We've seen courts -- mostly outside of the US -- convert third-party platforms into "publishers" for the sake of delisting/content removal court orders. We've seen numerous attempts to avoid Section 230 defenses by recrafting defamation lawsuits as trademark infringement litigation. We've even seen some bad lawmaking, attempting to strip away protections for service providers to make it easier to hold them responsible for the actions of others. The European Court of Human Rights is in the middle of another attempt to hold third parties responsible for the allegedly-defamatory statements of others. The applicant in the case before the Court, Aleksey Navalnyy, is a prominent Russian political activist and opposition leader who sought to highlight the corruption that Mr Magnitsky had exposed. With this in mind, he posted a link on his LiveJournal blog to a YouTube video reporting on the 5.4 billion RUB tax refund. A Russian court held that the video was defamatory of an individual referred to in the report. The court found Navalnyy liable for statements that were made in the video as if they were his own, and ordered him to pay 100,000 RUB (approximately 1,400 GBP) in damages to the individual. European courts and politicians have made efforts before to find those posting links to certain content just as liable as those who uploaded it. Previous attempts have mostly been related to copyright infringement, but this case isn't an anomaly in terms of holding one person responsible for someone else's statements. The briefing [PDF], composed by a number of internet free speech activists, including the EFF, Access Now, and the Media Law Resource Centre, points to a number of precedential decisions from all over the world that make it clear the original defamer is the only one who should be found culpable for defamatory statements. To do otherwise is to threaten the basic operating principles of the internet, and the public discourse it facilitates. Given the ubiquitous operation of hyperlinking on the Internet, it is an impermissible interference with Article 10 for the use of hyperlinks to be capable of giving rise to liability in defamation; Given the dynamic nature of the content on the Internet to which hyperlinks may provide access (but over which the poster of the hyperlink is unlikely to have control), attaching liability in defamation to the provision of hyperlinks risks a particularly pronounced chilling effect on freedom of expression in violation of Article 10 It also points out the court shouldn't hold bloggers to a higher standard than journalists by robbing them of the protections afforded to traditional press agencies. Defences that are available in law to the traditional media should also be made available to bloggers and online news sites – the formal designation of persons should be immaterial for the purposes of Article 10 rights in this context. If the ruling is upheld, linking to other sources will dry up, both in traditional media and blogging. To link to statements of others would be to assume culpability for those persons' statements. Information would cease to flow as journalists and bloggers erect protective silos of info, generated from single sources. This end result would make those journalists and bloggers appear less trustworthy, as they would be unlikely to link to supporting statements and evidence if there's even a small possibility those sources might become a subject of litigation in the future. Then there's the very real issue of content control: those linking to others can't prevent alteration of the content they're linking to, which may change drastically in tone and substance without the linker ever being made aware of the alterations. Just ask anyone who's hotlinked an image, only to find it replaced with something embarrassing/hideous/both in response to the inconsiderate usage of someone else's bandwidth. Linking to other sources allows readers to gather more information and come to their own conclusions. Eliminating this makes information dissemination worse and further solidifies existing echo chambers. It's a bad thing for the internet and would result in less informed users. Permalink | Comments | Email This Story

Read More...
posted 30 days ago on techdirt
This isn't a huge surprise, but unfortunately, today -- after a mostly ridiculous "debate" on the House floor full of claptrap and bullshit about how important copyright is to "protecting jobs" (despite this bill having nothing to do with any of that) -- the House voted 378 to 48 to approve a bill that makes the head of the Copyright Office, the Copyright Register, a Presidential appointment rather than an appointment by the Library of Congress, as it's been throughout the entire history of the Copyright Office. As we pointed out just yesterday, Congress appears to be rushing this through for no clear reason. It held no hearings on the issue (other than the fact that the current Librarian of Congress, Carla Hayden, was getting ready to appoint her own Copyright Register). Again, every reason given by supporters of this bill doesn't hold up to any scrutiny. They claimed, falsely, that copyright creates 5 million jobs (one Rep -- Tony Cardenas -- even claimed that the Copyright Register "oversees" those jobs). But this is not true. They claimed that the Copyright Office needs to be modernized -- which is true. But Carla Hayden has already commenced a massive modernization project, which this bill will stop dead in its tracks. They claimed that this would provide "greater oversight" over how the Copyright Office is run, but that's not even remotely true. The bill actually takes away the oversight from the Librarian of Congress... and gives it to no one other than the President, who isn't likely to be paying much attention to what's happening at the Copyright Office. This bill serves no purpose other than to take power away from the Librarian of Congress and give it to powerful lobbyists who will have a major say in who runs the Copyright Office. The bill will now move to the Senate where it is also likely to get an easy approval, and no doubt the President will sign the bill (which gives him more power, even if he's shown little sign of actually appointing people to the nearly 500 open positions which this will add to). It's a bad bill, and it's a gift to Hollywood, even as it will harm the actual content creators who will have to wait even longer for the office to actually be modernized. Permalink | Comments | Email This Story

Read More...
posted 30 days ago on techdirt
As we mentioned recently, today is "World Intellectual Property Day," an event put together by the World Intellectual Property Organization (WIPO) to promote ever greater protectionism and mercantilism in favor of copyright holders and patent holders, while ignoring any impact on the public of those things. It's a fairly disgusting distortion of the claimed intent of intellectual property, which is often promoted for the claimed benefits it brings to the public, but extreme supporters, such as WIPO, are never willing to actually weigh out the pros and cons of copyrights and patents, and how over-protection and over-enforcement can cause serious problems for the public, innovators and creators. I wasn't sure if I was going to write anything specifically about World IP Day, but Brandon Butler, the Director of Information Policy at the UVA Library put up an excellent suggestion on Twitter, that we should use "World IP Day" to re-read what Lord Thomas Macauley said in the UK Parliament back in 1841 when they were discussing copyright term expansion. We've pointed to it and quoted from it at length many times over the years, but even now, 176 years later, it still remains one of the best statements on how over-monopolizing ideas creates real harms. It's a part of the lesson that supporters of copyright and patents either ignore or wish to hide. So we will post it here in its entirety (after all, it's in the public domain): Thomas Babington Macaulay First Speech to the House of Commons on Copyright February 5, 1841 It is painful to me to take a course which may possibly be misunderstood or misrepresented as unfriendly to the interests of literature and literary men. It is painful to me, I will add, to oppose my honorable and learned friend on a question which he has taken up from the purest motives, and which he regards with a parental interest. These feelings have hitherto kept me silent when the law of copyright has been under discussion. But as I am, on full consideration, satisfied that the measure before us will, if adopted, inflict grievous injury on the public, without conferring any compensating advantage on men of letters, I think it my duty to avow that opinion and to defend it. The first thing to be done. Sir, is to settle on what principles the question is to be argued. Are we free to legislate for the public good, or are we not? Is this a question of expediency, or is it a question of right? Many of those who have written and petitioned against the existing state of things treat the question as one of right. The law of nature, according to them, gives to every man a sacred and indefeasible property in his own ideas, in the fruits of his own reason and imagination. The legislature has indeed the power to take away this property, just as it has the power to pass an act of attainder for cutting off an innocent man’s head without a trial. But, as such an act of attainder would be legal murder, so would an act invading the right of an author to his copy be, according to these gentlemen, legal robbery. Now, Sir, if this be so, let justice be done, cost what it may. I am not prepared, like my honorable and learned friend, to agree to a compromise between right and expediency, and to commit an injustice for the public convenience. But I must say, that his theory soars far beyond the reach of my faculties. It is not necessary to go, on the present occasion, into a metaphysical inquiry about the origin of the right of property; and certainly nothing but the strongest necessity would lead me to discuss a subject so likely to be distasteful to the House. I agree, I own, with Paley in thinking that property is the creature of the law, and that the law which creates property can be defended only on this ground, that it is a law beneficial to mankind. But it is unnecessary to debate that point. For, even if I believed in a natural right of property, independent of utility and anterior to legislation, I should still deny that this right could survive the original proprietor. . . . Surely, Sir, even those who hold that there is a natural right of property must admit that rules prescribing the manner in which the effects of deceased persons shall be distributed are purely arbitrary, and originate altogether in the will of the legislature. If so. Sir, there is no controversy between my honorable and learned friend and myself as to the principles on which this question is to be argued. For the existing law gives an author copyright during his natural life; nor do I propose to invade that privilege, which I should, on the contrary, be prepared to defend strenuously against any assailant. The only point in issue between us is, how long after an author’s death the state shall recognize a copyright in his representatives and assigns; and it can, I think, hardly be disputed by any rational man that this is a point which the legislature is free to determine in the way which may appear to be most conducive to the general good. We may now, therefore, I think, descend from these high regions, where we are in danger of being lost in the clouds, to firm ground and clear light. Let us look at this question like legislators, and after fairly balancing conveniences and inconveniences, pronounce between the existing law of copyright, and the law now proposed to us. The question of copyright. Sir, like most questions of civil prudence, is neither black nor white, but gray. The system of copyright has great advantages and great disadvantages; and it is our business to ascertain what these are, and then to make an arrangement under which the advantages may be as far as possible secured, and the disadvantages as far as possible excluded. The charge which I bring against my honorable and learned friend’s bill is this, that it leaves the advantages nearly what they are at present, and increases the disadvantages at least fourfold. The advantages arising from a system of copyright are obvious. It is desirable that we should have a supply of good books; we cannot have such a supply unless men of letters are liberally remunerated: and the least objectionable way of remunerating them is by means of copyright. You cannot depend for literary instruction and amusement on the leisure of men occupied in the pursuits of active life. Such men may occasionally produce compositions of great merit. But you must not look to such men for works which require deep meditation and long research. Works of that kind you can expect only from persons who make literature the business of their lives. Of these persons few will be found among the rich and the noble. The rich and the noble are not impelled to intellectual exertion by necessity. They may be impelled to intellectual exertion by the desire of distinguishing themselves, or by the desire of benefiting the community. But it is generally within these walls that they seek to signalize themselves and to serve their fellow-creatures. Both their ambition and their public spirit, in a country like this, naturally take a political turn. It is then on men whose profession is literature, and whose private means are not ample, that you must rely for a supply of valuable books. Such men must be remunerated for their literary labor. And there are only two ways in which they can be remunerated. One of those ways is patronage; the other is copyright. There have been times in which men of letters looked, not to the public, but to the government, or to a few great men, for the reward of their exertions. It was thus in the time of Maecenas and Pollio at Rome, of the Medici at Florence, of Louis the Fourteenth in France, of Lord Halifax and Lord Oxford in this country. Now, Sir, I well know that there are cases in which it is fit and graceful, nay, in which it is a sacred duty to reward the merits or to relieve the distresses of men of genius by the exercise of this species of liberality. But these cases are exceptions. I can conceive no system more fatal to the integrity and independence of literary men than one under which they should be taught to look for their daily bread to the favor of ministers and nobles. I can conceive no system more certain to turn those minds which are formed by nature to be the blessings and ornaments of our species into public scandals and pests. We have, then, only one resource left. We must betake ourselves to copyright, be the inconveniences of copyright what they may. Those in­con­ve­ni­ences, in truth, are neither few nor small. Copyright is monopoly, and produces all the effects which the general voice of mankind attributes to monopoly. My honorable and learned friend talks very contemptuously of those who are led away by the theory that monopoly makes things dear. That monopoly makes things dear is certainly a theory, as all the great truths which have been established by the experience of all ages and nations, and which are taken for granted in all reasonings, may be said to be theories. It is a theory in the same sense in which it is a theory that day and night follow each other, that lead is heavier than water, that bread nourishes, that arsenic poisons, that alcohol intoxicates. If, as my honorable and learned friend seems to think, the whole world is in the wrong on this point, if the real effect of monopoly is to make articles good and cheap, why does he stop short in his career of change? Why does he limit the operation of so salutary a principle to sixty years? Why does he consent to anything short of a perpetuity? He told us that in consenting to anything short of a perpetuity he was making a compromise between extreme right and expediency. But if his opinion about monopoly be correct, extreme right and expediency would coincide. Or rather, why should we not restore the monopoly of the East India trade to the East India Company? Why should we not revive all those old monopolies which, in Elizabeth’s reign, galled our fathers so severely that, maddened by intolerable wrong, they opposed to their sovereign a resistance before which her haughty spirit quailed for the first and for the last time? Was it the cheapness and excellence of commodities that then so violently stirred the indignation of the English people? I believe. Sir, that I may safely take it for granted that the effect of monopoly generally is to make articles scarce, to make them dear, and to make them bad. And I may with equal safety challenge my honorable friend to find out any distinction between copyright and other privileges of the same kind; any reason why a monopoly of books should produce an effect directly the reverse of that which was produced by the East India Company’s monopoly of tea, or by Lord Essex’s monopoly of sweet wines. Thus, then, stands the case. It is good that authors should be remunerated; and the least exceptionable way of remunerating them is by a monopoly. Yet monopoly is an evil. For the sake of the good we must submit to the evil; but the evil ought not to last a day longer than is necessary for the purpose of securing the good. Now, I will not affirm that the existing law is perfect, that it exactly hits the point at which the monopoly ought to cease; but this I confidently say, that the existing law is very much nearer that point than the law proposed by my honorable and learned friend. For consider this; the evil effects of the monopoly are proportioned to the length of its duration. But the good effects for the sake of which we bear with the evil effects are by no means proportioned to the length of its duration. A monopoly of sixty years produces twice as much evil as a monopoly of thirty years, and thrice as much evil as a monopoly of twenty years. But it is by no means the fact that a posthumous monopoly of sixty years gives to an author thrice as much pleasure and thrice as strong a motive as a posthumous monopoly of twenty years. On the contrary, the difference is so small as to be hardly perceptible. We all know how faintly we are affected by the prospect of very distant advantages, even when they are advantages which we may reasonably hope that we shall ourselves enjoy. But an advantage that is to be enjoyed more than half a century after we are dead, by somebody, we know not by whom, perhaps by somebody unborn, by somebody utterly unconnected with us, is really no motive at all to action. It is very probable that in the course of some generations land in the unexplored and unmapped heart of the Australasian continent will be very valuable. But there is none of us who would lay down five pounds for a whole province in the heart of the Australasian continent. We know, that neither we, nor anybody for whom we care, will ever receive a farthing of rent from such a province. And a man is very little moved by the thought that in the year 2000 or 2100, somebody who claims through him will employ more shepherds than Prince Esterhazy, and will have the finest house and gallery of pictures at Victoria or Sydney. Now, this is the sort of boon which my honorable and learned friend holds out to authors. Considered as a boon to them, it is a mere nullity; but considered as an impost on the public, it is no nullity, but a very serious and pernicious reality. The principle of copyright is this. It is a tax on readers for the purpose of giving a bounty to writers. The tax is an exceedingly bad one; it is a tax on one of the most innocent and most salutary of human pleasures; and never let us forget, that a tax on innocent pleasures is a premium on vicious pleasures. I admit, however, the necessity of giving a bounty to genius and learning. In order to give such a bounty, I willingly submit even to this severe and burdensome tax. Nay, I am ready to increase the tax, if it can be shown that by so doing I should proportionally increase the bounty. My complaint is, that my honorable and learned friend doubles, triples, quadruples, the tax, and makes scarcely any perceptible addition to the bounty. Why, Sir, what is the additional amount of taxation which would have been levied on the public for Dr. Johnson’s works alone, if my honorable and learned friend’s bill had been the law of the land? I have not data sufficient to form an opinion. But I am confident that the taxation on his dictionary alone would have amounted to many thousands of pounds. In reckoning the whole additional sum which the holders of his copyrights would have taken out of the pockets of the public during the last half century at twenty thousand pounds, I feel satisfied that I very greatly underrate it. Now, I again say that I think it but fair that we should pay twenty thousand pounds in consideration of twenty thousand pounds’ worth of pleasure and encouragement received by Dr. Johnson. But I think it very hard that we should pay twenty thousand pounds for what he would not have valued at five shillings. But this is not all. I think it right, Sir, to call the attention of the House to an evil, which is perhaps more to be apprehended when an author’s copyright remains in the hands of his family, than when it is transferred to booksellers. I seriously fear that, if such a measure as this should be adopted, many valuable works will be either totally suppressed or grievously mutilated. I can prove that this danger is not chimerical; and I am quite certain that, if the danger be real, the safeguards which my honorable and learned friend has devised are altogether nugatory. That the danger is not chimerical may easily be shown. Most of us, I am sure, have known persons who, very erroneously as I think, but from the best motives, would not choose to reprint Fielding’s novels or Gibbon’s “History of the Decline and Fall of the Roman Empire.” Some gentlemen may perhaps be of opinion that it would be as well if “Tom Jones” and Gibbon’s “History” were never reprinted. I will not, then, dwell on these or similar cases. I will take cases respecting which it is not likely that there will be any difference of opinion here; cases, too, in which the danger of which I now speak is not matter of supposition, but matter of fact. Take Richardson’s novels. Whatever I may, on the present occasion, think of my honorable and learned friend’s judgment as a legislator, I must always respect his judgment as a critic. He will, I am sure, say that Richardson’s novels are among the most valuable, among the most original, works in our language. No writings have done more to raise the fame of English genius in foreign countries. No writings are more deeply pathetic. No writings, those of Shakespeare excepted, show more profound knowledge of the human heart. . . . Sir, it is my firm belief, that if the law had been what my honorable and learned friend proposes to make it, they would have been suppressed. I remember Richardson’s grandson well; he was a clergyman in the city of London; he was a most upright and excellent man; but he had conceived a strong prejudice against works of fiction. He thought all novel-reading not only frivolous but sinful. He said,—this I state on the authority of one of his clerical brethren who is now a bishop,—he said that he had never thought it right to read one of his grandfather’s books. Suppose, Sir, that the law had been what my honorable and learned friend would make it. Suppose that the copyright of Richardson’s novels had descended, as might well have been the case, to this gentleman. I firmly believe that he would have thought it sinful to give them a wide circulation. I firmly believe that he would not for a hundred thousand pounds have deliberately done what he thought sinful. He would not have reprinted them. And what protection does my honorable and learned friend give to the public in such a case? Why, Sir, what he proposes is this: if a book is not reprinted during five years, any person who wishes to reprint it may give notice in the London Gazette: the advertisement must be repeated three times: a year must elapse; and then, if the proprietor of the copyright does not put forth a new edition, he loses his exclusive privilege. Now, what protection is this to the public? What is a new edition? Does the law define the number of copies that make an edition? Does it limit the price of a copy? Are twelve copies on large paper, charged at thirty guineas each, an edition? It has been usual, when monopolies have been granted, to prescribe numbers and to limit prices. But I do not find that my honorable and learned friend proposes to do so in the present case. And, without some such provision, the security which he offers is manifestly illusory. It is my conviction that, under such a system as that which he recommends to us, a copy of “Clarissa” would have been as rare as an Aldus or a Caxton. I will give another instance. One of the most instructive, interesting, and delightful books in our language is Boswell’s “Life of Johnson.’’ Now it is well known that Boswell’s eldest son considered this book, considered the whole relation of Boswell to Johnson, as a blot in the escutcheon of the family. He thought, not perhaps altogether without reason, that his father had exhibited himself in a ludicrous and degrading light. And thus he became so sore and irritable that at last he could not bear to hear the “Life of Johnson’’ mentioned. Suppose that the law had been what my honorable and learned friend wishes to make it. Suppose that the copyright of Boswells “Life of Johnson” had belonged, as it well might, during sixty years, to Boswell’s eldest son. What would have been the consequence? An unadulterated copy of the finest biographical work in the world would have been as scarce as the first edition of Camden’s “Britannia.” ... Sir, of the kindness with which the House has listened to me, that I will not detain you longer. I will only say this, that if the measure before us should pass, and should produce one tenth part of the evil which it is calculated to produce, and which I fully expect it to produce, there will soon be a remedy, though of a very objectionable kind. Just as the absurd Acts which prohibited the sale of game were virtually repealed by the poacher, just as many absurd revenue Acts have been virtually repealed by the smuggler, so will this law be virtually repealed by piratical booksellers. At present the holder of copyright has the public feeling on his side. Those who invade copyright are regarded as knaves who take the bread out of the mouths of deserving men. Everybody is well pleased to see them restrained by the law, and compelled to refund their ill-gotten gains. No tradesman of good repute will have anything to do with such disgraceful transactions. Pass this law: and that feeling is at an end. Men very different from the present race of piratical booksellers will soon infringe this intolerable monopoly. Great masses of capital will be constantly employed in the violation of the law. Every art will be employed to evade legal pursuit; and the whole nation will be in the plot. On which side indeed should the public sympathy be when the question is whether some book as popular as “Robinson Crusoe” or the “Pilgrim’s Progress” shall be in every cottage, or whether it shall be confined to the libraries of the rich for the advantage of the great-grandson of a bookseller who, a hundred years before, drove a hard bargain for the copyright with the author when in great distress? Remember too that, when once it ceases to be considered as wrong and discreditable to invade literary property, no person can say where the invasion will stop. The public seldom makes nice distinctions. The wholesome copyright which now exists will share in the disgrace and danger of the new copyright which you are about to create. And you will find that, in attempting to impose unreasonable restraints on the reprinting of the works of the dead, you have, to a great extent, annulled those restraints which now prevent men from pillaging and defrauding the living. Permalink | Comments | Email This Story

Read More...
posted 30 days ago on techdirt
FCC boss Ajit Pai has made no secret of his disdain for net neutrality. Or, for that matter, his general disregard for the consumer-protection authority granted the agency he's supposed to be in charge of. Pai had already stated his "solution" -- to his perceived injustice that is net neutrality -- is to replace the government's existing, hard net neutrality rules -- with "voluntary commitments" by the likes of AT&T, Comcast and Verizon. From there, he hopes to leave any remaining regulatory enforcement to the under-funded and over-extended FTC (we've explained why this is a notably bad idea here). Pai clarified his plans a little during a speech today in Washington, DC at an event hosted by FreedomWorks (which, not coincidentally, takes funding from the giant ISPs Pai is clearly eager to help). According to Pai, the FCC will issue a Notice of Proposed Rule Making tomorrow to begin the process of rolling back Title II and killing net neutrality. The FCC will then vote on the proposal on May 18, according to the agency head. That means a full public comment period (that's where you come in) ahead of a broader vote to kill the rules later this year. Pai's full speech (pdf) was packed with conflations, half-truths, and statements that have been repeatedly, painstakingly debunked over the course of the last decade. Among them being the ongoing claim that net neutrality rules weren't necessary -- because incumbent ISPs had done nothing wrong: "Nothing about the Internet was broken in 2015. Nothing about the law had changed. And there wasn’t a rash of Internet service providers blocking customers from accessing the content, applications, or services of their choice. Pai apparently "forgot" the time that AT&T intentionally blocked iPhone users from using Facetime unless they signed up for significantly more expensive mobile data plans. Or that time MetroPCS blocked all access to video on its introductory plans to drive users to costlier plans if they wanted the "full internet experience." Or that time a small ISP named Madison River decided to block a competing VoIP provider. Or that time AT&T, Verizon, and T-Mobile blocked their users from using Google Wallet to help prop up their own mobile payment services. Or the longstanding allegations that Comcast, Verizon, AT&T and others intentionally let their peering points get congested to kill settlement-free peering and force content and transit providers to pay an additional toll. The idea that net neutrality rules are arbitrary and unnecessary is a joke, and if you still don't believe consumers and startups need some kind of regulatory protection from giant (and ever-growing) broadband duopolists like Comcast, the joke's on you. And it's notably unfunny. Pai, like most of the ISP allies in favor of gutting the rules, simply refuse to be proven wrong -- no matter what the actual data shows. For years now Pai has cited broadband industry-funded studies that try to claim that net neutrality rules severely hampered broadband investment, despite zero objective evidence that's actually the case. But this being the post-truth era, Pai was quick to trot out the "Title II and neutrality killed investment" canard to the crowd of largely lobbyists, think tankers and other loyal ISP allies: "So what happened after the Commission adopted Title II? Sure enough, infrastructure investment declined. Among our nation’s 12 largest Internet service providers, domestic broadband capital expenditures decreased by 5.6% percent, or $3.6 billion, between 2014 and 2016, the first two years of the Title II era. This decline is extremely unusual. It is the first time that such investment has declined outside of a recession in the Internet era." It never happened. What did happen: some telecom industry-funded think tanks cherry picked data to make it appear that investment had foundered, then repeated the fabrication they'd created, apparently believing that repetition forges truth. But if you spoke privately to most ISPs, they'd be tell you they saw no investment reduction under Title II. ISPs don't oppose net neutrality and Title II because it makes investing harder; they oppose Title II and net neutrality because it prevents them from abusing the uncompetitive shitshow that is the broadband last mile. What's abundantly clear here is that net neutrality opponents have zero problem with lying to achieve one, singular goal: maximizing the income of large broadband providers to the detriment of consumers, competition, startups and the health of the internet. And Pai poured it on exceptionally thick during his speech at Freedomworks, claiming that gutting oversight of some of the most anti-competitive and least liked companies in America will somehow magically improve broadband competition, create jobs, expand internet access, and more: "Without the overhang of heavy-handed regulation, companies will spend more building next-generation networks. As those networks expand, many more Americans, especially low-income rural and urban Americans, will get high-speed Internet access for the first time. And more Americans generally will benefit from faster and better broadband. Second, it will create jobs. More Americans will go to work building these networks. These are good-paying jobs, laying fiber, digging trenches, and connecting equipment to utility poles. And established businesses and startup entrepreneurs alike will take advantage of the networks that they build to create even more jobs. Doesn't that sound lovely? Except it's not happening. If the claim that Title II and net neutrality stifled investment was bullshit, the narrative that removing these regulations magically creates jobs and competition is just as fantastical. If anything, turning a blind eye to duopolists like Comcast and Verizon as they abuse the lack of broadband competition to make life harder on streaming competitors (something they're already doing) will have the opposite impact on existing and emerging internet markets to come. And if protecting ISP revenues is the top priority (and let's not fool ourselves that it isn't), actually fixing the industry's competitive shortcomings will never be on Pai's radar. The problem Pai faces now is two-fold. One, net neutrality has broad, incredible bi-partisan support, and those consumers are certain to give him an ear-full during the public comment period that will begin after the May 18 vote. If Pai isn't familiar with the concept of backlash and over-reach, he may want to bone up on some history. Pai will also need to show to the courts that the market has changed dramatically enough since the FCC's June 2016 win over ISPs to justify a massive reversal of the rules. If he can't, his entire effort will be struck down. That's why I personally still think Pai's playing a game of good cop, bad cop. Under this plan, Pai saber rattles for a few months about his intent to kill net neutrality, at which point the GOP shows up with some "compromise" legislation (likely this summer) that claims to codify net neutrality into law, but is worded in such a way (by the ISP lawyers that will inevitably write said legislation) so the "solution" is worse than no rules at all. If I were to guess, the legislation will come from Senator John Thune, who attempted to derail the 2015 net neutrality rules using a similar strategy. It seems likely that neutrality opponent hubris could easily backfire. After all, every time ISPs have tried to kill net neutrality, the end result has been more stringent protections (as we saw when Verizon sued to overturn the FCC's flimsy 2010 rules, only to get...tougher rules). That said, this fight still may be harder than previous battles. With Google and Netflix likely to be less active this go round (they're large enough now they apparently believe they no longer feel they need to worry,) the onus is going to be on grass root activists, debate-fatigued consumers and startups to carry the brunt of the load this time around. Permalink | Comments | Email This Story

Read More...
posted 30 days ago on techdirt
Being transparent about what private consumer data is being collected and sold appears to be a hard lesson for hardware vendors to learn. Earlier this month, Bose was hit with a new lawsuit (pdf) accusing it of collecting and selling personal subscriber usage data of the company's $350 QC 35 noise-canceling headphones. More specifically, the lawsuit claims that the Bose Connect smartphone companion app is collecting user preferences when it comes to "music, radio broadcast, Podcast, and lecture choices" -- and then monetizing that data without making it clear to the end user: Unbeknownst to its customers, however, Defendant designed Bose Connect to (i) collect and record the titles of the music and audio files its customers choose to play through their Bose wireless products and (ii) transmit such data along with other personal identifiers to third-parties—including a data miner—without its customers’ knowledge or consent...Though the data collected from its customers’ smartphones is undoubtedly valuable to the company, Defendant’s conduct demonstrates a wholesale disregard for consumer privacy rights and violates numerous state and federal laws. To be clear, the complaint, filed last week by Bose customer Kyle Zak in federal court in Chicago, seems more than a little thin. The suit appears to piggyback on growing concern about the wave of internet of things devices (from televisions to smart dildos) that increasingly use internet connectivity to hoover up as much as possible about consumers. Often, this data is collected and transferred unencrypted to the cloud, then disseminated to any number of partner companies without adequate disclosure. That said, while Bose marketing insists users need the app to "get the most out of your headphones" and get the "latest features" for their headphones, in this instance, users can avoid data collection by simply not using the Bose companion app. And while Bose only appears to be collecting metadata, the suit tries to somehow claim that collecting this type of metadata -- which any and every music service also happily collects -- somehow violates the Wiretap Act: ... customers must download and install Bose Connect to take advantage of the Bose Wireless Products’ features and functions. Yet, Bose fails to notify or warn customers that Bose Connect monitors and collects—in real time—the music and audio tracks played through their Bose Wireless Products. Nor does Bose disclose that it transmits the collected listening data to third parties. Were Bose, say, using the headphone jack on a headset to monitor actual user communications, the case might have legs. That said, while the suit's central Wiretap Act claims may be weak, the suit once again highlights that consumer data collection policies, if disclosed at all, are often buried in overlong privacy policies few if any consumers actually read -- using language carefully crafted to obfuscate what precisely is happening. Bose doesn't really help its case all that much in a statement on its website that declares the lawsuit "inflammatory" and "misleading," before being a little misleading itself: We understand the nature of Class Action lawsuits. And we’ll fight the inflammatory, misleading allegations made against us through the legal system. For now, we want to talk directly to you. Nothing is more important to us than your trust. We work tirelessly to earn and keep it, and have for over 50 years. That’s never changed, and never will. In the Bose Connect App, we don’t wiretap your communications, we don’t sell your information, and we don’t use anything we collect to identify you – or anyone else – by name. While Bose insists it doesn't "sell your information" -- its app privacy policy does note that it "may partner with certain third parties" to "engage in analysis, auditing, research, and reporting" (hey, it's not selling if we call it something else). And while Bose may not personally identify you "by name," we've long noted that "anonymized" data is far from anonymous. Study after study has made it clear that it only takes a shred of additional contextual data to make "anonymous" data easily and personally identifiable. If "trust" were truly Bose's top priority, they'd actually explain precisely what the app is doing, who data is sent to, and why. Again, many may not care that Bose is collecting this data. Especially in an age where everybody carries around a miniature computer in their pocket, happily oblivious that their every step and click are being monetized by cellular carriers, app vendors, OS makers, advertising networks, and everybody else in the food chain. The problem is that companies continue to believe there's nothing wrong with hoovering up every shred of data they can, then hiding this collection in overlong, carefully-worded privacy policies -- and the false sense of security "anonymization" is supposed to provide. Permalink | Comments | Email This Story

Read More...
posted 30 days ago on techdirt
Another National Security Letter is on its way to being published. There's no way of telling when it will arrive, but it will be sooner than the government's clear preference: never. Adobe is the unlikely recipient of the NSL and accompanying gag order. The decision in a recently unsealed case says indefinite gag orders aren't Constitutional, which is good news for the recipients of the thousands of NSLs the FBI issues every year. Thankfully, the court in Adobe’s case recognized the serious harm to free speech these gags represent. It held that orders barring companies from notifying their users about government data requests are both prior restraints and content-based restrictions on speech subject to strict scrutiny. That’s a very high bar. The court found that the indefinite gag order imposed on Adobe fails strict scrutiny because the government could make “no showing[] that Adobe’s speech will threaten the investigation in perpetuity.” The decision [PDF] raises the government's hopes before dashing them quite expertly. It opens by agreeing with one of the government's assertions: Adobe first contends that 18 U.S. § 2750(b) (“Section 2705(b)”) requires that the Court provide a date certain for the NPO’s [Notice Preclusion Order] expiration. The government contends that Section 2705(b) allows for NPOs of indefinite duration. The Court agrees with the government. But it's this assertion -- the one the court agrees with -- that allows Adobe's free speech arguments to prevail. Adobe next contends that the NPO is a content-based prior restraint that is not narrowly-tailored to achieve a compelling government interest. As such, Adobe argues, the NPO violates the First Amendment. (Appl. at 4-5.) The government argues that (1) Adobe does not have a right under the First Amendment to notify the Subscriber of the Warrant’s existence; and (2) even if Adobe did have such a right, the government’s compelling interests justify the NPO as currently tailored. The Court finds that a narrower tailoring of the NPO is warranted. [...] As written, the NPO at issue herein effectively bars Adobe’s speech in perpetuity. The government does not contend, and has made no showing, that Adobe’s speech will threaten the investigation in perpetuity. Therefore, as written, the NPO manifestly goes further than necessary to protect the government’s interest. The court also isn't interested in helping the government shift the burden to Adobe as to why this NPO shouldn't be in place indefinitely. In fact, it finds the government's attempt to do so undermines its "this doesn't implicate the First Amendment" arguments. The government further argues that the NPO is already limited by the Court’s discretion to set an end at some later date. As this “judicial[] limit[]” allows “both Adobe and the government to apply for the order to be lifted after its raison d’etre fades, the NPO is as narrowly-tailored as required.” (Oppo. at 17.) This argument ignores the fact that Adobe is not privy to the government’s investigation. Thus Adobe will not know when the NPO’s “raison d’etre fades.” Moreover, virtually every statute, regulation, order, or other government-imposed restriction on speech can be attacked in a judicial proceeding. Therefore, the government’s argument – in essence, “The order is narrowly-tailored because Adobe has the option of challenging it in court” – demonstrates nothing of relevance. In any event, putting the onus on the speaker to lift a no-longer-justified content-based restriction is hardly narrow tailoring. Adding the fact that the speaker cannot know when the restriction’s “raison d’etre fades” effectively equates to no tailoring at all. An RCS provider might decide to forego speaking rather than incur the trouble and expense of potentially futile court trips. That the government could in theory, apply to have the NPO lifted is no answer. As the NPO does not apply to the government, the government would have little incentive to do so. Accordingly, on the record before the Court, the government’s argument does little more than illustrate the NPO’s potential for burdening or chilling Adobe’s speech. Other NSL litigation is still ongoing and this decision bears little precedential value, especially in other circuits. But every judicial citation attacking indefinite gag orders helps, especially as these challenges are becoming more common as a result of the USA Freedom Act's creation of new redress options for NSL recipients. Permalink | Comments | Email This Story

Read More...
posted 30 days ago on techdirt
Update: Adobe has clarified that this was not a National Security Letter (NSL), but rather a search warrant along with a "Delayed Notice Order" (DNO) that had no expiration. The principles are the same, but the vehicle was different. We have updated the article below and apologize for the error. Another government request for info with a never-ending gag order is on its way to being published. There's no way of telling when it will arrive, but it will be sooner than the government's clear preference: never. Adobe is the unlikely recipient of a search warrant and accompanying gag order. The decision in a recently unsealed case says indefinite gag orders aren't Constitutional, which is good news for the recipients of the thousands of NSLs the FBI issues every year. Thankfully, the court in Adobe’s case recognized the serious harm to free speech these gags represent. It held that orders barring companies from notifying their users about government data requests are both prior restraints and content-based restrictions on speech subject to strict scrutiny. That’s a very high bar. The court found that the indefinite gag order imposed on Adobe fails strict scrutiny because the government could make “no showing[] that Adobe’s speech will threaten the investigation in perpetuity.” The decision [PDF] raises the government's hopes before dashing them quite expertly. It opens by agreeing with one of the government's assertions: Adobe first contends that 18 U.S. § 2750(b) (“Section 2705(b)”) requires that the Court provide a date certain for the NPO’s [Notice Preclusion Order] expiration. The government contends that Section 2705(b) allows for NPOs of indefinite duration. The Court agrees with the government. But it's this assertion -- the one the court agrees with -- that allows Adobe's free speech arguments to prevail. Adobe next contends that the NPO is a content-based prior restraint that is not narrowly-tailored to achieve a compelling government interest. As such, Adobe argues, the NPO violates the First Amendment. (Appl. at 4-5.) The government argues that (1) Adobe does not have a right under the First Amendment to notify the Subscriber of the Warrant’s existence; and (2) even if Adobe did have such a right, the government’s compelling interests justify the NPO as currently tailored. The Court finds that a narrower tailoring of the NPO is warranted. [...] As written, the NPO at issue herein effectively bars Adobe’s speech in perpetuity. The government does not contend, and has made no showing, that Adobe’s speech will threaten the investigation in perpetuity. Therefore, as written, the NPO manifestly goes further than necessary to protect the government’s interest. The court also isn't interested in helping the government shift the burden to Adobe as to why this NPO shouldn't be in place indefinitely. In fact, it finds the government's attempt to do so undermines its "this doesn't implicate the First Amendment" arguments. The government further argues that the NPO is already limited by the Court’s discretion to set an end at some later date. As this “judicial[] limit[]” allows “both Adobe and the government to apply for the order to be lifted after its raison d’etre fades, the NPO is as narrowly-tailored as required.” (Oppo. at 17.) This argument ignores the fact that Adobe is not privy to the government’s investigation. Thus Adobe will not know when the NPO’s “raison d’etre fades.” Moreover, virtually every statute, regulation, order, or other government-imposed restriction on speech can be attacked in a judicial proceeding. Therefore, the government’s argument – in essence, “The order is narrowly-tailored because Adobe has the option of challenging it in court” – demonstrates nothing of relevance. In any event, putting the onus on the speaker to lift a no-longer-justified content-based restriction is hardly narrow tailoring. Adding the fact that the speaker cannot know when the restriction’s “raison d’etre fades” effectively equates to no tailoring at all. An RCS provider might decide to forego speaking rather than incur the trouble and expense of potentially futile court trips. That the government could in theory, apply to have the NPO lifted is no answer. As the NPO does not apply to the government, the government would have little incentive to do so. Accordingly, on the record before the Court, the government’s argument does little more than illustrate the NPO’s potential for burdening or chilling Adobe’s speech. Other similar litigation is still ongoing and this decision bears little precedential value, especially in other circuits. But every judicial citation attacking indefinite gag orders helps, especially as these challenges are becoming more common as a result of the USA Freedom Act's creation of new redress options for gag order recipients. Permalink | Comments | Email This Story

Read More...
posted 30 days ago on techdirt
Government entities tend to dislike people who criticize red light cameras. There's little evidence supporting the theory they make driving safer, but there's plenty of data out there showing just how profitable they can be, especially with a little fine tuning. When someone takes it upon themselves to dig into traffic cameras, they make few friends at city hall. Oregon resident Mats Jarlstrom's interest in red light cameras was piqued like so many others: by receiving a ticket. Unlike some others, Jarlstrom has a background in electronic engineering and the inherent inquisitiveness to follow through on a thorough examination of yellow light timing. He did some math and came to the conclusion the timing was off. In his view, the leading mathematical formula for calculating the proper length of yellow lights (dating back to 1959) is incomplete, because it fails to account for how drivers decelerate before making a right-hand turn. Mats’s revised theory addresses that issue; his formula is based on the 1959 model but also factors in the time needed for turning drivers to clear the intersection. Jarlstrom's apparent mistake was not keeping these findings to himself. He spoke to local news stations about his research and presented his conclusions to a national conference of transportation engineers. The only entity that didn't want to hear anything about his yellow light research was his local government. He tried to present his findings to the state traffic engineering body but found it less than receptive to new ideas. In response to Jarlstrom's exercise of his First Amendment rights, the Oregon state engineering licensing board opened an investigation. Unsurprisingly, it arrived at the conclusion that it hadn't handed out an engineering license to Jarlstrom. Surprisingly, this effort wasted nearly two years of taxpayer time and money. According to the Board, Mats illegally practiced engineering without a license every time he “critique[d]” the existing traffic-light system and shared his ideas with “members of the public.” Even his e-mail to the creator of the original formula was ruled illegal. So was his correspondence with local media. Weird. Stupid. But at least the licensing law is narrowly-tailored, right? The practice of engineering is defined to cover “any . . . creative work requiring engineering education, training and experience.” And the law is just as sweeping as it sounds. Even the Oregon Attorney General’s Office has admitted that it’s “a broad definition which may have a particular meaning to those persons trained and knowledgeable in engineering but may be unclear to anyone else.” Having found something to use against a critic of outdated traffic light measuring systems, the Oregon licensing board went all out. It told Jarlstrom he could no longer refer to himself as an "engineer" (despite his BS in electronic engineering). It compiled a list of nine violations and fined him $500. It also nailed down something else: the starring role of defendant in an upcoming civil rights lawsuit, as the Institute for Justice reports: Today he filed a lawsuit [PDF] against the board in federal court challenging the constitutionality of the state’s requirement that citizens must obtain an engineering license in order to publicly debate anything involving “engineering.” IJ points out the board's regulation of speech is not just unconstitutional, it's ridiculous. Criticizing the government’s engineering isn’t a crime; it’s a constitutional right,” said Sam Gedge, an attorney at the Institute for Justice, which represents Mats in the lawsuit. “Under the First Amendment, you don’t need to be a licensed lawyer to write an article critical of a Supreme Court decision, you don’t need to be a licensed landscape architect to create a gardening blog, and you don’t need to be a licensed engineer to talk about traffic lights. Whether or not you use math, criticizing the government is a core constitutional right that cannot be hampered by onerous licensing requirements.” In essence, the Oregon board fined Mats Jarlstrom for doing math and then talking about it. Apparently, no one's allowed to do their own math and speak publicly about it without the express, licensed permission of the state's regulators. While the board is there to prevent non-engineers from harming the public by building faulty bridges and buildings (or, more to the point, fiddling with traffic light timing to drivers' detriment), it shouldn't be able to keep anyone from discussing their own research or referring to their engineering background and expertise. Jarlstrom simply wanted his findings to be considered. He had no power to alter traffic light timing or otherwise pose some sort of safety risk to Oregon drivers. And yet, the licensing board subjected him to a lengthy investigation and told him what he could and couldn't discuss publicly. Apparently certain topics of discussion are off limits to the general public unless the government ok's it through a very long and expensive process. Like many government things, the underlying concept is good, but the execution is horrible. And, in this case, the government was less concerned with the safety of the public than with shutting up a critic poking holes in long-held government theories. Permalink | Comments | Email This Story

Read More...
posted 30 days ago on techdirt
A whole lot of computing power is packed into VoCore2 Mini Linux Computer, an open source Linux computer and fully functional wireless router that is smaller than a coin. The applications of this tiny computer are virtually endless; use it as a VPN gateway to secure your network, an AirPlay music streaming station, and much more. You can write code for the VoCore2 in C, Java, Python, Ruby, JavaScript, and more to enhance its functions. Plug in a microSD card to the included Ultimate Dock and create a personal cloud server. The VoCore2 + Ultimate Dock are on sale now for just $43. Note: The Techdirt Deals Store is powered and curated by StackCommerce. A portion of all sales from Techdirt Deals helps support Techdirt. The products featured do not reflect endorsements by our editorial team. Permalink | Comments | Email This Story

Read More...
posted about 1 month ago on techdirt
It's difficult for me to read Jonathan Taplin's cri de coeur about Google and other technology companies that have come to dominate the top tier of successful American corporations without wincing in sympathy on his behalf. But the pain I feel is not grounded in Taplin's certainty that something amoral, libertarian and unregulated is undermining democracy. Instead, it's in Taplin's profound misunderstanding of both the innovations and social changes that have made these companies not merely successful but also—for most Americans—vastly useful in enabling people to stay connected, express themselves and find the goods and services (and, even more importantly, communities) they need. "It is impossible to deny that Facebook, Google and Amazon have stymied innovation on a broad scale," Taplin argues in his screed. He wants Google to divest itself of DoubleClick, in theory because the search engine would be much better if it were unable to generate profits from digitized ad services. He wants Facebook to unload WhatsApp, because the world was much better when connected citizens in the developing world had to pay 10 cents for each SMS message they sent. None of this really amounts to reform and, of course, such "reforms" wouldn't touch companies like Apple or Microsoft in the least. What Taplin really wants isn't to reform but to reframe. He wants us to understand current tech-company leaders as evil, or at least amoral and out of control. Toward this end, he begins his new book (a much more extended version of his Times screed) by ominously quoting Facebook's Mark Zuckerberg: "Move fast and break things. Unless you are breaking stuff, you aren't moving fast enough." Despite his misreading of the underlying technologies shaping today's digital world, Taplin—founding director and now director emeritus of the University of Southern California's Annenberg Innovation Lab—is no dummy. He knows that if he asks ordinary internet users whether they hate or love Google or Amazon or Facebook (or whether they'll willingly part with their new iPhones) he's not going to get a lot of buy-in. Even under a hypothetical President Bernie Sanders, regulating Google as a monopoly wouldn't be a meat-and-potatoes issue. Instead, Taplin creates a counter-narrative in which American technology successes (with the notable exception of Microsoft) represent the kind of rapacious octopus-like capitalism so often caricatured by cartoonists like Thomas Nast. Google and Facebook may not hurt me in particular, but the theory he offers is that they somehow hurt America in the abstract. Taplin essentially reframes American tech success as a retelling of the oil, railroad, banking and telegraph robber-baron trusts of the 19th and early 20th centuries. But the very tech companies whose success Taplin is absolutely certain is anti-democratic were built on infrastructure and resources that, under federal law and regulation, have been highly regulated throughout his (and my) lifetime. We may disagree about what the regulations should be, but there's little disagreement that there's already a regulatory framework. The regulation of monopoly infrastructures—telephone and telegraph networks, in particular—were what made it possible to refrain from regulating what you said or did on those networks. Regulation at the "wire" level of the infrastructure—and at various technical levels above that—created the space for today's innovative services that provide near-instantaneous access to, potentially, all the information in the world and all the people with whom you would want to stay in touch. Search engines and other digital tools are, of course, highly disruptive to industries whose traditional model involved having school-age kids hawking ink and wood pulp on street corners. Like Taplin, I still believe newspaper journalism is essential to democracy. Indeed, I read Taplin's op-ed early Sunday morning because I subscribe to the digital edition of The New York Times. We must continue to explore new ways to make this necessary journalism not merely survive, but thrive. But it also bears mentioning that Taplin doesn't mention Craig Newmark or Craigslist in his screed against Google, even though, if you were to buy into the fundamentals of Taplin's argument, Craigslist clearly did more to erode daily newspapers' advertising revenue than Google has ever done. And, yet, at the same time, it's worth noting here that Newmark—like most of the other successful tech moguls Taplin lumps together into a sort of secret-handshake techno-libertarian fraternity—actually gives money to Poynter, ProPublica and other enterprises that actively respond to the very real problem of very fake news. A little research into the history of scientific discovery puts even the scary Zuckerberg quote about "breaking stuff" in a different light. The philosopher Karl Popper opens his essential book Conjectures and Refutations with two quotations: "Experience is the name every one gives to their mistakes," from Oscar Wilde and "Our whole problem is to make the mistakes as fast as possible," from the physicist John Archibald Wheeler. That sentiment—to be adventurous, to risk things, to learn quickly from making mistakes quickly—is, I believe, exactly what Zuckerberg was getting at. It also extends to making mistakes in our search for a new business model for journalism. But this shouldn't include Jonathan Taplin's great big mistake of looking into the digital future and seeing only places we've been before. Mike Godwin (@sfmnemonic) is a Senior Fellow at R Street Institute. Godwin was named as a Freedom Forum Fellow at the Freedom Forum Media Studies Center in 1997 and may have once said something about Nazis online for which he will always be remembered. Permalink | Comments | Email This Story

Read More...
posted about 1 month ago on techdirt
For years the traditional cable and broadcast industry has gone to great lengths to deny that cord cutting (getting rid of traditional cable TV) is real. First, we were told repeatedly that the phenomenon wasn't happening at all. Next, the industry acknowledged that sure -- a handful of people were ditching cable, but it didn't matter because the people doing so were losers living in their mom's basement. Then, we were told that cord cutting was real, but was only a minor phenomenon that would go away once Millennials started procreating. Of course none of these talking points were true, but they helped cement a common belief among older cable and broadcast executives that the transformative shift to streaming video could be easily solved by doubling down on bad ideas. More price increases, more advertisements stuffed into each minute, more hubris, and more denial. Blindness to justify the milking of a dying cash cow instead of adapting. But given the numbers we've seen over the last year or two, even the cable and broadcast industry has had to scale back its "head firmly in the sand" approach to market evolution. Last month MoffettNathanson analyst Craig Moffett, the telecom industry's top media quote machine, pointed out that 2016's 1.7% decline in traditional cable TV viewers was the biggest cord cutting acceleration on record. Kagan agreed, a recent report indicating that Pay TV providers lost around 1.9 million subscribers last year, the firm predicting a notable spike in the number of broadband-only homes: "At the same time, American broadband-only homes grew much faster in 2016 — increasing by more than 2 million. Kagan estimated the U.S. had 15.4 million non-multichannel broadband homes at the end of last year, up from 13.3 million end of 2015. That suggest that 13% of the country’s occupied households make the decision not to take a traditional multichannel TV package." Another new report by the Convergence Consulting predicts that this broadband-only trend will only continue: "US TV subscriber losses and cord cutter/never household additions saw a major increase in 2016 as compared to 2015: We estimate 2016 saw a decline of 2.05 million US TV subscribers, 2015 saw a decline of 1.16 million, and forecast a decline of 2.11 million TV subscribers for 2017...As of YE2016 we estimate 27.2 million US households (22.3% of HHs) did not have a traditional TV subscription with a Cable, Satellite, or Telco TV access provider, up from 24.2 million (20% of HHs) YE2015, and we forecast 30.3 million (24.6% of HHs) YE2017. 2015 saw 2.1 million, 2016 3 million, and we forecast 3.1 million 2017 cord cutter/never household additions. The shorter version: by next year, one quarter of Americans will no longer subscribe to traditional cable. And that's only going to accelerate as cheaper, better, streaming alternatives emerge. In a functioning, healthy market, these companies would see the writing on the wall and adapt, benefiting users. And to be fair, some have tried (Dish's Sling TV, AT&T's DirecTV Now). But with the cable industry's growing monopoly over broadband, a return to rubber-stamp regulation, and the looming death of net neutrality, many of these companies correctly understand they won't have to seriously compete anytime soon. They can simply impose unnecessary usage caps and overage fees on uncompetitive broadband markets, then use zero rating to give their own services a leg up -- while penalizing competitors. Unfortunately for them, even that likely won't "solve" the tectonic evolution that's only just starting to take place. Ultimately, denial-prone cable and broadcast executives will be left with just one, unthinkable option: actually competing on cable TV price, flexibility and quality. Permalink | Comments | Email This Story

Read More...
posted about 1 month ago on techdirt
Back in 2012, it was discovered that a Massachusetts state drug lab technician had falsified thousands of tests submitted as evidence in criminal cases. Technician Annie Dookhan was able to "produce" three times as many test results as her coworkers, mostly by never actually testing the submitted substance -- something that went unquestioned for far too long. Dookhan went to jail for three years, but many of those convicted on faulty evidence spent far more time locked up. Dookhan's prolific fakery resulted in a list of 40,000 cases possibly tainted by her work. This list was turned over to prosecutors, who managed over the next few years to trim it down to 23,000 possibly-tainted convictions. Faced with the daunting task of sorting this all out and notifying former defendants, the district attorney's office decided the best approach was to do as little as possible. First, with an unbelievable amount of hubris, it argued that those who had already served time for bogus convictions likely didn't care whether or not they'd been exonerated post facto. It can't be that the prosecutor's office doesn't know drug convictions keep people unemployed/underemployed and/or car-less/homeless. It appears the office simply has no empathy for those it's helped convict. Then it did as little as it could to inform those who had been possibly wrongfully convicted. It sent out poorly-targeted mass mailings that looked like government junk mail, rather than the life-changing exonerations they possibly were. No research was performed to ensure current addresses were used and the letter itself didn't inform recipients of their legal rights and remedies. A court finally stepped in and ordered the DA's office to come up with a plan of adequately addressing this backlog of 21,000 possibly-wrongful convictions. These plans would have to be approved by the court, which obviously felt the DA's office would mount another half-hearted effort without direct supervision. Faced with having to lift a few fingers to locate and inform citizens of their rights, remedies, and their chance to un-fuck their lives, the DA's office has opted again to do as little as possible. However, in this case, the minimum of effort is probably the course of action it should have taken in the first place. On April 18, nearly five years after Dookhan’s confession, prosecutors submitted lists of about 21,587 tainted cases with flawed convictions that they have agreed to overturn. The state’s highest court must still formally dismiss the convictions. Once that happens, many of the cleared defendants will be freed from the collateral consequences that can result from drug convictions, including loss of access to government benefits, public housing, driver’s licenses and federal financial aid for college. Convicted green card holders can also become eligible for deportation, and employers might deny someone a job due to a drug conviction on their record. The very small number of cases the state isn't dismissing -- 320 of them, according to prosecutors -- shows how heavily the state relies on drug lab evidence to secure convictions. These cases are ones prosecutors feel would still hold up in court even without drug lab evidence. Possibly there are other cases with similarly strong evidence once Dookhan's fakery has been excised, but the DA's office has had zero desire to reexamine most of the 23,000 cases Dookhan's work affected. Odds are, there are a great many people who wrongfully served more jail time than Dookhan rightfully did. The fallout from this is going to cost Massachusetts taxpayers a whole lot of money. Not only did they pay Dookhan to not perform her duties for several years, but they'll be on the hook for the inevitable lawsuits this mass exoneration will produce. Permalink | Comments | Email This Story

Read More...
posted about 1 month ago on techdirt
If you want to take the temperature on where the craft beer brewing industry is on the convergence of an exploding industry and the greater use of trademark law, you need only look at what intellectual property lawyers are saying. We had just discussed a Q&A with several IP attorneys in wine country lamenting on how trademark law is throwing up roadblocks to a likewise expanding wine industry and the need for a more nuanced interpretation of marketplaces within the alcohol industries. Even within the craft beer industry itself, IP attorneys are starting to recognize that the industry has a problem. The Indiana Lawyer has a post about craft beer trademark issues that's fascinating for several reasons, but we'll start with some short and sweet numbers that will give you an idea of what's going on. As the number of craft breweries in the United States has skyrocketed 5,234, a 16.2 percent increase from the year before, there has been a rise in trademark disputes. Beermakers are increasingly suing in federal courts to protect their brand names and logos. The uptick in brawls is linked to growing sophistication in the industry. Artisans who just want to brew and give their neighbors something delicious to enjoy are being replaced by business professionals and investors more focused on expansions and profits. 16% growth in a single industry once considered an artisan hobby is insane, but you have to keep in mind that this kind of growth has been an ongoing trend, not a one-off. In the past decade, craft breweries have resembled the most viral of plagues, spreading across the country at a pace that's frankly stunning. Along with that growth spread the culture of craft brewing, with art-heavy labels and creative brewery and brew names (more pun-heavy than I would care for, but distinct in their way). The problem that stems from this growth is that new players are running out of language. Or, at least, language that makes sense for the industry. At the California law firm, The Craft Beer Attorney, lawyers regularly get calls from brewers wanting to know if the name they picked has been trademarked. Usually the conversations end with the anguished cry that all the good names have been taken. The saturation of brands in the craft beer industry is not surprising. Stacy Hostetter of Craft Beer Attorney explained that not only do the individual breweries have names, the beers also have names. The restraint becomes even tighter given the limited vocabulary of the industry. Producers want names that distinguish their beverages but yet are closely associated with beer in general so consumers can easily identify what it is. Since beers are primarily made with grain, hops, yeast and water, picking an associated moniker can quickly stir trouble. First, let it sink in for a moment that there is a legal organization that calls itself Craft Beer Attorney. That alone should tell you that there is at least something of a problem in the industry. But if it doesn't, please recognize that having IP attorneys essentially acknowledging that the industry has run or is running out of appropriate language for branding signals that there is a very real issue here. It's chiefly an issue because expanding the marketplace and the creation of new businesses should be a macro-goal for pretty much everyone. It's the sign of a healthy industry, where innovation and job creation can happen with speed. But if that growth is hampered by ever-increasing trademark disputes, then trademark law is no longer chiefly serving the public good in the way it was intended. One thing that is keeping this real problem from being an inescapable hindrance thus far has been the culture within the industry. However, before an infringement case reaches court, the culture of the craft beer industry dictates that brewers first make a phone call or write a nice letter. Charlie Meyer, partner at Woodard Emhardt Moriarty McNett & Henry LLP, noted small beermakers tend to be a collegial group who want to reach an amicable agreement. “Generally, I find most companies are reasonable if both sides are willing to work together,” Meyer said. That's largely true, but it's trending in the wrong direction for several reasons. First, craft brewing is becoming big business, and once-small breweries are expanding their brands and their reach to new marketplaces. Second, once they become larger, breweries that used to abide by the craft culture often let loose the legal dogs instead. We report on these cases time and time again. Finally, social media and the internet is playing a role, with breweries large and small worried that their brews will be mistaken for others' on beer-rating sites and on social media. How this problem is corrected is a tough nut to crack. But Hostetter seems to think that the culture of creativity will slough away, replaced by industry players that choose to remain generic and not play the trademark game at all. Going forward, Hostetter expects trademark litigation to increase. Brewers will turn to the courts to protect their brands for a while but eventually, they will find all the work that goes into applying for trademarks, fending off litigation and preventing infringement is too much trouble. At that point, the industry will shift. Hostetter believes brewers will turn from giving their beers creative names to generic labels. Which, when viewed from the original purpose of trademark law, would be fairly incredible. The idea behind trademarks is to encourage distinctive branding to keep the public informed as to the origin of a product. If trademark law becomes such an impenetrable barrier to business that a chunk of the industry decides to proactively go generic, then trademark law has done the opposite of that. And that would be too bad. Trademark law has a valid purpose, but it can't be such a barrier to entry for new businesses that an entire industry chooses to shirk it instead. Permalink | Comments | Email This Story

Read More...
posted about 1 month ago on techdirt
For some reason, there has been a sub-war raging for more than a decade between anti-piracy groups and fans who create free subtitles for content so other regions can enjoy that same content. While much of this war has been fought for years on the anime front of all places, the conflict has spread to mainstream movies and television as well. And it is a painfully dumb war to fight at all for the content creators, whose publishers have failed to provide the subtitle translations that are obviously in demand, and which would open up new markets at no cost for them. Instead, they typically choose to scream "Copyright infringement!" at these fans instead. In the Netherlands, one group of fans that creates free subtitles in this way took BREIN to court to have its work declared kosher. Unfortunately, the Dutch court appears to have drunk the BREIN kool-aid on how fan subtitles are the bane of the entertainment industry and used only by pirate-y pirate types. The Free Subtitles Foundation, after coming under fire from the Netherlands' anti-piracy association BREIN, decided to raise some money and take BREIN to court. The Foundation's lawyer told TorrentFreak that the lawsuit sought to clarify whether the creators of a TV show or movie can reserve the right to create and distribute subtitles. And indeed, that's exactly what the court ruled: that subtitles can only be created and distributed with permission from the rights holders. Doing so without permission is copyright infringement, and thus punishable with either jail time or a fine, depending on where you live. Now, FSF took this to court because BREIN has a habit of threatening fans who create these free subtitles. It's important to draw the distinction that this is about copyright here, because the key point in all of this is that BREIN does not have to threaten fansubbers at all. This isn't trademark law. There is no requirement to police this sort of thing. This kind of action only makes sense if either fansubs are a true danger to the entertainment industry or if BREIN and other anti-piracy groups are in the habit of seeing dangers everywhere they look and picking unneccesary fights. One of those is certainly true. Fansubs, long vilified by the content industries, have actually been shown to open up entire new markets for content where the creator or publisher didn't bother to create subtitles for those markets. And, taking a step back, the very, very simple fact is that fansubs wouldn't be needed at all if those same subtitles were offered up by the publishers themselves. Much like file sharing websites themselves, actually policing subtitle sites will be difficult. Just look at the world of anime fansubbing, which has been under fire for more than a decade but is still going strong—or, in some cases, has shifted to just straight-up anime streaming websites with baked-in English subtitles. A better solution might be for content creators and distributors to release officially subtitled content simultaneously worldwide, much in the same way that some big American TV shows and movies are now being released in Europe and Asia at the same time, rather than a few months or years later. What fansubs actually do is serve as free market research for content publishers to determine where additional demand for their content is geographically. A freely given fanmade subtitle to a movie or show is only necessary when content providers don't provide it first. The product is not serving the market in which the subtitles will be used, which makes targeting them for copyright infringement all sorts of silly. Permalink | Comments | Email This Story

Read More...
posted about 1 month ago on techdirt
In the past few weeks, we've written a few times about this weird urgency among some in Congress to rush through a pretty major change to Copyright Office oversight. I wrote a deep dive piece over at The Verge discussing the issues at play, but Congress is pushing a bill to stop the new Librarian of Congress, Carla Hayden, from appointing a new head of the Copyright Office. Instead, the Congressional plan is to make the position a political appointee, nominated by the President, and approved by Congress. In that Verge piece, we explained why it was a major change, and scratched our heads at the fact that there appears to be no reason for pushing for this change other than (1) the legacy copyright industries know that their lobbying power will mean that the appointment will be to their liking and (2) they fear who Hayden might appoint. But, what's really odd is how quickly Congress is trying to push this through. As if the matter is incredibly urgent. There have been no hearings on the matter. There's been no public discussion on the pros and cons of such a move. Just a mad dash by a bunch of people in Congress to make this change official before Hayden can appoint someone. Rep. Zoe Lofgren -- who appears to be one of the few people in Congress questioning why this is happening -- has put out a statement highlighting why this move is so problematic. A key point: if there is such a rush to make the change, how does it make sense to put this appointment power in the hands of a President who has left hundreds of federal jobs completely empty without any nominations at all? ... this legislation will harm and delay much-needed modernization efforts by making the Register a Presidentially appointed position. Currently, there is a backlog of 495 Appointee positions that have not even been nominated. This not only will delay effective administration of the Copyright Office, but also puts the efficiency gains made by the Library at risk. Under current modernization plans, the Library believes it can speed up the modernization plan by almost two years and save significant amounts of money. Those plans depend on an active Register of Copyright who is compliant and accountable to the Librarian. The long delay created by this bill in needing Senate confirmation of a Register will only harm these efforts. In other words, the arguments for "urgency" because the Copyright Register position is currently vacant are undermining their own argument. Considering the nearly 500 federal government positions that have no nominees yet, who actually thinks that Trump will quickly get around to nominating a new Copyright Register, let alone having that person confirmed by the Senate? The current Librarian of Congress, Carla Hayden, on the other hand, has been reviewing candidates for months now and is likely close to having someone in place. Similarly, as noted above, if (as is the typical line) this move is necessary to "modernize the Copyright Office," this plan does the exact opposite of that. Hayden has already put forth a plan to modernize the Copyright Office (and has experience modernizing a massive library system). But if the Copyright Office boss has to be nominated by a President who doesn't seem to feel like nominating anyone, and then approved by the Senate, the modernization plan will almost certainly be delayed. So why are supporters of this bill in such a rush if it's going to undermine and delay the key reason they give for supporting this bill: the modernization of the Copyright Office? It's almost as if that's not the real reason. Separately, Lofgren points out that it's crazy to provide less oversight to the Copyright Office right after it's been revealed that one reason why Hayden likely fired the the previous Copyright Register was because of incredible mismanagement by the previous Register, that included a modernization program that was budgeted for less than $2 million, but ended up spending nearly $12 million before being dumped with nothing to show for it (as we first revealed here on Techdirt). Removing Dr. Hayden’s ability to appoint the Register of Copyrights means she will be unable to hold employees accountable, and it creates uncertainty and ambiguity in the chain of command between the Librarian and Register of Copyrights. The previous Register of Copyrights was removed after a Library of Congress Inspector General report found the Copyright Office not only wasted six years and nearly $12 million but hid this information from Congress, falsified information in reports to the Library, and submitted fake budget numbers for annual appropriations requests. Dr. Hayden took appropriate steps to remove the Register responsible for this mismanagement. This bill would prevent Dr. Hayden from removing or ensuring accountability in any future Register by making the Register answerable only to the President -- a fundamental change in the relationship between Librarian and Register. Finally, Lofgren notes that it certainly is at least notable and unfortunate that this move to rush through this change certainly appears to be an attempt by Congress to undermine the authority of the first female and first African American Librarian of Congress. Finally, the bill is a clear affront to the first female Librarian of Congress. Dr. Carla Hayden is not only one of the most highly qualified Librarians ever to serve, but has also worked aggressively and in good faith to pull the Library and Copyright office into the 21st century. I find it deeply disturbing that for the first time in history, a female and a person of color is the Librarian of Congress, and for the first time in history, Congress would take away her power in order to give it to Donald Trump. While this does not point to motive, it is a distressing fact nevertheless. This bill is a vote of ‘no confidence’ in a Librarian who is aggressively pulling the Library and Copyright Office into the 21st century and, by all evidence, justifiably reassigned an ineffective and negligent Register. It will only serve to delay Copyright Office modernization, harm the public, harm content creators, increase tension between the Library and Copyright Office, and harm Copyright Office employees. Indeed. There are certainly arguments to be made for changing things up, but no one pushing for this bill seems to be able to answer why this needs to be changed so quickly, when such a change clearly undermines their own stated reasons for supporting the bill. From that, the most logical conclusion is that they are pushing for the change because they are worried about who Hayden is likely to appoint, rather than because of any principled argument. Permalink | Comments | Email This Story

Read More...
posted about 1 month ago on techdirt
It looks like Prenda's Paul Hansmeier isn't nearly as interested John Steele in striking a deal with the feds. Of course, Steele folded immediately, offering up Hansmeier as bus undercoating, which likely means Hansmeier isn't being feted by feds with plea deals. The 17-count indictment relayed a story familiar to Techdirt readers, since we have covered nearly every part of the scam: a get-rich-quick scheme that paid off at first for Prenda, but quickly unraveled as courts (and many copyright troll fighters) uncovered fake defendants, shell companies, forged documents, and honeypot-as-business-model tactics. Faced with numerous charges and seemingly no option to shift the culpability back to Steele, Hansmeier is arguing the entire justice system will collapse if he's convicted. I wish I could tell you I'm exaggerating the dismissal request's prose for the sake of levity, but I'm afraid that's exactly what the dense's 64-page filing [PDF] says (h/t Sophisticated Jane Doe): The government has issued a lengthy, winding, and jumbled charging document, all grounded upon an unorthodox and unviable legal theory. Because it has opted to proceed in this way, this Memorandum is by necessity heftier than it might otherwise be. Augmented size demands greater organization, so this paper begins with a Table of Contents to give the Court an overview of where the exploration will go, which then leads into the full discussion. All of this requires a fair number of words, but in the end the resolution boils down to a relatively simple concept: Prosecutors ought not be allowed to ground criminal fraud or analogous charges upon someone’s exercise of constitutionally protected civil litigation activities. As will be seen, this core rule is immensely important. Not just in the case at hand, but to this nation’s system of civil justice as a whole. This prosecution is legally unviable, and thus must be dismissed. The gist of Hansmeier's federal court longform piece is this: the federal government should not be prosecuting people for bad- or zero-faith litigation. There are several sub-gists. As gists go, however, this isn't a bad one. The judicial system has many tools to deploy against bad-faith litigation, including sanctions and outright dismissal. Defendants have some tools at their disposal as well, but no matter how much Hansmeier attempts to pretty this up, it still costs real money to defend against bogus litigation. The toolset is limited and, sometimes, completely useless. Prenda faced these tools on multiple occasions before finally deciding to get out of the copyright trolling business. Unpaid sanctions remain unpaid. Hansmeier moved on to trolling of the ADA variety and presented the Minnesota court system with perhaps the best argument to date for the reestablishment of debtors prison during his bankruptcy proceedings. But the overall point remains a good one: it shouldn't be illegal to engage in litigation, no matter how misguided or disingenuous. Allowing the government to literally make a federal case of it could chill legitimate litigation. This point should not be understated. However, the filing ignores that Hansmeier wasn't just engaged in bad faith litigation, but rather he was piling all sorts of illegal behavior on top of it: forgeries, perjuries, fake plaintiffs, defendants who had made a deal to be a defendant solely for revealing IP addresses, fake claims of "hacking" to make questionable CFAA claims and much much more. By its legal theory propounded here, the federal government now proposes to: (a) arrogate authority unto itself; (b) to patrol the civil dockets of this and any other tribunal of its choosing; (c) searching for instances of what it views to be baseless or otherwise unethical or inappropriate civil litigation activities; (d) all with the aim of prosecuting, penalizing, and imprisoning those litigants or lawyers who it deems to have stepped out of line. Or more accurately, anyone who the government chooses to target at any given moment. Prosecutors could, as in the present case, charge someone who has instituted a civil action against a fellow citizen to redress a legally recognized grievance. But the government could just as easily train its sights on, say, a citizen who has brought a Bivens action against a federal law enforcement official. Or it could bring similar charges against a detainee pursuing a civil habeas corpus action. Or against a lawyer seeking a declaration that some statute enacted by the Legislative Branch violates the United States Constitution. Or against a litigant seeking to enjoin some unlawful action of the Executive Branch. But Hansmeier is also arguing that engaging in copyright trolling should only be punishable by judicial sanctions and the like, no matter how ineffective those deterrents are, and, apparently, no matter how much fraudulent behavior the litigants engage in. In fact, Hansmeier tries to claim the fraudulent litigiation Prenda engaged in produced no victims. (From the Bill of Particulars [PDF] submitted with the dismissal motion, via SophisticatedJaneDoe) We ask that the prosecution be directed to identify the victim(s) of the offenses alleged in the indictment, to explain how they were victimized, and to specify the loss amount(s). Is the alleged victim the computer users described above and below? Or civil courts? Or both? Or someone else? Is the government relying upon “fraud on the court” judicial opinions imposing civil sanctions? If so, by what reasoning? The 64-page wall of text is worth reading, if only to admire the sheer number of words expended to tie Hansmeier's "honest" copyright trolling into the government's conspiracy charge. This may seem counterproductive, but Hansmeier's representation's angle has its own genius: if the conspiracy charges cannot be extricated from Prenda's "protected" litigation, the government's whole case falls apart. The Court may thus wonder whether the present motion to dismiss is confined to the standalone Mail/Wire Fraud counts, (Counts 2-16), or if it encompasses the above conspiracy counts as well, (Counts 1, 17). Because the government’s deficient prosecution theory pervades and fatally infects both the standalone and above conspiracy counts, all must fall. The reason stems from the law of conspiracy, which is an inchoate offense involving a mere agreement rather than actual accomplishment of the underlying alleged criminal objective. The theory goes on for several pages, but the underlying theory is this: the 15 counts of wire fraud are actually just the fed's (apparently severely-misguided) interpretation of Prenda's non-criminal "copyright protection" litigation efforts. Thus, since the standalone Mail/Wire Fraud counts (Counts 2-16) are grounded upon a legally and/or constitutionally invalid prosecution theory, each such deficient count must be dismissed. The government alleges this identical Mail/Wire Fraud theory as the sole objective of the Mail/Wire Fraud Conspiracy (Count 1), (ECF 1, ¶¶ 15-17), and the Money Laundering Conspiracy claim (Count 17), (ECF 1, ¶ 40). Under Griffin/Yates and the other opinions cited, these legally-deficient charged conspiracy objectives mean that that each of these conspiracy counts must fall away as well. If Hansmeier can convince a judge the government intends to treat copyright litigation as wire fraud -- and thus cause damage to the judicial system as a whole -- he may get a dismissal of those charges. That takes care of most of them. Of course, that requires effectively ignoring all of the other activity that wasn't just bad-faith litigation. Alternatively, he can convince a judge the conspiracy charge is unfounded, which would wipe away the fraud charges as well. That's why we have a 64-page pretrial motion to dismiss on our hands, rather than a few more weeks of pre-trial plea bargaining. The motion takes issue with the federal indictment -- both in its depiction of copyright trolling as a criminal enterprise as well as its use of "charged language" like "extortionate tactics" and "sham clients." Hansmeier says the government's wire fraud charges basically boil down to a recap of normal copyright trolling efforts. According to the government, the accused lawyer Mr. Hansmeier is criminally liable for the federal offenses of Mail/Wire Fraud and money laundering due to his institution of “fraudulent copyright lawsuits,” which (it is claimed) qualify as such because— (a). The defendant lawyers and others “uploaded the [protected works] to file sharing websites hoping to lure people into downloading” those same protected works; (b). The defendant lawyers owned and/or controlled the statutory exclusive rights in protected works rather than the named plaintiff business organizations, thus giving the defendant lawyers a personal stake in the outcome of the litigation; (c). The defendant lawyers were derelict in their professional ethics obligations, including a duty of candor to federal civil courts when invoking court-overseen discovery procedures to identify computer users who had downloaded the protected works at issue; and (d). The defendant lawyers employed “extortionate tactics to garner quick settlements” from such identified computer users, who were “unaware of the defendants’ role in uploading the [protected works at issue], and often were either too embarrassed or could not afford to defend themselves.” Hansmeier argues this is all perfectly legal litigation and that the government has made no showing that these lawsuits were so baseless they should be indicted for them. But that's an extremely generous interpretation of Prenda's practices, which included forged documents, honeypot uploads, shell corporations, faux defendants, and other instances of fraud upon the court. Prenda was on the receiving end of multiple sanctions by the time it fell apart (and showed no signs of wanting to stop or recognizing that it had done anything wrong) and all of this sprung out of its speculative invoicing process, which used federal courts and statutory damages as leverage in multiple baseless infringement lawsuits. The motion claims the government's interpretation of wire fraud statutes would endanger a great deal of legitimate litigation (although citations of Malibu Media cases probably isn't the best argument for trolling's legal legitimacy). The conclusion reached is that this prosecution is some twisted fed vendetta, with the government going after a longtime internet punching bag: [T]the government broadly disapproves of the lawyer-entrepreneurial activities described earlier, i.e., forming organizations to pursue civil enforcement of the Copyright Act, monitoring computer file-sharing platforms for that purpose, using civil court discovery mechanisms to identify violators, and so on. And its ire is directed with singular force toward Mr. Hansmeier—something of a cause célèbre and object of scorn in the news media and blogosphere and elsewhere—whose litigation tactics have already been penalized by civil courts and state licensing officials. By this prosecution, the government aims to heap yet more punishment on top of all that. This is a rather amazing (and ambitious) filing. Hansmeier has scored a very good pair of public defenders, ones who are willing to hand the court something few judges are clamoring for: a 64-page, densely-worded pretrial motion to dismiss. It's certainly far more than Hansmeier should expect, given he's done about as much damage to the reputation of lawyering as one man can possibly do. Other copyright trolls* have to be applauding this motion, as it legitimizes their efforts and provides a template for their own defense against criminal charges, should it ever come to that. *This term (troll) bothers Hansmeier and his defense. This memorable footnote appears in the filing during the motion's discussion of the government's use of trolling opponents' "charged language" in its indictment. On the debate’s flip side, there are those who use pejorative terms like “pirates” to describe those accused of Copyright Act violations. In truth, none of these or other puerile terms are helpful to sober legal analysis. Quite the opposite. The terms are mentioned here only because they are sprinkled prolifically throughout the literature, and even some court opinions, on this topic. In all, the defense would discourage use of such invectives, as they are analytically unhelpful and unnecessarily inflammatory. Permalink | Comments | Email This Story

Read More...
posted about 1 month ago on techdirt
Have you heard the story about how Uber was tracking ex-users even after they had deleted the app from their phone? You'd have to be living under a rock to have missed it. It came from a fascinating NY Times profile of Uber's CEO/founder Travis Kalanick and is the opening anecdote, and then it started spreading like wildfire across social media. Travis Kalanick, the chief executive of Uber, visited Apple’s headquarters in early 2015 to meet with Timothy D. Cook, who runs the iPhone maker. It was a session that Mr. Kalanick was dreading. For months, Mr. Kalanick had pulled a fast one on Apple by directing his employees to help camouflage the ride-hailing app from Apple’s engineers. The reason? So Apple would not find out that Uber had been secretly identifying and tagging iPhones even after its app had been deleted and the devices erased — a fraud detection maneuver that violated Apple’s privacy guidelines. But Apple was onto the deception, and when Mr. Kalanick arrived at the midafternoon meeting sporting his favorite pair of bright red sneakers and hot-pink socks, Mr. Cook was prepared. “So, I’ve heard you’ve been breaking some of our rules,” Mr. Cook said in his calm, Southern tone. Stop the trickery, Mr. Cook then demanded, or Uber’s app would be kicked out of Apple’s App Store. This has created lots and lots of headlines all over the place, claiming that Apple kept tracking ex-Uber users after they'd deleted the app. And some even whining that Apple "let" Uber get away with this with no more than a verbal scolding. The most egregious of these is Andrew Orlowski, over at the Register, who has never found a story about a tech company he couldn't totally misreport to make the company look worse. Here, he claims: Uber cloaked its spying and all it got from Apple was a slap on the wrist. Others just claimed that Uber was "tracking users even after they deleted the app." Except, if you actually read what the NY Times said it notes that what the company was doing was an anti-fraud detection. Did it break Apple's rules and go too far? Yes, absolutely. Was it bad? Probably. Was it tracking users who deleted the app? No, not at all. Again, there are plenty of legitimate reasons to dislike Uber or to dislike its business practices or its management. But that's no excuse to oversell a story that already looks bad. Uber clearly broke the rules and used a fairly sketchy maneuver to track phones to prevent fraud -- but that's not the same as tracking users who deleted the app. Wired has a pretty clear summary of what actually happened: Fingerprinting, in and of itself, has plenty of non-invasive uses. Uber, for example, deployed it to help prevent fraud. Being able to identify when a device reinstalls a particular app helps developers spot phones that are, say, bouncing around the black market. In Uber’s case, fingerprinting kept drivers, especially those in China, from gaming a promotion that rewarded them for maximizing ride volume. The company discovered that some drivers were buying stolen phones, creating dummy Uber accounts, and using those phones to call for rides. When someone uninstalls an app that uses fingerprinting, it leaves behind a small piece of code that can be used as an identifier if the app is ever reinstalled on the device. For the iOS App Store, Apple originally permitted developers to keep track of their users over time using a broad Unique Device Identifier (UDID). Beginning with iOS 5, though, Apple scaled this back, because of the potential privacy implications of giving developers permission to individually ID users even after their app had been uninstalled. Instead, Apple turned to more limited mechanisms, like advertising IDs and vendor IDs. These still give developers the ability to do fraud defense, but with less leeway for potential privacy abuse. Uber took it one step further, which is to say, one step too far, using application program interfaces designed to access data like an iPhone’s device registry and Apple-assigned serial number. Again: this is not excusing what Uber did. It clearly broke Apple's rules, and using this kind of fingerprinting can have some problematic consequences for privacy. And, yes, because everything Uber does seems to come included with some secondary component that makes even reasonable actions look bad, the company geofenced Apple's headquarters to try to try to hide the fact that it was doing this. That seems like a pretty blatant admission that the company knew it was breaking Apple's rules. It just doesn't mean that the company was tracking you after you deleted its app. I certainly understand that there's a long list of actions by Uber that make people not trust the company. And that's completely valid. But if you're going to attack the company, it should be for the bad actions that the company actually did, rather than the exaggerated and misleading descriptions that start spreading across social media. Permalink | Comments | Email This Story

Read More...
posted about 1 month ago on techdirt
The $49 Ultimate Learn to Code 2017 Bundle is over 80 hours of immersive and multi-faceted programming education at your fingertips. The ten courses cover Ruby on Rails, Python, Java, HTML5 and more. You will have gained a wide breadth of programming knowledge once you've completed the lessons and hands-on projects included in the 10 courses. Note: The Techdirt Deals Store is powered and curated by StackCommerce. A portion of all sales from Techdirt Deals helps support Techdirt. The products featured do not reflect endorsements by our editorial team. Permalink | Comments | Email This Story

Read More...
posted about 1 month ago on techdirt
Our government isn't exactly known for its security chops, but in a letter sent recently from Senator Ron Wyden to two of his colleagues who head the Committee on Rules & Administration, it's noted that (incredibly), the ID cards used by Senate Staffers only appear to have a smart chip in them. Instead of the real thing, some genius just decided to put a photo of a smart chip on each card, rather than an actual smart chip. This isn't security by obscurity, it's... bad security through cheap Photoshopping. From our Senate. Moreover, in contrast to the executive branch's widespread adoption of PIV cards with a smart chip, most Senate staff ID cards have a photo of a chip printed on them, rather than a real chip. Given the significant investment by the executive branch in smart chip based two-factor authentication, we should strongly consider issuing our staff real chip-based ID cards and then using those chips as a second factor. We asked the Senate if there was any way we could get a (heavily redacted, obviously) image of a Senate ID with the "photo" smart chip but (not at all surprisingly) that request was rejected. So, instead, we've got this artist's rendering of what something like it might look like, more or less. Most of the letter (as the last sentence suggests), is about how the Senate barely uses two factor authentication, which is also kind of stunning. These days, two factor authentication is the absolute basic level necessary for anything that you want to keep moderately secure. That the Senate isn't doing this (and that it's faking smart chips) is preposterous. It's great that Senator Wyden is calling out the Senate IT staff for this very basic failing. I don't know for sure, but a lot about this letter makes me suspect that one Chris Soghoian is behind discovering the lack of a real smart chip and highlighting the lack of true two factor authentication (it's possible it's someone else, but it feels like a very Chris Soghoian thing to notice and call out...). Permalink | Comments | Email This Story

Read More...
posted about 1 month ago on techdirt
Here in the States, regulators and Congress are preparing to gut our existing net neutrality rules -- replacing them with the policy equivalent of wet tissue paper. In Canada, regulators are taking the complete opposite tack, last week cementing the country's net neutrality rules as some of the most comprehensive in the world. After years of some obnoxious behavior by Canadian ISPs like Rogers, Canadian regulators adopted guidelines back in 2009 that prevent ISPs from blocking websites, while requiring that they're transparent about network management. In 2013, those guidelines were expanded to cover zero rating after Ben Klass, a graduate student in telecommunications, filed a complaint with the CRTC over zero rating. Specifically, Klass and his co-filers noted that Bell had begun exempting its own streaming video service from the company's usage caps, thereby putting smaller streaming competitors at a notable disadvantage. While many people (especially here in the states) continue to labor under the misconception that zero rating gives them something for free, Klass rather concisely broke down why this was a problem in a blog post at the time: "To figure out exactly what’s going on, I compared the price Bell charges for 5 gigabytes of mobile TV data to the least expensive data-only plan that lets you watch 5GB of Netflix without going over your cap (it’s called the “Tablet Flex” plan). It turns out that Bell charges you $5 a month to watch 5GB worth of their own content. If you want to watch 5GB worth of Netflix on the Bell network, on the other hand, they charge you $40. That’s a markup of 800%." The short version: usage caps (which are already arbitrary constructs only made possible by a lack of real competition) are being used as an anti-competitive weapon to harm streaming video competitors. Here in the States the FCC seems to think this is a really nifty idea. In Canada, Chile, Japan, India, Norway, and The Netherlands where the practice has been banned; not so much. In 2015, the CRTC sided with Klass, arguing that this implementation of zero rating could wind up "inhibiting the introduction and growth of other mobile TV services accessed over the Internet, which reduces innovation and consumer choice." And last week, the CRTC released its final net neutrality guidelines, which puts in place a framework for addressing similar zero rating complaints moving forward. The CRTC decision first makes it clear that this kind of "differential pricing," when applied asymmetrically, can harm the overall market: "differential pricing practices, generally speaking, result in (a) a preference toward certain subscribers over others, (b) a preference toward certain content providers over others, (c) a disadvantage to subscribers who are not eligible for, or interested in, a differential pricing practice offering, and (d) a disadvantage to content providers that are not eligible for, or included in, an offering." Instead of using usage caps to disadvantage competitors and fracture the market, the CRTC has a crazy idea: how about ISPs instead directly compete on the quality and price of their networks? "The Commission considers that competition in the retail Internet access services sector is best served, and the telecommunications policy objectives set out in the Act are best achieved, when ISPs compete and differentiate their services based on their networks and the attributes of the services on those networks, such as price, speed, volume, coverage, and the quality of their networks." Of course ISPs loathe the idea of simply being "dumb pipe" providers that just offer a quality connection at a quality price. And they'd much rather continue engaging in half-hearted non-price competition -- using the lack of said competition to protect their TV revenues. But the CRTC also wasn't buying the argument put forth by ISPs (and the policy wonks and politicians paid to love them) that zero rating somehow improves overall internet access. Nor did it buy the argument that zero rating benefits users by letting them watch content for "free": "The Commission considers that any short-term benefits of differential pricing practices would be greatly outweighed by the negative long-term impacts on consumer choice if ISPs were to act as gatekeepers of content through their use of such practices. In other words, consumers labor under the illusion they're getting a better deal because their ISP's content doesn't count against caps. But as we've pointed out for years now -- the practice of zero rating simply shifts the cost burden around -- driving up costs elsewhere and hurting overall streaming competition. The CRTC is making it clear that -- barring some exceptional creative trickery by ISPs -- this will no longer be acceptable business behavior in Canada. For now. This is all dramatically different from what we're doing here in the States. Our 2015 net neutrality rules didn't specifically ban zero rating, but instead left it up to the FCC to determine the anti-competitive impact of such plans on a "case by case basis" (something we made clear was a mistake at the time). But by the time the FCC actually got around to enforcing the rules last fall (when it warned both AT&T and Verizon their zero rating plans are clearly anti-competitive), the existing FCC was on the way out the door, to be replaced by a new FCC led by new boss Ajit Pai. And Ajit Pai's first order of business? To kill the agency's inquiry into zero rating. And he's now getting ready to push a plan that would eliminate hard, real net neutrality rules and replace them with voluntary guidelines -- and weaker FTC oversight that ISPs are fairly certain to laugh at. In other words, as Canada moves to protect consumers, net neutrality and competition, the United States -- driven ignorantly and blindly by Comcast, AT&T and Verizon lobbyists -- is preparing to give a giant, neon middle finger to all three. Permalink | Comments | Email This Story

Read More...
posted about 1 month ago on techdirt
The Shadow Brokers' attempted firesale of NSA exploits didn't go well. After early leaks failed to pique buyers' interest, SB decided to start handing over the agency's hacking tools to the general public. The most recent dump was the most interesting. It contained a variety of remote access exploits -- several of them zero days -- that gave NSA operatives "God mode" control over compromised computers with fairly-recent versions of the Windows operating system. But they were of limited use. The most recent exploitable version was Windows 8, and every version still supported by Microsoft was patched before the SB dump, most likely as the result of a belated tip from the NSA. However, older operating systems without Microsoft support are still exploitable, and will remain exploitable until those systems are updated. Now that most of the stash is out in the open, the Intelligence Community is able to do two things: 1. Determine who is responsible for the leaked toolset. 2. Complain about it. The latter appears to be what's happening now. A few (anonymous) former members of the Intelligence Community are talking up what a horrible blow this is to the NSA. Although digital exploits are used for spying rather than destruction, they allow operators to break down invisible doors, pilfering information. Seeing these latest tools published online was “devastating,” the former cyber intelligence employee said. Three recently retired intelligence employees who worked on hacking tools for the government requested anonymity in order to speak freely about sensitive matters and to protect ongoing work and employability. “By my estimation, there’s not much left to burn,” another former intelligence official who worked for several three-letter agencies told Foreign Policy. “The tools that were released were pretty critical. Supposedly, this set of tools was worth millions of dollars to the NSA. If market prices in Bitcoin are anything to go by, criminals and foreign espionage agencies didn't appear to feel they were worth much more than a few thousand dollars. Of course, potential buyers didn't know exactly what they were getting. Others probably figured the exploits would be patched into irrelevance by the time they got their hands on them. The "sky is falling" narrative tends to follow every leak of national security documents, starting with Snowden's, which damaged the NSA so much it's in better shape than ever. There may have been some valuable tools in the SB stash, but the moment they ended up in someone other than the NSA's hands, they became relatively worthless to the agency. But what was released, however powerful, was outdated. The stash appeared to be a 2013 vintage -- valuable in its prime, but no longer quite as useful after Microsoft's forced migration of Windows users to version 10. The NSA is undoubtedly sitting on a stash of current exploits far more valuable than what it lost when someone left a bunch of hacking tools behind in a compromised server. The public gnashing of natsec teeth also serves another purpose: it hopefully encourages surveillance targets to let their guard down a bit. By projecting the image of an intelligence agency fumbling around in the dark, the agency can very likely obtain a few new intercepts from careless foes it catches relaxing. Permalink | Comments | Email This Story

Read More...
posted about 1 month ago on techdirt
As further evidence of how things are changing in China when it comes to attitudes to piracy, here's a news item from Caixin about the leak of the hottest TV series there at the moment: A glossy Chinese television drama, inspired by the country's ongoing anti-graft campaign, has become the latest victim of rampant piracy, fueled by slack laws, weak enforcement and the absence of punitive fines. A story about China's public prosecutors who dredge up a series of scandals as they investigate shady land deals, organized crime and [state-owned enterprise] reforms, In the Name of the People became an instant hit when it debuted on March 28 and has become one of the most-watched TV programs in Chinese history. What makes an otherwise humdrum story about popular TV episodes turning up on video-sharing sites rather unusual is who is doing the complaining: China's state prosecutors' office, which bankrolled the $12 million production, and other producers said they had reported the copyright infringement to police, and urged platforms including cloud services, e-commerce shops and video hosting sites to remove all unauthorized versions, in a joint statement last Thursday. China's state prosecutors are not normally in the business of bankrolling TV productions. Presumably, they took that unusual step on this occasion because it was important to increase public support for Xi Jinping's long-running fight against corruption's "tigers" and "flies" using a medium that would reach a much wider audience than dull government speeches or press articles exhorting them to do the same. One of the best ways to ensure the widest possible audience for that message would be to allow the TV series to appear on sites for people to download freely. So asking the companies running them to remove copies in order to "protect" the official broadcasts seems perverse. If anything, it shows that respect for copyright in China has now gone so far as to be harmful to more serious matters like tackling the country's corruption. Follow me @glynmoody on Twitter or identi.ca, and +glynmoody on Google+ Permalink | Comments | Email This Story

Read More...
posted about 1 month ago on techdirt
Legislators working with the Association of California School Administrators are backing away slowly from a bill aiming to separate schoolchildren from their phones and their privacy. The bill would have created an exception in California's privacy law, allowing teachers and school administrators to search the contents of students' phones. Courthouse News' Nick Cahill has more details: While short in length, the bill has stature. Its 130 words would exempt students from the California Electronic Communications Privacy Act, CalECPA, which was passed in 2015 with overwhelming bipartisan support in the Legislature. “That law also specifies the conditions under which a government entity may access electronic device information by means of physical interaction or electronic communication with the device, such as pursuant to a search warrant, wiretap order, or consent of the owner of the device,” the new bill states. This attempt to further limit students' Constitutional rights and legal protections ran into the ACLU's opposition, which noted the exception would "sledgehammer" the Fourth Amendment. Apparently, the backers of the bill thought it would sail through with a minimum of public resistance. Having failed to foresee the expected, supporters are rebranding their civil liberties sledgehammer. “We’re making it a two-year bill, which means it’s not going to be heard next week. But the conversations are going to continue,” said Laura Preston, lobbyist for the school administrators. Ah, the classic "wait until the noise dies down and try again" approach. It's just crazy enough it might work. I doubt the legislation itself will be rethought. More likely, the sales pitch will be altered to make the bill appear less sledgehammer-y. Considering California is pretty much Protest Central, it's a bit stunning to read a legislator was "stunned" by collective opposition to a privacy-threatening bill. But that's exactly how the bill's author, Jim Cooper, described his reaction. The lobbyist for the schools, Laura Preston, went even further, utilizing the post-Godwin Nuclear Option rhetorical device: “We introduced the bill to try and pull schools out of CalECPA, and you might as well have thought that we started World War III,” Preston said of the reaction. Supporters of the bill claim the lack of an exception to the privacy law leaves administrators powerless. True, a school administrator can't seek a warrant to access the contents of a student's phone, but there are options schools can use rather than exempt every California student from the state's privacy law. Most schools have electronic device policies that tie search consent to school attendance, which usually includes personal electronic devices along with vehicles parked on school grounds and lockers. A consensual search -- even if performed under an "implied consent" standard rather than a more affirmative version -- is still a "clean" search, though possibly one less likely to survive a courtroom challenge. Many schools also have police officers on staff. Whether or not these officers can seek warrants to access phone contents is unclear, but in cases of suspected criminal conduct, this would be turned over to law enforcement anyway. Supporters undercut their Homeroom Apocalypse arguments with their own statements, though. Since CalECPA was enacted, students have been refusing to hand over their cellphones to teachers and administrators, Preston said. She said teachers usually want access to cellphones to prevent cyberbullying and cheating on tests, not to delve into social media or text messages for criminal content. I'd really like to hear how paging through some kid's phone "prevents cyberbullying." It may be used to find evidence of ongoing cyberbullying, but it's not going to head it off. If it's really bullying, there are a variety of school policies and law enforcement options available to school administrators that don't involve digging through a student's phone -- a device that will contain far, far more personal info than should be sought by administrators with zero law enforcement training or acumen. Cheating on tests can be resolved simply by requiring phones to be secured somewhere away from the testing area, like in students' lockers or in instructors' possession until testing is complete. Digging through someone's phone might expose a cheater, but it really seems like overkill considering the privacy issues at stake. It's also not something that should involve any on-site law enforcement officers, even if their powers are slightly limited. What is clear is "stunned" politicians and school administrators haven't given up on their dream of crushing students' Fourth Amendment protections. No doubt the ACLU -- and others -- will be keeping an eye out for Sledgehammer 2.0 later this year. Permalink | Comments | Email This Story

Read More...
posted about 1 month ago on techdirt
For any of the entrenched entertainment players seated comfortably in their lofty offices, quite used to counting stacks of money and calling it a profession, they likely already know this fearful mantra: the millennials are coming. Millennials, and even more so the generations younger than them, are driving changes in the entertainment industry. These younger consumers are largely responsible for the cord-cutting trend winding its way through the cable industry, not to mention being the force behind ever-expanding streaming options for everything from movies to television shows and live sports. These are the customers of the future. Customers that will outlive a public that became used to having bloated cable television packages filled with channels and content fit to be ignored. And those customers are both great customers for streaming services and they are customers perfectly happy to get the streaming they want if legitimate methods for it aren't available. A recent survey conducted specifically with millennials finds that more than half of them regularly use pirate streaming sites to watch movies or shows, but would prefer to use legitimate streaming sites had they been available. This is one of the main conclusions of a new survey conducted by Launchleap. The data come from a survey among millennials between 18 and 35, and zooms in on pirate streaming preferences in this age group. The results show that more than half of the respondents, a whopping 53%, admit to having used illegal services to stream movies or TV-shows over the past month. Legal streaming services remain on top with 70%, but interest in more traditional platforms such as TV, DVDs or Blu-Ray is clearly lagging behind. The respondents don’t appear to be particularly bothered by their habit. Only 7% of the people questioned say they feel guilty when they watch a pirated movie, the remaining 93% experience no guilt. You can disagree with the moral calculation of these young people all you like, but the numbers here are both stark and illuminating. If nothing else, this survey should signal to the entertainment industry that however many days are left of customers being willing to live in walled off gardens where content is enjoyed only in the manner approved by a cable company or movie studio, rather than being determined by consumer demand, that number of days is on a short timeline. It's also worth noting that the respondents that said they used pirate streaming sites also paid for content via subscriptions to Netflix and the like. The issue is that there is both a content war currently, with movies and shows available only on one streaming site at a time, as well as the long-entrenched protectionism that has kept some content off of any streaming site at all. The attitude of these respondents seems pretty clear by the numbers: hey, we tried to pay for the content, but you wouldn't let us, so we went and got it from a place that had it. Money is still a factor in the survey, of course. After all, consumers could get most of the content they demand legitimately by subscribing to, say, three or four different streaming sites at once and switching between them. But that doesn't change the fact that television and movie studios are going to have to contend with the reality that the public doesn't want to, or can't afford to, do that. The question then becomes whether these exclusive streaming deals and content protection continue to be good business, given that these younger customers are finding illegitimate ways around them anyway. The millennials are coming. And they don't think about entertainment content in the same complacent way the last generation has. Permalink | Comments | Email This Story

Read More...
posted about 1 month ago on techdirt
Researchers say they've discovered a new wave of malware with one purpose: to disable poorly secured routers and internet of things devices before they can be compromised and integrated into botnets. We've often noted how internet-of-broken-things devices ("smart" doorbells, fridges, video cameras, etc.) have such flimsy security that they're often hacked and integrated into botnets in just a matter of seconds after being connected to the internet. These devices are then quickly integrated into botnets that have been responsible for some of the worst DDoS attacks we've ever seen (including last October's attack on DYN). And most security researchers firmly believe we haven't seen anything yet. Enter PDoS (permanent denial of service) attack bots, which scan the internet for routers with default, unchanged passwords, or "smart" doorbells, dolls or other devices with paper-mache grade security. From there, PDoS attack bots issue a series of commands that wipe device media, corrupt all storage, and disconnect the device from the internet. Last month, researchers from security firm Radware set up an intentionally poorly-secured honeypot that they say saw roughly 2,250 PDoS attempts during just a four-day span. The lion's share of these attacks came from two botnets dubbed BrickerBot.1 and BrickerBot.2 -- with nodes busily bricking poorly-secured devices around the world. Initially researchers say they thought that somebody crafted malware specifically to tackle the IOT threat. But given the broad targeting of the botnets (including server-attached storage devices), they also think it's possible that the goal may just be good, old, vanilla mayhem: "When I discovered the first BrickerBot, I thought it was a drastic attempt to stop the IoT Botnet DDoS threat," Radware researcher Pascal Geenens told Ars. "I thought this was a competitor hacker who wanted to take out his competition and get access to the list of IP [addresses] of bots that were in the competitor's botnet. But upon discovery of the second BrickerBot this theory changed, as the second one is targeting any Linux-based system—not only embedded, BusyBox-based Linux with flash storage. What motivates people to randomly destroy things? Anger, maybe? A troll, maybe?" As it stands, BrickerBot.2 can only access machines that feature default administrative passwords and have the telnet protocol enabled, limiting the overall potential impact. Regardless, the end result still isn't pleasant for those on the receiving end of a BrickerBot.2 attack: "...In addition to corrupting the storage device, BrickerBot.2 wipes all stored files, removes the default Internet gateway, disables TCP timestamps, and limits the maximum number of kernel threads to just one. That all but ensures that most damaged devices won't be restored without a major undertaking. Radware has more details about the attacks here." It's still entirely possible the goal here is to actually help the internet by killing poorly-secured hardware before they can be conscripted into the shitshow that is the internet of things. After all, BrickerBot.2 appears to be an evolution of the Linux.Wifatch malware, which first appeared in October 2015. It seems more than likely that additional malware strains taking cues from the Mirai malware will inevitably appear in the wild, the goal potentially being not necessarily mayhem -- but preventing the massive, crippling DDoS attacks most security experts feel are inevitable in the next year or two. The problem (aside from this being illegal and destructive) is that the type of person that's likely to go out and purchase a poorly-secured "gee whiz" IOT device or router without considering security -- is the same type of person that's not going to understand why that device just stopped working for no coherent reason. As a result, they're likely to rush out and buy another, poorly-secured device, bringing the incompetence full circle with a zero net gain. As such, Security expert Victor Gevers is urging malware authors like this to consider a more constructive path toward the same end goal: "These attacks are very easy to execute, and I think this just the beginning," (Gevers) told Bleeping Computer. "I don't want to label this work as dark, but I think there are less destructive ways to achieve the same goal." "Instead of bricking you could also allow the devices to still work and just patch the vulnerability. This requires a bit more finesse." Granted an even better solution? Stop selling (and buying) hardware with paper-mache grade security in the first place. Permalink | Comments | Email This Story

Read More...