Paul Hardwick: Law

Canadian Gov't Grants Olympics Ownership of Winter.

Sun, 04 Mar 2007 04:17:34 GMT

Canadian Gov't Grants Olympics Ownership of Winter. An anonymous reader writes "Michael Geist reports that the Canadian government has introduced new legislation that grants Vancouver Olympic organizers broad powers to police the use of any commercial use of the words associated with the Olympics. These incredibly include 'winter, Vancouver, and games.' As Geist notes, the government 'has no time to deal with spam, spyware, privacy, or net neutrality, but commits to legislation on behalf of the organizers of a sporting event?'" [Slashdot: Your Rights Online]

Justice Department takes aim at image-sharing sites | CNET News.com

Sun, 04 Mar 2007 04:12:46 GMT

The Bush administration has accelerated its Internet surveillance push by proposing that Web sites must keep records of who uploads photographs or videos in case police determine the content is illegal and choose to investigate, CNET News.com has learned.

That proposal surfaced Wednesday in a private meeting during which U.S. Department of Justice officials, including Assistant Attorney General Rachel Brand, tried to convince industry representatives such as AOL and Comcast that data retention would be valuable in investigating terrorism, child pornography and other crimes. The discussions were described to News.com by several people who attended the meeting.

A second purpose of the meeting in Washington, D.C., according to the sources, was to ask Internet service providers how much it would cost to record details on their subscribers for two years. At the very least, the companies would be required to keep logs for police of which customer is assigned a specific Internet address.

Only universities and libraries would be excluded, one participant said. "There's a PR concern with including the libraries, so we're not going to include them," the participant quoted the Justice Department as saying. "We know we're going to get a pushback, so we're not going to do that."

Attorney General Alberto Gonzales has been lobbying Congress for mandatory data retention, calling it a "national problem that requires federal legislation." Gonzales has convened earlier private meetings to pressure industry representatives. And last month, Republicans introduced a mandatory data retention bill in the U.S. House of Representatives that would let the attorney general dictate what must be stored and for how long.

DoJ Mulls Tracking Picture Uploads.

Sun, 04 Mar 2007 03:57:23 GMT

DoJ Mulls Tracking Picture Uploads. Dominus Suus passed us a link to a C|Net article about a disturbing threat to privacy from the Justice Department. According to the article, a private meeting was held Wednesday between Justice officials and telecom industry representatives. With individuals from companies such as AOL and Comcast looking on, the officials continued overtures to increase data retention by ISPs on American citizens. This week, they were specifically looking to have records kept of photo uploads. In this way, and 'in case police determine the content is illegal and choose to investigate,' an easy trail from A to Z will be available. The article provides a good deal of background on the Bush Administration's history with data retention, with ties to events even older than the Bush presidency. --- "The Justice Department's request for information about compliance costs echoes a decade-ago debate over wiretapping digital telephones, which led to the 1994 Communications Assistance for Law Enforcement Act. To reduce opposition by telephone companies, Congress set aside $500 million for reimbursement and the legislation easily cleared both chambers by voice votes. Once Internet providers come up with specific figures, privacy advocates worry, Congress will offer to write a generous check to cover all compliance costs and the process will repeat itself." [Slashdot: Your Rights Online]

Homeland Security offers details on Real ID | CNET News.com

Sun, 04 Mar 2007 03:52:36 GMT

Hundreds of millions of Americans will have until 2013 to be outfitted with new digital ID cards, the Bush administration said on Thursday in a long-awaited announcement that reveals details of how the new identification plan will work.

The announcement by the U.S. Department of Homeland Security offers a five-year extension to the deadline for states to issue the ID cards, and proposes creating the equivalent of a national database that would include details on all 240 million licensed drivers.

According to the draft regulations (PDF), which were required by Congress in the 2005 Real ID Act and are unlikely to assuage privacy and cost concerns raised by state legislatures:

âo¢ The Real ID cards must include all drivers' home addresses and other personal information printed on the front and in a two-dimensional barcode on the back. The barcode will not be encrypted because of "operational complexity," which means that businesses like bars and banks that require ID would be capable of scanning and recording customers' home addresses.

âo¢ A radio frequency identification (RFID) tag is under consideration. Homeland Security is asking for input on how the licenses could incorporate "RFID-enabled vicinity chip technology, in addition to" the two-dimensional barcode requirement.

Homeland Security Offers Details on Real ID.

Sun, 04 Mar 2007 03:48:45 GMT

Homeland Security Offers Details on Real ID. pr0nqu33n writes "C|Net is running an article on the DHS's requirements for the Real ID system. Thursday members of the Bush administration finally unveiled details of the anticipated national identification program. Millions of Americans will have until 2013 to register for the system, which will (some would argue) constitute a national ID. RFID trackers for the cards are under consideration, as is a cohesive nation-wide design for the card. States must submit a proposal for how they'll adopt the system by early October of this year. If they don't, come May of next year their residents will see their licenses unable to gain them access to federal buildings and airplanes. The full regulations for the system are available online in PDF format. Likewise, the DHS has a Questions and Answers style FAQ available to explain the program to the curious." [Slashdot: Your Rights Online]

RIAA's 'Expert' Witness Testimony Now Online.

Sun, 04 Mar 2007 03:43:58 GMT

RIAA's 'Expert' Witness Testimony Now Online. NewYorkCountryLawyer writes "The online community now has an opportunity to see the fruits of its labor. Back in December, the Slashdot ('What Questions Would You Ask an RIAA Expert?') and Groklaw ('Another Lawyer Would Like to Pick Your Brain, Please') communities were asked for their input on possible questions to pose to the RIAA's 'expert'. Dr. Doug Jacobson of Iowa State University, was scheduled to be deposed in February in UMG v. Lindor, for the first time in any RIAA case. Ms. Lindor's lawyers were flooded with about 1400 responses. The deposition of Dr. Jacobson went forward on February 23, 2007, and the transcript is now available online (pdf) (ascii). Ray Beckerman, one of Ms. Lindor's attorneys, had this comment: 'We are deeply grateful to the community for reviewing our request, for giving us thoughts and ideas, and for reviewing other readers' responses. Now I ask the tech community to review this all-important transcript, and bear witness to the shoddy investigation and junk science upon which the RIAA has based its litigation war against the people. The computer scientists among you will be astounded that the RIAA has been permitted to burden our court system with cases based upon such arrant and careless nonsense.'" [Slashdot: Your Rights Online]

You Can Plead Guilty Here.

Fri, 02 Mar 2007 02:36:31 GMT

You Can Plead Guilty Here. The RIAA unveils P2PLawsuits.com, a site that allows people turned in by their universities or ISPs for copyright infringement to settle their cases in advance of due process. In Listening Post. [Wired News: Top Stories]

Lawmakers Tout DMCA Killer.

Fri, 02 Mar 2007 02:33:54 GMT

Lawmakers Tout DMCA Killer. The Fair Use Act would free honest consumers to pick the electronic locks on their digital media, under certain circumstances. A congressman says it's a good first step. Luke O'Brien reports from Washington. [Wired News: Top Stories]

NGA Praises Congressional Movement to Correct Real ID.

Fri, 02 Mar 2007 02:07:42 GMT

NGA Praises Congressional Movement to Correct Real ID. "The substantial costs and looming implementation deadline make Real ID unworkable and unreasonable." [GT: Security and Privacy]

DHS Proposal for State Driver License Enhancements Posted for Public Comment.

Fri, 02 Mar 2007 02:04:53 GMT

DHS Proposal for State Driver License Enhancements Posted for Public Comment. DHS will grant states an extension of the compliance deadline until December 31, 2009. [GT: Security and Privacy]

Legislation eyes nightclubs - Greenwich Time

Fri, 02 Mar 2007 01:50:56 GMT

Pending the mayor's signature, which is expected, all clubs where dancing is permitted will be required to install surveillance cameras at entrances and exits. While some Council members raised privacy concerns, the overwhelming majority agreed the surveillance tapes would be an invaluable deterrent and aid police if a crime is committed.

All surveillance tapes must be securely stored, and clubs could be fined up to $50,000 if the footage makes its way onto TV or gossip Web sites.

Industry representatives welcomed the surveillance camera vote, but pointed out that 90 percent of clubs with dancing already have such cameras installed.

'Electric Slide' Creator Steps on Fair Use.

Fri, 02 Mar 2007 00:23:19 GMT

'Electric Slide' Creator Steps on Fair Use.

EFF Lawsuit Battles Bogus Copyright Claims

San Francisco - The Electronic Frontier Foundation (EFF) filed suit today against the man who claims to have created the popular line dance "The Electric Slide," asking the court to protect the free speech rights of a videographer who captured a few steps of the dance in a documentary video he posted to the Internet.

EFF's client, Kyle Machulis, shot the video at a concert last month. In one ten-second segment, a group of fans in the audience attempts to dance part of the Electric Slide. Machulis later uploaded the video to YouTube. Within just a few days, Richard Silver, owner of www.the-electricslidedance.com, filed a takedown demand under the Digital Millennium Copyright Act (DMCA). Silver claimed he owned the copyright to the Electric Slide and that Machulis' video infringed his rights. The removal appears to be part of a broad campaign by Silver to misuse copyright allegations to prevent dancers from performing the dance "incorrectly."

"Silver's claim of copyright infringement is absurd and is a classic example of the kind of DMCA abuse that can chill Internet speech," said EFF Staff Attorney Corynne McSherry. "Even if Silver had a valid copyright in the dance--which is not at all clear--this is a fair use and not infringing."

EFF's complaint asks that the judge immediately rule that the video does not infringe any copyright owned by Silver, and that Silver cease his meritless claims towards Machulis.

"We spend a lot of time fighting the misuse of copyright law on the Internet, but this situation is particularly outrageous," said EFF Staff Attorney Jason Schultz. "With thousands of videos being uploaded to sites like YouTube every day, free speech is on the line and needs to be protected."

For the full complaint:
http://www.eff.org/legal/cases/electricslide/complaint.pdf

Contacts:

Corynne McSherry
Staff Attorney
Electronic Frontier Foundation
corynne@eff.org

Jason Schultz
Staff Attorney
Electronic Frontier Foundation
jason@eff.org

[EFF: Breaking News]

DHS Issues REAL ID Regulations; CDT Urges Repeal of Law.

Fri, 02 Mar 2007 00:17:49 GMT

DHS Issues REAL ID Regulations; CDT Urges Repeal of Law. The Department of Homeland Security has issued proposed regulations implementing the REAL ID Act, which would require states to adopt tighter standards and create a networked system for driver's license issuance. Given the Act's fundamental flaws, CDT has joined other civil liberties groups in supporting legislation introduced in recent days in the House and Senate to repeal the hastily-enacted 2005 law and return to the driver's license reform process begun by the previous Congress. CDT is especially concerned that the Act would result in the creation of a linked network of government databases of personal information, without standards or limits on access and use. [Center for Democracy and Technology]

Senators Weigh in on WIPO Broadcast Treaty.

Fri, 02 Mar 2007 00:16:23 GMT

Senators Weigh in on WIPO Broadcast Treaty.

Senators Patrick Leahy and Arlen Specter recently sent a letter to the Copyright Office and the PTO, expressing their concern about the WIPO Broadcast Treaty. In it, they voice many of the same concerns that have brought together a broad alliance of public interest groups, libraries, technology groups, and communications providers against the treaty as it is currently envisioned at WIPO.

Specifically, the senators (who are, respectively, the Chair and Ranking Member of the Judiciary Committee) are worried that granting broadcasters a separate, 20-year-long IP right in broadcasts could interfere with the fair use of works, as well as complicating the legal hoops that consumers would have to jump through. The letter also addresses the fact that copyright owners and ISPs could run into unintended liabilities under the treaty.

[Public Knowledge - Blogging, Events, and Action Alerts]

Patently Bad Move Gags Critics.

Wed, 28 Feb 2007 23:47:07 GMT

Patently Bad Move Gags Critics. A company finds a sneaky new way to silence security researchers: Claim that defeating its products infringes on patents. Commentary by Jennifer Granick. [Wired News: Security Blanket]

New Profiling Program Raises Privacy Concerns - washingtonpost.com

Wed, 28 Feb 2007 23:36:54 GMT

The Department of Homeland Security is testing a data-mining program that would attempt to spot terrorists by combing vast amounts of information about average Americans, such as flight and hotel reservations. Similar to a Pentagon program killed by Congress in 2003 over concerns about civil liberties, the new program could take effect as soon as next year.

But researchers testing the system are likely to already have violated privacy laws by reviewing real information, instead of fake data, according to a source familiar with a congressional investigation into the $42.5 million program.

Bearing the unwieldy name Analysis, Dissemination, Visualization, Insight and Semantic Enhancement (ADVISE), the program is on the cutting edge of analytical technology that applies mathematical algorithms to uncover hidden relationships in data. The idea is to troll a vast sea of information, including audio and visual, and extract suspicious people, places and other elements based on their links and behavioral patterns.

The privacy violation, described in a Government Accountability Office report that is due out soon, was one of three by separate government data mining programs, according to the GAO. "Undoubtedly there are likely to be more," GAO Comptroller David M. Walker said in a recent congressional hearing.

The violations involved the government's use of citizens' private information without proper notification to the public and using the data for a purpose different than originally envisioned, said the source, who declined to be identified because the report is not yet public.

The issue lies at the heart of the debate over whether pattern-based data mining -- or searching for bad guys without a known suspect -- can succeed without invading people's privacy and violating their civil liberties.

BBC NEWS | Americas | Canada rejects anti-terror laws

Wed, 28 Feb 2007 23:32:01 GMT

The Canadian parliament has voted against renewing two controversial anti-terror measures that had been adopted after the 11 September attacks.

The measures allowed suspects to be detained without charge for three days and could compel witnesses to testify.

The minority Conservative government accused the opposition Liberals of being soft on terror.

The vote comes days after the Supreme Court revoked a law allowing foreign suspects to be detained indefinitely.

Neither measure has ever been used since they were brought in by the then ruling Liberals after the attacks on New York and Washington in 2001.

To allay human rights concerns, the measures were given a five-year limit and expire on 1 March.

Canada Rejects Anti-Terror Laws.

Wed, 28 Feb 2007 23:28:09 GMT

Canada Rejects Anti-Terror Laws. Coryoth writes "The Canadian parliament has voted against renewing anti-terror laws that had been introduced after September 11, 2001. The rejected laws included provisions to hold terror suspects indefinitely, and to compel witnesses to testify, and were in some sense Canada's version fo the Patriot Act. The laws were voted down in the face of claims from the minority Conservative government that the Liberal Party was soft on terror, and despite the fact that Canada has faced active terrorist cells in their own country. The anti-terror laws have never been used, and it was viewed that they are neither relevant, nor needed, in dealing with terrorist plots. Hopefully more countries will come to the same conclusion." [Slashdot: Your Rights Online]

German Antiterror Law Links Large Databases.

Wed, 28 Feb 2007 23:22:23 GMT

German Antiterror Law Links Large Databases. Law takes effect creating comprehensive pool of personal data in antiterrorist effort. [PC World: Latest Technology News]

RIAA Opposes 'Fair Use' Bill.

Wed, 28 Feb 2007 23:10:42 GMT

RIAA Opposes 'Fair Use' Bill. Congressional move to easing digital copying would "legalize hacking," say music labels. [PC World: Latest Technology News]

NY1: Nightclub Safety On Council Agenda

Wed, 28 Feb 2007 23:06:21 GMT

Clubs will also now be required to have security cameras at their entrances and exits. Outside monitors could also be installed at clubs in frequent trouble with the law.

The New York Civil Liberties Union have said some of the proposals violate privacy, but the bill's sponsors have said they are just trying to keep club patrons safe.

Action Alert - Support the FAIR USE Act!

Wed, 28 Feb 2007 23:02:50 GMT

Action Alert - Support the FAIR USE Act!

Reps. Rick Boucher and John Doolittle's FAIR USE Act [PDF] would remove some of the entertainment industry's most draconian anti-innovation weapons and chip away at the Digital Millennium Copyright Act's (DMCA) broad restrictions on fair use. Take action now and tell Congress to help restore balance in copyright now.

Technology companies play a game of Russian roulette whenever they create products with both infringing and non-infringing uses. Current "secondary liability" standards don't provide enough certainty, and if innovators guess wrong, they can be hit with statutory damages as high as $30,000 per work infringed. When it comes to mass-market products like the iPod or TiVo, damages could run into the trillions of dollars -- more than enough to bankrupt anyone from the smallest start-ups to the biggest companies. Unlike in other areas, the private assets of corporate officers, directors and investors are not shielded from liability in copyright cases.

The FAIR USE Act would eliminate statutory damages for secondary liability and allow innovators to make more reasonable business decisions about manageable levels of legal risk. Meanwhile, copyright owners could still get injunctions and actual damages for harm suffered, putting them in no worse a position than civil litigants in most other areas.

The bill would also codify the Supreme Court's "Betamax doctrine" as it pertains to hardware devices, making clear that manufacturers cannot be held liable based on the design of technologies with substantial non-infringing uses.

Finally, the bill would loosen the grip of the DMCA, which restricts circumvention of digital rights management (DRM) restrictions even for lawful uses. The FAIR Use Act adds 12 exemptions, including the ability to circumvent for classic fair use purposes like news reporting, research, commentary, and criticism.

Broader DMCA and copyright reform remains absolutely necessary, but if passed this bill would be a big first step in the right direction. Tell your representatives to support it now.

For more information, read the bill here, and check out this EFF article from last year discussing statutory damages and proposing their elimination in secondary liability cases.

[EFF: Deep Links]

Symantec: U.S. Data Breach Legislation Needed.

Wed, 28 Feb 2007 22:59:02 GMT

Symantec: U.S. Data Breach Legislation Needed. Officials from cybersecurity company tells the U.S. Congress that a data breach notification bill with reasonable security practice requirements would protect Americans. [PC World: Latest Technology News]

EFF - miniLinks for 2007-02-28.

Wed, 28 Feb 2007 22:50:21 GMT

miniLinks for 2007-02-28.

Supreme Court Debates Patentability of Software
Justices look skeptically at the details of software's protection.

Toward an Ethical Patent System
European citizens unite against over-broad patents....

Bad Patents Are Bad for Business
... as does the European business community to go with it.

Canada Turns Away Americans for Past Misdemeanors
Thanks to DHS data mining, Canada turned away a visitor who shop-lifted during a fraternity prank 20 years ago and others with minor criminal records.

Has the Media Center Moved to Silicon Valley?
On the day of the Oscars, Tom Forenski thinks that films have lost their magic, and Net technology has seized it.

Whit Diffie Warns Of Overbroad Privacy Laws
"I am, on balance, more pleased with the fact that I can learn lots of information about people in minutes by using the Web than I am concerned about the fact that people can learn lots of information about me that way. And I would not like to see laws that restrict people's ability to go investigate things. "

Protect Your Users' Data With a Privacy Wall
How one company works to protect its users' financial information.

SF Chronicle: Reverse Real ID
"Congress must take a hard look at whether it makes sense to proceed with an expansive law that would be more appropriately called the National ID Act."

North Korea and the Internet
North Korea's strange, inward-looking national intranet.

Did WIPO's Director-General Lie About his age?
Confidential report suggests that he was 28 when he first took the job, not 37, and has repeatedly given the wrong age on official documents for 24 years.

The "Crime" of Blogging in Egypt
Abdelkareem Nabil Soliman is sentenced to four years for free speech.

Recording Industry Targets Colleges
Administrators get caught in the crossfire: "[The complaint] is asking us to pursue an investigation and as the service provider we don't see that as our role", says Purdue spokesman.

[EFF: Deep Links]

Verizon Wireless wins injunction against text spam | CNET News.com

Wed, 28 Feb 2007 22:43:47 GMT

Verizon Wireless said Monday that it has won a permanent injunction against a company it accused of sending text message spam, a significant step in keeping the unsolicited messages off cell phones.

In the judgment, Specialized Programming and Marketing and its owner, Charles Henderson, are prohibited from sending text message spam to Verizon Wireless customers. They are also required to pay damages in excess of $200,000. Verizon Wireless filed the suit after nearly 100,000 text messages were sent to Verizon Wireless customers offering them a prize vacation for a cruise to the Bahamas.

Initially, Verizon Wireless filed the suit against Passport Holidays in October 2005 in U.S. District Court in Trenton, N.J. The mobile operator won a permanent injunction against Passport Holidays in February 2006 to stop the company from sending further spam. Passport also was required to pay $10,000 in damages to Verizon Wireless.

During litigation, Passport Holidays named Specialized Programming and Marketing and Henderson as the company and individual that actually sent the spam that formed the basis for the suit. In February 2006, Verizon Wireless filed an amended complaint naming Specialized Programming and Marketing and Henderson. This latest decision brings the case to a conclusion, Verizon Wireless said.

Verizon Wins Injunction Against Text Spammer.

Wed, 28 Feb 2007 03:10:08 GMT

Verizon Wins Injunction Against Text Spammer. bulled writes "CNet is running a story illustrating the US court system's ongoing harsh opinion about unwarranted communications of any kind. Verizon Wireless recently won a lawsuit against a company that was delivering massive numbers of spam text messages to its customers. Specialized Programming and Marketing and Henderson was ordered to pay more than $200,000 in damages to Verizon Wireless, some two years after Verizon filed the suit against the company. In 2005 Specialized Programming sent some 100,000 emails to Verizon phones. Verizon now has an injunction against the Marketing firm, another win for a company that has developed a reputation for going after spammers." [Slashdot]

Administrivia: Now we have a overheated CPU ( 60 degrees centigrade )

Wed, 28 Feb 2007 00:39:01 GMT

OK, if the DDOS attack wasn't enough. Now our server went down with a temperature overload. We were up to 60 degrees centigrade when we shut down. The CPU and a broken fan have been replaced.

Administrivia: Our data-center was hit by a DDOS attack today.

Tue, 27 Feb 2007 22:19:59 GMT

Sorry for being either very slow or off the net for a while recently. The data-center we are part of was hit by a DDOS (Distributed Denial Of Service) attack recently. At the moment it looks to be under control, but we are keeping an eye on things.

Protect the Children From Porn.

Tue, 27 Feb 2007 21:33:20 GMT

Protect the Children From Porn. Sending a teacher to prison for mishandling a classroom porn storm does not address the root of the problem: fear that traces back to ignorance. Commentary by Regina Lynn. [Wired News: Top Stories]

Bloggers Immune From Suits Against Commenters.

Tue, 27 Feb 2007 21:21:35 GMT

Bloggers Immune From Suits Against Commenters. An anonymous reader writes "Suppose a commenter posts a libelous comment here at Slashdot. Can Slashdot and its owners be sued for defamation? A federal appeals court just held that no, they cannot. The court noted that a federal law was designed to ensure that 'within broad limits, message board operators would not be held responsible for the postings made by others on that board,' adding that, were the law otherwise, it would have an 'obvious chilling effect' on blogger speech." [Slashdot: Your Rights Online]

Texas Bill Would Require Voting Machine Paper Trail.

Mon, 26 Feb 2007 23:44:57 GMT

Texas Bill Would Require Voting Machine Paper Trail. Would require the system to allow the voter to inspect and verify the paper record before the electronic vote is recorded. [GT: Security and Privacy]

Cyberbullying and schools: where does a principal's authority end?

Mon, 26 Feb 2007 23:07:43 GMT

According to national law enforcement organization Fight Crime: Invest in Kids, one out of every three teenagers are victims of cyberbullying. Fight Crime's cyberbullying initiative is spearheaded by the Utah Attorney General Mark Shurtleff, and he introduced a 15-year old student at last year's press conference to explain that this is about more than hearing a few unkind words. Kylie Kenney explained how some kids at her school had created a web site that called for her death, then harassed her for several years with phone calls and e-mails, even after she transferred schools.

This is obviously an extreme example of what can happen, but it's a reminder of why legislation is even possible. Although most speech is protected by the First Amendment, knee-jerk "You can't regulate free speech!" reactions aren't helpful in this case, as free speech protections are a complex field of law. Threats, for instance, aren't protected. The First Amendment Center, which looked into the issue, says that "true threats are not protected by the First Amendment. Students should be aware that threatening comments in general--on the Internet or not--could subject them not only to school discipline but also to criminal punishment."

On the other hand, most student speech is protected, even if insulting or hurtful. Courts have gradually increased the protection for student speech over the last 100 years, moving far away from the 1908 decision by the Wisconsin Supreme Court that allowed a school to suspend two students who made fun of their principal in a poem.

Cyberbullying Laws Raise Free Speech Questions.

Mon, 26 Feb 2007 23:05:16 GMT

Cyberbullying Laws Raise Free Speech Questions. Chad_DeVoss writes "States across the country are working on laws to rein in cyberbullying, claiming that electronic harassment has led even to the suicides of some children. But what about the First Amendment? Surely schools can't control what kids say to one another? It's an easy argument to make, but the reality is more complicated. From the article: 'The issue is further complicated by questions about whether cyberbullying takes place on school property or not. School officials do not generally have control over what students do outside of school, but, as the First Amendment Center reports, even this issue is complicated. Students who threaten or harass other students using school equipment or during school time can most likely be sanctioned, but even students who do such things from home face the possibility of school discipline under the 'substantial disruption of the educational environment' ruling from the Tinker v. Des Moines Independent Community School District case from 1969.'" [Slashdot: Your Rights Online]

Wired News: Why Smart Cops Do Dumb Things By Bruce Schneier

Sun, 25 Feb 2007 04:58:46 GMT

Since 9/11, we've spent hundreds of billions of dollars defending ourselves from terrorist attacks. Stories about the ineffectiveness of many of these security measures are common, but less so are discussions of why they are so ineffective. In short: Much of our country's counterterrorism security spending is not designed to protect us from the terrorists, but instead to protect our public officials from criticism when another attack occurs.

Are we stuck with CYA homeland security? | NetworkWorld.com Community

Sun, 25 Feb 2007 04:53:52 GMT

Wired has a thought-provoking piece this morning from security expert Bruce Schneier - headlined "Why smart cops do dumb things". It makes the case that the bulk of post-9/11 homeland security excesses stem from a most natural of human instincts: the need to cover one's ass.

The headline is misleading in that the essay is not about police officers specifically, but rather public safety officials, politicians and regulators of all stripes. But on the broader score the column is dead-on accurate: We've scared ourselves half to death and thus practically demand that those entrusted with keeping us safe go to absurd extremes to keep from being scapegoated should something go wrong. ... And something will go wrong. That part of the equation is not irrational.

The only quibble I have with Schneier's assessment is his conclusion that "there might not be a solution." Call me a crazy optimist (you'd be the first), but I've got to believe there's a way out of this knot.

Think Your Social Security Number Is Secure? Think Again - New York Times

Sun, 25 Feb 2007 04:35:33 GMT

It should come as little surprise that Social Security numbers are posted on the Internet. But, says Betty Ostergren, a former insurance claims supervisor in suburban Richmond, Va., who has spent years trolling for them, "people are always astounded" to learn that theirs is one of them.

Mrs. Ostergren, 57, has made a name for herself as a gadfly as she took on a lonely and sometimes frustrating mission to draw attention to the situation. With addresses, dates of birth and maiden names often associated with Social Security numbers, she said, they are a gift to data thieves.

But in the last few weeks, Mrs. Ostergren's Web site, The Virginia Watchdog -- with the help of lobbying from an unexpected ally, America's farm bureaus -- is having an effect.

One by one, states and counties have started removing images of documents that contain Social Security numbers, or they are blocking out the numbers. Four states, including New York, have removed links to images of public documents containing Social Security numbers.

NYC Gothamist: How the NYPD Videotapes You

Sun, 25 Feb 2007 03:16:23 GMT

In the wake of a federal judge criticizing the NYPD's videotaping procedures last week, I-Witness Video looks at what the NYPD actually uses to record public events and calls it "360 degrees of surveillance," best illustrated by what the police used during the 2004 Republican National Convention.

Officers used "lipstick cameras" which are easily concealed, as well as helicopters with "military-style infrared imaging." And Fuji lent the NYPD its BlimpCam, and I-Witness Video describes the blimpcam footage from August 27, 2004:

Going to Canada? Check your past / Visitors with minor criminal records turned back at border

Fri, 23 Feb 2007 22:25:44 GMT

There was a time not long ago when a trip across the border from the United States to Canada was accomplished with a wink and a wave of a driver's license. Those days are over.

Take the case of 55-year-old Lake Tahoe resident Greg Felsch. Stopped at the border in Vancouver this month at the start of a planned five-day ski trip, he was sent back to the United States because of a DUI conviction seven years ago. Not that he had any idea what was going on when he was told at customs: "Your next stop is immigration.''

Felsch was ushered into a room. "There must have been 75 people in line," he says. "We were there for three hours. One woman was in tears. A guy was sent back for having a medical marijuana card. I felt like a felon with an ankle bracelet.''

[...]

Welcome to the new world of border security. Unsuspecting Americans are turning up at the Canadian border expecting clear sailing, only to find that their past -- sometimes their distant past -- is suddenly an issue.

While Canada officially has barred travelers convicted of criminal offenses for years, attorneys say post-9/11 information-gathering, combined with a sweeping agreement between Canada and the United States to share data, has resulted in a spike in phone calls from concerned travelers.

They are shocked to hear that the sins of their youth might keep them out of Canada. But what they don't know is that this is just the beginning. Soon other nations will be able to look into your past when you want to travel there.

[...]

"From the time that you turn 18, everything is in the system,'' says Lucy Perillo, whose Canada Border Crossing Service in Winnipeg, Manitoba, helps Americans get into the country.

[...]

So it isn't as if rules have stiffened. But what has changed is the way the information is gathered. In the wake of 9/11, Canada and the United States formed a partnership that has dramatically increased what Lesperance calls "the data mining'' system at the border.

The Smart Border Action Plan, as it is known, combines Canadian intelligence with extensive U.S. Homeland Security information. The partnership began in 2002, but it wasn't until recently that the system was refined.

"They can call up anything that your state trooper in Iowa can,'' Lesperance says. "As Canadians and Americans have begun cooperating, all those indiscretions from the '60s are going to come back and haunt us.''

[...]

The lesson, the attorneys say, is that if you must travel to Canada, you should apply for "a Minister's Approval of Rehabilitation" to wipe the record clear.

Oh, and by the way, if you don't need to travel to Canada, don't think you won't need to clear your record. Lesperance says it is just a matter of time before agreements are signed with governments in destinations like Japan, Indonesia and Europe.

"This,'' Lesperance says, "is just the edge of the wedge.''

Canadian Border Tightens Due to Info Sharing.

Fri, 23 Feb 2007 21:21:12 GMT

Canadian Border Tightens Due to Info Sharing. blu3 b0y writes "The San Francisco Chronicle is reporting that new information sharing agreements have made it as easy for a Canadian border officer to know the full criminal records of US citizens as it is for their local police. As a result, Canadian officials are turning away American visitors for ancient minor convictions, including 30-year-old shoplifting and minor drug possession convictions. Officials claim it's always been illegal to enter Canada with such convictions without getting special dispensation, they just had no good way of knowing about them until recent security agreements allowed access. One attorney speculates it's not long before this information will be shared with other countries as well, causing immigration hassles worldwide." [Slashdot: Your Rights Online]

Mass. Bill Would Make Retailers Pay for Data Breaches.

Fri, 23 Feb 2007 17:16:34 GMT

Mass. Bill Would Make Retailers Pay for Data Breaches.

Lawmakers in Massachusetts are poised to consider legislation that would force retailers who suffer data breaches to cover the costs associated with any fraud-related losses by their customers, according to a story in today's Wall Street Journal (link is by subscription only).

The bill, sponsored by Rep. Michael A. Costello (D), would make any company (retailer, bank or data processor) financially liable if it is the operator of the system that is hacked. The bill doesn't cover other types of credit-card fraud, such as those perpetrated by means of a lost or stolen card."

The legislation also "would mandate that companies whose security systems are breached assume full financial responsibility for any fraud-related losses, costs associated with the canceling and reissuing of cards, and -- in cases of identity theft -- the freezing of accounts and credit information. The bill would apply to any company doing business in Massachusetts, wherever it may be based."

While this is a state measure, it's hard to ignore the nationwide impact of the California data breach notification law that took effect in 2003. It seems like everyone is getting data breach or loss notices these days (my wife and I received one last week). Now, some 35 states have laws on the books that mimic the California law.

You can bet that a ton of businesses will be keeping a close eye on the debate surrounding this Massachusetts bill. It's worth noting that the intent behind this bill is very similar to a legislative idea sketched out earlier this year by House Financial Services Committee Chairman Barney Frank, a Democrat who just happens to hail from Massachusetts.

[Security Fix]

EFF - miniLinks for 2007-02-21.

Fri, 23 Feb 2007 17:14:58 GMT

miniLinks for 2007-02-21.

Free Congress!
Coders gather to open up more of the legislature's deliberations.

Republicans, Democrats Spat Over IP Rights in Congress TV
After Speaker of the House Nancy Polosi is accused of "pirating" C-SPAN, the TV service reiterates that it has no copyright interest in the video.

Chinese Lawyers Protest Sina's Blog Censorship
Fight the arbitrary nature of China's limits on free speech.

New York Times on the DJ Mixtape Arrests
"DJs continued to release tapes -- some with hastily added tracks on which rappers cursed the RIAA"

Disney Must Consider Sharing Pooh's Honey
The endless fight over the merchandising rights to A.A. Milne's work continues to plague the copyright maximalist company.

Students Balk at University's "Free" Music Deals
One insider's view of dealing with the college-only licensed music services.

Bipartisan Effort to Junk Real ID Law
Democrat Rep. Tom Allen and Republican Rep. Scott Lansley push for reform of costly, invasive national ID mandate.

A 55-inch TV Is too big for the Super Bowl
Consumer electronics mavens scratch their heads at NFL's Super Bowl rules.

UK Government Rejects Calls for DRM Ban
While faulty, DRM is good for price discrimination, Prime Minister's office says.

Framing the DRM Debate
LinuxJournal's Don Marti says it's about more than property.

Europe's Plan to Track Phone and Net Use
Data retention implementation to be far worse than original plans.

UK Now Running 439,000 E-mail and Phone Taps
Report's author declares wiretap error rate "unacceptably high."

[EFF: Deep Links]

Studios, FBI Teach Swedish Cops to Hunt File Sharers.

Fri, 23 Feb 2007 17:10:37 GMT

Studios, FBI Teach Swedish Cops to Hunt File Sharers. The FBI and the MPAA, with the Swedish antipiracy organization Antipiratbyren, are training Swedish law enforcement officers in copyright and piracy matters. [PC World: Latest Technology News]

Fight Over Google's 'Sponsored Links' Threatens Internet Free Speech.

Fri, 23 Feb 2007 16:47:09 GMT

Fight Over Google's 'Sponsored Links' Threatens Internet Free Speech.

EFF Asks Judge to Uphold Key Trademark Ruling

San Francisco - The Electronic Frontier Foundation (EFF) asked the U.S. 2nd Circuit Court of Appeals today to uphold an important ruling allowing anyone to purchase Google's "sponsored links" tied to trademarks, arguing that the practice is legal under trademark law and provides a vital means for online speakers to connect with audiences on the Internet.

Google's "sponsored links" feature allows customers to buy advertisements attached to certain search terms. When a Google user types those terms into the search engine, the sponsored links appear along with the search results. However, a company named Rescuecom filed a lawsuit against Google over the program, claiming that selling sponsored links for the term "Rescuecom" infringed its trademark.

In an amicus brief filed with the appeals court today, EFF argues that the sponsored links are not an infringing use, and in fact promote a vibrant public sphere by helping online speakers reach a broader audience. An example cited in the brief is that of "The Coalition of Immokalee Farmworkers," a group critical of McDonald's business practices. The coalition bought sponsored links attached to searches for "McDonald's" in order to stimulate debate and mobilize support.

"The Internet has brought together speakers of many kinds -- some competing with trademark owners, others criticizing them, still others simply referring to them while discussing other subjects or products," said EFF Staff Attorney Corynne McSherry. "Services like Google's 'sponsored links' help people with something to say reach those who might be interested in hearing it."

Rescuecom has asked the court to hold that trademark law regulates virtually any use of search keywords that are also trademarks. This would give trademark holders a legal sword to wield against critics and competitors, as well as the intermediaries upon which those critics and competitors rely to spread their message. But courts have historically taken care to ensure that trademark restrictions do not allow markholders to interfere with Constitutionally-protected free speech.

"On the Internet, trademarks aren't just identifiers. They are essential navigation tools and vehicles of expression," said EFF Staff Attorney Jason Schultz. "Quashing this speech goes against both the law and the public interest."

A judge dismissed Rescuecom's case against Google last year, but the company is appealing the decision.

For the full brief filed in Rescuecom v. Google:
http://www.eff.org/legal/cases/rescuecom_v_google/EFF_amicus.pdf

Contacts:

Corynne McSherry
Staff Attorney
Electronic Frontier Foundation
corynne@eff.org

Jason Schultz
Staff Attorney
Electronic Frontier Foundation
jason@eff.org

[EFF: Breaking News]

Feinstein to GAO: Investigate E-voting System.

Thu, 22 Feb 2007 16:56:31 GMT

Feinstein to GAO: Investigate E-voting System.

During the 2006 election in Florida, electronic voting machines may have "undercounted" to the tune of 18,000 votes in Sarasota County. But because the new machines were not designed to provide paper receipts, there is no way to double check the vote.

Now, Senator Dianne Feinstein of California has taken action. Last week, she asked the Government Accountability Office (GAO) to investigate electronic voting systems that do not provide voter-verified paper ballots. Senator Feinstein specifically highlighted the problems in Florida, and asked for a "top to bottom investigation"

"Should the GAO become aware of any systems that are prone to software malfunctions, are susceptible to fraud, or use hardware design that would lead to voting system problems, I would request that you also inspect those systems," writes Senator Feinstein.

EFF and a coalition of voting integrity groups, representing Sarasota County voters, have filed suit in state court in Tallahassee asking for a re-vote in Florida's 13th congressional district. To find out more about EFF's work defending your right to vote, visit our E-voting page.

[EFF: Deep Links]

Judge Refuses to Release Critical Documents in AT&T Surveillance Case.

Thu, 22 Feb 2007 15:56:51 GMT

Judge Refuses to Release Critical Documents in AT&T Surveillance Case.

Klein Declaration and Other Internal Documents to Stay Sealed for Now

San Francisco - A federal judge in San Francisco today denied requests from media groups to unseal critical evidence in the Electronic Frontier Foundation's (EFF's) class-action lawsuit against AT&T.

EFF's suit accuses the telecom giant of collaborating with the National Security Agency (NSA) in illegal spying on millions of ordinary Americans. The sealed evidence includes a declaration by Mark Klein, a retired AT&T telecommunications technician, as well as several internal AT&T documents and portions of a declaration from EFF's expert witness. Some of the evidence was previously released in redacted form, while other evidence is still completely unavailable to the media and the public.

"We're disappointed that the court did not choose to unseal all of the documents that include or refer to the evidence presented by Mark Klein and our expert, J. Scott Marcus. The government has already agreed that the evidence is neither classified nor a state secret, and is only being held under seal because of AT&T's weak trade secrecy claims," said Cindy Cohn, EFF's Legal Director. "Given that the privacy of millions of Americans is at stake, we strongly believe that the public would benefit from seeing this evidence for themselves."

Today's order is in response to a December hearing on the sealing issue. U.S. District Court Judge Vaughn Walker granted the media groups' request to intervene in the case, and said that he might revisit the unsealing motion at a later date.

For Judge Walker's full order:
http://www.eff.org/legal/cases/att/order_media_unsealing.pdf

For more on EFF's case against AT&T:
http://www.eff.org/legal/cases/att/

Contacts:

Cindy Cohn
Legal Director
Electronic Frontier Foundation
cindy@eff.org

Rebecca Jeschke
Media Coordinator
Electronic Frontier Foundation
press@eff.org

[EFF: Breaking News]

Judge Denies Complete Stay in AT&T Surveillance Case.

Thu, 22 Feb 2007 15:55:14 GMT

Judge Denies Complete Stay in AT&T Surveillance Case.

Government and AT&T Cannot Freeze Proceedings During Appeal

San Francisco - A federal judge today ruled that the Electronic Frontier Foundation (EFF) can go forward with elements of its class action lawsuit against AT&T for collaborating with the government on illegal spying in ordinary Americans -- despite the government and AT&T's request to freeze proceedings during an appeal.

In his ruling, U.S. District Court Judge Vaughn Walker opened the door to beginning the discovery process, allowing EFF to ask "limited and targeted" questions as long as those questions do not overlap with the issues under consideration in the 9th U.S. Circuit Court of Appeals.

"The government wanted to put this case in the deep freeze," said EFF Staff Attorney Kurt Opsahl. "Instead, the court has invited us to move forward with some targeted questions. We're glad to accept that invitation, which will allow progress while respecting the government's national security concerns."

Judge Walker also refused to implement a blanket stay on the other telecommunications surveillance cases transferred to his court. He ruled that unless the parties stipulate to a stay, then "defendants will answer or otherwise respond to the complaint" by March 29. Earlier today, Judge Walker denied requests from media groups to unseal critical evidence in the AT&T case.

Judge Walker did grant the media groups' request to intervene, and said he might revisit the unsealing issue at a later date.

For Judge Walker's full order:
http://www.eff.org/legal/cases/att/stayorder220.pdf

For more on EFF's case against AT&T:
http://www.eff.org/legal/cases/att/

Contacts:

Kurt Opsahl
Staff Attorney
Electronic Frontier Foundation
kurt@eff.org

Rebecca Jeschke
Media Coordinator
Electronic Frontier Foundation
press@eff.org

[EFF: Breaking News]

RIAA Hires Artists, Then Sends In the SWAT team.

Mon, 19 Feb 2007 21:58:44 GMT

RIAA Hires Artists, Then Sends In the SWAT team. cancan writes "The NY times is carrying an article about how the RIAA is hiring hip hop artists to make mix tapes, and then helping the police raid their studios. In the case of DJ Drama and DJ Don Cannon, they were raided by SWAT teams with their guns drawn. The local police chief said later that they were 'prepared for the worst.' Men in RIAA jackets helped cart away 'evidence'. Just the same, 'Record labels regularly hire mixtape D.J.'s to produce CDs featuring a specific artist. In many cases, these arrangements are conducted with a wink and a nod rather than with a contract; the label doesn't officially grant the D.J. the right to distribute the artist's songs or formally allow the artist to record work outside of his contract.' " --- This is more of the shenanigans that we've previously discussed on the site. [Slashdot: Your Rights Online]

Couple Who Catch Cop Speeding Could Face Charges.

Mon, 19 Feb 2007 21:55:26 GMT

Couple Who Catch Cop Speeding Could Face Charges. a_nonamiss writes "A Georgia couple, apparently tired of people speeding past their house, installed a camera and radar gun on their property. After it was installed, they caught a police office going 17MPH over the posted limit. They brought this to the attention of the local police department, and are now being forced to appear in front of a judge to answer to charges of stalking." [Slashdot: Your Rights Online]

Feds Pull Traveler Help Site.

Mon, 19 Feb 2007 00:04:38 GMT

Feds Pull Traveler Help Site. Homeland Security pulls down a website link for travelers with watchlist problems after 27BStroke6 points out security flaws. But TSA won't say whether the site was legal. In 27B Stroke 6. [Wired News: Top Stories]

MPAA Violates Another Software License.

Sun, 18 Feb 2007 23:45:13 GMT

MPAA Violates Another Software License. Patrick Robib, a blogger who wrote his own blogging engine called Forest Blog recently noticed that none other than the MPAA was using his work, and had completely violated his linkware license by removing all links back to the Forest Blog site, not crediting him in any way. The MPAA blog was using the Forest Blog software, but had completely stripped off his name, and links back to his site. He only found about it accidentally when he happened to visit the MPAA site. [Slashdot: Your Rights Online]

FTC Files Complaint Against Pretexters.

Sun, 18 Feb 2007 20:04:09 GMT

FTC Files Complaint Against Pretexters. FTC says pretexting violates federal law, targets companies involved in HP scandal. [PC World: Latest Technology News]

DirectRevenue to Pay $1.5M in Adware Settlement.

Sun, 18 Feb 2007 19:58:55 GMT

DirectRevenue to Pay $1.5M in Adware Settlement. FTC charges that New York firm infected victims' computers with adware. [PC World: Latest Technology News]

Is AT&T helping the NSA ? First your phone calls and now your e-mails (For Your Eyes Only? ) NOW | PBS.

Sun, 18 Feb 2007 19:53:13 GMT

For Your Eyes Only? NOW | PBS

This week, NOW reports on new evidence suggesting the existence of a secret government program that intercepts millions of private e-mails each day in the name of terrorist surveillance. News about the alleged program came to light when a former AT&T employee, Mark Klein, blew the whistle on what he believes to be a large-scale installation of secret Internet monitoring equipment deep inside AT&T's San Francisco office. The equipment, he contends, was created at the request of the U.S. government to spy on e-mail traffic across the entire Internet. Though the government and AT&T refuse to address the issue directly, Klein backs up his charges with internal company documents and personal photos.

For Your Eyes Only? (Breaking the Story) NOW | PBS

Sun, 18 Feb 2007 19:43:54 GMT

NOW's Deborah Runcie speaks to journalist Ryan Singel, who covers civil liberty and privacy issues, about his investigative work involving AT&T and the government's alleged secret surveillance of personal electronic mail. Singel's coverage appeared in Wired News.

Child Protection Bills Introduced in Congress Raise Legal and Policy Concerns.

Fri, 16 Feb 2007 15:51:42 GMT

Child Protection Bills Introduced in Congress Raise Legal and Policy Concerns. The new Congress has an array of proposals aimed at protecting children in the online environment. Unfortunately, many of the proposals would not be effective in protecting kids, and raise very serious constitutional and policy problems. As done in at least one new bill, Congress should instead focus its efforts on promoting the education of both children and parents about online child safety, and promoting the voluntary use by parents of filtering and other tools to protect kids. CDT has released an analysis of the legislative proposals now pending before Congress. [Center for Democracy and Technology]

Judge Limits New York Police Taping - New York Times

Fri, 16 Feb 2007 15:44:49 GMT

In a rebuke of a surveillance practice greatly expanded by the New York Police Department after the Sept. 11 attacks, a federal judge ruled yesterday that the police must stop the routine videotaping of people at public gatherings unless there is an indication that unlawful activity may occur.

Four years ago, at the request of the city, the same judge, Charles S. Haight Jr., gave the police greater authority to investigate political, social and religious groups.

In yesterday's ruling, Judge Haight, of United States District Court in Manhattan, found that by videotaping people who were exercising their right to free speech and breaking no laws, the Police Department had ignored the milder limits he had imposed on it in 2003.

Citing two events in 2005 -- a march in Harlem and a demonstration by homeless people in front of the home of Mayor Michael R. Bloomberg -- the judge said the city had offered scant justification for videotaping the people involved.

"There was no reason to suspect or anticipate that unlawful or terrorist activity might occur," he wrote, "or that pertinent information about or evidence of such activity might be obtained by filming the earnest faces of those concerned citizens and the signs by which they hoped to convey their message to a public official."

While he called the police conduct "egregious," Judge Haight also offered an unusual judicial mea culpa, taking responsibility for his own words in a 2003 order that he conceded had not been "a model of clarity."

The restrictions on videotaping do not apply to bridges, tunnels, airports, subways or street traffic, Judge Haight noted, but are meant to control police surveillance at events where people gather to exercise their rights under the First Amendment.

"No reasonable person, and surely not this court, is unaware of the perils the New York public faces and the crucial importance of the N.Y.P.D.'s efforts to detect, prevent and punish those who would cause others harm," Judge Haight wrote.

Jethro M. Eisenstein, one of the lawyers who challenged the videotaping practices, said that Judge Haight's ruling would make it possible to contest other surveillance tactics, including the use of undercover officers at political gatherings. In recent years, police officers have disguised themselves as protesters, shouted feigned objections when uniformed officers were making arrests, and pretended to be mourners at a memorial event for bicycle riders killed in traffic accidents.

"This was a major push by the corporation counsel to say that the guidelines are nice but they're yesterday's news, and that the security establishment's view of what is important trumps civil liberties," Mr. Eisenstein said. "Judge Haight is saying that's just not the way we're doing things in New York City."

A spokesman for Police Commissioner Raymond W. Kelly referred questions about the ruling to the city's lawyers, who noted that Judge Haight did not set a deadline for destroying the tapes it had already made, and that the judge did not find the city had violated the First Amendment.

Judge Restricts New York Police Surveillance of Public Spaces.

Fri, 16 Feb 2007 15:40:46 GMT

Judge Restricts New York Police Surveillance of Public Spaces.

A federal judge ruled that the police must stop the routine videotaping of people at public gatherings. Reversing (and clarifying) an earlier ruling, the judge stated that such public surveillance is allowable only if there was an indication that unlawful activity may occur. From the NYTimes report:

Four years ago, at the request of the city, the same judge, Charles S. Haight Jr., gave the police greater authority to investigate political, social and religious groups.

In yesterday's ruling, Judge Haight, of United States District Court in Manhattan, found that by videotaping people who were exercising their right to free speech and breaking no laws, the Police Department had ignored the milder limits he had imposed on it in 2003.

Citing two events in 2005 -- a march in Harlem and a demonstration by homeless people in front of the home of Mayor Michael R. Bloomberg -- the judge said the city had offered scant justification for videotaping the people involved.

"There was no reason to suspect or anticipate that unlawful or terrorist activity might occur," he wrote, "or that pertinent information about or evidence of such activity might be obtained by filming the earnest faces of those concerned citizens and the signs by which they hoped to convey their message to a public official."

While he called the police conduct "egregious," Judge Haight also offered an unusual judicial mea culpa, taking responsibility for his own words in a 2003 order that he conceded had not been "a model of clarity."

A win for the preservation of "privacy in public," but this also shows how important is it to ensure such rights are made explicit, and not left to be interpreted by those who hold the power of surveillance.

[michaelzimmer.org]

Free Speech group EFF needs videographer in Syracuse (CraigsList)

Fri, 16 Feb 2007 03:26:39 GMT

Date: 2007-02-15, 9:12PM EST

we are looking for someone who has a good-quality Mini-DV camera and can produce good lighting (natural is fine) and sound (onboard is fine, it just has to be very clear) for a brief videotaped statement.

this is to support an online free speech case.

details here:
http://www.10zenmonkeys.com/2006/11/01/eff-crook-dmca-lawsuit/

the subject to be shot is in/around Syracuse. we may be able to pay expenses for travel by car. if you respond to this note, EFF lawyers will contact you with more info.

this video will be distributed widely across the webernets and we can offer a prominent production credit, as well as the warm, fuzzy feeling that you've helped EFF's ongoing defense of digital free speech.

please respond with with your availability over the next week or so.

KMVT - Real ID Sparks Controversy in Idaho

Fri, 16 Feb 2007 02:04:21 GMT

Idaho may become the latest state to oppose a federal law requiring a national driver's license, on concern over its cost and intrusiveness on personal privacy.

At least 17 states including neighboring Washington and Utah have passed or are considering legislation asking Congress to dump the "Real I-D" project.

The Idaho House Transportation Committee will debate a resolution opposing it Wednesday.

Supporters in the federal Department of Homeland Security say Real I-D is needed to prevent terrorists such as those behind the September 11th attacks and illegal immigrants from getting fake I-D cards.

But the conservative Cato Institute and the American Civil Liberties Union, groups normally on opposite sides, have formed an unusual alliance to call on Idaho lawmakers to send Congress a message: That Real I-D should to be reconsidered.

Governor Otter co-sponsored Real I-D in 2005 while he was a U-S representative from Idaho, but a spokesman in Boise says the Republican chief executive now has concerns about its cost.

California Petition Would Require Audio-Visual Record of Contacts Between Police and Public.

Fri, 16 Feb 2007 01:51:17 GMT

California Petition Would Require Audio-Visual Record of Contacts Between Police and Public. Requires that a copy of the recording be provided to affected citizens who are arrested and charged with a crime. [GT: Security and Privacy]

Illinois Bill Would Ban Social Networking Sites.

Thu, 15 Feb 2007 22:46:01 GMT

Illinois Bill Would Ban Social Networking Sites. AlexDV writes "Library blogger Michael Stephens is reporting that an Illinois state senator, Matt Murphy (R-27, Palatine), has filed a bill that 'Creates the Social Networking Web site Prohibition Act. Provides that each public library must prohibit access to social networking Web sites on all computers made available to the public in the library. Provides that each public school must prohibit access to social networking Web sites on all computers made available to students in the school.' Here is the bill's full text." --- This local effort harks back to an attempt last May to get federal legislation banning school and library use of social networking sites (Wikipedia summary here). The DOPA bill passed the House but died in the Senate. [Slashdot: Your Rights Online]

Sen. Ted Stevens Introduces "Son of DOPA".

Thu, 15 Feb 2007 22:35:21 GMT

Sen. Ted Stevens Introduces "Son of DOPA". DJCacophony writes "Ted 'series of tubes' Stevens has introduced a bill, going by the interim name S.49, that aims to block access to interactive websites from schools and libraries. The wording of the bill is vague enough to apply to Wikipedia, MySpace (and other social networking sites), and potentially even to blogs. The bill is apparently so similar to the failed Deleting Online Predators Act of last year that it has been termed 'Son of DOPA' by some." --- Stevens introduced S.49, the text of which is not yet available, on the opening day of the legislative session. [Slashdot: Your Rights Online]

Film Insurers Recognize Fair Use.

Thu, 15 Feb 2007 22:28:30 GMT

Film Insurers Recognize Fair Use.

Copyright law has long caused headaches for documentary filmmakers. Fair use allows for the use of brief excerpts of copyrighted material, but that doesn't stop some copyright holders from threatening lawsuits and demanding exorbitant licensing fees. Unless they clear every snippet, filmmakers are generally unable to get "errors and omissions" insurance, and, without that, it's basically impossible to get a film distributed and released in the theaters or TV.

To help clarify the principle of fair use, a group of five national filmmakers organizations put together a Statement of Best Practices in Fair Use in 2006. The Statement provides guidance for lawyers, broadcasters and insurers as to what constitutes fair use.

And happily, the Statement has had a dramatic effect. Cable programmer IFC has been guided by the Statement in deciding what documentaries to air, and now insurers are using it to extend coverage for filmmakers. National Union, a major insurer, has recently adjusted its policy to extend coverage for fair use. Filmmakers can now purchase insurance provided an attorney with experience in copyright law is willing to attest that the film falls within the fair use as defined in the Statement.

This is tremendous news for independent filmmakers, who should find it easier to make their art and inform the public without fear of being shut down by legal threats. As Professor Bill McGeveran suggests at the Info/Law blog this could also be "a powerful approach" for other creative communities "to preserv[e] fair use without direct legal action." Let's hope so.

[EFF: Deep Links]

Privacy and Security Law Blog: Expanded Privacy Obligations for Telecom Carriers and VoIP Providers Under Consideration at the FCC

Thu, 15 Feb 2007 22:21:50 GMT

The FCC is reportedly close to issuing a decision that would modify current rules governing the use, disclosure of, and access to certain information related to telephone subscriber calling records. Current rules require telecommunications carriers to treat this information, known in the industry as customer proprietary network information (CPNI), as confidential and to limit its use and disclosure. CPNI is broadly defined to include information that relates to the quantity, technical configuration, type, destination, location and amount of use of a telecommunications service. Generally speaking this includes call detail records, call volumes, customer account information, billing information, technical information, service destination, and the service plans to which a customer subscribes. Following several high-profile pretexting cases in 2005 which lead to the release of telephone subscriber records the FCC initiated a proceeding to revisit the scope and effectiveness of its current CPNI rules.

Although the FCC has not yet released a decision outlining how it will amend current CPNI regulations, lobbying and advocacy before the agency has been particularly heavy in recent weeks. This renewed activity comes as a result of reports that the FCC will soon adopt an order expanding current CPNI regulations in several ways. While the details of the new measure are still being worked out, reports suggest that the draft order will impose several new obligations on telecommunications carriers. These obligations include the following:

Media Giant Bullies Internet Critic.

Thu, 15 Feb 2007 22:14:41 GMT

Media Giant Bullies Internet Critic.

Discovery Communications Tries to Chill Speech with Baseless Legal Claims

San Francisco - The Electronic Frontier Foundation (EFF) warned Discovery Communications, Inc., today to cease its demands for the removal of an online template that uses humor to help people criticize the media company.

The "SpankMaker," located at http://www.spankmymarketer.com/, helps users create parodies of a controversial marketing campaign in connection with a Discovery television production. The online tool provides images from the marketing campaign and Discovery's corporate websites, and allows users to modify them with commentary.

A lawyer for Discovery has demanded that the website operator remove the template, claiming it infringes Discovery's copyright and is used to defame the company. But in a letter sent in response today, EFF outlines how the use of the images in the template is clearly a non-infringing parody. EFF also explains that the comments that offended Discovery are not libelous and that, in any event, Section 230 of the Communications Decency Act protects the creator of the SpankMaker from liability for comments written by others.

"Once again, a business is trying to use false legal claims to chill criticism," said Staff Attorney Corynne McSherry. "Fortunately, more and more, the targets of these kinds of threats are fighting back."

EFF's letter is part of its ongoing campaign to protect online free speech. Earlier this month, EFF provided legal support for environmental activists who were threatened by the Chicago Auto Show after posting an Internet parody. In November, EFF reached an agreement with the corporate owners of the popular children's television character Barney the Purple Dinosaur to withdraw meritless legal threats against a website publisher who parodied the character.

For EFF's response letter:
http://eff.org/legal/cases/discoverycom_v_rubinstein/response_letter.pdf

Contact:

Corynne McSherry
Staff Attorney
Electronic Frontier Foundation
corynne@eff.org

[EFF: Breaking News]

Google & YouTube Turn Over User ID to Fox.

Thu, 15 Feb 2007 00:39:25 GMT

Google & YouTube Turn Over User ID to Fox.

ASPnews.com reports that Google has complied with subpoenas issued by the U.S. District Court in Northern California and provided 20th Century Fox the identities of two individuals who illegally uploaded entire episodes of [base "]24″ to YouTube prior to its broadcast and DVD release.

This seems within Google[base ']s rights, as YouTube[base ']s ToS clearly prohibits uploading copyright-protected content, and its privacy policy affirms they will comply with subpoenas.

Loren Baker at Search Engine Journal wonders, however, if Google[base ']s marketing relationship with Fox Interactive (providing ads for MySpace) influenced their willingness to provide the information without much of a fight[sigma]

[michaelzimmer.org]

TSA - Not Living Up to Its Middle Name.

Thu, 15 Feb 2007 00:31:50 GMT

TSA - Not Living Up to Its Middle Name.

The Transportation Security Administration is extending an olive branch to airline travelers who have been delayed or prevented from boarding a plane on account of their name matching an identical one on the agency's "no-fly" list. The TSA recently created a Web site designed to help disgruntled detainees clear their name. However, the would-be passenger must supply some personal data, including date and place of birth, as well as identifying numbers for a driver's license, birth certificate or passport.

This could be a useful service. But TSA is not living up to its middle name - Security. TSA and the contractor that built the site have overlooked a key piece of cyber protection. The site requests a lot of personal information. When a person clicks on "submit form," it transmits an individual's data to TSA without the benefit of the secure data transfer offered by secure sockets layer. In a site secured by SSL, a Web address begins with an "https://" rather than "http://".

Consider what this means for a passenger who is stewing in the airport terminal after missing his flight because a TSA screener confused him with that other Robert Johnson on the TSA's special list. The good Mr. Johnson is told he can try to prevent this misunderstanding from happening again if he submits data requested by the travel identity verification site. He pops open his laptop, hops on the airport terminal's wireless network, completes the form and clicks "submit." Meanwhile, a digital terrorist on the other side of the terminal has just captured the data Johnson submitted because it was sent without SSL.

A tip o' the hat to Chris Soghoian, the boarding pass hacker who spotted this latest transportation security foible.

Noted cryptologist and security expert Bruce Schneier is fond of saying that so much of the Homeland Security Department's protections are "security theater." He says they are constructs designed not necessarily to make us more secure but rather to make us feel more secure. I think that aptly captures much of what is sold to the public in the name of physical and Internet security. But a security device should at least adhere to the physician's motto -- to do no harm.

Update, 9:10 a.m.:Some folks have written in to say they've seen the site offer an SSL certificate but that it warns of a certificate error. If you navigate to the submission form from the main page by clicking on the Traveler Identity Verification form link, it takes you to this page, which offers two links to the same form -- one beginning in "https://" (the link at the top), and another one halfway down the page that does not offer the SSL certificate.

Those commenting so far were visiting the site in Firefox, but when I visit the SSL page in Internet Explorer 7, it gives me a warning page that says "There is a problem with this Web site's security certificate. We recommend that you close this webpage and do not continue to this website."

[Security Fix]

Dutch Hacker Appeals Jail Sentence.

Thu, 15 Feb 2007 00:23:48 GMT

Dutch Hacker Appeals Jail Sentence. The leader of a gang that committed what has been described as the Netherland's biggest cybercrime is appealing his sentence. [PC World: Latest Technology News]

RIAA to ISPs: Help Us Sue Your Customers Better.

Wed, 14 Feb 2007 04:59:43 GMT

RIAA to ISPs: Help Us Sue Your Customers Better.

As if suing thousands of music fans isn't bad enough, now the RIAA wants to conscript ISPs into helping them streamline the shakedowns. The major record labels sent a letter to ISPs across the country asking them to trade away customers' rights and make the overzealous file sharing lawsuits more profitable -- and the RIAA even has the audacity to suggest that this all for your own good.

ISPs currently have no obligation to maintain IP log files, and that's a good thing when it comes to protecting your privacy. Those log files can serve as Internet breadcrumbs -- your ISP and any third party that has access to them can retrace your online activities.

But the RIAA wants ISPs to maintain (and disclose) a customer's IP logs for six months whenever the RIAA says the user may have infringed copyright. In exchange, the record companies will reduce its initial lawsuit settlement demands. Of course, the actual customer would have no say in the matter. The RIAA letter says it wants the information kept because it could "exculpate" the customer, but of course those same records can also implicate the user. Funny, the labels don't mention that.

EFF and others have long warned that copyright claims could become an altar on which personal privacy is sacrificed. Now the RIAA wants your ISP to voluntarily wield the knife, and there's no telling what else the RIAA might ask for once this cut has been made

The RIAA also wants ISPs to keep customers in the dark about their legal options. Before the RIAA has even verified that the user is correctly identified, it wants ISPs to send along a note saying the user might be sued and can already settle potential claims. At the same time, the RIAA scolds ISPs for giving information to their customers that could help provide sound legal counsel. Instead, the RIAA wants ISPs to direct subscribers solely to the RIAA.

In other words, the RIAA wants it to be harder for customers to find out that settling early might be a bad idea. Does the RIAA readily tell customers that parents are generally not liable for infringements committed by their kids, or that bankruptcy might be a last-ditch option for some, or that the record labels have occasionally sued the wrong people? Doubtful. The RIAA's letter notes that some people have been told that "the RIAA could have been incorrect in identifying your IP address" -- which of course is true -- and "directed the subscriber to certain websites, instead of having him contact the RIAA." We suspect those websites include EFF's resources as well as the Subpoena Defense website.

It's possible that, after the fact, a given user might have preferred a cheaper, earlier settlement, but neither ISPs nor fans should have to make the remarkably perverse choice laid out in the RIAA's "offer." As we've pointed out repeatedly, the record labels could help forge a better way forward to get artists paid without suing fans or further endangering their privacy.

The last time we checked, ISPs don't work for the RIAA, so until the major record labels come to their collective senses, ISPs shouldn't be handmaidens in their misguided lawsuit campaign.

[EFF: Deep Links]

Web Censorship Proposed For Norway.

Wed, 14 Feb 2007 01:08:57 GMT

Web Censorship Proposed For Norway. Aqwis writes "A Norwegian Web filtering system (link in Norwegian), comparable to the Great Firewall of China, has been proposed to the Norwegian legislature. It would, if enacted, block all Web sites and servers that contain hate material (racial hate, pro-Nazi sites, hate towards the government, etc.), most kinds of pornography (not only child pornography), foreign gambling sites, and sites that share copyrighted or other material that it is not legal to share (such as most BitTorrent sites and services such as LimeWire). Reactions have been mixed; however they are mostly negative." [Slashdot: Your Rights Online]

RIAA Admits ISPs Have Misidentified "John Does".

Wed, 14 Feb 2007 00:33:16 GMT

RIAA Admits ISPs Have Misidentified "John Does". NewYorkCountryLawyer writes "The RIAA has sent out a letter to the ISPs telling them to stop making mistakes in identifying subscribers, and offering a 'Pre-Doe settlement option' -- with a discount of '$1000 or more' -- to their subscribers, if and only if the ISP agrees to preserve its logs for 180 days. Other interesting points in the letter (PDF): the RIAA will be launching a web site for 'early settlements,' www.p2plawsuits.com; the letter asks the ISPs to notify the RIAA if they have previously 'misidentified a subscriber account in response to a subpoena' or become aware of 'technical information... that causes you to question the information that you provided in response to our clients' subpoena'; it notes that ISPs have identified 'John Does' who were not even subscribers of the ISP at the time of the infringement; and it requests that ISPs furnish their underlying log files, not just names and addresses, when responding to RIAA subpoenas." [Slashdot: Your Rights Online]

Groups Call for E-Voting Paper Trail Legislation.

Wed, 14 Feb 2007 00:13:06 GMT

Groups Call for E-Voting Paper Trail Legislation. A coalition of voting rights groups today called on the U.S. Congress to pass legislation that would require electronic voting machines to have printers attached. [PC World: Latest Technology News]

Eli Lilly Loses Effort to Censor Zyprexa Documents Off the Internet.

Wed, 14 Feb 2007 00:04:42 GMT

Eli Lilly Loses Effort to Censor Zyprexa Documents Off the Internet.

Judge Rescinds Injunction Against Wiki, Other Websites

New York - A U.S. District Court judge today refused Eli Lilly's request to ban a number of websites from publishing leaked documents relating to Zyprexa, Eli Lilly's top-selling drug. Although the judge rejected the First Amendment arguments made by a variety of individuals eager to publish the documents, the court concluded that "it is unlikely that the court can now effectively enforce an injunction against the Internet in its various manifestations, and it would constitute a dubious manifestation of public policy were it to attempt to do so." The order is a victory for the Electronic Frontier Foundation (EFF), which represents an anonymous individual who was previously barred by the court's earlier orders from posting links to the Zyprexa documents on the zyprexa.pbwiki.com wiki.

The Zyprexa documents were leaked from an ongoing product liability lawsuit against Eli Lilly. The internal documents allegedly show that Eli Lilly intentionally downplayed the drug's side effects, including weight gain, high blood sugar, and diabetes, and marketed the drug for "off-label" uses not approved by the Food and Drug Administration (FDA). The documents were the basis for a front-page story in the New York Times in December of last year, and electronic copies are readily available from a variety of Internet sources. EFF's client posted links to one set of copies on a wiki devoted to the controversy that were part of extensive, in-depth analysis from a number of citizen journalists.

"This ruling makes it clear that Eli Lilly cannot invoke any court orders in its futile efforts to censor these documents off the Internet," said EFF Staff Attorney Fred von Lohmann. "We are disappointed, however, that the judge failed to appreciate that its previous orders constituted prior restraints in violation of the First Amendment."

The court stayed its ruling for 10 days in order to permit an appeal. Zyprexa is Eli Lilly's best selling drug, used to treat schizophrenia and bipolar disorder. Eli Lilly has paid more than $1.2 billion to resolve lawsuits involving Zyprexa.

For the full order:
http://eff.org/legal/cases/zyprexa/zyprexa_judgement.pdf

For more on the Eli Lilly Zyprexa litigation:
http://www.eff.org/legal/cases/zyprexa/

Contact:

Fred von Lohmann
Senior Intellectual Property Attorney
Electronic Frontier Foundation
fred@eff.org

[EFF: Breaking News]

The Open Rights Group : Blog Archive - Write to your MEP: JURI to vote on IPRED2 at the end of this month

Mon, 12 Feb 2007 19:56:36 GMT

PRED2, the European Union's second intellectual property enforcement directive, is going to the vote at the end of this month. The European Parliament's committee on legal affairs, JURI, will be voting on several amendments to this mammoth bill which threaten to turn IP infringement from a civil offence into a criminal one. Your MEP needs to know now why this is a bad idea.

The FFII are calling IPRED2 "The Prosecution Paradise Directive":

"All over Europe piracy and counterfeiting of 'intellectual property rights' are already prosecutable (TRIPS art 61). The Criminal Measures IP Directive adds disproportionality. The European Commission proposal is not limited to piracy. All commercial scale infringements will be crimes, the proposal criminalises IPR disputes that are essentially of a civil nature and occur between legitimate commercial enterprises. Even untested rights, which may soon evaporate in a civil court cases, become grounds for prosecution. And the rights holders may assist the police."

The Open Rights Group has written this letter to all the UK MEPs sitting on JURI to express its concern at the proposed directive.

But we need your help too. Please take some time to write to your European representatives and let them know your personal concerns. You can find out who your MEPs are at WriteToThem.

There's a lot about IPRED2 to object to (and even a little bit to encourage) in the proposed directive. If you focus on one issue and explain how it affects you, your MEP is much more likely to sit up and listen. Keep your letters succinct and polite and if you can, back up what you're saying with clear references - the FFII IPRED2 website has lists of external opinions and background information, as well as analysis of each of the proposed amendments, which should get you started.

Remember, MEPs, like MPs, are unlikely to appreciate or respond to copy-and-pasted form letters, so please take the time to put down your concerns in your own words. Ask your MEP to forward your concerns to Nicola Zingaretti, the JURI rapporteur, or to their closest JURI colleague.

IPRED2 - Open Rights Group vs. Their Rights Online.

Mon, 12 Feb 2007 19:52:52 GMT

IPRED2 - Open Rights Group vs. Their Rights Online. Elektroschock writes "The British Open Rights Groups yells the alarm bell. Europe again. Ipred v.2, a directive proposal, will pass the Legal Affairs Committee soon. ipred2 would brand 'all intentional intellectual property rights infringements on a commercial scale' a criminal offence, thus the public prosecutor will take action and take over the role of RIAA. For commercial social communities where infringements are inevitable -- think of Youtube -- they expect dangerous times ahead. On the other hand life of content industrials would get a lot easier. It is difficult to imagine how the consumer would benefit. Toine Manders, Dutch MEP in that Committee, openly advocates his amendment proposal aimed to criminalize consumers. Open Rights Group suggests you to write to your Members of Parliament. Will they have any impact? Janelly Fourtou, wife of the Vivendi boss, is a member of the Committee. And she pushed through ipred number 1, so why should public action make a difference? The EFF started only this month to build up an office in Brussels. Do MEPs listen or could Sealand be an option for Web 2.1?" [Slashdot: Your Rights Online]