Domain Names Can't Defend Themselves: Via Freedom to Tinker.

Today, the Kentucky Supreme Court handed down an opinion in the saga of Kentucky vs. 141 Domain Names (described a while back here on this blog). Here's the opinion.

This case is fascinating. A quick recap: Kentucky attempted a property seizure of 141 domain names allegedly involved in gambling on the theory that the domain names themselves constituted "gambling devices" under Kentucky law and were therefore illegal. The state held a forfeiture hearing where anyone with an interest in the "property" could show up to defend their interest in the property; otherwise, the State would order the registrars to transfer "ownership" of the domain names to Kentucky. No individual claiming that they own one of the domain names showed up. Litigation began when two industry associations (iMEGA and IGC) claimed to represent unnamed persons who owned these domain names (and another lawyer showed up during litigation claiming representation of one specific domain name). [ Read more ... ]

Hooking Up The Big Brother Machine... And Fighting It: Via EFF.org Updates.

Here's a movie pitch: One lone telecommunications technician, going about his ordinary daily work in San Francisco, begins to realize things aren't quite what they seem. There's a "secret room" downstairs, and ordinary employees aren't allowed to enter it. Coworkers — almost casually! — remark that a government spy agency is involved, that similar facilities are being built across the country, that some of them are stamped with the government's ominous eye-and-pyramid "Total Information Awareness" logo.

Soon, the plot thickens. Mundane technical procedures produce startling revelations. He stumbles on a document that suggests the room contains a supercomputer designed to data-mine phone calls and Internet traffic. And, indeed, he soon realizes that the room is sucking up copies of electronic communications from millions of random Americans.

All this in the early 2000s, when "the political atmosphere in the country after 9/11 had a witchhunt feel to it, and even modest criticism of the administration was getting painted as disloyalty or worse."

What happens to our hero when he finally decides to go public? [ Read more ... ]

EFF Asks Illinois Appellate Court to Block Unmasking of Anonymous Online Critic: Via EFF.org Updates.

Chicago - The Electronic Frontier Foundation (EFF) and the Media Freedom and Information Access Practicum (MFIA) at Yale Law School filed a friend-of-the-court brief today urging the Illinois Court of Appeals to block the unmasking of an anonymous online critic of a local political candidate.

The critic, commenting on a story on the website of a suburban Chicago newspaper called the Daily Herald, engaged in a heated debate with other commenters. One turned out to be the son of the village trustee candidate in Buffalo Grove, Illinois, who was discussed in the article. The candidate, Lisa Stone, who eventually won her race, asked a state court to order the newspaper to release the critic's name and address without appropriately showing that the statements directed towards her son were defamatory or otherwise illegal. Stone indicated that she may choose to subsequently file a lawsuit once she determines the critic's identity through the pre-complaint procedure.

"Because of the enormous potential for abuse, the First Amendment requires litigants to demonstrate that they have a legitimate case before they can use the courts to unmask anonymous online critics," said EFF Senior Staff Attorney Matt Zimmerman. "Insults are not enough, especially when the conversation takes place in the context of a political campaign." [ Read more ... ]

Who You Love Shouldn't Matter When You Serve: Via Blog of Rights: Official Blog of the American Civil Liberties Union.

Jene Newsome served nine years in the Air Force. She was recently discharged under the "Don't Ask, Don't Tell" policy after she was outed by South Dakota's Rapid City Police Department.

On November 20, 2009, the Rapid City Police Department came to serve a warrant on Jene Newsome's wife. Jene and her wife, Cheryl, were just married in Iowa a few weeks before the police came knocking on their door.

When the police entered the house, they saw the marriage certificate sitting on the kitchen table. The marriage certificate didn't have anything to do with Cheryl's arrest; one of the officers just saw it as an opportunity to out Jene and end her career. [ Read more ... ]

EFF Posts Documents Detailing Law Enforcement Collection of Data From Social Media Sites: Via EFF.org Updates.

EFF has posted documents shedding light on how law enforcement agencies use social networking sites to gather information in investigations. The records, obtained from the Internal Revenue Service and Department of Justice Criminal Division, are the first in a series of documents that will be released through a Freedom of Information Act (FOIA) case that EFF filed with the help of the UC Berkeley Samuelson Clinic.

One of the most interesting files is a 2009 training course that describes how IRS employees may use various Internet tools -- including social networking sites and Google Street View -- to investigate taxpayers. [ Read more ... ]

Smackdown: Consumer Privacy vs. Advertiser Revenue: Via CDT - Center for Democracy & Technology..

I attended Smackdown: Consumer Privacy vs. Advertiser Revenue and was expecting to hear good discussion about how advertising and targeting firms are battling with privacy groups to meet the needs of the consumer. I was a little disappointed in how little representation from the privacy end there was in the room. The panel opened with moderator Alan Chapell from BlueKai asking whom in the room represented the business side of consumer data and who was from the advocacy end. I was one of three people representing the advocacy end.

The talk began with defining what data they were talking about as panelists tiptoed around exactly what data is being taken by marketers and commented that nothing used is personally identifiable and is used to tailor a better online experience; however, the panel didn’t really discuss one of the most important questions of user data being used for marketing - how long this data is kept and stored?

Discussion from the panelists turned to how advertisers can adapt their industry practices and data practices in the changing legislative environment. The FTC’s public roundtables, in which CDT participated, were discussed as was legislation in Congress being proposed by Rep. Boucher. [ Read more ... ]

Secret Document Calls Wikileaks ‘Threat’ to U.S. Army: Via Threat Level.

Wikileaks presents a “threat to the U.S. Army” and publishes “potentially actionable information” for targeting military personnel, according to a classified intelligence report posted Monday on the whistleblowing site.

The 32-page report entitled Wikileaks.org – An Online Reference to Foreign Intelligence Services, Insurgents, or Terrorist Groups? (.pdf) indicates the government’s concern that “current employees or moles” within the Defense Department or the U.S. government “are providing sensitive or classified information to Wikileaks.” To stop this, the 2008 report had suggested a campaign to expose and punish those who leak to the site, which was founded in 2007 by Chinese dissidents, journalists and mathematicians.

“Wikileaks.org uses trust as a center of gravity by assuring insiders, leakers, and whistleblowers who pass information to Wikileaks.org personnel or who post information to the website that they will remain anonymous,” according to the report. “The identification, exposure, or termination of employment of or legal actions against current or former insiders, leakers, or whistleblowers could damage or destroy this center of gravity and deter others from using Wikileaks.org to make such information public.” [ Read more ... ]

EFF to Urge True Transparency in Congressional Hearing Thursday: Via EFF.org Updates.

Washington, D.C. - On Thursday, March 18, at 2 p.m., members of the U.S. House of Representatives Oversight and Government Reform Committee will hold a public hearing on the Freedom of Information Act (FOIA) and the Obama administration compliance with transparency law. The hearing comes as transparency advocates celebrate Sunshine Week, the annual celebration of our nation's open government laws that features numerous events measuring the progress made in combating official secrecy.

Senior Counsel David Sobel of the Electronic Frontier Foundation (EFF) will testify at Thursday's hearing, urging the White House to fulfill its promises for open government. Despite President Obama's order to government agencies last year to renew their commitment to FOIA, EFF and other organizations still see delays in releasing relevant documents, excuses for not releasing other records, and excessive redactions, among other needless secrecy. [ Read more ... ]

Global Internet Freedom and the U.S. Government: Via Freedom to Tinker.

Over the past two weeks I've testified in both the Senate and the House on how the U.S. should advance "Internet freedom." I submitted written testimony for both hearings which can be downloaded in PDF form here and here. Full transcripts will become available eventually but meanwhile you can click here to watch the Senate video and here to watch the House video. In both hearings I advocated a combination of corporate responsibility through the Global Network Initiative backed up by appropriate legislation given that some companies seem reluctant to hold themselves accountable voluntarily; revision of export controls and sanctions; and finally, funding and support for tools, and technologies and activism platforms that will counter-act suppression of online speech.
[ Read more ... ]

EFF Experts to Speak at Privacy Roundtable in Washington, D.C.: Via EFF.org Updates.

Washington, D.C. - On Wednesday, March 17, the Federal Trade Commission (FTC) is hosting its final public roundtable on technology privacy challenges in Washington, D.C. Two experts from the Electronic Frontier Foundation (EFF) are taking part.

EFF Senior Staff Technologist Peter Eckersley and EFF Boardmember Edward W. Felten will discuss "Internet Architecture and Privacy" at the first panel of the day. Later panels will cover health information privacy and issues around other sensitive information, as well as lessons learned so far and future plans for privacy protection.

For more information on attending the roundtable including a full agenda, visit http://www.ftc.gov/bcp/workshops/privacyroundtables/index.shtml

WHAT:
FTC Roundtable "Internet Architecture and Privacy"

WHEN:
Wednesday, March 17
9:15 a.m. [ Read more ... ]

The Beginning of the End of Data Retention: Via EFF.org Updates.

Last week, the German Constitutional Court issued a much-anticipated decision, striking down its data retention law as violating human rights. It was an important victory for Europe’s Freedom Not Fear movement, which was formed to oppose the EU Data Retention Directive. But it was also a reminder of the political work which remains to be done to defeat it.

When the European Union first passed the Data Retention Directive in 2006, despite a hard-fought campaign by European activists, it seemed like the beginning of the end for Internet privacy. The directive sought to require telecommunications service providers operating in Europe to retain a detailed history of each of their customers' activity for up to 2 years for possible use by law enforcement; including phone calls made and emails sent and received.

The response from European citizens was swift and outraged. Under the banner of Freedom Not Fear, mass protests were held in cities all across Europe and beyond. [ Read more ... ]

Wanted: Trust Detector: Via Schneier on Security.

It's good to dream:

IARPA's five-year plan aims to design experiments that can measure trust with high certainty -- a tricky proposition for a psychological study. Developing such experimental protocols could prove very useful for assessing levels of trust within one-on-one talks, or even during group interactions.

A second part of the IARPA proposal might involve using new types of sensors and software to gauge human facial, language or body signals that might help predict trustworthiness. Perhaps facial recognition technology that could deduce emotions or facial tics might help, not to mention better lie detectors.

IARPA is the Intelligence Advanced Research Projects Activity, the U.S. intelligence community's answer to DARPA.

Read Original Article:(Via Schneier on Security.)

Wikibooks Cryptography Textbook: Via Schneier on Security.

Over at Wikibooks, they're trying to write an open source cryptography textbook.

Read Original Article:(Via Schneier on Security.)

Hi-tech governments growing keener on snooping, says report | Pinsent Masons LLP: Via Pinsent Masons LLP at Out-Law.com .

Western industrial countries are becoming more willing to spy on their citizens, according to an analysis of snooping that says that the UK is sixth in a world ranking for electronic state surveillance.

Privacy technology company CryptoHippie has produced its second annual report on surveillance trends and says in it that countries that previously showed restraint in their monitoring of individuals have lost some of that self-control.

"When we produced our first Electronic Police State report, the top ten nations were of two types: those that had the will to spy on every citizen, but lacked ability [and] those who had the ability, but were restrained in will," it said in its 2010 report. "This is changing: the able have become willing and their traditional restraints have failed." [ Read more ... ]

Better U.S. Net Rules for Iran, Cuba and Syria: Via EFF.org Updates.

The Treasury's Office of Foreign Assets Control (OFAC) announced on Monday key amendments to the regulation of United States sanctions against Cuba, Iran and Sudan.

The new provisions give a blanket license for the export of "certain services and software incident to the exchange of personal communications over the Internet, such as instant messaging, chat and email, social networking, sharing of photos and movies, web browsing, and blogging, provided that such services are publicly available at no cost to the user."

This clarification is just what EFF called for last June, and will go a long way to allay concerns that online service providers based in the U.S. cannot offer their services in those countries. Previously, despite the well-known freedom-enhancing capabilities of services like Twitter and Facebook in repressive regimes like Iran, it was unclear whether those companies could even offer their services there without falling foul of the United State's broad prohibition on the export of goods and services to these regimes. [ Read more ... ]

New "Smart Meters" for Energy Use Put Privacy at Risk: Via EFF.org Updates.

The ebb and flow of gas and electricity into your home contains surprisingly detailed information about your daily life. Energy usage data, measured moment by moment, allows the reconstruction of a household's activities: when people wake up, when they come home, when they go on vacation, and maybe even when they take a hot bath.

California's PG&E is currently in the process of installing "smart meters" that will collect this moment by moment data—750 to 3000 data points per month per household—for every energy customer in the state. These meters are aimed at helping consumers monitor and control their energy usage, but right now, the program lacks critical privacy protections.

That's why EFF and other privacy groups filed comments with the California Public Utilities Commission Tuesday, asking for the adoption of strong rules to protect the privacy and security of customers' energy-usage information. Without strong protections, this information can and will be repurposed by interested parties. It's not hard to imagine a divorce lawyer subpoenaing this information, an insurance company interpreting the data in a way that allows it to penalize customers, or criminals intercepting the information to plan a burglary. Marketing companies will also desperately want to access this data to get new intimate new insights into your family's day-to-day routine–not to mention the government, which wants to mine the data for law enforcement and other purposes. [ Read more ... ]

The Limits of Identity Cards: Via Schneier on Security.

Good legal paper on the limits of identity cards: Stephen Mason and Nick Bohm, "Identity and its Verification," in Computer Law & Security Review, Volume 26, Number 1, Jan 2010.

Those faced with the problem of how to verify a person's identity would be well advised to ask themselves the question, 'Identity with what?' An enquirer equipped with the answer to this question is in a position to tackle, on a rational basis, the task of deciding what evidence will be useful for the purpose. Without the answer to the question, the verification of identity becomes a sadly familiar exercise in blind compliance with arbitrary rules.

Read Original Article:(Via Schneier on Security.)

Privacy Protection Needed as Smart Grid Arrives / Groups Urge California PUC to Adopt Rules to Protect Consumer Privacy: Via CDT.

SAN FRANCISCO – Privacy advocates are warning that "smart meters" intended to precisely measure and control home electrical consumption could erode the privacy of daily life unless regulators limit data collection and disclosure. In a joint filing yesterday, the Center for Democracy & Technology (CDT) and the Electronic Frontier Foundation (EFF) urged the California Public Utilities Commission (PUC) to adopt rules to protect the privacy and security of consumers’ energy-usage information. The Samuelson Law, Technology & Public Policy Clinic at UC Berkeley School of Law drafted the comments for CDT.

Joint CDT - EFF Comments to California Public Utilities Commission

More information about privacy and the smart grid

California’s Smart Grid Initiative

Read Original Article:(Via CDT.)

The Botnet Challenge: by CDT Via Comcast Voices | The Official Comcast Blog.

Editor's Note: Our thanks to Leslie Harris, President and CEO, Center for Democracy & Technology, for writing this guest blog post about botnets.

Botnets are armies of computers that criminals have infected with malicious software so they can control them to remotely to steal information, launch denial-of-service attacks, spread malware and host illegal content. Botnets are one of the most serious threats to Internet security today. They have compromised untold millions of computers – and even DSL routers – worldwide. The Conficker worm alone has infected up to 15 million consumer, business and government computers into a massive botnet in a little over two years.

Botnet armies are built on the computers of regular Internet users who have no idea that their PCs have been compromised and are being used for malicious purposes. In fact, botnets depend on users’ ignorance in order to stay operational. At the same time, the spam, phishing, and denial-of-service attacks that botnets perpetrate may have little or no impact on the compromised users or their ISPs, while wreaking havoc on faraway users connected to entirely different networks. [ Read more ... ]

Supreme Court Takes ‘Informational Privacy’ Case: Via Threat Level.

The U.S. Supreme Court is agreeing to decide how much personal information the federal bureaucracy may acquire on its workers.

The justices, without comment, decided Monday to review a lower-court decision surrounding the concept of so-called “informational privacy.” The 9th U.S. Circuit Court of Appeals in San Francisco struck down intrusive background checks last year on nearly three dozen National Aeronautics and Space Administration contractors as being too invasive — calling them an unconstitutional, “broad inquisition.”

The checks sought information from any source surrounding their sex lives, finances and even drug use. The contractors being investigated were not privy to classified information. [ Read more ... ]

"Your Papers, Please!" - Get Your Fingerprints Ready! Cross-Party Senate Alliance Pushing National ID Card: Via Lauren Weinstein's Blog.

Greetings. According to the Wall Street Journal, U.S. Senate immigration reform advocates Chuck Schumer and Lindsey Graham are proposing a mandatory biometric (e.g. fingerprint-based) National ID Card system, and are attempting to brush away privacy concerns as trivial and irrelevant.

Touted as "merely" a "right-to-work" card aimed at addressing illegal immigration concerns, there's simply no fast-talking around the fact that this plan will set in motion a massive national ID infrastructure that will ultimately penetrate every aspect of our lives. Anyone who suggests otherwise is -- sorry to say -- either a liar or a fool. [ Read more ... ]

All Your Apps Are Belong to Apple: The iPhone Developer Program License Agreement: Via EFF.org Updates.

The entire family of devices built on the iPhone OS (iPhone, iPod Touch, iPad) have been designed to run only software that is approved by Apple—a major shift from the norms of the personal computer market. Software developers who want Apple's approval must first agree to the iPhone Developer Program License Agreement.

So today we're posting the "iPhone Developer Program License Agreement"—the contract that every developer who writes software for the iTunes App Store must "sign." Though more than 100,000 app developers have clicked "I agree," public copies of the agreement are scarce, perhaps thanks to the prohibition on making any "public statements regarding this Agreement, its terms and conditions, or the relationship of the parties without Apple's express prior written approval." But when we saw the NASA App for iPhone, we used the Freedom of Information Act (FOIA) to ask NASA for a copy, so that the general public could see what rules conrolled the technology they could use with their phones. NASA responded with the Rev. 3-17-09 version of the agreement (it has reportedly been revised somewhat since—please send us the current version if you are able). [ Read more ... ]

The Cell Phone Network: Law Enforcement's Surveillance Dream: Via Blog of Rights: Official Blog of the American Civil Liberties Union.

Yesterday, WNYC's On the Media (OTM) profiled our cell phone tracking case. In this case, the ACLU, Center for Democracy and Technology and the Electronic Frontier Foundation (EFF) asked the court to require that the government at least show probable cause before it can ask a wireless provider to fork over information about your whereabouts using GPS or cell tower tracking via your cell phone. We won in the district court (PDF); the government appealed that decision to the 3rd Circuit. [ Read more ... ]

International Women's Day: A Celebration of a World Advancing Women's Human Rights: Via Blog of Rights: Official Blog of the American Civil Liberties Union.

Every year on March 8, we celebrate the triumphs and struggles of women around the world. In my home country of Australia, the day is always special — and it's not unusual for a stranger to wish you a "happy women's day!" on your way to work. For the past 10 years or so my friends and I have made it a ritual to get up ridiculously early to mark the occasion with a women's breakfast. I always leave these events inspired by the past achievements that we as young women benefit from, and filled with a sense of purpose for the work that is still yet to be done. [ Read more ... ]

Funeral Flap: Justices Weigh Religion, Speech Rights: Via Threat Level.

The Supreme Court agreed Monday to delve into the sensitive question of whether the First Amendment protects anti-gay protesters carrying placards outside military funerals saying “America is Doomed,” “Thank God for 9/11″ and other volatile phrases like “Thank God for dead soldiers.”

The messages and picketing are part of a Kansas church’s belief that the United States’ tolerance for homosexuality is cause for soldiers’ deaths in Iraq and Afghanistan.

The case the justices decided to review Monday tests the boundaries of free speech versus freedom of religion — doctrines embodied in the First Amendment.

Without comment, the justices agreed to review last year’s federal appellate decision overturning a $5 million verdict (.pdf) in favor of a Baltimore father who sued the Westboro Baptist Church of Topeka and its pastor, Fred Phelps, in 2006. The father of Marine Lance Cpl. Matthew Snyder was awarded damages for, among other things, invasion of privacy and emotional distress for the events that occurred outside his son’s funeral at a Catholic church in Maryland. [ Read more ... ]