CDT, EFF and PK File Brief in Ringtones Case: Via Center for Democracy and Technology.

CDT, the Electronic Frontier Foundation, and Public Knowledge filed a "friend of the court" brief on Wednesday opposing efforts by the music licensing organization ASCAP to impose additional licensing payments on providers of musical ringtones for mobile phones. The brief urges the court to reject ASCAP's argument that ringtones are "public performances" under copyright law simply because a phone may ring when the user happens to be in a public place. ASCAP's position implies that numerous ordinary mobile phone users are copyright infringers and would expand copyright liability in ways that would chill innovation in products far beyond the relatively narrow context of ringtones.

Read Original Article:(Via Center for Democracy and Technology.)

Judge Acquits Lori Drew in Cyberbullying Case, Overrules Jury: Via Threat Level.

LOS ANGELES — A federal judge on Thursday overturned guilty verdicts against Lori Drew, issuing a directed acquittal on three misdemeanor charges.

Drew, 50, was accused of participating in a cyberbullying scheme against 13-year-old Megan Meier who later committed suicide. The case against Drew hinged on the government’s novel argument that violating MySpace’s terms of service was the legal equivalent of computer hacking. But U.S. District Judge George Wu found the premise troubling.

“It basically leaves it up to a website owner to determine what is a crime,” said Wu on Thursday, echoing what critics of the case have been saying for months. “And therefore it criminalizes what would be a breach of contract.”

Tina Meier, the mother of Megan Meier, walked out of the courtroom while Wu was still delivering his ruling. She later told reporters that she was “extremely upset with the decision” and that she left because she “was done listening to” the judge. She indicated that the family is still considering whether to bring a civil case against Drew.  read more »

Enter the Advertisers: Via CDT - PolicyBeta.

Given how much advertising we all see, especially online, you know it means something when the entire advertising industry gets together to make an announcement. Today, the advertising industry, as represented by a cohort of trade associations, joined together to publish their own self-regulatory principles, with an aim toward increasing privacy protection for online behavioral advertising.

It’s encouraging to see the advertisers move into the privacy fray here (although not entirely surprising). For nearly a decade, the self-regulatory space has been dominated by the Network Advertising Initiative, which has historically included only third-party ad networks, which comprise just a small sliver of the industry. But when the FTC issued its own suggested self-regulatory principles earlier this year, the guidance from the agency wasn’t limited to any particular advertising sector. The advertising associations appear to have gotten the message, and have tailored their principles in rough accordance with the FTC’s recommendations.  read more »

Out of business, Clear may sell customer data: Via computerworld.

It would go to a similar provider authorized by the TSA

Three days after ceasing operations, owners of the Clear airport security screening service acknowledged that their database of sensitive customer information may end up in someone else's hands, but only if it goes to a similar provider, authorized by the U.S. Transportation Security Administration.

Until this week, the Clear service had given customers a way to skip long security lines in certain airports. For a $199 annual fee, air travelers could be pre-screened for flight and then use Clear's security checkpoints instead of the TSA's. Clear was run by New York's Verified Identity Pass, which also shut down on Monday.

Customers had to provide personal information, including credit card numbers, fingerprints and iris scans in order to participate in the program. After Clear abruptly shut its doors -- it has not yet declared bankruptcy -- some worried that this data could fall into the wrong hands.  read more »

TSA asked to ensure safety of customer data after Clear closing: Via computerworld.

Transportation security agency given July 8 deadline to explain how private information will be safeguarded

The chairman of the House Committee on Homeland Security has given the Transportation Security Administration until July 8 to explain how the agency plans to ensure the security of private data collected by a recently shuttered company that offered a registered traveler program.

In a letter to the TSA's acting assistant secretary, committee Chairman Bennie Thompson (D-Miss.) expressed his concern over the abrupt closure of Verified Identity Pass Inc.

For a $199 annual fee, New York-based VIP offered a service called Clear that was designed to help air travelers get through airport security checks faster by vetting their identities and backgrounds in advance.  read more »

Supreme Court Serves Up Remote-Recording Victory: Via Threat Level.

The Supreme Court on Monday let stand a copyright case testing whether cable operators may permit customers to store television programming on company servers to be viewed at a later time.

The issue concerns an August ruling by a federal appeals court, which lifted (.pdf) an injunction against Cablevision Systems blocking it from offering customers a recording service that stores programming on the cable company’s own servers instead of on viewers’ in-house playback devices.

Hollywood and television programmers maintained Cablevision’s service directly infringes their exclusive rights to both reproduce and publicly perform their copyrighted works.  read more »

Deep-Packet Inspection in U.S. Scrutinized Following Iran Surveillance: Via Threat Level.

Following a report last week that Iran is spying on domestic internet users with western-supplied technology, advocacy groups are pressuring federal lawmakers to scrutinize the use of the same technology in the U.S.

The Open Internet Coalition sent a letter to all members of the House and Senate urging them to launch hearings aimed at examining and possibly regulating the so-called deep-packet inspection technology.

Two senators also announced plans to introduce a bill that would bar foreign companies that sell IT technology to Iran from obtaining U.S. government contracts, legislation that is clearly aimed at the two European companies that reportedly sold the equipment to Iran.

The Wall Street Journal reported last week that Nokia Siemens Networks, a joint venture between Germany’s Siemens and Finland’s Nokia, recently gave Iran deep-packet inspection equipment that would allow the government to spy on internet users.  read more »

ATM Vendor Halts Researcher’s Talk on Vulnerability: Via Threat Level.

An ATM vendor has succeeded in getting a security talk pulled from the upcoming Black Hat conference after a researcher announced he would demonstrate a vulnerability in the system.

Barnaby Jack, a researcher with Juniper Networks, was to present a demonstration showing how he could “jackpot” a popular ATM brand by exploiting a vulnerability in its software.

Jack was scheduled to present his talk at the upcoming Black Hat security conference being held in Las Vegas at the end of this month.

But on Monday evening, his employer released a statement saying it was canceling the talk due to the vendor’s intervention.  read more »

After Sale, Pirate Bay to Become Cash Cow?: Via Threat Level.

The Pirate Bay has agreed to be sold for $7.7 million, a deal with a Swedish software maker that would ultimately turn the world’s most notorious BitTorrent tracker into a legitimate player.

The move by Global Gaming Factory X AB comes nearly three months after the four co-founders of The Pirate Bay were found guilty of facilitating copyright infringement, and face a year each in prison pending appeals in addition to a $3.6 million fine.

While the site is to discontinue pointing the way to free movies, music, games and software, Global Gaming Factory thinks it can turn The Pirate Bay into a money-making venture.  read more »

Filtering Companies Can’t Be Sued By Blacklisted Firms, Court Rules: Via Threat Level.

A federal appeals court, in the first decision of its kind, said Thursday that companies providing malware, spyware and adware blocking services are immunized by the Communications Decency Act of 1996 from lawsuits claiming unfair business practices.

A three-judge panel of the 9th U.S. Circuit Court of Appeals found that the CDA treats security software makers the same as internet service providers when they block material they find objectionable, granting them so-called “good Samaritan” immunity from civil lawsuits.  Like an ISP, such companies provide an “interactive computer service”  because they pull updates from a central server, the San Francisco-based appeals court said.

“We conclude that a provider of access tools that filter, screen, allow, or disallow content that a provider or user considers obscene, lewd, lascivious, filthy, or excessively violent, harassing or otherwise objectionable is protected from liability,” the court ruled. (.pdf)  read more »

Facebook hires lobbyists to push privacy agenda: Via guardian.co.uk .

Social networking site hopes increase influence with world authorities

Facebook is hiring lobbyists to push its agenda on internet privacy and data sharing in Brussels and Washington, as the social networking site attempts to increase its influence with authorities around the world.

The company has appointed Richard Allan, who was previously the head of European regulatory affairs for the technology giant Cisco, to lead its efforts in lobbying EU governments.

The move to create a dedicated European lobby team comes after the company hired Timothy Sparapani, a former lawyer with the American Civil Liberties Union, as the second member of its Washington operation. Sparapani had previously been linked to campaigns critical of Facebook's targeted advertising systems.  read more »

The Illegal Spying Game, played over and over: Via Salon: Glenn Greenwald.

(updated below)

Ever since The New York Times revealed in December, 2005 that the Bush administration had spent the last four years illegally spying on Americans' communications without warrants, there have been numerous additional revelations of various types of massive illegal government spying.  Yesterday's New York Times article by James Risen and Eric Lichtblau -- reporting that "recent intercepts of the private telephone calls and e-mail messages of Americans are broader than previously acknowledged" -- is but the latest such revelation.  Congress never does anything about these revelations other than enact new laws that increase the government's spying powers still further and gut the few remaining oversight mechanisms that exist (while immunizing the lawbreakers).  All of that compels the conclusion that Congress -- regardless of which party controls it -- is either indifferent to or in favor of this unchecked illegal government spying.  What other conclusion could a rational person possibly reach?  read more »

My Testimony on Behavioral Advertising: Post-Mortem: Via Freedom to Tinker.

On Thursday I testified at a House hearing about online behavioral advertising. (I also submitted written testimony.)

The hearing started at 10:00am, gaveled to order by Congressman Rush, chair of the Subcommittee on Commerce, Trade, and Consumer Protection. He was flanked by Congressman Boucher, chair of the Subcommittee on Communications, Technology, and the Internet , and Congressmen Steans and Radanovich, the Ranking Members (i.e., the highest-ranking Republican members) of the subcommittees.

First on the agenda we had opening statements by members of the committees. Members had either two or five minutes to speak, and the differing perspectives of the members became clear during these statements.  read more »

RFID-Enabled Phones Could Let Credit Card Companies Track Users: Via Wired: Threat Level.

An Ericsson executive says all new mobile phones sold in 2010 will include an RFID chip that will allow owners to open their car or house door with their phone. A handy feature, no doubt, for some people. But the executive says the chip might also be used by credit card companies to track the location of cardholders to cut down on fraud.

Håkan Djuphammar, vice president of systems architecture for Ericsson, speaking at a conference in Stockholm this week, said credit card companies could make use of mobile user location data and IP mapping to determine if the owner of a card is in the same location where a card transaction is taking place.  read more »

How the west built Iran's 'lawful intercept functionality' : Via Technology | guardian.co.uk .  read more »

Iran's Web Spying Aided By Western Technology: Via Wall Street Journal/WSJ.

The Iranian regime has developed, with the assistance of European telecommunications companies, one of the world's most sophisticated mechanisms for controlling and censoring the Internet, allowing it to examine the content of individual online communications on a massive scale.

Interviews with technology experts in Iran and outside the country say Iranian efforts at monitoring Internet information go well beyond blocking access to Web sites or severing Internet connections.

Instead, in confronting the political turmoil that has consumed the country this past week, the Iranian government appears to be engaging in a practice often called deep packet inspection, which enables authorities to not only block communication but to monitor it to gather information about individuals, as well as alter it for disinformation purposes, according to these experts.  read more »

Passenger says TSA agents harassed him: Via CNN.com .

WASHINGTON (CNN) -- Steve Bierfeldt says the Transportation Security Administration pulled him aside for extra questioning in March. He was carrying a pocket edition of the U.S. Constitution and an iPhone capable of making audio recordings. And he used them.

On a recording a TSA agent can be heard berating Bierfeldt. One sample: "You want to play smartass, and I'm not going to play your f**king game."

Bierfeldt is director of development for the Campaign for Liberty, an outgrowth of the Ron Paul presidential campaign. He was returning from a regional conference March 29 when TSA screeners at Lambert-St. Louis (Illinois) International Airport saw a metal cash box in his carry-on bag. Inside was more than $4,700 dollars in cash -- proceeds from the sale of political merchandise like T-shirts and books.  read more »

Shortcuts - Typing In an E-Mail Address, and Giving Up Your Friends’ Too: Via NYTimes.com .  read more »

Editorial - The Eavesdropping Continues - NYTimes.com: Via NYTimes.com .

Once again, the country is learning about how the federal government has been exceeding its legal authority and violating Americans’ most basic rights in the name of fighting terrorism.

In a disturbing article in The Times on Wednesday, James Risen and Eric Lichtblau said that Congressional investigations suggest that the National Security Agency continues to routinely collect Americans’ telephone calls and e-mail messages — perhaps by the millions.

These sweeps seem unconnected to specific terrorism investigations, and the communications are entirely domestic. The law does not allow fishing trips through Americans’ communications and only permits the government to read e-mails or listen to phone calls in which one party is “reasonably believed” to be outside the United States.

The government offered its usual response: Oops.  read more »

TJX Hacker Was Awash in Cash; His Penniless Coder Faces Prison: Via Threat Level.

Accused TJX hacker kingpin Albert Gonzalez called his credit card theft ring “Operation Get Rich or Die Tryin.”

He spent $75,000 on a birthday party for himself and once complained that he had to manually count $340,000 in pilfered $20 bills because his counting machine broke. But while Gonzalez apparently lived high off ill-gotten gains, a programmer who claims he earned nothing from the scheme sits broke and unemployed, his career in shambles, while awaiting sentencing for a piece of software he crafted for his friend.

These and other new details have emerged in court documents filed in the case of 25-year-old Stephen Watt,  a minor participant in what the feds are calling “the largest identity theft in our Nation’s history.”

The documents include a sentencing memorandum filed by prosecutors seeking five years in prison and three years of court supervision for Watt, and a counter-argument from attorneys representing the New York man.  read more »

ISPs must help police snoop on internet under new bill: Via Canadian Broadcasting Centre.

Internet service providers would have to make it possible for police and intelligence officers to intercept online communications and get personal information about subscribers under bills tabled Thursday.  read more »

E-Mail Surveillance Renews Concerns in Congress: Via NYTimes.com.

WASHINGTON — The National Security Agency is facing renewed scrutiny over the extent of its domestic surveillance program, with critics in Congress saying its recent intercepts of the private telephone calls and e-mail messages of Americans are broader than previously acknowledged, current and former officials said.

The agency’s monitoring of domestic e-mail messages, in particular, has posed longstanding legal and logistical difficulties, the officials said.

Since April, when it was disclosed that the intercepts of some private communications of Americans went beyond legal limits in late 2008 and early 2009, several Congressional committees have been investigating. Those inquiries have led to concerns in Congress about the agency’s ability to collect and read domestic e-mail messages of Americans on a widespread basis, officials said. Supporting that conclusion is the account of a former N.S.A. analyst who, in a series of interviews, described being trained in 2005 for a program in which the agency routinely examined large volumes of Americans’ e-mail messages without court warrants. Two intelligence officials confirmed that the program was still in operation.

Both the former analyst’s account and the rising concern among some members of Congress about the N.S.A.’s recent operation are raising fresh questions about the spy agency.  read more »

The Dawning of Internet Censorship in Germany: Via netzpolitik.org .

Germany is on the verge of censoring its Internet: The government – a grand coalition between the German social democrats and conservative party – seems united in its decision: On Thursday the parliament is to vote on the erection of an internet censorship architecture.  read more »

The "Hidden Cost" of Privacy: Via Schneier on Security.

Forbes ran an article talking about the "hidden" cost of privacy. Basically, the point was that privacy regulations are expensive to comply with, and a lot of that expense gets eaten up by the mechanisms of compliance and doesn't go toward improving anyone's actual privacy. This is a valid point, and one that I make in talks about privacy all the time. It's particularly bad in the United States, because we have a patchwork of different privacy laws covering different types of information and different situations and not a single comprehensive privacy law.

The meta-problem is simple to describe: those entrusted with our privacy often don't have much incentive to respect it.  read more »