Lawrence Lessig: Citizens Unite: Via Huffington Post.

There has been a growing fury about the Supreme Court's decision in the Citizens United case, but much of that fury hangs upon an odd reading of the Court's opinion. The Court, it is said, has given corporations all the rights of "persons." It has elevated these artificial beings into entities "endowed by their Creator" (us) "with certain unalienable rights," including the right to free speech.

No doubt the Court has a long history of recognizing the "person" in "Inc." But this current wave of criticism is hard to understand, because the Court's entire Citizens United opinion hung upon the fact that the First Amendment says nothing about who or what is to get the benefit of its protection. It simply bans certain kinds of regulation. As Justice Scalia put it in his concurrence: "The Amendment is written in terms of 'speech,' not speakers." Thus, the government is blocked by the First Amendment from constraining the free speech of any entity, whether that entity is a corporation or a dolphin. [ Read more ... ]

Global Internet Freedom and the U.S. Government: Via Freedom to Tinker.

Over the past two weeks I've testified in both the Senate and the House on how the U.S. should advance "Internet freedom." I submitted written testimony for both hearings which can be downloaded in PDF form here and here. Full transcripts will become available eventually but meanwhile you can click here to watch the Senate video and here to watch the House video. In both hearings I advocated a combination of corporate responsibility through the Global Network Initiative backed up by appropriate legislation given that some companies seem reluctant to hold themselves accountable voluntarily; revision of export controls and sanctions; and finally, funding and support for tools, and technologies and activism platforms that will counter-act suppression of online speech.
[ Read more ... ]

To Stop Crime, Share Your Genes: Via NYTimes.com ( Op-Ed Contributor ).

PERHAPS the only thing more surprising than President Obama’s decision to give an interview for “America’s Most Wanted” last weekend was his apparent agreement with the program’s host, John Walsh, that there should be a national DNA database with profiles of every person arrested, whether convicted or not.Emphasis added: Many Americans feel that this proposal flies in the face of our “innocent until proven guilty” ethos, and given that African-Americans are far more likely to be arrested than whites, critics refer to such genetic collection as creating “Jim Crow’s database.”

In truth, however, this is an issue where both sides are partly right. The president was correct in saying that we need a more robust DNA database, available to law enforcement in every state, to “continue to tighten the grip around folks who have perpetrated these crimes.” But critics have a point that genetic police work, like the sampling of arrestees, is fraught with bias. A better solution: to keep every American’s DNA profile on file. [ Read more ... ]

Best Practices for Government Datasets: Wrap-Up: Via Freedom to Tinker.

[This is the fifth and final post in a series on best practices for government datasets by Harlan Yu and me. (previous posts: 1, 2, 3, 4)]

For our final post in this series, we'll discuss several issues not touched on by earlier posts, including data signing and the use of certain non-text file formats. The relatively brief discussions of these topics should not be interpreted as an indicator of their importance. The topics simply did not fit cleanly into earlier posts.

One significant omission from earlier posts is the issue of data signing with digital signatures. Before discussing this issue, let's briefly discuss what a digital signature is. Suppose that you want to email me an IOU for $100. Later, I may want to prove that the IOU came from you—it's of little value if you can claim that I made it up. Conversely, you may want the ability to prove whether the document has been altered. Otherwise, I could claim that you owe me $100,000. [ Read more ... ]

Wanted: Trust Detector: Via Schneier on Security.

It's good to dream:

IARPA's five-year plan aims to design experiments that can measure trust with high certainty -- a tricky proposition for a psychological study. Developing such experimental protocols could prove very useful for assessing levels of trust within one-on-one talks, or even during group interactions.

A second part of the IARPA proposal might involve using new types of sensors and software to gauge human facial, language or body signals that might help predict trustworthiness. Perhaps facial recognition technology that could deduce emotions or facial tics might help, not to mention better lie detectors.

IARPA is the Intelligence Advanced Research Projects Activity, the U.S. intelligence community's answer to DARPA.

Read Original Article:(Via Schneier on Security.)

New "Smart Meters" for Energy Use Put Privacy at Risk: Via EFF.org Updates.

The ebb and flow of gas and electricity into your home contains surprisingly detailed information about your daily life. Energy usage data, measured moment by moment, allows the reconstruction of a household's activities: when people wake up, when they come home, when they go on vacation, and maybe even when they take a hot bath.

California's PG&E is currently in the process of installing "smart meters" that will collect this moment by moment data—750 to 3000 data points per month per household—for every energy customer in the state. These meters are aimed at helping consumers monitor and control their energy usage, but right now, the program lacks critical privacy protections.

That's why EFF and other privacy groups filed comments with the California Public Utilities Commission Tuesday, asking for the adoption of strong rules to protect the privacy and security of customers' energy-usage information. Without strong protections, this information can and will be repurposed by interested parties. It's not hard to imagine a divorce lawyer subpoenaing this information, an insurance company interpreting the data in a way that allows it to penalize customers, or criminals intercepting the information to plan a burglary. Marketing companies will also desperately want to access this data to get new intimate new insights into your family's day-to-day routine–not to mention the government, which wants to mine the data for law enforcement and other purposes. [ Read more ... ]

Privacy Protection Needed as Smart Grid Arrives / Groups Urge California PUC to Adopt Rules to Protect Consumer Privacy: Via CDT.

SAN FRANCISCO – Privacy advocates are warning that "smart meters" intended to precisely measure and control home electrical consumption could erode the privacy of daily life unless regulators limit data collection and disclosure. In a joint filing yesterday, the Center for Democracy & Technology (CDT) and the Electronic Frontier Foundation (EFF) urged the California Public Utilities Commission (PUC) to adopt rules to protect the privacy and security of consumers’ energy-usage information. The Samuelson Law, Technology & Public Policy Clinic at UC Berkeley School of Law drafted the comments for CDT.

Joint CDT - EFF Comments to California Public Utilities Commission

More information about privacy and the smart grid

California’s Smart Grid Initiative

Read Original Article:(Via CDT.)

The majestic petulance of John Roberts: Via Salon: Glenn Greenwald.

The petulance and sense of self-importance on display here is quite something to behold:

U.S. Supreme Court Chief Justice John Roberts said Tuesday the scene at President Obama's State of the Union address was "very troubling" . . . . Obama chided the court, with the justices seated before him in their black robes, for its decision on a campaign finance case. . . . Responding to a University of Alabama law student's question, Roberts said anyone was free to criticize the court, and some have an obligation to do so because of their positions.
"So I have no problems with that," he said. "On the other hand, there is the issue of the setting, the circumstances and the decorum.
"The image of having the members of one branch of government standing up, literally surrounding the Supreme Court, cheering and hollering while the court -- according the requirements of protocol -- has to sit there expressionless, I think is very troubling."

The N.Y.P.D. Is Watching Certain People: Via NYTimes.com .

From 2004 through 2009, in a policy that has gotten completely out of control, New York City police officers stopped people on the street and checked them out nearly three million times, frisking and otherwise humiliating many of them.

Upward of 90 percent of the people stopped are completely innocent of any wrongdoing. And yet the New York Police Department is compounding this intolerable indignity by compiling an enormous and permanent computerized database of these encounters between innocent New Yorkers and the police.

Not only are most of the people innocent, but a vast majority are either black or Hispanic. There is no defense for this policy. It’s a gruesome, racist practice that should offend all New Yorkers, and it should cease. [ Read more ... ]

Major ISPs Help Fund BitTorrent User Tracking Research: Via Slashdot YRO.

An anonymous reader writes "I was scanning conference proceedings to come up with ideas for a reading group I run at my workplace, and I noticed an interesting paper from the new IEEE WIFS forensics conference. Researchers from the University of Colorado have published a technique for tracking BitTorrent users (PDF) by joining and actively probing torrent swarms using low-cost cloud computing services. They claim their methods allowed them to monitor the entire Pirate Bay torrent set for as little as $13/mo using EC2. But that's not even the interesting part. Their work appears to have been 'funded in part through gifts from PolyCipher' — a broadband ISP consortium. That's right; three major national ISPs funded this round of BitTorrent tracking research, not the MPAA/RIAA. Could this be evidence of ISP support for ACTA and a global three-strikes law?"

Read Original Article:(Via Slashdot.)

Six Types of Social Spammers: Via Search Engine Journal.

I hate spammers, and I’m 100% certain other people do too. Everyone at some point in time has had some type of experience with spammers. But you almost have to admire these individuals, almost. The techniques used are as varied as the outlets in which they are unleashed. During my thirteen years of internet exposure, I’ve had the displeasure of running into six types of spammers.

Read Original Article:(Via Search Engine Journal.)

Correcting Errors and Making Changes: Via Freedom to Tinker.

[This is the fourth post in a series on best practices for government datasets by Harlan Yu and me. (previous posts: 1, 2, 3)]

Even cautiously edited datasets sometimes contain errors, and even meticulously produced schemas require refinement as circumstances change. While errors or changes create inconvenience for developers, most developers appreciate and prepare for their inevitability. Agencies should strive to do the same. A well-developed strategy for fixes and changes can ease their burden on both developers and agencies.

When agencies release data, developers ideally will interact with it in creative new ways. Given datasets containing megabytes to gigabytes of data, novel uses will reveal previously unnoticed errors. Knowledge of these errors benefits the agency as well as other developers using the data, so agencies should take steps to encourage error reporting. Labels in a dataset allow developers to specify errors efficiently and unambiguously. An easy-to-find channel for reporting errors, such as a prominently provided email address or web form, is also critical. Tracking down the contact information of the person responsible for a dataset can be difficult, and a well-known channel reduces this barrier to feedback. [ Read more ... ]

Thousands Sign Petition Protesting Net Neutrality Loopholes for Copyright Enforcement: Via EFF.org Updates.

San Francisco - The Electronic Frontier Foundation (EFF) submitted a petition signed by more than 7000 people to the Federal Communications Commission (FCC) today demanding that the agency close a loophole for copyright enforcement in its proposed regulations for network neutrality.

The petition is part of EFF's reply comments in the FCC's net neutrality rulemaking. The FCC's proposed rules generally prohibit ISPs from discriminating or blocking lawful content, but include a loophole for 'reasonable network management' by ISPs. The proposed rules then define 'reasonable network management" to include measures taken by ISPs to block unlawful content or transmissions. This exception would effectively permit ISPs to violate net neutrality rules and block lawful activities in the name of copyright enforcement.

"We can't afford to let lawful speech become collateral damage in Hollywood's war on copyright infringement," said EFF Senior Staff Attorney Fred von Lohmann. "Net neutrality regulations should not excuse ISPs that interfere with lawful content just because they claim they were acting as copyright cops." [ Read more ... ]

The Weakest Link Redux: Via EFF.org Updates.

We often criticize DMCA takedown abuse here at EFF, but last week's Cryptome snafu highlights another facet of the problem: how a DMCA takedown for one item can result in the removal of lots of lawful material.

To recap, Cryptome posted Microsoft’s global criminal compliance manual. Microsoft sent a DMCA takedown notice to Cryptome’s domain name registrar and web hosting provider, Network Solutions, alleging that the post infringed copyright. Under the DMCA, a web hosting provider is protected from copyright infringement liability if, among other things, it “expeditiously” disables access to material properly identified in a DMCA takedown notice. Network Solutions asked Cryptome to remove the Microsoft compliance manual. Cryptome refused explaining that the document was posted in order to help the public better understand Microsoft's practices, and followed up with a DMCA counternotice. Network Solutions promptly shut down the entire Cryptome website. Thus, a complaint about a single document caused significant collateral damage to the perfectly legal material on Cryptome. [ Read more ... ]

The Score on USA Patriot Act: Via Blog of Rights: Official Blog of the American Civil Liberties Union.

"We've come to love our fears more than we love our freedoms," Rep. Dennis Kucinich (D-Ohio) mused on the House floor just before that chamber voted 315-97 (with 20 members not voting) to reauthorize the USA Patriot Act without any changes for yet another year.

By now, you know the stakes — the tweaks that could have been made to guarantee that Patriot powers are used only against suspected terrorists or spies and to mandate continued reporting to ensure that we actually learn about current and future Patriot abuses. Many of these fixes were, in fact, included in prior iterations of Patriot reauthorization bills introduced in both the House and the Senate.

As Rep. Jane Harman (D-Calif.) pointed out to her colleagues, "I think we are missing an opportunity. There are good ideas in this House about how to curb the abuses with national security letters, how to clarify that roving wiretaps are limited to a single identifiable target, and how to eliminate the lone wolf provision which has never been used and for which existing title III authority can suffice. Those ideas have been the subject of hearings in the Judiciary Committee, but they're not being debated on this floor . . . I think this is a real missed opportunity." [ Read more ... ]

U.S. Security Agencies Begging for a Cybersecurity "Cold War": Via Blog of Rights: Official Blog of the American Civil Liberties Union.

(Originally posted on Huffington Post.)

So the U.S. security establishment is salivating at the prospect of a new cybersecurity "Cold War." In an over-the-top op-ed in Tuesday's Washington Post, Mike McConnell issues a declaration that we are "fighting a cyber war today" and compares it to the nuclear showdown with the Soviets. McConnell exemplifies the security establishment as much as anyone — former director of the National Security Agency (NSA), former Director of National Intelligence, and currently executive vice president at Booz Allen Hamilton, a private-sector refuge for former U.S. intelligence officials (and a company that stands to make large sums from consulting on cybersecurity). [ Read more ... ]

Unintended Consequences: 12 Years Under the DMCA: Via EFF.org Updates.

EFF today released Unintended Consequences: 12 Years Under the DMCA. This is the sixth update to the report, which aims to catalog all the reported instances where the DMCA's ban on tampering with DRM have been abused to stymie fair use, free speech, and competition, rather than to attack "piracy."

Congress enacted the DMCA's ban on bypassing DRM at the urging of entertainment industry lobbyists who argued that DRM backed by law would quell digital copyright infringement. Of course, 12 years later, that exactly hasn't worked out. Nor is it likely to ever work out. But lots of industries have recognized that these provisions of the DMCA are good for other things—like impeding scientific research and legitimate competition. The Unintended Consequences report collects these stories, including oldies like Lexmark's effort to block toner cartridge refilling and new cases like the lawsuit against RealDVD. [ Read more ... ]

Cyberwar Hype Intended to Destroy the Open Internet: Via Threat Level.

The biggest threat to the open internet is not Chinese government hackers or greedy anti-net neutrality ISPs, it’s Michael McConnell, the former director of national intelligence.

McConnell’s not dangerous because he knows anything about SQL injection hacks, but because he knows about social engineering:  McConnell is the nice-seeming guy who is willing and able to use fear-mongering to manipulate the federal bureaucracy for his own ends, while coming off like a straight shooter to those not in the know.

When he was head of the country’s national intelligence, he scared President Bush with visions of e-doom, prompting the president to sign a comprehensive secret order that unleashed tens of billions of dollars into the military’s black budget so they can start making firewalls and malware into military equipment. And now McConnell, back safely in civilian life as a vice president at the secretive defense contracting giant Booz Allen Hamilton, is out in front of Congress and the media, peddling the same Cybaremaggedon! gloom.

And now he says we need to re-engineer the internet. [ Read more ... ]

Deceptively simple Patriot Act extension - a giant blow: Via LibraryLaw Blog.

By now you've heard that the Patriot Act provisions that were due to sunset Feb. 28, 2010 have been extended until Feb. 28, 2011. It sounds deceptively simple, a mild one-year extension.

But it's not. It undoes months, no years of work to add a few checks and balances to better extension bills. I will write up a longer post very soon, but the thrust of it is that we are stuck with an unchanged Sect. 215, often called "the library records" provision, a broad authority that doesn't require particularized suspicion.

Far worse, to my mind, is what's NOT included in this extension. Small but important reforms to the National Security Letter (NSL) provisions were riding on more favorable extension bills. The NSL provisions do not sunset, and the momentum to reform them vanishes with the straight-up one-year sunset extension.

Read Original Article:(Via LibraryLaw Blog.)

Government Datasets That Facilitate Innovation: Via Freedom to Tinker.

[This is the first post in a series on best practices for government datasets by Harlan Yu and me.]

There's a growing consensus that the government can increase its openness and transparency by publishing its raw data in bulk online. As several Freedom to Tinker contributors argued in Government Data and the Invisible Hand, publishing data empowers third party software developers to produce innovative new technologies that engage citizens and illuminate government's inner workings. With the establishment of Data.gov and the federal Open Government Initiative, federal agencies are quickly embracing a culture of machine-readable data release, and many states and municipalities are now following their lead.

But how usable are these datasets for developers? The answer lies primarily in the structure and contents of the datasets themselves. While all data in digital form is technically machine-readable in some sense, the ease of use for machine-readable datasets can vary widely. [ Read more ... ]

CDT Issues Report Recommending Privacy Guidelines for Digital Signage Industry: Via CDT - Center for Democracy & Technology.

Washington -- On Monday, the Center for Democracy & Technology (CDT) released a report that includes a set of privacy recommendations for the rapidly growing digital signage industry.  The report focuses on the industry's adoption of identification and interactivity technologies such as facial recognition, mobile marketing, social networking, RFID tracking and license plate scanners.

The recommendations in CDT's report, "Building The Digital-Out-Of-Home Privacy Infrastructure," are based on the widely accepted Fair Information Practices (FIPs). [ Read more ... ]

The Eternal Value of Privacy: Via Bruce Schneier's personal blog .

The most common retort against privacy advocates -- by those in favor of ID checks, cameras, databases, data mining and other wholesale surveillance measures -- is this line: "If you aren't doing anything wrong, what do you have to hide?"

Some clever answers: "If I'm not doing anything wrong, then you have no cause to watch me." "Because the government gets to define what's wrong, and they keep changing the definition." "Because you might do something wrong with my information." My problem with quips like these -- as right as they are -- is that they accept the premise that privacy is about hiding a wrong. It's not. Privacy is an inherent human right, and a requirement for maintaining the human condition with dignity and respect.

Two proverbs say it best: Quis custodiet custodes ipsos? ("Who watches the watchers?") and "Absolute power corrupts absolutely." [ Read more ... ]

In Italian Google Case, American and European Ideas of Privacy Collide: Via NYTimes.com .

“On the Internet, the First Amendment is a local ordinance,” said Fred H. Cate, a law professor at Indiana University. He was talking about last week’s ruling from an Italian court that Google executives had violated Italian privacy law by allowing users to post a video on one of its services.

In one sense, the ruling was a nice discussion starter about how much responsibility to place on services like Google for offensive content that they passively distribute.

But in a deeper sense, it called attention to the profound European commitment to privacy, [ Read more ... ]

SSRN-Privacy in the Digital Age: Fact or Fiction?: Via SSRN John H. Nugent Texas Woman's University School of Management.

Abstract:     
This paper examines the history, drivers, issues, and various legal approaches to protecting privacy (unified and sector) with a focus on the United States, and to a large degree on data privacy. A determination is made whether either approach affords the individual privacy in the digital age. The paper examines specific risks as well as fundamental challenges facing the privacy paradigm

Read Original Article:(Via John H. Nugent Texas Woman's University School of Management.)