posted 25 days ago on techdirt
Weird TrueCrypt-related things keep happening. Over the past few years, TrueCrypt has gone from "recommended by Snowden!" to a service of questionable trustworthiness. To begin with, it was never clear who exactly was behind TrueCrypt and the lack of a recent security audit wasn't winning it many new converts. Things went from somewhat bad to disturbingly worse when, shortly after the first phase of the audit was completed, a post went up at SourceForge declaring the software insecure and that all development had been halted. The post pushed users towards BitLocker. Further development was left to the public and more testing seemed to indicate it was still trustworthy, even though it relied on possibly predictable random number generator. Whether or not TrueCrypt can fully be trusted remains up in the air. But there's some indication that the FBI has taken an interest (probably an unhealthy one) in TrueCrypt's inner workings. Techdirt reader dfed sends in a tweet from security researcher Runa Sandvik, along with a link to her FOIA request to the FBI for TrueCrypt-related documents. What has been "returned" to her has been completely withheld, all 69 pages of it. The FBI cites FOIA exemption b(4) which covers "trade secrets and commercial and financial information." The documents that won't be making their way to Sandvik appear to be three technical articles not written by FBI personnel and ones that have appeared elsewhere in unredacted form. In further explanation of the withholding, the material consists of three, copyrighted articles: Easy to Crack USB Thumbdrives, March 12, 2008 by Daniel Bachfeld; EEEP Net: "FOUO Network", April 2014 by Greg Fulk; Techno Forensics Conference, October 2007 at NIST by Dave Reiser, and a training slide presentation, Anti-Forensics, November 2, 2007 by Secure Computing. The 2008 article may be somewhat related to the FBI's failed attempt to crack TrueCrypt encryption protecting hard drives owned by Brazilian banker Daniel Dantas, who was suspected of several financial crimes. The Brazilian government asked for the FBI's help after spending five months of its own attempting the same thing. A year later, the drives remained intact. The thing is, Daniel Bachfeld's article on crackable USB drives can be found online. And it was previously published in a German tech magazine. Once again, we see a government agency withholding publicly-available information simply because that's its natural tendency: to keep requesters and requested documents as far away from each other as possible. The presentation by Dave Reiser was given at a conference that is open to members of the public, as well as the law enforcement community, so there's no reason for secrecy there. And Paul A. Henry's anti-forensics presentation, which discusses TrueCrypt, can be found online as well. So, why is the FBI holding these back? Nothing in these papers discusses anything that could possibly be considered a "trade secret." If these are secrets, they're pretty open. Searching for "anti-forensics" turns up a wealth of scholarly papers and presentations that discuss both encryption and TrueCrypt. This is just the FBI obfuscating for obfuscation's sake. But its knee-jerk reaction to withhold everything in its entirety also suggests something slightly more troubling. Either the intelligence/investigative arms of the US government have found a way in (by obtaining keys or compromising the RNG) or they're still very actively involved in trying to do so. Neither bodes particularly well for TrueCrypt users. Permalink | Comments | Email This Story

Read More...
posted 25 days ago on techdirt
Given the deeply-intertwined relationship of the CIA and the New York Police Department, it just makes sense that the CIA would need to periodically remind its personnel that the NYPD isn't the sort of intelligence agency they can share US persons information with. [T]he law limits sharing of collected information about American citizens, resident aliens and other “US persons.” As one question on the quiz highlights, the CIA cannot share such information outside the intelligence community. It’s important, then, to know which agencies are within the fold. The National Security Agency, Coast Guard and Department of Energy qualify as “IC elements”, the latter two via their intelligence arms. As a local police force, the NYPD does not make the cut. This comes from a CIA quiz obtained by the ACLU as part of an FOIA lawsuit. That the CIA would single out the NYPD on its test is significant. The NYPD likes to believe it's an intelligence agency on par with the FBI and CIA. Despite having zero reason to do so, the NYPD sends its officers all over the world to gather intelligence after terrorist attacks. No one has ever asked the NYPD to do this, but it continues to invite itself to various ground zeroes, where it is usually greeted with a mixture of befuddlement and anger. The CIA, however, remains inextricably (and perhaps, willfully) entangled with the Little Intelligence Agency That Isn't. Two former CIA employees were instrumental in setting up its "Demographics Group," which engaged in pervasive surveillance of New York City Muslims. The privacy and civil liberties violations this group engaged in made the "intelligence" gleaned so toxic not even the FBI would touch it. The CIA also expressed concerns about the gathered data -- not so much out of concern for violated rights, but because the data gathering seemed to be its own end. A senior CIA official discussed partaking in the NPYD's gathered info, but stated that the only thing "impressive" about the collection was its size, not its usefulness. A 2011 CIA Inspector General report found that the uselessness of the data didn't stop at least one CIA employee from exploiting gaps in CIA policy to view "unfiltered" Demographics Group intelligence even though the collection contained "no clear foreign intelligence relevance." Most likely due to relationships with the two former CIA employees heading the NYPD's Demographics Group, the CIA has made the most of its lax policies in order to work directly with this particular local law enforcement entity. Since 2002, the CIA has assigned four officers to provide “direct assistance” to the NYPD. Their titles and duties ranged from “Special Representative to the NYPD” to training analyst on counterterrorism. An NYPD detective also received operational training at the CIA. The undated test is likely part of CIA rule changes as a result of the IG report. What little is left unredacted deals with legal authorities related to domestic surveillance, in addition to pointing out which domestic entities the CIA can lawfully share its intelligence with. The NYPD isn't one of them, no matter how much it believes its proximity to ground zero gives it the right to rub elbows with the intelligence community's big boys. Permalink | Comments | Email This Story

Read More...
posted 25 days ago on techdirt
Over three years ago, we wrote about a fast-growing boycott of the academic publisher Elsevier, organised in protest at that company's high prices, its "bundling" of journals into larger collections, and its support for SOPA. Even though over 15,000 people eventually pledged not to work with Elsevier, the company is still going strong, making huge profits from the work of academics, and putting paywalls between the public and knowledge. Perhaps we should have guessed it would end like that. As we noted then, this was not the first or biggest boycott in the history of open access. In 2000, 34,000 scientists from 180 nations signed up to the following: we pledge that, beginning in September 2001, we will publish in, edit or review for, and personally subscribe to only those scholarly and scientific journals that have agreed to grant unrestricted free distribution rights to any and all original research reports that they have published, through PubMed Central and similar online public resources, within 6 months of their initial publication date. The failure by many of them to follow through on that promise did have one positive effect: it led to the creation of what remains perhaps the most influential open access publisher, the Public Library of Science, which is still around today, and flourishing. Both of these unsuccessful attempts to use boycotts to push forward open access are mentioned in a post by Dr Danny Kingsley on the Unlocking Research blog, which reports on yet another attempt to use this approach: A long running dispute between Dutch universities and Elsevier has taken an interesting turn. Yesterday Koen Becking, chairman of the Executive Board of Tilburg University who has been negotiating with scientific publishers about an open access policy on behalf of Dutch universities with his colleague Gerard Meijer, announced a plan to start boycotting Elsevier. As a first step in boycotting the publisher, the Association of Universities in the Netherlands (VSNU) has asked all scientists that are editor in chief of a journal published by Elsevier to give up their post. If this way of putting pressure on the publishers does not work, the next step would be to ask reviewers to stop working for Elsevier. After that, scientists could be asked to stop publishing in Elsevier journals. And here's why Kingsley thinks this time the boycott might work: Typically negotiations with publishers occur at an institutional level and with representatives from the university libraries. This makes sense as libraries have long standing relationships with publishers and understand the minutiae of the licencing processes . However the Dutch negotiations have been led by the Vice Chancellors of the universities. It is a country-wide negotiation at the highest level. And Vice Chancellors have the ability to request behaviour change of their research communities. That exposes what went wrong with the previous boycotts: they were carried out by the researchers, who have very little clout individually or even collectively when it comes to putting pressure on huge companies like Elsevier. But the Vice Chancellors have real power, based on the ability to instruct their respective institutions how they should -- or shouldn't -- act, including, presumably, how they spend their money on journal subscriptions. The Dutch seem to be serious about making open access the norm in their country. A recent amendment to the country's copyright act means that authors are now entitled by law to make the results of their research available under open access licenses. As a short notice on the University of Utrecht site explains: This means that university staff no longer have to lay down the right to publish open access in agreements with publishers. After the amendment of the law they have and keep this right automatically. With the publisher they only have to reach an agreement on the length of 'a reasonable period of time'. Even without the boycott, then, Elsevier will be obliged to agree to release research that is completely or partly paid for by the Dutch government as open access after that "reasonable period of time." All-in-all, now might be a good moment for the company to take a more accommodating approach to open access than it has in the past. Follow me @glynmoody on Twitter or identi.ca, and +glynmoody on Google+ Permalink | Comments | Email This Story

Read More...
posted 25 days ago on techdirt
In the past few weeks, we've discussed two particularly ridiculous proposals put forth by members of the European Parliament in the report that it is sending to the EU Commission for copyright reform across Europe. First was the proposal to remove freedom of panorama, which would allow countries to block the photography of certain buildings and structures, claiming that those photographs violated the rights of the architects. The second was a plan to support a link tax that would tax content aggregators like Google News for linking to content elsewhere. Thankfully, both of these proposals were voted down, despite earlier indications that they might have enough support in Parliament. Either way, the real issue now is what proposal the EU Commission comes out with for copyright reform across the EU. Julia Reda who prepared the original report for the EU Parliament hopes that the EU Commission recognizes the importance of the public's rights in its eventual plan (though she continues to refer to them as "limitations" rather than the public's rights, as is more appropriate): This decision embodies a central message of the report: Commissioner Oettinger cannot limit his upcoming reform proposals to improving conditions for cross-border trade. Reforming exceptions to copyright protection must be at the center of his initiative, since they fulfil such an essential, multi-facetted role: They provide creatives with the space to create new works, users with legal certainty for everyday activities, and access to culture and knowledge to everyone. It calls for a reduction of geoblocking measures, particularly to allow cultural minorities to access content in their language online. The report asks for consideration of new exceptions for libraries and scientists when dealing with digital works, for example allowing e-lending. Creators should be strengthend in their negotiations with publishers, it states. We'll see what actually comes out of the Commission, but Oettinger's comments in the past have not been encouraging. And, of course, other aspects of what was added to the report are just as troubling. Such as this: Jean-Marie Cavada, a French member of the centrist ALDE group, amended the report to claim that “virtually all the value generated by creative works is transferred to… digital intermediaries, which refuse to pay authors or negotiate extremely low levels of remuneration.” Needless to say, there's going to be a lot of fighting over the eventual proposal.Permalink | Comments | Email This Story

Read More...
posted 26 days ago on techdirt
Computers are such an important part of our daily lives now that it's difficult to imagine how we could get along without them sometimes. Obviously, people do. But growing accustom to supercomputer capabilities available at our fingertips all the time is much more than a luxury. We expect computers to get better and better at an astonishing (exponential) rate, but will we notice if/when that rate slows down? Here are just a few links on keeping up -- or possibly exceeding -- the performance expectations that Moore's Law has instilled in us. IBM has unveiled a 7nm chip -- the world's first commercially-viable and functioning chip using silicon-germanium materials produced with extreme ultraviolet (EUV) lithography. Moore's Law is beginning to show some cracks now, but this test chip shows the game isn't over just yet. [url] A working memory-crunching computer (memcomputer) prototype (the first of its kind) has been demonstrated by solving an NP-complete problem. This kind of computer requires a completely different design so that it can simultaneously process and store information -- unlike conventional computers which can't. Memprocessors (built from components such as memristors, memcapacitors, etc) can be made, but scaling them up is still a challenge -- so it'll be a while before anyone is making a memsupercomputer (or a supermemcomputer?). [url] Ditching transistors (or even memristors) completely could be a solution to ridiculously fast computers, and the way to get there might be quantum computing qubits. The trick is constructing qubits that are stable, error-free and scalable. So far, a 1000+ qubit computer has been made recently, but this quantum computer requires various superconducting components chilled to a nearly absolute zero temperature -- so it won't be used in laptops anytime soon. [url] After you've finished checking out those links, take a look at our Daily Deals for cool gadgets and other awesome stuff.Permalink | Comments | Email This Story

Read More...
posted 26 days ago on techdirt
Kevin Johnson: Three-time NBA All-Star. Former (embattled) president of the National Council of Black Mayors. Outgoing (non-embattled) president of the US Conference of Mayors. Frequent litigant. Destroyer of public records. Suer of his own city. Only a couple of these can be considered flattering. In his latest litigious effort, Mayor Johnson is mounting a multi-pronged attack on both a Sacramento journalist and his city government. At the center of it are documents Johnson claims should be exempt from public records requests: emails sent from his personal Gmail account but which discuss official business. The suit against Sacramento News & Review writer Cosmo Garvin makes a little sense, at least in terms of disputing the release of documents. But it makes less sense in context. Another newspaper (Sacramento Bee) made a similar request but has not been named in the lawsuit, apparently because it acquiesced to Johnson's lawsuit threat and altered its records request. (The Sacramento Bee denies doing so, instead claiming it withdrew its request while waiting for the city attorney to make a determination as to which emails will be released. It may not be acquiesence, but it still serves Johnson's purpose, seeing as this withdrawal didn't occur until after the mayor's lawyers announced his intention to sue.) Garvin did not withdraw his, nor did he alter it. The city attorney's office has already agreed to release the disputed emails, which is why it is also named in the mayor's lawsuit. Here's what Garvin is seeking and what Johnson is hoping to sue back into the shadows: Among the communications the city attorney was prepared to release were emails between Johnson and lawyers from Ballard Spahr, a firm Johnson used during his brief and debacle-filled reign as NCBM president. Johnson’s suit, however, argues that an exemption in the public-records laws for communications between an attorney and client should prevent their release. Johnson claims these emails are protected by attorney-client privileges and shouldn't be released. He (through his lawyer) claims to be all about transparency and the disclosure of "all appropriate public records." Apparently, he feels these emails are not and maintains it has nothing to do with his highly-disputed, exceedingly brief tenure as the president of the National Council of Black Mayors (NCBM). This assertion would carry a bit more weight if (a) his time at the helm of the NCBM wasn't marked by allegations of abuse of his position to support his wife's business and career, and (b) if he hadn't previously admitted -- on record -- that he had destroyed documents subject to public records requests. Johnson testified Tuesday in Superior Court on a separate matter, and acknowledged that he deleted text messages regarding a $500 million sports arena partly funded by the city. Johnson said he deleted the text messages despite being advised by city staff to save all electronic communication regarding the arena deal with the Sacramento Kings. Garvin notes that the timing of Johnson's public record-blocking lawsuit is catastrophic, at best. "This is on the day that the front page of the [Sacramento] Bee is about the mayor deleting texts," Garvin said. "It's the same time the city is getting ready to delete thousands and thousands of emails ... which they've never done before." Adding to the ugliness surrounding Johnson's litigious desires to maintain a murky relationship with the public is his past abuse of his NCBM position. Considering he'd already been dumped by the Council for his questionable actions, the NCBM is far from pleased that it's listed as a co-plaintiff in Johnson's legal fight against transparency. In fact, the two entities are still engaged in plenty of litigation against each other. Williams and other NCBM board members were also surprised the group was listed as a plaintiff in Johnson’s lawsuit, given how contentious the mayor’s relationship with them has been. Johnson was elected president of NCBM in 2013 under disputed circumstances. The group’s general counsel voided Johnson’s election just two weeks into his presidency, and Johnson sued to have his presidency restored. He and NCBM officials have been suing each other ever since. Williams is personally suing Johnson for defamation. To combat Johnson's co-opting of whatever goodwill remains towards the organization, the Council has signed a resolution that disavows any participation in Johnson's open records litigation and calls for all disputed emails to be released. Johnson is now learning that allies are like family members: you don't get to choose either one. While Johnson may have a point about privileged communications, it's completely undercut by his actions. He (and his staff) have used personal email accounts in hopes of skirting public records requests and he has openly admitted that he has destroyed information responsive to records requests against both city policy and direct instructions to maintain these records. Permalink | Comments | Email This Story

Read More...
posted 26 days ago on techdirt
The global war on selfies continues on. The first salvo was launched here in America, with many institutions banning selfie sticks for any number of reasons (mostly safety). But our inoculation has failed and the scourge of the selfie has spread to Mother Russia, infecting the youth there at what is apparently insane levels, considering some of the suggestions in this Russian pamphlet detailing how not to die for a sweet selfie. Now, I don't speak Russian, so I'm relying on the pictures and some translation work done by Gawker here, but the lesson I'm learning from this message from the Russian government is that the Russian people are awesome. Are there, for instance, Russians popping wheelies on their boats while taking selfies? Are they regularly reaching out to pet Siberian tigers with a camera phone in their other hand? Are they train dodging while selfie-ing?!? If so, the Russian youth are exactly my kind of awesome. The Russian government, of course, disagrees. That warning comes after a string of recent selfie-related accidents. In May, a 21-year-old woman accidentally shot herself in the head in Moscow while taking a selfie holding a pistol. She suffered injuries but survived. In January, two young men died in the Urals while taking a selfie holding a hand grenade with the pin pulled out. The mobile phone with the selfie survived as a record. In May, a teenager in the Ryazan region died while attempting to photograph himself as he climbed on a railway bridge and accidentally came into contact with live electrical wires. “Unfortunately we have noted recently that the number of accidents caused by lovers of self-photography is constantly increasing,” said Yelena Alexeyeva, an aide to the interior minister. “Since the beginning of the year we are talking about some hundred cases of injuries for sure.” And apparently the cure for the Russian selfie scourge is bland government pamphlets that include such memorably punchy lines as, "A selfie in the street? You may catch more than clicks", and, "Selfie on the roof -- it'll be a high fall." If these are the best tools we have in the war on the selfie, it's probably just better that we all admit defeat and embrace the sweet death that will come upon us soon. The only question now is how to get a sweet selfie of myself dying from getting a sweet selfie? Permalink | Comments | Email This Story

Read More...
posted 26 days ago on techdirt
One of the most bizarre points that became clear in yesterday's Senate hearings on encryption was that many Senators are so focused on the big bad threat of theoretical ISIS violence in the US, that they don't understand the very real (and not at all theoretical) threat of our personal data that is being hacked into and exposed on a regular basis, often due to a lack of encryption. The ACLU's Chris Soghoian summed it up nicely with the following tweet: Congress: OPM should have encrypted federal employee data. Congress: Apple has blood on its hands for encrypting user data. Got it? — Christopher Soghoian (@csoghoian) July 8, 2015 If you can't read it, it says: Congress: OPM should have encrypted federal employee data. Congress: Apple has blood on its hands for encrypting user data. Got it? Indeed, there has been plenty of talk, including from Congress, over the fact that the Office of Personnel Management, whose computers were hacked to reveal all sorts of information on government employees (past and present), didn't use encryption, in part because their computers were too old. To be fair, there are indications that encryption might not have mattered that much, since the hackers allegedly got working credentials to access the system, and thus may have been able to decrypt anything anyway. However, it does seem quite telling that at the same time Congress is freaking out about the supposed evils of encryption, the National Institute of Standards and Technology (NIST) is trying to design a better system for encrypting emails via end-to-end encryption -- the very thing that the FBI and some Senators have been complaining about. The National Institute of Standards and Technology is designing a “security platform” to authenticate mail servers using crytographic keys. The platform would let individual users encrypt emails. The system aims to “provide Internet users confidence that entities to which they believe they are connecting are the entities to which they are actually connecting," according to a NIST draft report on the topic. A subpar system, the draft said, could result in "unauthorized parties being able to read or modify supposedly secure information, or to use email as a vector for inserting malware into the system," among other consequences. The draft report is open for comment until Aug. 14, 2015.  NIST soon plans to issue Federal Register notices to vendors developing individual parts of the end-to-end system. In other words, as clueless Senators and FBI officials demand ways to undermine end-to-end encryption, the folks who actually understand technology (NIST) are asking for stronger end-to-end encryption. Perhaps, instead of letting FBI director James Comey prattle on about how he doesn't actually understand this stuff (as he said repeatedly), the Senators could have someone from NIST explain why end-to-end encryption is so important.Permalink | Comments | Email This Story

Read More...
posted 26 days ago on techdirt
For quite some time now, we've been pointing out that the hatred directed at Spotify and other music streaming services in some circles is misplaced. Spotify is paying out a ton of money to the copyright holders (approximately 70% of its revenue). The problem is that much of that money is staying with the labels rather than being passed on to the artists. Earlier this year, in fact, we wrote about a detailed report by Ernst & Young, in cooperation with a European music label trade group, that revealed just how lopsided some of these deals end up being: That's the breakdown of how subscription fees are distributed. The vast majority goes to the labels and only a small portion goes to artists and songwriters directly. Now, some of that label money may make it to artists through other means -- eventual royalty payments should an artist ever recoup, but we all know how rare that is. And that brings us to an interesting lawsuit that was actually first filed last year from a bunch of artists associated with American Idol, filed by "19," a management company connected to the show. Originally, the lawsuit had been a typical one concerning the question of whether online streaming counts as a license or a sale for the purposes of the contracts (music contracts pay much higher rates to artists for licensing rather than "sales" and there have been a bunch of lawsuits around that). However, once the Sony-Spotify 2010 contract was leaked a couple of months back, the lawsuit was amended to specifically argue that Sony chose to structure its deal with Spotify in a way that purposely kept revenue from artists. Sony has filed its response, which pretty much directly admits that it has every right to negotiate contracts with third parties that screw over artists: The implied covenant does not require SME to structure its affairs in whatever way yields the greatest royalties for 19 It further cites an earlier ruling in this very case, in which the judge said that Sony Music is under no obligation to maximize revenue for artists if it benefits Sony: ...as Judge Abrams already has held, SME can “act on its own interests in a way that may incidentally lessen the other party’s anticipated fruits from the contract.” Furthermore, Sony points to the details in the contract that it signed with 19, which flat out says that Sony is free to receive revenue in other forms that don't lead to royalties. 19 cannot claim that the parties intended that SME would not receive consideration on a general or label basis (such as in the form of an advertising credit), rather than on a basis tied to the use of a particular sound recording, because 19 expressly agreed that it “shall not be entitled to a share of income received by or credited to [SME] on a general or label basis." The filing from Sony also (rightly) mocks the claim that Sony did some "self-dealing" because it has "control" over Spotify and wanted to benefit Spotify. Noting that it holds approximately 6% of the equity in Spotify, it points out how that is a rather small equity position, and not one that gives it any real control. Sony Music is absolutely right here. 19 signed a contract that handed over control to Sony Music, and Sony Music appears to be living up to that contract exactly. That the contract itself has a bunch of ways in which Sony can screw over the artists isn't Sony breaking the contract. It's the artists and 19 agreeing to a bad contract that they no longer like -- something that all too frequently happens in the recording industry. Sony's actions in its dealings with the artists and with Spotify may be morally questionable on the issue of whether it's really helping artists, but from a legal and contractual standpoint, it's difficult to see how 19's argument has much of a chance in court. It seems likely to get tossed out pretty quickly. But, the big point remains: in the end it's not the music services that are to blame for small royalty checks to artists. It's the bad deals that artists themselves continue to sign with labels.Permalink | Comments | Email This Story

Read More...
posted 26 days ago on techdirt
If you spend a lot of time in front of a computer, it is important to have a good mouse. Most of the ergonomic ones can be bulky and aren't easy to take with you. The Swiftpoint GT Gesture-Enabled Mouse looks to combine the traditional mouse with the natural touchscreen gestures we use with our mobile devices to give you the best of both worlds in a very portable device. The rechargeable mouse (a 30 second charge can give you an hour of working time) can connect to your devices through a USB dongle or Bluetooth and comes with a travel case, cleansing cloth and a palm-rest mat. The Swiftpoint GT Gesture-Enabled Mouse is available for 20% in the Techdirt Deals store. Check out the specs and product video there as well for more information. Note: We earn a portion of all sales from Techdirt Deals. The products featured do not reflect endorsements by our editorial team.Permalink | Comments | Email This Story

Read More...
posted 26 days ago on techdirt
We've already discussed the ridiculousness of yesterday's Senate hearings with Jim Comey on "going dark" and the desire to backdoor encryption. But one thing that came out in the discussions that deserves further scrutiny is the fact that Comey repeatedly admitted that he had no proposed solution to the question of how to do this. He admits that computer scientists say it's not possible, but he insists it's because they're "not trying hard enough" to figure it out. And whenever Senators suggested different possible legislative fixes, Comey would sort of throw up his hands and say "well, we're not making any proposals here, we just want a conversation." And there's a good reason for this, which was actually admitted after the hearings by former NSA top lawyer (and proud Techdirt disliker) Stewart Baker (who recently argued that Blackberry failed because it had too much encryption) when he went on PBS Newshour to say that the government won't put forth a proposal, knowing that it will immediately get shot full of holes by actual experts. In the segment, Susan Landau, one of the experts who has explained why this whole idea is stupid and won't work, points out that there are no proposals being put forth because it's impossible to actually do this in a way that doesn't create massive problems: SUSAN LANDAU: The issue is that the government is saying exceptional access, without explaining how they want this done, and all security matters in the details. And, immediately, Baker shoots back the admission that no one else has been willing to make that, of course the government won't come up with a plan, because then all the experts can give details for why that plan would be a disaster: STEWART BAKER: So, I think one of the things that's clear is the government isn’t trying to say this is exactly how we want you to do it, because I’m sure that Susan Landau would be saying, well, that won’t work and we have got these objections to being told how to do it. The amazing thing is that Baker doesn't even seem to realize what he's admitting, as he then immediately shifts to saying that the government just wants the industry to solve this problem. But the whole point is that there is no solution that doesn't make lots of other things much worse. The fact that the government refuses to put forth any solution should be seen as a massive problem. But, incredibly, during the Senate Intelligence Committee hearing yesterday, Senator Barbara Mikulski blamed privacy advocates for not offering up a solution to the impossible (starting around the 58 minute mark). In our briefing materials I read letters from the ACLU, whose views we so value, the Software Alliance, and I saw a lot of criticism of what we're pursuing here for some type of opportunity to not go dark. But I didn't see any solutions. I saw a lot of criticisms. I saw a lot of critiques. But I didn't see solutions. Now I believe, as Senator Heinrich said and others, we have tremendous technical know-how, and I believe that the people in Silicon Valley are indeed very patriotic people, and they don't want drug dealers and international traffickers and child pornographers to be able to get away with nefarious things. So, if we could perhaps actually get from those as well as the civil liberties community how we could start working to a solution that would actually be great. This is the point at which you should be banging your head on whatever wall or desk is closest. All of those patriotic folks in Silicon Valley have been going into great detail about how there is no good way to backdoor encryption, highlighting many explanations of how it actually makes online security much, much worse. To then say that the people pointing out how there are no good solutions should be the ones responsible for offering up a solution, rather than the government, which is insisting that something must be done, is ridiculous. It takes quite an incredible train of thought to argue that the people telling you that magic fairy dust doesn't exist need to be the ones to tell you how to make magic fairy dust, rather than the naive folks who believe in magic fairy dust. And yet, that's exactly what Senator Mikulski did. And that's because, as Stewart Baker rightfully points out, if the government actually produced a plan for magic fairy dust, actual experts would quickly point out that it's not magical fairy dust, and actually makes people ill. How is it that these people are in positions of power and influence?Permalink | Comments | Email This Story

Read More...
posted 26 days ago on techdirt
We already wrote a bit about the two Senate hearings that FBI Director James Comey participated in yesterday, concerning his alleged desire to have a "discussion" about the appropriateness of backdooring encryption. The phrase tossed around at the hearings was about the FBI's fear of "going dark" in trying to track down all sorts of hypothetical bad guys (and it always was hypothetical, since no actual examples were given). However, not all of the crazy statements came from Comey. There was plenty of nuttiness from Senators as well. It is, of course, difficult to pick out the most ridiculous, so here are two that stood out to me, personally. And, to avoid any charges of bias, I'll include one from each hearing and one from a Democrat and one from a Republican. Let's start with the first hearing, the one before the Senate Judiciary Committee, where Senator Sheldon Whitehouse decides to add his bizarrely ignorant statements (starting around 1 hour, 18 minutes into the recording). Whitehouse starts out with a hypothetical (again!) story of a girl being kidnapped outside of her home ("taken into a van"), but having her phone left inside. He claims that in the past, law enforcement could get a warrant for the phone "to help locate the girl." And now "they cannot do that." This hypothetical makes no sense for a variety of reasons. First, the number of actual abductions like that is pretty rare. But, more importantly, if the phone is at home then it's not exactly going to help law enforcement locate her any more. He's mixing up a variety of different things involving location versus stored data encryption. It's just a scare story that has little to do with the issue of stored data encryption, which is what the hearing is supposed to be about. But, from there, he goes on to make an even more bizarre statement, claiming that companies pushing encryption are doing so solely for their own corporate benefit, creating harm for the public. In fact, he compares encryption to pollution, and then argues that there could be civil liability because encrypted phones make it difficult to find hypothetical kidnapped girls: It strikes me that one of the balances that we have in these circumstances, where a company may wish to privatize value -- by saying "gosh, we're secure now, we got a really good product, you're gonna love it" -- that's to their benefit. But for the family of the girl that disappeared in the van, that's a pretty big cost. And, when we see corporations privatizing value and socializing costs, so that other people have to bear the cost, one of the ways that we get back to that and try to put some balance into it, is through the civil courts. Through the liability system. If you're a polluter and you're dumping poisonous waste into the water rather than treating it properly somebody downstream can bring an action and can get damages for the harm they sustained, can get an order telling you to knock it off. This appears to be a thing that Senator Sheldon Whitehouse does. He makes up ridiculous hypotheticals of situations that aren't happening and then jumps to flat out wrong arguments based on those hypotheticals. Here, he's just wrong that companies employing encryption are "privatizing value and socializing costs." In fact, as many, many, many people will argue, companies that are putting in place end-to-end encryption actually can make it more difficult for them to make money, since they close off avenues such as targeted advertising, since they lose access to the information being transmitted. But, even more to the point, this entire argument is based on the simply wrong (and completely ignorant) argument that the there's a "cost" to the public of greater encryption. That's not just wrong, it's so wrong as it should call into question the career choices of whatever clueless staffer fed that line to Senator Whitehouse. The whole crux of the argument, as has been explained over and over again, is that greater encryption better protects the public from cyberattacks, from those seeking to violate their privacy and from other potential malicious actors. In other words, the actual scenario that Whitehouse should be concerned about is not the mythical girl being abducted into a van (again, a scenario that rarely happens), but the malicious online actors who are seeking to break into the girl's bank account or other online accounts in order to cause all sorts of actual problems for her in real life. That's the much more likely threat and it's the one that strong encryption helps protect. The whole idea that strong encryption is the equivalent of pollution is hilariously wrong. Pollution is a negative externality. But strong encryption is not a negative externality. It better protects the public. It's a public benefit. Senator Whitehouse's argument is based on a near total misunderstanding of what encryption does, how it protects people and any understanding of actual threats people face in the world, both the low likelihood of random abduction and the high likelihood of having your online accounts under attack. It's so far from reality that it feels like Senator Whitehouse ought to issue an apology. Onto the second hearing before the Intelligence Committee. In this case, the Senator we'll pick on is Senator John McCain. His part starts a little after the 1 hour and 15 minute mark into that video. And he's focused on the worst kind of political grandstanding, hyping up FUD around ISIS, followed by a "but we must do something!" argument that ignores the simple fact that the plan he supports actually makes the problem worse, not better. As you'll see, Senator McCain doesn't care about that. He just wants something done. This one involves some back and forth with Comey, starting with the scare stories to start things out: McCain: Is it true that, you have stated on several occasions, that ISIS poses over time a direct threat to the United States of America? Comey: Yes. McCain: And that is the case today? Comey:: Yes. Everyday they're trying to motivate people here to kill people on their behalf. McCain: And every day that they take advantage of this use of the internet, which you have described by going to unbreakable methods of communicating, the more people are recruited and motivated to, here in the United States and other countries to attack the United States of America. Is that true. Comey: Yes sir. Okay, let's just cut in here first of all to note that it's not actually true. I mean, it's possible that this is happening, but there still has yet to be a single credible story about ISIS successfully "recruiting" people in the US to perform an attack in the US. All of the ISIS "arrests" so far have been part of the FBI's own plots, where it's an FBI informant doing the "recruiting and motivating." McCain: So this is not a static situation. This is a growing problem, as ISIS makes very effective use of the internet. Is that correct? Comey: That's correct sir. McCain: So with all due respect to your opening comments, this is more than a conversation that's needed. It's action that's needed. And, isn't it true that, over time, the ability of us to respond is diminished as the threat grows and we maintain the status quo? Comey: I think that's fair. Actually, it's not fair. It's wrong. I mean, it depends on what kind of "action" we're talking about -- but since the entire hearing focused on backdooring encryption, it's difficult to argue that the "ability to respond diminishes" over time because any plan to backdoor encryption wouldn't be an actual response that matters. ISIS would quickly just switch to encrypted systems that aren't backdoored by the US government, and there are plenty to choose from. McCain: So, we're now -- and I've heard my colleagues, with all due respect talking about attacks on privacy and our Constitutional rights etcetera -- but it seems to me that our first obligation is the protection of our citizenry against attack. which you agree is growing. Is that a fact? Comey: I agree that is our first responsibility. But I also... McCain: So the status quo is not acceptable if we support the assertion that our duty is to protect the lives and property of our fellow citizenry. That is our first priority. You agree with that? Okay, first off, you should really watch this point to see the dismissive way he shrugs off the part about "privacy" and "our Constitutional rights etcetera." It's really quite disturbing, frankly. And that's because the next line is just wrong. The Oath of Office given to Senators is that they will "support and defend the Constitution of the United States against all enemies, foreign and domestic." It does not say anywhere that they are to "protect our citizenry against attack." And it especially does not say that the role of a Senator is to protect the citizenry from attack over protecting the Constitution. It says the exact opposite. It says that his sole job is to protect the Constitution. That a Senator who has been in office as long as McCain is flat out ignoring the Oath he's taken many times, and actually arguing for a policy that he is admitting violates that oath is somewhat stunning. He is flat out saying, in violation of his oath, that his job is to undermine the Constitution if he believes it will protect the American people from attack. And, just to highlight how incredibly stupid this statement is, pushing for backdoors on encryption doesn't even do what he thinks it does. It actually makes Americans more open to attack by making their digital information less safe and secure. So even if we took McCain's argument at face value and ignored that it's directly in contrast to his oath of office, he's still wrong, because he's putting more Americans at risk, rather than "protecting" them. As for Comey agreeing that this is a first priority, he's wrong about that too. Some might think that is the first priority for the FBI, even if it isn't for Congress, but it's not. The FBI's oath is also to "support and defend the Constitution against all enemies, foreign and domestic." McCain then drags out a bunch of leading questions in which he continues to try to make it out like "something must be done to stop this nasty encryption" stuff, getting Comey to (mostly) agree, even to completely bogus statements. Comey: I agree that this is something that we have to figure out what to do about. McCain: So now we have a situation where the major corporations are not cooperating and saying that if we give the government access to their internet, that somehow, it will compromise their ability to do business. Is that correct also? Comey: (Shakes his head back and forth in a way suggesting he disagrees, but then says): That's a fair summary of what some have said. McCain: So we're discussing a situation in which the US government -- i.e., law enforcement and the intelligence community -- lack the capability to do that which they have the authority to do. Is that correct? Comey: Certainly with respect to the interception of encrypted communications and accessing locked devices, yes. McCain: So we're now in an interesting situation where your obligation is to defend the country, and at the same time, you're unable to do so, because these telecommunications... these organizations are saying that you can't, and are devising methodology that prevents you from doing so, if it's the single key, only used by the user. Is that correct? Comey: I wouldn't agree, Senator, that I'm unable to discharge my duty to protect the country. We're doing it every single day using all kinds of tools... McCain: Are you able to have access to those systems that only have one key? Comey: No, we can't break strong encryption. McCain: So, you can't break it. And that is a mechanism which is installed by the manufacturer prevent you [sic] from using... that there's only one key that is available to them... to you. Comey: That's correct. Now, to his very slight credit, after this misleading back and forth, Comey eventually plays a slight devil's advocate here, and at least attempts to channel the views of all of those computer security experts who have pointed out that backdooring encryption makes people less safe. McCain: So suppose that we had legislation which required two keys. One for the user and one that, given a court order, requiring a court order, that you would be able to -- with substantial reason and motivation for doing so -- would want to go into that particular site. What's the problem with that? Comey: Well, a lot of smart people, smarter than I, certainly, say that would have a disastrous impact on broader security across the internet, which is also part of my responsibility. McCain: Do you believe that? Comey: I'm skeptical that we can't find a solution that overcomes that harm. But a lot of serious people say "ah, you don't realize, you'll rush into something and it'll be a disaster for your country. Because it'll kill your innovation, it'll kill the internet." That causes me to at least pause and say "well, okay, let's talk about it." At which point McCain totally ignores that point to go back to his but we need to so something! mantra. McCain: But, we've just established the fact that ISIS is rushing in to trying... attempting... to harm America and kill Americans. Aren't we? Comey: They are. McCain: So I say with respect to my colleagues, and their advocacy for our constitutional obligations and rights, that we're facing a determined enemy who is, as we speak -- according to you and the director of Homeland Security -- seeking to attack America, destroy America and kill Americans. So it seems to me that the object should be here, is to find a way not only to protect Americans' rights, but to protect American lives. And I hope that you will devote some of your efforts -- and I hope that this Committee... and I hope the Congress will -- understand the nature of this threat. And to say that we can't protect Americans' Constitutional rights in the same time protect America, is something that I, simply, won't accept. Except, we can protect Americans Constitutional rights and, at the same time, protect America: by enabling strong encryption that better protects the security and privacy of everyone, without adding unnecessary vulnerabilities in the form of government backdoors. McCain completely ignored the rebuttal point that his position actually makes America less safe by opening things up to those who wish to attack us. Don't we deserve Senators who don't spout pure ignorance, focused on scaring the American public in ways that make us both less safe and take away the Constitutional rights they've sworn to defend? There were plenty of other ridiculous claims made by Senators in both hearings, but these were the two nutty ones that stuck out for me. We deserve better elected officials.Permalink | Comments | Email This Story

Read More...
posted 26 days ago on techdirt
Back in 2010 under the leadership of Julius Genachowski, the FCC released a "national broadband plan." While it did help subsidize some middle and last mile rural deployment and directed the FCC to actually start using real world data to make policy decisions (ingenious!), it somehow managed to float like a butterfly over the U.S. broadband industry's biggest and most glaring problem: the lack of broadband competition. Even the agency's $300 million broadband coverage map birthed by the plan couldn't be bothered to actually list broadband service pricing, lest site visitors conclude that they're paying too much for too little. As the years ticked by, it became increasingly clear many of the plan's action items were little more than political show ponies, paying empty lip service to issues like the digital divide, with ankle-high "goals" the government knew full well would have been achieved without government lifting a finger. Even the plan's architect Blair Levin has acknowledged the FCC was quick to offer a "one-note narrative of self-praise," instead of disrupting the status quo. Basically, it took 36 public workshops, 9 field hearings, 31 public notices and 376 pages to create the illusion the government was doing something about the nation's rotten duopoly problem. Hindsight now has many people realizing that a search giant with bottomless pockets probably did more for broadband in the last five years than our massive national broadband plan ever did. Google Fiber's deployment of symmetrical gigabit service for $70 a month has helped drive a new national conversation about broadband competition. It has also driven a number of previously sleepy, uncompetitive ISPs to drive upgrades users wouldn't have seen otherwise. And as MIT Technology Review notes, it's kind of miraculous that Google Fiber happened at all:"The unnerving thing is that so much of the present and future of broadband has come down to the whims of a single company, and a company that, in many ways, doesn’t look or act much like most American firms. If Google didn’t have such a dominant position in search and online advertising, giving it the resources to make big investments without any requirement of immediate return, Google Fiber wouldn’t have happened. And if Google’s leadership weren’t willing to make big long-term investments in projects outside the core business, or if the company didn’t have a dual-share structure that preserved its founders’ power and somewhat insulated its executives from Wall Street pressure, gigabit connections would more than likely be a fantasy in the United States today." Of course, while Google Fiber has received endless media adoration, the actual hard deployment impact is currently tiny, with only a few thousand users in Kansas City and Provo actually currently getting service (though Austin, Salt Lake City, Nashville, Atlanta, Charlotte and Raleigh/Durham builds are underway). A lot of the incumbent ISP response to Google Fiber has similarly been rather theatrical in nature ("fiber to the press release"), with carriers offering gigabit speeds to a few high-end housing developments and then pretending they're revolutionizing the broadband space, while millions of consumers remain stuck on sub 6 Mbps, $60 DSL lines with 150 GB monthly usage caps. So make no mistake: the lack of competition is still a huge problem. But Google Fiber's most important contribution has been two-fold. One, as Google intended, Google Fiber placed a huge, national spotlight on the nation's broadband market failures. Cities clamored on top of one another to be the next in line for service, every paper in the nation highlighting simultanesouly that the service they received from the regional duopoly simply wasn't very good, and that we could do something about it. Two, Google Fiber also brought the public's attention to an issue that most had spent the last decade ignoring: the fact that ISPs have spent the last fifteen years gleefully writing horrible protectionist state laws designed to protect their regional fiefdoms from the competition bogeyman. Contrary to what some will say, the botched national broadband plan was not necessarily the fault of "government," just shitty government. Former FCC boss Genachowski was a professional fence sitter; so afraid of making tough policy decisions he'd make no decision at all, often dressing that inaction up as a mammoth accomplishment. It's easily arguable that current FCC boss Tom Wheeler has accomplished more for broadband in a little over a year in office (net neutrality and Title II reclassification, municipal broadband, and a notable crackdown on ISP fraud) than the last three FCC bosses combined. But the real lesson from the last five years is that it was a collaboration between sensible, balanced regulation, risk-taking private industry and grass roots citizen activism that finally pushed the needle on broadband after fifteen years of dysfunction, which is how it's supposed to work when you're not (quite intentionally) distracted by a nasty case of partisan nitwit disease. Wheeler's building a basic framework to protect consumers in the absence of vibrant competition, Google Fiber's applying some much needed competition to apathetic incumbents, and municipal broadband operations are trying to shore up coverage and competition gaps in markets the incumbent providers couldn't care less about. That seems notably more constructive than our broadband policies of the fifteen years prior, which vacillated between devising wimpy, elaborate plans that accomplished little to nothing, willfully pretending the broadband market wasn't broken, and proudly declaring that if we just left AT&T, Comcast and Verizon alone -- they'd collectively build us a magic free-market broadband Utopia powered by rainbows and puppy love.Permalink | Comments | Email This Story

Read More...
posted 26 days ago on techdirt
The Dutch government is looking to expand its surveillance powers, something which would seemingly be at odds with the current public antipathy towards mass surveillance, but of course isn't, because governments are expanding powers even while complaining about being spied on. This would be the first major update of its surveillance authorities since 2002, something likely viewed as essential due to changes in technology and "evolving threats." Matthijs R. Koots has a very thorough examination of the proposed expanded authorities at his blog, which notes the expansion would come bundled with "improvements to oversight." While there does appear to be better oversight (and better targeting) in the bill, final approval for much of this leads back to a single person: the Minister of the Interior. Legal oversight is provided by the Dutch Review Committee on the Intelligence and Security Services -- roughly the equivalent to the US's intelligence committees in the House and Senate. The good news is that, while the bill provides for bulk interception/collections, it does require more specific targeting than the twisted definition of "relevant" the FISA Court applies to the NSA's collections. The country's bulk interception program would go further than simple metadata and much further than targeting telcos and major service providers. The bill would demand mandatory cooperation from "providers of communications services," which is very broadly defined. ["Providers of communications services"] is defined in a way that includes not only providers of public electronic communications networks and services, but also providers of closed networks, and includes telcos, access providers, hosting providers and website operators. While the sources are broadly defined, the requests for information will (hopefully) be much more limited. The use of this power requires approval from the Minister, and the approval request must specify the investigation, the purpose of interception — “purpose-orientation” (Dutch: “doelgerichtheid”) is introduced as a new requirement that intends to limit bulk interception to what is relevant to a “purpose” that must be specified ‘as specifically as possible'; ‘a general indication does not suffice’ —, the type of telecommunications (e.g. GSM, radio, satellite, internet; optionally including geographic boundaries), optionally the types of traffic that are relevant (e.g. voice, chat, file transfer), and in the case of cable networks, the cable infrastructure that is targeted. In other words, no blanket authorizations for non-specific interception will exist, although blanket-like authorizations may, depending on how broad a “purpose”, in the context of a specified investigation, is allowed to be in practice; the requirement, mentioned in the MoU, that the purpose be specified “as specific as possible”, leaves room for interpretation (perhaps necessarily so). Thus endeth the good news. The broadly-defined providers would be required to "provide access" to their systems and bulk data interceptions would remain "live" for three years, rather than just one. This bulk data can also be shared with "foreign powers." Again, this is at the discretion of the Minister, so it all depends on how much the Dutch trust their minister to be mindful of their data and communications. Additionally, service providers would be compelled to hand over stored communications (emails, text messages) in addition to any bulk data collected. Worse, the government would be granted the power to force providers to assist in the decryption of sought data and communications. Furthermore, the intelligence services are authorized, under certain conditions and after approval from their Minister (Art.30-6 and Art.41-2), to compel anyone (Dutch: “een ieder”) to help decrypt data in an automated work (Art.30-5 to 30-8) or help decrypt conversations, telecommunications or data transfer (Art.41-1), e.g. by handing over keys or providing decrypted data. (A similar provision is present in the current law.) Another legal option to defeat encryption is the use of the hacking power (Art.30, see below), which requires after approval from the Minister; and yet another legal option is the use of agents (who can be tasked with interception or hacking) or informants (e.g. a sysop who, as part of daily work, has access to cryptographic keys). The government's hacking powers would also be slightly expanded. The bill would provide authorities with the power to hack adjacent systems to find a side door/back door if the original target proves resistant to its efforts. The technical reality shows that targets are generally security-aware, but that operational opportunities for using weaknesses in technical peripheral users, such as co-tenants of a certain server, which can lead to successful breaking into the automated work of the target. There's more bad news than good in the proposal. While it's understandable that surveillance laws would need to be revisited more than a decade on from their original installation, it would have been nice to see a little more restraint deployed, rather than the assumption that an expansion of powers (without a corresponding expansion of oversight) is the only way to deal with evolving communications methods. For what it's worth, Dutch citizens have until September 1st to offer their input on the bill's proposals. How much deference the government will show to dissenting opinions remains to be seen. Permalink | Comments | Email This Story

Read More...
posted 26 days ago on techdirt
"Collect it all": for the NSA, it is communications data; for Kenya, it is information about every Wi-Fi user and device. For Kuwait, as Yahoo News reports, it's everyone's DNA: Kuwait's parliament, reacting to a suicide bombing last week that killed 26 people, adopted a law Wednesday requiring mandatory DNA testing on all the country's citizens and foreign residents. The legislation, requested by the government to help security agencies make quicker arrests in criminal cases, calls on the interior ministry to establish a database on all 1.3 million citizens and 2.9 million foreign residents. Kuwait seems to be pretty serious about implementing this scheme. Refuse to give samples? That will cost you $33,000 and a year in jail. Try to pass off someone else's DNA as your own? Make that seven years in jail. Setting up the DNA database won't be cheap, but an extra $400 million has been allocated by Kuwait's parliament: "We have approved the DNA testing law and approved the additional funding. We are prepared to approve anything needed to boost security measures in the country," independent MP Jamal al-Omar said. Following the high death toll in the suicide bombing, there is a natural desire to do something to stop it happening again, and to help catch those behind it. But the move to collect everyone's DNA seems to be born mostly from an opportunistic government desire to exploit tragic events to bring in extreme laws without much resistance. After all, how exactly will having everyone's DNA in a database prevent future suicide bombings? Yes, it might help with the rapid identification of the bomber(s) and victims. That's useful, but hardly justifies an unprecedented collection of everyone's DNA. And it may help resolve other crimes, particularly rape, which will be welcomed by the victims. But if DNA becomes a standard tool in everyday criminal cases, having everyone's DNA may actually hinder investigations because of false positives. We are all shedding DNA everywhere we go, so the presence of somebody's genetic material at the scene of a crime probably means nothing (and could even be an attempt to frame someone, which becomes much easier.) But it will require the police to eliminate all those genetic bystanders, which is likely to slow down the investigation. In this respect, it's the classic needle-in-a-haystack data problem, but applied to the world of genomes. Just as adding more hay does not help you find those proverbial needles, so increasing the size of the DNA database to encompass the entire population does not generally make it easier to find the perpetrator of a crime. In fact, smaller, more selective DNA databases are more sensible, just as targeted surveillance is more effective. With luck, Kuwait's future discovery of this fact, and its failure to draw much benefit from this massive intrusion into the most personal sphere of all -- the genome -- will make other governments think twice before following suit. Well, I can dream, can't I? Follow me @glynmoody on Twitter or identi.ca, and +glynmoody on Google+ Permalink | Comments | Email This Story

Read More...
posted 26 days ago on techdirt
This is apparently going to keep happening. A while back, we discussed the situation in which Donald Trump declared his candidacy for President (while making comments that torpedoed a bunch of his vaunted business interests) and used the music of Neil Young without the artist's permission. As I noted at the time, Trump was legally allowed to use the music, since the venue had paid the required ASCAP license, but failing to go the extra step and clearing it with Young allowed the musician to generate headlines all to do with his support of Democrat Bernie Sanders. Since candidacy announcements are generally not done to generate name recognition for one's opponents, I suggested that, hey, just go get the whiny artist's permission first, mmkay? Bobby Jindal didn't take my advice. Jindal used the music of Buckwheat Zydeco during his presidential announcement and, well, ol' Buckwheat was not pleased. Buckwheat's music was among several songs that played at the Pontchartrain Center in Kenner before Jindal and his supporters took the stage, Gambit Weekly reported while live tweeting the event. The zydeco musician replied to Gambit on his own Twitter page and said that Bobby Jindal using the music of Buckwheat and his band is "not cool at all." Again, we'll go ahead and assume that the music was properly licensed because that always ends up being the case, but what's the point of letting the discussion of your presidential bid get side-railed because you chose to use the music of some guy who doesn't support you? All the campaign would have to do would be to clear the use with the artist and then all this doesn't happen. Is that really so hard? I mean, sure the musicians are being childish and petty (and have no legal claim), but that's the reality. If you don't want to give extra promotion to opponents, maybe find musicians who actually supports you. And it's also the reality that all angry-musician-roads lead to Bernie Sanders, apparently. He had much kinder words for U.S. Sen. Bernie Sanders, who strutted on stage to launch his presidential bid with Buckwheat's "Make A Change" playing in the background. He said Sanders' use of the song was "tres bien." And so we now have two separate GOP candidate announcements generating publicity for Bernie Sanders. To avoid a third, candidates need only take my advice on clearing the music they use with the artists. Permalink | Comments | Email This Story

Read More...
posted 27 days ago on techdirt
Getting stuff into space is difficult. There are a bunch of different rockets that have been used over the last few decades, but the odds of a launch failure isn't quite zero yet. A few companies are making cheaper launch systems, but a perfect track record is hard to maintain over more than a handful of launches. Perhaps that's why sentient robots in the movies never think about leaving the Earth behind. SpaceX's recent Falcon 9 failure is a huge setback for SpaceX -- because the exact problem hasn't been identified yet. This incident will delay future launches until the cause of the explosion can be reasonably explained. [url] NASA's development of its Space Launch System (SLS) is going through its own delays, as reviewing committees are concerned that NASA is wasting $150 million on an interim rocket stage that will not be used again -- instead of putting that money towards a more powerful Exploration Upper Stage (EUS). Building an unmanned rocket stage that will need to be replaced someday by a stage that is rated for a crew doesn't seem to be a great use of limited NASA funding, but lacking the full funding to directly build an astronaut-friendly, Beyond Earth Orbit (BEO) vehicle forces NASA to create interim test stages. Our tax dollars at work.... [url] Three failed resupply missions to the International Space Station (ISS) have occurred over the last 8 months. Orbital Sciences is shifting away from using 1960s-era Soviet rocket engines that were probably the cause of its launch failure last October. In May, Russian re-supply mission put its cargo in the wrong orbit. And SpaceX's investigations are ongoing for its recent Falcon 9 explosion. There are actually a few other options for getting supplies to the ISS, and Orbital Sciences will be employing alternative launch systems to fulfill its contract while it works on its replacement engines. [url] The idea of using reusable rockets isn't unique to SpaceX. Blue Origin's New Shepard is being tested for its re-usability. The United Launch Alliance (ULA) has plans for a reusable Vulcan rocket that is recovered by helicopter. Airbus has also unveiled its reusable Adeline design which could start test launches in 2025. [url] After you've finished checking out those links, take a look at our Daily Deals for cool gadgets and other awesome stuff.Permalink | Comments | Email This Story

Read More...
posted 27 days ago on techdirt
Bad ideas never die. Although there have been some recent minor steps in a positive direction concerning copyright in the EU, politicians have been trying to undermine them with really terrible ideas. We already covered the push to effectively outlaw outdoor photography, and now it appears that (despite already having this proposal voted down), some are pushing for a so-called "ancillary copyright" concept, better known as a snippet tax or a link tax. The basic idea here is that newspapers that have failed to innovate want to blame third party aggregators (mainly Google News) for somehow "damaging" their business because they link to stories with snippets, and then send traffic to those newspaper websites. We've spent years talking about how it's weird to complain about a giant site sending you traffic, but some old school publishers can't seem to get past the fact that Google is big and successful while their own sites are not -- and assume that means that Google somehow "stole" their revenue. In response, they've pushed ridiculous proposals to require anyone who aggregates content with links back to the original to pay a weird fee, above and beyond the traffic that they're sending. These plans have backfired pretty much everywhere they've been tried. Because it's nonsensical to charge someone to send you more traffic, aggregators have done things like removing those publishers or removing snippets only to see howls of protest from those same publishers who previously claimed that such things were "stealing." In the most extreme case, in Spain, where a law was written that made it mandatory for such a link tax, Google News shut down completely -- once again leading to howls of protest from the newspapers who previously had been arguing that Google was somehow stealing from them. It's an odd sort of "stealing" where you'd run complaining to the government when it goes away. Either way, all this leads to a silly and nonsensical resolution from MEP Angelika Niebler, working with a number of German MEPs (Germany is where the strongest push for a link tax has come from), arguing for a special new copyright right, which it claims is about supporting journalism: Calls on the Commission to evaluate and come forward with a proposal on how quality journalism can be preserved, even in the digital age, in order to guarantee media pluralism, in particular taking into account the important role journalists, authors and media providers such as press publishers play with regard thereto While not directly calling for a link tax (which Niebler had pushed in an earlier amendment that had been rejected), it's a pretty obvious attempt to open the door for such a link tax to return in the near future. In the link above, MEP Julia Reda notes that Niebler's own party, the European People's Party (EPP) had already agreed that no more amendments would be added -- but Niebler went ahead and added it anyway. The good folks at OpenMedia are vocally opposing this amendment and have set up a site at SaveTheLink.org with more information. The EU Parliament will vote on this proposal tomorrow. While it won't determine what the eventual law is, it may help guide dangerous future proposals that could have serious consequences for how the internet works (or doesn't) in Europe. It's time for major publishers to get over the fact that they've failed to innovate and failed to keep up with the way the internet works, while others have stepped in and done a better job. Blaming others for your failures is one thing. Looking to the government to change the way the internet and free expression work, just to try to squeeze money out of the companies who did innovate, is a cynical and backwards looking move. EU citizens and their elected officials should not allow it to happen.Permalink | Comments | Email This Story

Read More...
posted 27 days ago on techdirt
It appears the Chinese government is concerned it doesn't censor the internet enough already. China has adopted a new national security law that aims to make internet, IT infrastructure and systems, and data in certain sectors "secure and controllable", state-owned news agency Xinhua said in a notice on the National People's Congress (NPC) website. More control of the world's greatest communication tool is what's being sought, despite its best efforts to deflect this inevitable conclusion with the deployment of impenetrable jargon. Zheng Shuna of the NPC's Legislative Affairs Commission told reporters that cyberspace sovereignty is "the embodiment and extension of national sovereignty" and an important part of national infrastructure, Xinhua said in a separate report. This is more of the same for China, which has sought increased control of the internet for years. It has also shifted towards hardware homogeneity -- partially due to the state's protectionist tendencies, as well as strong hints that foreign hardware is arriving on its shores pre-compromised by intelligence services. It's not just the hardware. It's also the information flowing to and from it. China can certainly restrict imports of IT hardware and regulate internal infrastructure and systems, but the internet is much more ethereal and, for the most part, can't be stopped at the borders and searched for violations of Chinese sovereignty. But that's not all the Chinese government is seeking to control. As well as cyber security, the law covers defence, finance, science and technology, culture, religion, space, ocean depths and polar regions. And, in only the way one can when defending a very powerful state that takes a dim view of dissension (read: sends out the tanks), the Commission's spokesperson has provided a completely incredulous statement attempting to downplay the power grab. Zheng rejected suggestions that the definition was "too broad", Xinhua said. One shudders to think what China's NPC Commission would consider to be "too broad." But as worrying as China's martial-law-but-with-computers push is, the law seems resistant to interpretation. (Presumably intentionally…) Hong-Kong based Jolene Reimerson of Pinsent Masons, the law firm behind Out-Law.com, said: "It is not yet clear how China intends to 'ensure cyberspace security' or to make the internet and data 'secure and controllable' under the new national security law." It is probably not clear to the Chinese government, either, as much of the control sought will remain mostly out of its grasp. The new law doesn't specify what domestic IT providers will have to do to comply with the government's unstated demands, but considering its recent attempts to codify hardware/software backdoors, it will problably be something along these lines. "Secure and controllable data" seems almost noble when placed into certain contexts, but tying it to national security and expanding the coverage to include the internet certainly isn't. "Security" and "control" aren't strange bedfellows. The first is often used to justify the latter. China isn't the only country to expand government powers and domestic surveillance in the name of "security." (In fact, you could replace the word "China" in this article's headline with the name of almost any large Western country and it would be equally unsurprising.) It just doesn't bother with the nicety of pretending to care about its citizens' rights. There's some lip service being paid to "cooperation" with other countries for better cybersecurity, but the official talking points discuss things like "establishing a multilateral, democratic and transparent international Internet management system." It only sounds promising if you ignore China's multiple attempts to censor the internet. Or its own statements on the new law: "Internet space within the People's Republic of China is subject to the country's sovereignty," [Zheng] said. "Cooperation" in this context presumably means other countries and their internet-based platforms being asked to comply with filtering and blocking orders or risk losing access to a very large market. When the Chinese government says "multilateral," it's just saying it wants one internet for its people and one internet for the rest of the world and an impenetrable wall between them. Permalink | Comments | Email This Story

Read More...
posted 27 days ago on techdirt
Chris Christie, New Jersey Govorner, presidential candidate, and anti-terror crusader, has built quite a reputation for himself for his admiration for the now partially-expired PATRIOT Act. Add to that his worry about anyone opposing NSA surveillance and his assertions that any fears over government surveillance are so much malarkey, and the man who built his anti-terror reputation in part upon the pillar of an entirely trumped up case he prosecuted as a US Attorney has solidified his never-ending love for all things Orwellian. So now let us add to the list of Christie's transgressions his suggestion that all future terror attacks should be blamed on Rand Paul, because Paul allowed parts of the Patriot Act to expire. Here is the relevant quote from Christie's appearance on MSNBC's Morning Joe program. “And that’s why what Rand Paul has done to make this country weaker and more vulnerable is a terrible thing, and for him to raise money off of it is disgraceful. It’s disgraceful,” Christie said, touting his experience as the only candidate to use the PATRIOT Act as New Jersey’s top prosecutor. “We’re going to look back on this, and he should be in front of hearings in front of Congress if there’s another attack,” the governor said at the end of the interview. “Not the director of the FBI or the CIA.” You hear that, you folks over at the FBI and CIA? Take the next couple of years off. All of your responsibility has been lifted in the future should Gov. Christie become President Christie. Any attacks that happen will result in Rand Paul, a Senator representing his constituents, mind you, being hauled before Congress to answer for why he dared participate in the legislative process in a manner designed to retrieve some small part of American liberty. The future-crimes of ISIS rest solely on the shoulders of Senator Paul. Should you be unaware, this is ridiculous. The PATRIOT Act was an overreach, the kind of legislation that gets passed out of fear by reactionaries too busy crapping their own pants to bother wondering whether they might be trampling on the rights of American citizens. Christie calls out Paul for raising money touting his part in defeating the PATRIOT Act, but Christie has no problem raising money by fear-mongering his way across the country. Christie also says Paul should answer to Congress if there's another attack. But, if we accept that, should we also demand that Christie and government surveillance supporters answer to Congress every time there is abuse in the surveillance state for which they've cheered? If so, Christie should probably clear his schedule, because those abuses are the rule, not the exception.Permalink | Comments | Email This Story

Read More...
posted 27 days ago on techdirt
A few weeks back we discussed a few times the ridiculousness of Assistant US Attorny Niketh Velamoor seeking, and then getting, a gag order preventing Reason.com's staff from revealing the existence of a subpoena for identifying information on a few of its commenters who had made hyperbolic internet comments about a US judge. We noted that the gag order itself did not give a reason, other than repeating the possibility of any or all of the officially allowed reasons for a gag order, but never specifying which ones applied. We also noted that Velamoor's initial application for the gag order had not been unsealed in the case -- and we filed a FOIA request with the Justice Department for it (along with the DOJ's guidelines on seeking a gag order). We still have not received a response on either FOIA request. However, Public Citizen's Paul Levy went with the more direct route of reaching out to Velamoor directly and requesting the application for the gag order -- and after some initial pushback and evasions Velamoor eventually asked the court to unseal the document (as Levy notes, Velamoor perhaps used the time in between to learn what the law says and to research Public Citizen's long history of suing to get documents unsealed). And thus, Levy has now published the application and written up an analysis. You can see the application here, where it shows that, as in the rubber stamp approval of the gag order, Velamoor simply listed out the categories of reasons why a gag order can be issued and then basically said that the commenters might "flee" or "tamper" with certain data. When the Government seeks such information via grand jury subpoena, 18 U.S.C. § 2705(b) authorizes the Court to issue an order commanding a provider of electronic communications service or remote computing service to whom a warrant, subpoena, or court order is directed, for such period as the court deems appropriate, not to notify any other person of the existence of the warrant, subpoena, or court order. The court shall enter such an order if it determines that there is reason to believe that notification of the existence of the warrant, subpoena, or court order will result in-- (1) endangering the life or physical safety of an individual; (2) flight from prosecution; (3) destruction of or tampering with evidence; (4) intimidation of potential witnesses; or (5) otherwise seriously jeopardizing an investigation or unduly delaying a trial. In this case, such an order would be appropriate because the attached subpoena relates to an ongoing criminal investigation that is neither public nor otherwise known to all targets of the investigation, the account holder is suspected of being involved in or associated with persons involved in the conduct under investigation, and disclosure of the subpoena to the account owner or to any other person may alert subjects or targets of the ongoing investigation. Accordingly, there is reason to believe that notification of the existence of the attached subpoena will seriously jeopardize the investigation, including by giving targets an opportunity to flee or avoid prosecution, or tamper with evidence, including electronically stored information that is easily tampered with. Given the amount of time a criminal investigation commonly lasts and the particular circumstances presented here, the Government respectfully submits that 180 days is an appropriate delay of notice period for the Court to order. Neither of these arguments make much sense, nor should they result in a gag order. Again, the comments in question were all pretty clearly hyperbolic internet statements and not real threats in any way. The idea that someone would "flee" over that is pretty much laughable. Second, the data was on Reason's servers, which the commenters would not have access to in order to "tamper" with such evidence. One could argue that it's possible they could tamper with local files, browsing history and the like, but it's difficult to see what good that would do and would just open the individuals up to further charges. Plenty of legal cases involve issuing subpoenas or notices not to tamper with evidence. There is no reason that couldn't have been done in this case without a First Amendment-stifling gag order. As Levy notes, if this is the appropriate level of disclosure required to get a gag order in New York, then basically any subpoena would qualify for a gag order, which is tremendously problematic. And, indeed, historically such a broad stifling of speech is considered unconstitutional. At this level of generality, such a claim could be made about just about any subpoena, but the courts have generally been skeptical of claims by federal prosecutors that they can flatly forbid witnesses before the grand jury from disclosing what they have been asked.  The leading case, from the First Circuit, summarized the case law as being divided between courts that read Federal Rule of Criminal Procedure 6(e)(2) as flatly forbidding the imposition of secrecy requirements on grand jury witnesses, and those that allow restrictions only on a demonstration of “compelling necessity ... shown with particularity.”  It is hard to see Velamoor’s affidavit as meeting that standard.  The basis for the gag order is a statute specific to subpoenas to ISP's, but Ken White has collected a number of cases  in which trial judges have demanded specific showings before issuing gag orders to ISP’s in particular.    Knowing as we do that this trial judge asked no questions to pierce the generalities in the application, as a practical matter it seems to me that the judge had no evidentiary basis for enjoining journalists from writing about a government demand to disclose the identity of anonymous speakers who, themselves, were not accused of wrongdoing. Levy also does discuss the possibility that there is a legitimate investigation going on behind all of this, which is certainly possible, if extremely unlikely. But, at the very least, it seems nearly everyone agrees that the gag order itself was quite ridiculous and unconstitutional. And both AUSA Niketh Velamoor and the judge who signed off on it, Frank Maas, should be called to account for why they requested and approved it, respectively. It's not hard to speculate on the reasons: it seems likely that Velamoor requested it after realizing that Reason was going to tell people about it and that the story would likely become public (and, then, perhaps realizing how it looks to subpoena the identity of hyperbolic internet commenters who weren't making any realistic threats). Similarly, it seems likely that judge Maas didn't look too deeply into the situation and more or less rubberstamped the gag order because it came from an AUSA who insisted it was important for his investigation. Perhaps there's more to it, but it would seem that both Velamoor and Maas should explain what that "more" would be, if they don't want the more obvious speculations to be accepted as fact.Permalink | Comments | Email This Story

Read More...
posted 27 days ago on techdirt
It's time for another freebie deal from the Techdirt Deals store. We're featuring a 6-month subscription license for up to 3 computers for Bitdefender Total Security. Bitdefender combines anti-malware, online purchase protection, parental controls, file encryption, PC tune-ups and more in one package. It even includes anti-theft features to allow you to lock or wipe your lost device. To get the freebie, sign in to your store account, sign up for the newsletter, share the deal on Facebook or Twitter, and then you'll get your code for the deal. Note: We earn a portion of all sales from Techdirt Deals. The products featured do not reflect endorsements by our editorial team.Permalink | Comments | Email This Story

Read More...
posted 27 days ago on techdirt
Time Warner Cable continues to be incredibly good at being incredibly bad at what it does. The cable operator already enjoys arguably the worst customer satisfaction ratings of any company in any U.S. industry, below even Comcast. Its horrible customer service is legendary, and things have actually gotten worse as the company has sat on its hands waiting to be sold off to a rotating crop of equally dysfunctional suitors. When you're this bad at what you do, you have to be truly creative in finding new and imaginative ways to annoy your customer base. Time Warner Cable's latest incredible display of ineptitude? The cable giant has been sued for robocalling a woman 153 times regarding an overdue balance. The problem? Time Warner Cable was calling the wrong woman, who ultimately had to file suit against the cable operator to get them to stop annoying her:"King, of Irving, Texas, accused Time Warner Cable of harassing her by leaving messages for Luiz Perez, who once held her cellphone number, even after she made clear who she was in a seven-minute discussion with a company representative. The calls were made through an "interactive voice response" system meant for customers who were late paying bills."Time Warner Cable is being ordered by the courts to pay Araceli King $229,500 (or $1,500 per call) for violating the Telephone Consumer Protection Act, not a bad payout for the woman having to delete 153 unlistened-to voicemails. The truly amazing part is that Time Warner Cable still managed to robocall the woman an additional 74 times...after the suit was filed:"He also said 74 of the calls had been placed after King sued in March 2014, and that it was "incredible" to believe Time Warner Cable when it said it still did not know she objected. "Defendant harassed plaintiff with robo-calls until she had to resort to a lawsuit to make the calls stop, and even then TWC could not be bothered to update the information in its IVR system," Hellerstein wrote."That's pretty impressive even for Time Warner Cable's low standards of operational efficiency. Some bad news for Time Warner Cable: the FCC actually just got done making Robocall restrictions a little tougher for violators. Surely Time Warner Cable CEO Rob Marcus, set to potentially make $97 million as an exit package via the upcoming Charter merger, is working tirelessly at making his company much less professionally annoying.Permalink | Comments | Email This Story

Read More...
posted 27 days ago on techdirt
Florida certainly has its reputation for general nuttiness, and sometimes it goes beyond the prototypical "Florida Man" to the "Florida Judge." Last week, Florida judge Mark Mahon decided that because he personally couldn't take a little criticism from protestors outside the courtroom, he could unilaterally suspend the First Amendment of the Constitution, leading him to issue a hilarious order barring people from demonstrating anywhere near the courthouse if those demonstrations included mocking judges: Demonstrations or dissemination of materials that degrade or call into question the integrity of the Court or any of its judges (e.g., claiming the Courts, Court personnel or judges are “corrupt,” biased, dishonest, partial, or prejudiced), thereby tending to influence individuals appearing before the Courts, including jurors, witnesses, and litigants, shall be prohibited on the Duval County Courthouse grounds…. The order further stated that anyone exercising such a First Amendment right could be "found in criminal contempt of Court." Considering that he's already stomping on the First Amendment, perhaps it's no surprise that he falls back on the misleading-to-wrong anti-free speech trope of "yelling fire in a crowded theater." [T]he proper procedure for challenging a court’s decision is to file an appeal with the appropriate appellate court. Shouting out on the Courthouse grounds that the Court and judges are “corrupt” during business hours while people are entering the Courthouse is entirely inappropriate and disruptive and is analogous to falsely shouting “fire” in a crowded theater.... Eugene Volokh quickly pointed out how ridiculous this order is and Popehat followed up as well: This is flatly unconstitutional. Demonstrations and leafleting are protected speech under the First Amendment. So, for that matter, is flag-burning and walking around on stilts as a giant puppet of Uncle Sam. Burning a giant photograph of Judge Mahon, a public figure and a judge no less, would be protected speech. And sidewalks surrounding a courthouse are a public forum, the sort of place the founders envisioned protest, and flag-burning, and giant puppets, and burning giant photographs of Judge Mark Mahon. Indeed, the United States Supreme Court has held that its own adjoining sidewalks are a public forum where demonstrations, leafleting, and giant puppets are allowed. The sidewalks comprising the outer boundaries of the Court grounds are indistinguishable from any other sidewalks in Washington, D.C., and we can discern no reason why they should be treated any differently. Sidewalks, of course, are among those areas of public property that traditionally have been held open to the public for expressive activities, and are clearly within those areas of public property that may be considered, generally without further inquiry, to be public forum property. Demonstrations, signs, and leaflets outside public courthouses may be quite triggering for the sensitive souls who work there, but they have an alternative: GET A REAL JOB IN THE PRIVATE SECTOR. You can put black robes on a goon like Mark Mahon, but a goon he remains. He has no business enforcing the law, much less making up new law of his own goonish devising. So who were these demonstrators that Judge Mahon was so upset about that it made him completely forget the very First Amendment to the Constitution? They were associated with the site Photography Is Not A Crime, better known as PINAC, and who we've written about/linked to many times for exposing ridiculous efforts to bully photographers/journalists/citizens exercising their rights to photograph and videotape in public (including the actions of public officials). Mahon was hearing a case involving a PINAC reporter who had been arrested concerning a demonstration against the TSA. Other PINAC folks were demonstrating outside of this case, leading to Mahon's order. In response, PINAC has filed a lawsuit against Mahon in which they argue that Mahon's order violates their First Amendment rights and asks for a temporary restraining order against Mahon's order. In response, Mahon quickly "scaled back" his original order, but didn't get rid of it completely. Mahon wrote a new administrative order that “vacates and supersedes” the previous one. It continues the ban against photography of secure areas and security features, but he eliminated the ban against protests that question the court’s integrity. The new order is certainly better and appears to remove the reference to "fire in a crowded theater" along with the clearly unconstitutional ban on calling the integrity of the court into question. But it still seems pretty clearly targeted at protected activity that the judge doesn't like. He tries to present it as being all about safety, but that seems like a tortured attempt to ban a form of protest that he doesn't like. PINAC claims it will continue to fight the new order as well. One hopes, as part of this process, Judge Mahon familiarizes himself with the Constitution that he's supposed to be enforcing.Permalink | Comments | Email This Story

Read More...
posted 27 days ago on techdirt
Hollywood's efforts to win political clout have always stretched across the country, from glitzy campaign fundraisers in Beverly Hills to cocktail parties with power brokers in Washington. Last year, the film industry staked out another zone of influence: U.S. embassies. Its lobbying arm paid to renovate screening rooms in at least four overseas outposts, hoping the new theaters would help ambassadors and their foreign guests "keep U.S. cultural interests top of mind," according to an internal email. That was the same year that the Motion Picture Association of America, which represents the six biggest studios, reported it was lobbying the State Department on issues including piracy and online content distribution. Hollywood's interests – including its push for tougher copyright rules in the Trans-Pacific Partnership trade pact – often put the industry at odds with Silicon Valley. The only public indication of the embassy-theater initiative was a February 2015 press release from American officials in Madrid, titled "U.S. Embassy Launches State-of-the-Art Screening Room." It credited "a generous donation" from the MPAA. Asked about its gifts to the State Department, the lobby group declined to say how many embassies got donations or how much they were worth. "Because film is a great ambassador for U.S. culture around the world, MPAA assisted with the upgrade of some embassy theater facilities," said spokeswoman Kate Bedingfield. "All gifts complied with the law as well as with State Department ethics guidelines." Nicole Thompson, a State Department spokeswoman, said at least three embassies besides Madrid received between $20,000 and $50,000 in entertainment upgrades last year – London, Paris and Rome. The revamped screening rooms, she said, aren't intended to entertain U.S. officials, but rather to help them host screenings to promote an American industry and sow goodwill. Thompson said the donations were proper and that all gifts to the department are reviewed to avoid even the appearance of a conflict of interest. "The department has explicit authorities to accept gifts made for its benefit or for carrying out any of its functions," she said. The State Department routinely accepts gifts from outside groups, Thompson said. She couldn't provide any other examples of major gifts from groups that simultaneously lobby the agency. Thompson declined to list the items given by the MPAA or their total value, and wouldn't say whether the group had made similar gifts in the past. There was at least one precedent. A spokesman for Warner Bros. Entertainment said the studio helped pay for the refurbishment of the screening room at the U.S. ambassador's home in Paris in 2011. "This donation was coordinated with the State Department and complied with all appropriate rules and regulations," the spokesman said. State Department policies posted online specifically permit gifts from individuals, groups or corporations for "embassy refurbishment, " provided that the donors are vetted to ensure there's no conflict or possible "embarrassment or harm" to the agency. The posted policies include no caps on the value of donations, nor any requirements for public disclosure of foreign or American donors. The rules also say that the donations can't come with a promise or expectation of "any advantage or preference from the U.S. Government." Obtaining an advantage, albeit a nonspecific one, sounded like the goal when a Sony Pictures Entertainment official wrote to the studio's chief executive officer, Michael Lynton, to relay a request to fund the screening rooms from Chris Dodd, the former U.S. senator who heads the MPAA. The executive writing the note – Keith Weaver – sought to assure the CEO that such a donation wouldn't be improper. "The rationale being that key Ambassadors will keep U.S. cultural interests top of mind, as they screen American movies for high level officials where they are stationed," reads the message, included in a cache of emails hacked from Sony and which were posted online by the website WikiLeaks. "The cost implication is estimated to be $165k (aggregate of $$$/in-kind) per embassy/per studio. Apparently, donations of this kind are permissible." Besides Sony, the MPAA represents Disney, Paramount, Twentieth Century Fox, Universal Studios and Warner Bros. Entertainment. The e-mails suggest that Sony executives decided against contributing to the project for budget reasons. The MPAA has long been a powerful presence in the nation's capital, spending $1.34 million on federal lobbying last year, according to data compiled by the Center for Responsive Politics. One of its flashier tools has been to host exclusive gatherings at its Washington screening room, two blocks from the White House, where lawmakers get to watch blockbuster films, rub elbows with celebrities, and up until several years ago, enjoy dinner – a perk scuttled because of stricter rules on congressional lobbying. Hollywood studios depend on foreign markets for much of their profit but the MPAA's interests don't always align with those of other major American constituencies. For example, Hollywood studios have moved some film production to Canada to cut costs. American film workers have tried to get the federal government to stop the outsourcing of jobs, but have been met with resistance from the MPAA. The trade group has also pushed federal officials to pressure foreign governments into adopting stricter copyright laws. An MPAA-funded study found that in 2005 worldwide piracy cost American studios $6.1 billion in revenue. That number has been disputed by digital rights advocates. For the TPP trade deal, the MPAA has discouraged the American government from exporting "fair use" protections to other countries. In a hacked message from Dodd to the U.S. Trade Representative, the MPAA chief warned that including such provisions, which in American law allow limited use of copyrighted materials without permission, would be "extremely controversial and divisive." Digital rights activists have characterized the efforts as overzealous. "They're basically encouraging other countries to adopt the most draconian parts of U.S. copyright law and even to reinterpret U.S. copyright law to make it more stringent," said Mitch Stoltz, an attorney for the Electronic Frontier Foundation. "Broadly speaking broadening copyright law harms free speech in many cases by creating a mechanism for censorship." The state-of-the-art screening rooms are a relatively minimal investment by Hollywood as it works to strengthen connections abroad. This spring, the U.S. ambassador to Spain, James Costos, brought a group of foreign officials to Los Angeles for a meeting hosted by the MPAA. Among them were representatives from the Canary Islands, who came prepared to discuss filming opportunities and tax incentives for American studios in the Spanish territory. The State Department touted the trip as an opportunity to "expand bilateral trade and investment, including through ties between the entertainment industries." It's not known whether the path to that particular meeting was eased by the new screening room in Madrid. At the theater's debut in February, the ambassador's guests were treated to a dark tale of corruption, lobbying and double-dealing in Washington – the Netflix series "House of Cards." Republished from ProPublica Related stories: For more coverage of politics and influence, read ProPublica's previous reporting on secret political dealings by Sony, a reversal by the higher ed lobby and an imploding super PAC. ProPublica is a Pulitzer Prize-winning investigative newsroom. Sign up for their newsletter. Permalink | Comments | Email This Story

Read More...