TechDirt

  • : Function ereg() is deprecated in /home/morelweb/public_html/includes/file.inc on line 645.
  • : Function ereg() is deprecated in /home/morelweb/public_html/includes/file.inc on line 645.
  • : Function ereg() is deprecated in /home/morelweb/public_html/includes/file.inc on line 645.
  • : Function ereg() is deprecated in /home/morelweb/public_html/includes/file.inc on line 645.
  • : Function ereg() is deprecated in /home/morelweb/public_html/includes/file.inc on line 645.
  • : Function ereg() is deprecated in /home/morelweb/public_html/includes/file.inc on line 645.
  • : Function ereg() is deprecated in /home/morelweb/public_html/includes/file.inc on line 645.
  • : Function ereg() is deprecated in /home/morelweb/public_html/includes/file.inc on line 645.
  • : Function ereg() is deprecated in /home/morelweb/public_html/includes/file.inc on line 645.
  • : Function ereg() is deprecated in /home/morelweb/public_html/includes/file.inc on line 645.
Syndicate content Techdirt.
Easily digestible tech news...
Updated: 1 year 18 weeks ago

NBC's 'Most Live Olympics Ever' Will Have A One Hour Broadcast Delay For The Opening Ceremony

Fri, 2016-07-15 19:39

It's Olympics season again. What is normally an expose of how the IOC and the USOC become the biggest IP bullies on the block has had a little spice added to it this year in the form of a host country that by all reports is woefully unprepared for its duties while simultaneously being rocked by a pest-spread disease with the delightful symptom of shrinking the brains of fetuses. And if that doesn't make you believe that some combination of a god and/or the universe wants the Olympics to cease to be, perhaps the fact that the whole fiasco will be broadcast by NBC will.

Yes, running in parallel with our posts about IOC bullying, you will find a history of posts about NBC's strange attempts to turn back the clock on its broadcast of the games. Historically, this has meant limiting the live streaming of most of the events, making it as difficult to find and watch any event as possible, and delaying all kinds of event broadcasts until NBC deems that the public wants to watch them. But have heart, dear friends, for the NBC overlords have listened and have declared that these Rio Olympics will be the "most live Olympics ever."

For Rio 2016, NBC says this will be its "most live Olympics ever" with 4,500 hours of coverage streaming on NBCOlympics.com and the recently renamed NBC Sports app. Also new this time around is that the NBC Sports app is on connected TV devices (it launched on Roku and Apple TV last year), not just mobile.

Now, I'll just go ahead and note here that while NBC has been very busy patting itself on the back for how much more live coverage there will be of the Olympics in Rio compared with previous broadcasts, the fact that there is a time difference of exactly one hour between East Coast time and Brazil means that all the live coverage is probably just happenstance rather than any concerted effort by NBC. But, hey, the company has still gotten the message that live coverage only makes sense in a hyper-connected world where view-on-demand can be achieved by the devices we carry around in our pockets at work and while in transit, right?

Sure! Except for the opening ceremony, because you idiots aren't smart enough to be able to watch that live.

The Rio Olympics formally begin August 5th with the opening ceremony from the Maracanã stadium. Proceedings start at 7 p.m. Eastern Time, only you won’t be able to watch them on NBC until at least an hour later. At a press conference yesterday, NBC execs announced plans to broadcast the ceremony at 8 p.m. Eastern Time and 7 p.m. Central Time, each on one hour delays, and at 7 p.m. Mountain Time and 8 p.m. Pacific Time, on two and four-hour delays respectively.

So why the need for anywhere between a one and four our delay to watch the opening ceremony? Two reasons. First, forget all of that hyperconnectivity thing we just talked about, this shit has to only air during prime time. Also, without post-production and planned narration of the ceremony, you viewers won't get all of the great story lines NBC wants to feed you.

By doing a short tape-delay of one hour, it allows us to put it in a time period when more people are home to watch, because it is a Friday night and they get out of their commute or home from wherever they are. And it allows us to curate it with the narrative and storytelling of our announcers to explain what’s going on. And it allows us to put in commercials without cutting out large chunks of the show.

Also, the opening ceremony is really for all of the penis-less viewers out there. And we all know how the ladies don't really like sports but do like their soap operas, amirite?

The people who watch the Olympics are not particularly sports fans. More women watch the Games than men, and for the women, they’re less interested in the result and more interested in the journey. It’s sort of like the ultimate reality show and mini-series wrapped into one. And to tell the truth, it has been the complaint of a few sports writers. It has not been the complaint of the vast viewing public.

Now, to the point about the prime time coverage. Look, hyperconnected or not, it is certainly true that many adults only have certain hours of the day to which they can dedicate some couch-time and watch a bunch of people from a bunch of countries walk around in a circle for a while. But that doesn't mean NBC couldn't also stream the ceremony live for those that want it live. The commentary might be pared down and perhaps we wouldn't get all of the juicy narrative NBC wants to inject for lady viewers, who we all know universally hate sports and all that, but there is value to live coverage that many people want. It's not just a small number of sports writers.

As for that context it claims it needs to inject, that's not the whole story. What the delay really allows NBC to do is inject commercials wherever it wants without omitting any countries from the ceremony while also being able to cut out any undesirable content (i.e. political content) that shows up in the ceremony.

NBC has an incentive to air the ceremony live, but by delaying, they are sacrificing the chance to be first so they can tailor the coverage, cut out any shenanigans, and pick the best places to cut away to commercial. And, of course, cut anything controversial. As Gary Zenkel, NBCSG’s president, pointed out, it’s a show, not a competition.

Which, fine, if NBC wants to act as the speech filter for its viewers, so be it. But who is going to be surprised when NBC also screams bloody murder at people seeing results, highlights, and even coverage of the opening ceremony that will be available on other streams from other nations' broadcasts, on Twitter and Facebook and the like? NBC can't seriously delay its coverage and get mad when all the customers whose demands it ignores move on to other options.

But that's exactly what will happen. We've been here before, after all. And no matter how "live" these Olympics are this go-round, delaying the broadcast and stream of the opening ceremony leads me to believe I know exactly how it will go this time too.



Permalink | Comments | Email This Story
Categories: Tech News

Nintendo Cracking Down On Pokemon Go 'Pirates' Despite The Game Being Free

Fri, 2016-07-15 18:15

In these past few weeks, the world has become divided into two camps: those who are sick of hearing anything about Nintendo's new smash mobile hit, Pokemon Go, and those who can't get enough of it. While the media tags along for the ride and with the app shooting up the charts as the craze takes hold, it's worth keeping in mind that this is Pokemon and Nintendo we're talking about, two connected groups with a crazy history of savagely protecting anything to do with their intellectual property.

Still, it was strange to learn that Nintendo is issuing all kinds of takedown requests to "pirate" versions of the Android app that are available roughly all over the place. The reason I wrapped that word in quotation marks above is that the Pokemon Go app is entirely free and even the unofficial versions of the app still point the user back to the app's official store for any in-game purchases.

Nintendo is obviously not happy with this black market distribution. Although it doesn’t seem to hurt its stock value, the company is targeting the piracy issue behind the scenes. TorrentFreak spotted several takedown requests on behalf of Nintendo that were sent to Google Blogspot and Google Search this week. The notices list various links to pirated copies of the game, asking Google to remove them.

Thus far the efforts have done little to stop the distribution. The files are still widely shared on torrent sites and various direct download services. The copies on APKmirror.com remain online as well.

So why is Nintendo engaging in a losing war against its own popularity instead of deciding to spend the time counting the money that is streaming in from its smash hit instead? Well, the speculation is that this has all to do with the geographic release windows for the app.

With no commercial gain to be had from stopping people playing the game, I’m guessing Nintendo is just trying to keep it in the hands of users in countries where Pokémon Go has been officially released. Maybe to cut back on stuff like the problems some Korean gamers are having right now.

The issue appears to be that the game doesn't really function in countries where it hasn't been officially released yet. This means that users of the unofficial apps in these countries are likely to find that no Pokemon exist to be collected, or are at least far more sparse than they will be once the release is official in that country. This has led to some minor frustration from those who downloaded the app from an unofficial source, as they wander around doing essentially nothing.

But so what? That isn't really Nintendo's problem and there's no way that the company will take on any ill-will from those downloading unofficial copies of the game where it hasn't been released yet. The app, keep in mind, is a free one and points to Nintendo's in-game store for purchases whether it's from the official app or the unofficial one. There's literally no money lost in this in any way and, it can easily be argued, the widespread availability from many different sites may well be super-charging the viral nature of the product. That should be a huge win for Nintendo, as the company gains new and free distribution channels at zero cost.

If this is about the geo-restricted release dates, I sort of get it, but I only sort of get it because I already know how crazy-insane Nintendo is in terms of controlling every last aspect of every last product it offers. The company just can't help itself, even when it can be argued the "pirated" apps are doing way more good than harm.



Permalink | Comments | Email This Story
Categories: Tech News

As Erdogan Faces Turkish Coup, The Guy Who Once Banned Social Media Sites, Forced To Address Nation Via Facetime & Twitter

Fri, 2016-07-15 15:48
We've written a fair amount about Turkish President Recep Tayyip Erdogan. Lately, it's mostly been about his ridiculously thin skin over insults, and his willingness to take his hurt feelings international. But, even prior to that, he had a history of irrational hating on social media. Back when he was Prime Minister, he tried to blame Twitter for social unrest, even going so far as to order it banned in the country. And, when that failed, he actually sued his own government over the failure to block content on Twitter that he disliked.

Now, as you hopefully know from news sources other than Techdirt, as I write this, it appears that there's a military coup going on in Turkey, trying to usurp Erdogan. As part of that effort, all those social media sites that Erdogan himself does not like, including Facebook, Twitter and YouTube are being blocked. For Erdogan himself, that's meant that he's been cut off from his own means of communication to the public, leaving him to use Apple's Facetime to call a local TV station to put him on the air:

Turkish TV broadcasts a message from Erdogan claiming he's in control and will punish the coup leaders pic.twitter.com/8grmFarUfl

— Eliot Higgins (@EliotHiggins) July 15, 2016 And, of course, the social media blocks aren't even that effective anyway -- with many Turkish citizens using VPNs to get around the blocks. Plenty of people are now seeing live coverage of what's happening in Turkey thanks to Facebook Live and Twitter's Periscope.

See the shocking Turkish coup on the amazing Facebook Livehttps://t.co/uImGjxXXRm pic.twitter.com/vTBp8S8cjJ

— Chemi Shalev (@ChemiShalev) July 15, 2016

The revolution will be televised - extraordinary scenes from Ataturk airport on Periscope pic.twitter.com/LIgByX6OwC

— Rory Cellan-Jones (@ruskin147) July 15, 2016 I have no idea how this will turn out, but from the perspective of how the internet has changed the media landscape, this is all fairly incredible to watch as it plays out.

Update: And the irony gets thicker. Erdogan is now reaching out to the public... via Twitter:

Permalink | Comments | Email This Story
Categories: Tech News

Could Donald Trump Block Hillary Clinton's Campaign From Visiting His Website Via The CFAA?

Fri, 2016-07-15 14:28
In the past few weeks, we've written about two troubling rulings in the 9th Circuit appeals court concerning the CFAA, the Computer Fraud and Abuse Act. That law, that was literally written in response to Ronald Reagan being freaked out by the (fictional) movie War Games, was designed to go after hackers and make computer hacking into other people's computers a crime. The law is woefully outdated and unfortunately vague, with terms like "unauthroized access" and "exceeds authorized access." For years, many of us have been pushing for Congress to reform the law to make it not quite so broad, because in its current setup it's the law the DOJ relies on when all else fails. That's why the DOJ loves it. If you did something it doesn't like on a computer, it'll try to use the CFAA against you.

The two recent cases were not helpful. The first, called Nosal II (because it was the second CFAA case involving David Nosal trying to use data from his former employer), found that convincing a former colleague to share their password with you could violate the CFAA. The court tried to limit the impact of this, by adding some caveats, and insisting that mere password sharing wouldn't qualify without some additional event that indicated a lack of authorization, but it does still seem like a vague standard that many will try to use going forward. The second case, Facebook v. Power, found that Power violated the CFAA by continuing to access Facebook accounts, with permission of those Facebook users, after Facebook had sent a cease-and-desist. The court found that the cease-and-desist acted as a clear point that said "you're not allowed here."

But it's difficult to square that with the original Nosal ruling (Nosal 1) which found that merely violating a terms of service was not a CFAA violation. So ignoring a terms of service is not a CFAA violation, but ignoring a cease-and-desist letter is. It's not clear why one has power over the other, though perhaps there's an argument that a cease-and-desist is a proactive action towards an individual by a website, whereas a terms of service is broadly applicable. Still, it feels weak.

And, it raises tricky situations like the following, first raised by Andy Sellars, about a situation in which one individual alerts another that they can no longer visit a website. Let's say this happened between two presidential candidates. Hypothetically.

If so, that’s devastating for critical speech. Imagine Trump sending a C&D to Clinton’s campaign, barring access to https://t.co/BFK7Ukdtpw.

— Andy Sellars (@andy_sellars) July 12, 2016 And, as Eriq Gardner at the Hollywood Reporter notes in response, the answer is totally unclear. And that seems really problematic. I had tossed out some hypotheticals in my original post on the Facebook v. Power ruling, but this is a good one as well, because you could absolutely see some political candidates issuing that kind of cease-and-desist. There may be arguments about whether then accessing such a website would create a loss necessary to qualify for the CFAA, but it's still quite worrisome that the court has now put in place a vague standard that at least suggests that you can bar someone from a website by merely telling them not to go there. That's going to create a bunch of messy litigation going forward.

Permalink | Comments | Email This Story
Categories: Tech News

Oracle v. Google Not Over Yet: Oracle Seeks Another New Trial While Google Seeks Sanctions On Oracle's Lawyers

Fri, 2016-07-15 12:43
As you probably remember, a jury decided in Google's favor after a somewhat wacky trial that its use of some of the Java APIs was considered fair use. Oracle, of course, isn't going down quietly. It immediately asked the judge, William Alsup, to reject the jury's verdict, which he refused to do. Everyone expects that Oracle will appeal this as high as it can go, though its chances aren't great.

In the meantime, though, Oracle isn't done trying every possible door at the district court level. Last week it simply asked for a new trial in what I can only describe as Oracle's sour grapes motion. It starts out by claiming that "the verdict was against the weight of the evidence" and thus a new trial is necessary. And then it whines about a whole bunch of other issues, including Google's plans to use Android on computers, meaning that the "harm" portion of the trial was unfairly limited to just tablets and phones. It also whines about certain limitations and exclusions of information it was not allowed to present. These are purely "waaaaah, we lost, fix it, waaaaaah" kinds of arguments. The court also excluded lots of Google evidence as well, and Oracle may not really want to revisit some of that either. You can read the full document below or at the link above, but analyzing all of it is pretty silly. It's strictly a sour grapes argument that is unlikely to go anywhere.

At the same time, Oracle filed yet another motion for judgment as a matter of law... that also seems unlikely to go anywhere. Here, though, the argument is basically that the jury got fair use wrong. The argument here is pretty laughable. It goes through each of the four factors and argues why the jury got it wrong. Now, it's true, as some have argued, that a court can take the four fair use factors and basically come to any conclusion it wants, but it's hard to see Judge Alsup doing that here. It would be shocking to see him do so actually. And, rather than go through each argument, I'll just present the table of contents of Oracle's filing here so you can see how desperate the company is: Basically, Oracle is continuing to falsely pretend that fair use only applies to non-commercial use (it doesn't), and that creating something new with an API isn't transformative unless it's like artwork or something (this is wrong). Oracle's interpretation of fair use is not supported by the history or case law of fair use, and it would be shocking to see the court accept it here.

Meanwhile, on the flip side, Google is looking to punish Oracle's lawyers and asking for sanctions against them for revealing in open court sensitive information that had been sealed by the court. On January 14, 2016, Oracle’s counsel Annette Hurst disclosed in open court representations of sensitive confidential financial information of both Google and third-party Apple Inc., as well as extremely confidential internal Google financial information.... After Ms. Hurst’s improper disclosures, Oracle and its counsel neither sought to remedy the effects of the disclosures nor acknowledged their wrongdoing. They instead refused to take responsibility for the disclosures, claimed they were inconsequential because Oracle hoped to use the information at trial (which it never did), and even argued that Google’s motion to seal the third party Apple information—which Judge Ryu subsequently granted,... —was “merely a delaying tactic.” ... Within days of the disclosures, and following Oracle’s failure to take remedial action, this information became headline news for major news outlets, at least one of which noted that, thanks to Ms. Hurst, the press could finally report on confidential information that had theretofore been only a subject of speculation.

Oracle’s disclosures and its subsequent actions reveal a profound disregard for this Court’s Protective Order and for other parties’ confidential information. Google and third party Apple were harmed by Oracle’s counsel’s disclosure regarding the terms of a significant and confidential commercial agreement. Google believes it is important, both for this case and for other cases in this District, for the Court to make clear that Oracle’s counsel’s actions were improper, that Oracle’s excuses for the disclosures are invalid, and that Oracle’s failure, after the fact, to cooperate in remedying the disclosures was inconsistent with the Protective Order.
Disclosing confidential/sealed information in court is a pretty big deal, though I have no idea how the court will rule on this matter.

Either way, it's safe to say that there's little love lost between Google and Oracle (and their lawyers).

Permalink | Comments | Email This Story
Categories: Tech News

Bill Introduced To Create Copyright Small Claims Court... Which Copyright Trolls Are Going To Love

Fri, 2016-07-15 11:45
For a while now, some in the copyright community have been pushing for a copyright "small claims court" as an alternative to filing a federal lawsuit over copyright law. It's true that, especially for small copyright holders, the cost of filing a lawsuit may appear to be rather prohibitive. But it's not clear that a small claims court is the answer. A few years ago, we wrote about some potential concerns with such an approach, but have also admitted that if set up right, it could have some advantages. But that requires it be set up right.

Unfortunately, a new bill has been introduced, by Rep. Hakeem Jeffries, along with Rep. Tom Marino, to officially set up such a system -- and it's done in a way that looks like it will not be well-designed, and instead will lead to a massive rush of small claims, especially by copyright trolls. The bill is called the Copyright Alternative in Small-Claims Enforcement Act of 2016, or CASE Act, and... it's got problems.

The "good" news, if you can call it that, is that claims that would go before this appointed tribunal, made up of copyright lawyers recommended by the Register of Copyrights and appointed by the Librarian of Congress, would have much lower statutory damages availability than the federal courts. A copyright claim in a federal court has statutory damages up to $150k, for willful infringement. In the small claims system, the maximum statutory damages would be $15k. But, really, that's just half of today's official statutory damages -- because if there's no willful infringement, the Copyright Act puts a cap at $30k. In the small claims world, there's no option to claim willful infringement.

Another potentially good feature is that this small claims setup would be able to hear two kinds of claims: the standard ones involving claims of someone violating one of the established rights under copyright law... but then also to hear cases about abusive DMCA notifications, under Section 512(f) of the DMCA. Of course, as we've noted in the past, the federal courts have effectively written 512(f) out of the law and refuse to punish those who file bogus DMCA notices. It's not at all clear how things would change here. The bill explicitly notes that the remedies for a 512(f) bogus DMCA notice claim would be limited "to those available under this chapter." But it's unclear if that really means that you could get $15k for a bogus DMCA filing. And that's because the section on statutory damages is clearly written only with people suing for copyright infringement in mind, and not people suing over bogus DMCA takedowns.

For example, it notes that in order to qualify for the $15k maximum statutory damages, it only applies to "works timely registered." But... how does that make sense for 512(f) claims? In those cases, the question of whether or not the defendant timely registered a copyright makes no sense at all. If someone sends a bogus DMCA takedown over a copyright that doesn't exist or that they don't hold, why should its registration status matter? It's almost as if Rep. Jeffries (or the lobbyists who wrote this bill) only tossed in the part about 512(f) claims to appease people concerned about abusive DMCA takedowns, and then completely forgot about it after they included that.

But the really big problem in my mind is that this seems likely to just be swamped by copyright trolls. We already see that they're flooding the federal court system, where multiple rulings against joinder (i.e., the ridiculous bundling of thousands of possible file sharers together) has meant that when trolls do sue, they're generally limited in how many people they can sue. Making the process cheaper, but still offering statutory damages amounts that can be quite scary to the average American, and that can still get the job done of scaring threatened users into paying up fines that are much smaller than the $15,000.

And, yes, this small claims system will allow for discovery, which is the key feature that trolls want. They want to sue, and then get discovery where they can send demands to ISPs for names of subscribers based on IP addresses, and there doesn't appear to be anything in the bill to stop that. It does note that parties seeking discovery need to show "good cause" to enable discovery, but that may be a fairly low bar. It also notes that responding to discovery requests to non-parties in the dispute will be "voluntary" so perhaps ISPs will resist, but that's not certain. And thus, this three-panel board may find itself on the receiving end of a ton of ridiculous claims from trolls who have no intention of following through with the case. One would hope, with the federal court system's copyright docket currently overrun with trolling cases, that whoever drafted this law would have thought through a better plan to stop that from happening here.

Another potential issue: the bill would let individuals go after not just actual infringers, but also service providers if they fail to follow through on a DMCA takedown notice. Basically, it exports the DMCA safe harbors to this small claims process as well, but that may mean that internet platforms are going to get dragged through this process that was meant to focus on small claims that could be easily adjudicated.

There's also this oddity. After laying out the specific responsibilities of the three individuals who will handle all of these small claims cases, the bill notes: When not engaged in performing their duties as prescribed in this chapter, to perform such other duties as may be assigned by the Register of Copyrights. What, exactly, is that going to entail?

Who knows how this will actually play out. A few years back, the UK introduced its own small claims copyright system. But I have no idea how it's doing. I haven't seen any numbers or indication of how widely it's used. Perhaps it works great and is a useful tool for dealing with small scale infringement issues. But I do worry about the way the bill is currently written and how it can be abused, especially by trolls who just want to pressure people into settling, and where the threat of a $15k award might be plenty.

Permalink | Comments | Email This Story
Categories: Tech News

Federal Revenge Porn Bill Not As Bad As It Could Have Been, Still Probably Unconstitutional

Fri, 2016-07-15 10:39
For the last two and half years or so, my Congressional Representative, Jackie Speier, has insisted that she was just about to introduce a federal law outlawing revenge porn. And then it wouldn't come. There would be an article saying it was almost ready... and then nothing. Months would go by, another article would appear... and then nothing. Finally, on Thursday, Speier introduced the bill, insisting that the delay was in convincing Silicon Valley companies to sign on to it. Of course, that leaves out the fact that the reason many refused to sign on was because previous iterations of the bill were incredibly problematic and almost certainly unconstitutional. With two and half years to work on it, however, the finally introduced bill, called the Intimate Privacy Protection Act of 2016, or IPPA, is not nearly as bad as it could have been, nor as bad as some of the suggestions passed around by those who "consulted" on drafting the bill.

But that doesn't mean the bill isn't unconstitutional.

Let's be clear: revenge porn is horrific. The creeps who put up revenge porn sites deserve to be shamed and mocked. The people who actually upload images to such sites or visit them are complete losers who need to get a life. But there are really important legal issues that come up when you try to outlaw such things, starting with the First Amendment. Yes, yes, as everyone will say, there are some exceptions to the First Amendment (though if you claim that shouting fire in a crowded theater is one of them, you're going to be mocked as well). But the exceptions to the first First Amendment are very narrowly prescribed by the Supreme Court, and they're much more narrow than most armchair lawyers believe. Looking over the list, it's pretty difficult to see how revenge porn fits.

Next up, context matters a lot, and while the bill tries to take some of that into account, it's unclear if it actually succeeds. The bill has a vague and nearly totally undefined "public interest" exception -- but what does that actually include? That's left unclear. Remember last year when Lenny Kravitz accidentally exposed himself at a concert. Was everyone who passed around videos of images of that violating this new revenge porn bill? It would seem so. That would be "knowingly" using an "interactive computer service... to distribute a visual depiction of a person who is identifiable from the image itself or information displayed in connection with the image... of the naked genitals... of a person, with reckless disregard for the person's lack of consent to the distribution."

Remember, tons of people were passing around that image and video last year. Should all of them face five years in prison plus fines? That seems... extreme. And extremely problematic.

The ACLU has a rather simple request to fix this problem with the law: add an intent requirement, such that it only applies to those who "maliciously and intentionally invade another person's privacy." Even that may have some First Amendment issues, but supporters of the law refused to add an intent standard, claiming that such a standard would be too limiting, and wouldn't cover those who weren't motivated by "malice" but by money or fame. But, that's ridiculous. Any court would likely decide that setting up a revenge porn site for money was a form of malice.

Thankfully, this version of the law says that it does not apply to online platforms, as defined by Section 230 of the Communications Decency Act, which is a big jump from where some of the crafters of this bill were a few years ago, in which they openly discussed undermining CDA 230 as a way to attack revenge porn.

In the end, two and a half years of effort means that the bill isn't as horrible as some of the earliest suggestions, but it's still not clear that it's constitutional. It seems likely that the ACLU, and possibly others, will likely challenge this law should it pass and then I guess we'll find out what the courts actually think of it.

Permalink | Comments | Email This Story
Categories: Tech News

Daily Deal: Ultimate Adobe Photo Editing Bundle

Fri, 2016-07-15 10:34
Learn how to edit your pictures like a pro with the $29 Ultimate Adobe Photo Editing Bundle. The 8 courses cover what you need to know about Adobe Photoshop and Lightroom, from becoming familiar with the interfaces and learning shortcuts to how to properly use layers and color correction to enhance your photos. Throughout the courses, you'll be learning from graphic designers and entrepreneurs about how to create images for various industries or your own social media, and you will have unlimited access to the instructional materials so you can reference them whenever you need them. You'll learn how to take your photos from merely Instagram good to frame-worthy.

Note: The Techdirt Deals Store is powered and curated by StackCommerce. A portion of all sales from Techdirt Deals helps support Techdirt. The products featured do not reflect endorsements by our editorial team.

Permalink | Comments | Email This Story
Categories: Tech News

Newt Gingrich: Merely Visiting An ISIS Or Al Qaeda Website Should Be A Felony

Fri, 2016-07-15 09:41
Former Speaker of the House Newt Gingrich is making some news today for some silly remarks he made on Fox News last night in response to the attack last night in Nice, France. It comes right at the beginning of this video: All of the press -- for good reason -- is focusing on the first part of what he said, about deporting anyone "of Muslim background" (whatever that means) who "believes in Sharia." We'll skip over why this is totally clueless and unconstitutional, because plenty of other news sites are handling that.

Instead, we'll move on to the second craziest thing he said, right after that first statement, which is something that fits much more with Techdirt's usual themes: Gingrich then claims two ridiculous things, each only slightly less ridiculous than his first statement: Anybody who goes on a website favoring ISIS, or Al Qaeda, or other terrorist groups, that should be a felony and they should go to jail. Any organization which hosts such a website should be engaged in a felon. It should be closed down immediately. Our forces should be used to systematically destroy every internet based source... He then goes on to note that if we can't take them off the internet, we should just kill them all. Which, you know, I'm sure won't anger any more people against us.

Either way, this is idiotic. Merely visiting a website should put you in jail? What if you're a journalist? Or a politician? Or a researcher trying to understand ISIS? That should be a felony? That's not how it works. This also assumes, idiotically, that merely reading a website about ISIS will make people side with ISIS. It's also not, at all, how the law works. Same with the second part about it being a felony to host such content. We're already seeing lawsuits against social media sites like Facebook, Twitter and YouTube for hosting accounts from ISIS, and many are voluntarily taking down lots of those accounts. But making it a felony to keep them up? That's also not how the law works.

Reacting to a very real problem with stupid unconstitutional solutions suggests someone who has no clue what he's doing.

Permalink | Comments | Email This Story
Categories: Tech News

Why Is The UK's Intellectual Property Office Praising National Portrait Gallery's Copyfraud Claims Over Public Domain Images?

Fri, 2016-07-15 08:33
The other day I saw the following tweet and was very confused: That's a tweet from the UK's Intellectual Property Office (IPO) asking how does the UK's National Portrait Gallery in London "manage the copyright of national treasures like Shakespeare?" My initial response, of course, was "Wait, Shakespeare is in the bloody public domain, you don't have any copyright to manage!" It seems rather easy to manage "the copyright" of Shakespeare when there is none. But it turns out the link is... even worse. It's to a blog post on the IPO website eagerly praising the National Portrait Gallery for engaging in out-and-out copyright fraud. You'd think that the Intellectual Property Office would recognize this, but it does not.

The tweet was doubly misleading, also, because it's not the works of William Shakespeare, but rather a portrait of William Shakespeare. The IPO then explains that the National Portrait Gallery is doing a brisk business licensing these public domain images, noting that: According to the gallery’s most recent statistics – the top five individual portraits licensed from its website are, in descending order: William Shakespeare, Richard III, Queen Elizabeth 1, King John and King Henry V. Obviously, all of those portraits were created centuries ago -- and are in the public domain. So why is the National Portrait Gallery licensing them at all? Well, I'm pretty sure this goes back to an issue we've written about quite some time ago. While in the US the caselaw is clear that merely digitizing public domain images does not create a new copyright, the National Portrait Gallery in London has always taken the opposite view. Back in 2009, we wrote about this very same museum threatening Wikimedia Commons for posting scans of high resolution images of public domain works that were downloaded from the NPG's website.

But, here's the thing: just a few months ago, we wrote that the UK Intellectual Property Office (the same organization as above) had declared that scans of public domain works are also in the public domain in Europe (including the UK... for now at least). Here's what the UK's IPO said just months ago about copyright on scans of public domain images: However, according to the Court of Justice of the European Union which has effect in UK law, copyright can only subsist in subject matter that is original in the sense that it is the author’s own 'intellectual creation'. Given this criteria, it seems unlikely that what is merely a retouched, digitised image of an older work can be considered as 'original'. This is because there will generally be minimal scope for a creator to exercise free and creative choices if their aim is simply to make a faithful reproduction of an existing work. And, then, just months later, it's praising the National Portrait Gallery for falsely claiming copyright on such images and on then fraudulently profiting by licensing those images based on copyrights it doesn't hold? And the IPO's whole focus seems to be on just how much money can be made here. Read this and try not to feel sick: Online availability and easy access to images and other data are crucial aspects of modern museum and library curation. Huge databases of valuable information are available. Users need to know where to find these resources and how to use them without infringing copyright. Museums and libraries are developing strategies to improve access for researchers, to give access to businesses users who want to develop their own intellectual property (IP) by using cultural resources and develop their own brands and merchandising.

Mathew Bailey, Rights and Images Manager at the National Portrait Gallery, balances the high wire between providing public access to our shared national assets and the need to encourage, develop and supply the creative economy with legally certain, quantifiable, marketable IP. The commodity he deals in – our heroes – couldn’t be more volatile.
Then, to make matters even stupider, the UK's Intellectual Property Office notes that no one has any idea who created any of these top portraits: It’s no accident the names of the artists who painted the UK’s top five portraits are uncertain - King John looks like he’s just sat on a thistle, whereas Richard III only half fills his canvas. The lives of Richard III, King John and Henry V were all dramatised by Shakespeare during the reign of Elizabeth I. She was an image conscious monarch in the first age of mass communication and Shakespeare was her blockbuster dramatist. Shakespeare’s narratives add value and are the real reason why he, Richard, Elizabeth, John and Henry are still top of the portrait pops. It didn't occur to Dan Anthony, who wrote this article, to recognize the absurdity of the fact that the National Portrait Gallery is claiming a copyright in works where it doesn't even know the name of the artists who created those works? Holy crap. How does the UK IPO find these people?

Oh, and then the article ends with this: All images © National Portrait Gallery, London. Bloody hell. They are not. They're in the public domain. Here's Shakespeare's portrait: You can find it, accurately listed as being in the public domain over at Wikipedia. Dan Anthony at the UK IPO is incredibly misinformed, and he should ask his own colleagues, who just months ago made it clear that such images were in the public domain, before posting such ridiculousness on the IPO's website.

Permalink | Comments | Email This Story
Categories: Tech News

Police Step Up Arrests For 'Threatening' Social Media Posts In The Wake Of The Dallas Shooting

Fri, 2016-07-15 06:43

In a move that's sure to only increase the nation's respect for law enforcement, police departments have been arresting people for "threatening" social media posts. This activity follows the tragedy in Dallas, where five police officers were killed by a man armed with a rifle. Naomi LaChance of The Intercept has more details.

Four men in Detroit were arrested over the past week for posts on social media that the police chief called threatening. One tweet that led to an arrest said that Micah Johnson, the man who shot police officers in Dallas last week, was a hero. None of the men have been named, nor have they been charged.

Four more arrests have occurred elsewhere:

Last weekend in Connecticut, police arrested Kurt Vanzuuk after a tip for posts on Facebook that identified Johnson as a hero and called for police to be killed. He was charged with inciting injury to persons or property.

An Illinois woman, Jenesis Reynolds, was arrested for writing in a Facebook post that she would shoot an officer who would pull her over. “I have no problem shooting a cop for simple traffic stop cuz they’d have no problem doing it to me,” she wrote, according to the police investigation. She was charged with disorderly conduct.

In New Jersey, Rolando Medina was arrested and charged with cyber harassment. He allegedly posted on an unidentified form of social media that he would destroy local police headquarters. In Louisiana, Kemonte Gilmore was arrested for an online video where he allegedly threatened a police officer. He was charged with public intimidation.

Arresting people for speech is problematic, especially when the content of the communications doesn't rise to the level of a "true threat." The Supreme Court's Elonis decision says this distinction is important. It's not enough for a person or persons to subjectively view the communication as threatening. It needs to be viewed through the "reasonable person" lens.

In these cases, perception appears to be everything. In the wake of the Dallas shooting, it's entirely normal for police officers to view the world a little differently. But this altered view -- one that's likely to be less skewed as time goes on -- can't be allowed to override the First Amendment and deprive individuals of their freedom to speak, not to mention their actual freedom.

And just as certainly as law enforcement officers and officials are likely to view certain acts of blowhardiness as threatening in the immediate aftermath of a shooting targeting police officers, certain citizens are likely to vent their frustration and anger in particularly stupid ways, but without the intention or ability to carry out the perceived threat. Caution should be exercised on both sides of the interaction. However, those with the power to arrest, detain, and charge citizens for stupidity should be the more cautious of the two parties -- simply because they still hold the power, despite recent events.

Those in power should also take care to carry this out with some sort of consistency, if that's the route they're choosing to take. It can't just be deployed against a bunch of nobodies who mouthed off about their contempt for law enforcement. If this is how it's going to be handled, those who speak with the same rhetoric in defense of law enforcement need to be held accountable. Former congressional rep Joe Walsh tweeted out that this was now "war on Obama" after the Dallas shootings and yet no one showed up at his door to arrest him for threatening the President. It's bad enough that power is being misused to silence criticism of law enforcement violence. It's even worse when this power is deployed in a hypocritical fashion.



Permalink | Comments | Email This Story
Categories: Tech News

Treaty For The Blind Comes Into Force... But US Refuses To Ratify Because Publishers Association Hates Any User Rights

Fri, 2016-07-15 03:45
For many, many, many, many years, we've followed the rather crazy trials and tribulations of trying to get an international treaty signed to make it easier for the blind to access copyright-covered works (basically requiring countries to allow visually-impaired accessible versions to be reproduced and distributed). This is a treaty that people have tried to get in place for years and years and years, and it was blocked again and again -- often by legacy copyright industries who flat out refuse to support any kind of agreement that could be seen as strengthening user rights, which they see (ridiculously, and incorrectly) as chipping away at copyright. Amazingly, despite a last minute push by the MPAA and the Association of American Publishers, an agreement was reached and signed in 2013, called the Marrakesh Agreement. As we noted at the time, we fully expected the legacy copyright industries to refocus their efforts on blocking ratification in the US, and that's exactly what's happened.

Hell, it took almost three years for the White House to finally send over the treaty to the Senate for ratification. That happened back in February, and they sent it together with another copyright-related treaty, the very troubling Beijing Treaty that creates an entirely new form of copyright for performers. So far, the Senate has moved on neither issue. However, to have the Marrakesh Treaty go into effect, it needed 20 countries to ratify it. And while the US has sat still, a few weeks ago, Canada became the 20th country to complete the ratification process. That means the agreement officially goes into effect on September 30th of this year. As the EFF noted: That’s another significant step for a treaty that has already made some important breakthroughs as the first international treaty focused exclusively on the rights of users of copyrighted material. Typically, if user’s rights are considered at all, they’re relegated to a section on “limitations and exceptions” or even as non-binding introductory text. In the Marrakesh Agreement, they are front and center. That post also noted that it should be a no brainer for the US to ratify this: United States law is already compliant with Marrakesh, but the government has not yet ratified the agreement. To do so requires a two-thirds vote from the Senate, and then a formal ratification from the President. Even at a time when passing legislation has proven exceedingly difficult, the Marrakesh Agreement would be a relatively easy and uncontroversial way to demonstrate leadership internationally and help bring books to millions of blind, visually impaired, and print-disabled people around the world. But why hasn't it happened? According to KEI, a group that fought hard for many years to get the agreement in place, the legacy copyright industries are working hard to block it in Congress: The Obama Administration has asked the US Congress to ratify the treaty... but Congress has yet to act, in large part due to lobbying from the Association of American Publishers.... The AAP lobbied the Administration for changes in the U.S. ratification package, and now have asked the Congress for changes that they failed to obtain in the interagency review process. The U.S. ratification already represents compromises, including limitations of exports to countries that have ratified the treaty, a provision that currently excludes all of Africa and Europe. But the AAP continues to press for additional amendments to the ratification legislation. This isn't a huge surprise, the AAP more or less admitted that they would refuse to support anything that established greater user rights, since that would be seen as an attack on "their rights." And, of course, the MPAA has also been working hard to block it, whining that this treaty could (gasp!) "affect other future treaties."

All of that is just shameful. This is a no-brainer situation. Helping the visually impaired get access to these works is something everyone should agree is a good thing. And yet, because they're so scared of user rights expanding in any way at all, the legacy industries have to block it.

Permalink | Comments | Email This Story
Categories: Tech News

AstraZeneca Tries To Use 'Orphan Drug' Designation To Extend Patent Life Of Top-Selling Pill

Thu, 2016-07-14 21:38

At the heart of copyright and patents there is -- theoretically -- an implicit social contract. People are granted a time-limited, government-backed monopoly in return for allowing copyright material or patented techniques to enter the public domain once that period has expired. And yet copyright and patent holders often seem unwilling to respect the terms of that contract, as they seek to hang on to their monopolies beyond the agreed time in various ways.

In the case of copyright, this has been through repeated extensions of copyright's term, even though there is no economic justification for doing so. In the realm of pharma patents, a number of techniques have been employed. One is "pay for delay." Another is the granting of "data exclusivity." And a third is the use of "evergreening." Techdirt wrote about the last of these a while back, so it's no surprise that companies have continued to "innovate" in this field since then. For example, AstraZeneca is trying to use a variant of evergreening for its anti-cholesterol pill Crestor. As a New York Times article explains: Crestor is the company’s best-selling drug, accounting for $5 billion of its $23.6 billion in product sales last year. About $2.8 billion in sales were in the United States, where the retail price is about $260 a month, according to GoodRx.com. Here's how AstraZeneca hopes to hold on to that lucrative market, even though its patent on the drug is now coming to an end, and it should be entering the public domain: The company is making a bold attempt to fend off impending generic competition to its best-selling drug, the anti-cholesterol pill Crestor, by getting it approved to treat [a] rare disease. In an unusual legal argument, the company says Crestor is entitled to seven years of additional market exclusivity under the Orphan Drug Act, a three-decade-old law that encourages pharmaceutical companies to develop treatments for rare diseases. In May, AstraZeneca won approval of Crestor to treat children with the rare genetic disease of homozygous familial hypercholesterolemia (HoFH ). That gives it an additional seven-year patent on the drug, but only for that particular -- very small -- market. However, the designation means that detailed prescription information about using Crestor to treat children in this way must not be included on the label. AstraZeneca's clever lawyers are trying to turn that into an extended patent for all uses of the drug: AstraZeneca immediately petitioned the F.D.A., arguing that if the correct dose for children with HoFH could not be on the generic label, then it would be illegal and dangerous to approve any generic versions for any use at all. That is because doctors might still prescribe the generic for children with HoFH and choose the wrong dose, posing "substantial safety and efficacy risks." Needless to say, AstraZeneca was only asking for generic versions to be kept off the market for another seven years for safety reasons, not because doing so would bring it billions more in exclusive sales to the general population. Of course.

The New York Times article goes into more detail about the fascinating legal background to AstraZeneca's argument here, and notes that other drug companies have tried the same approach in the past, without success. Even if this particular ploy does fail again, we can be sure that pharma companies will be back with other sneaky ways of extending their patent monopolies -- implicit social contract be damned.

Follow me @glynmoody on Twitter or identi.ca, and +glynmoody on Google+



Permalink | Comments | Email This Story
Categories: Tech News

Ton Of Tech Industry Leaders Say Trump Would Be A Complete Disaster For Innovation

Thu, 2016-07-14 16:04
In any Presidential campaign, there are always going to be partisan folks who side with one candidate or another. And they may campaign for the candidate they like. But, obviously, the Donald Trump phenomenon is a bit different this year. Even so, it's still pretty surprising to see a ton of big names in the tech space send an open letter to Trump insisting that he would be an absolute disaster for innovation and the tech industry. They're not arguing on the usual partisan issues here, but rather the fact that Trump's general zero-sum outlook on the world doesn't recognize how innovation works: Trump would be a disaster for innovation. His vision stands against the open exchange of ideas, free movement of people, and productive engagement with the outside world that is critical to our economy?—?and that provide the foundation for innovation and growth.

Let’s start with the human talent that drives innovation forward. We believe that America’s diversity is our strength. Great ideas come from all parts of society, and we should champion that broad-based creative potential. We also believe that progressive immigration policies help us attract and retain some of the brightest minds on earth?—?scientists, entrepreneurs, and creators. In fact, 40% of Fortune 500 companies were founded by immigrants or their children. Donald Trump, meanwhile, traffics in ethnic and racial stereotypes, repeatedly insults women, and is openly hostile to immigration. He has promised a wall, mass deportations, and profiling.

We also believe in the free and open exchange of ideas, including over the Internet, as a seed from which innovation springs. Donald Trump proposes “shutting down” parts of the Internet as a security strategy?—?demonstrating both poor judgment and ignorance about how technology works. His penchant to censor extends to revoking press credentials and threatening to punish media platforms that criticize him.
This is a unique presidential campaign. And, as we've noted, Hillary Clinton's tech platform is not great either. But, at the very least, her platform's problem is that it's just a bunch of vague pronouncements designed for people to read into them what they will.

The list of signatories on this letter is around 145 and there are some key names in the tech and policy world including Evan Williams (founder of Blogger, Twitter and Medium), Vint Cerf (basically invented the internet), Jimmy Wales (Wikipedia), Steve Wozniak (you know who he is) and more. There are also a ton of well known venture capitalists on the list and lots and lots of other entrepreneurial names that are well known inside Silicon Valley. This is a pretty huge list of people putting their name to a statement a lot stronger than one you'd normally see during a campaign season.

Silicon Valley sort of has the reputation for more or less trying to ignore government. And while that's less true today than in the past, the one thing that does make Silicon Valley rise up is politicians looking to be doing something really stupid that's likely to harm innovation. And it appears that they see Donald Trump as just that kind of threat.

Permalink | Comments | Email This Story
Categories: Tech News

With 4 Days Left, Sir Tim Berners-Lee, Larry Lessig, And Barbara Van Schewick Beg Europe To Close Net Neutrality Loopholes

Thu, 2016-07-14 14:24
Europe only has a few days left to ensure that its member countries are actually protected by real net neutrality rules. As we've been discussing, back in October the European Union passed net neutrality rules, but they were so packed with loopholes to not only be useful, but actively harmful in that they effectively legalize net neutrality violations by large telecom operators. The rules carve out tractor-trailer-sized loopholes for "specialized services" and "class-based discrimination," as well as giving the green light for zero rating, letting European ISPs trample net neutrality -- just so long as they're clever enough about it.

In short, the EU's net neutrality rules are in many ways worse than no rules at all. But there's still a change to make things right.

While the rules technically took effect April 30 (after much self-congratulatory back patting), the European Union's Body of European Regulators of Electronic Communications (BEREC) has been cooking up new guidelines to help European countries interpret and adopt the new rules, potentially providing them with significantly more teeth than they have now. With four days left for the public to comment (as of the writing of this post), Europe's net neutrality advocates have banded together to urge EU citizens to contact their representatives and demand they close these ISP-lobbyist crafted loopholes.

Hoping to galvanize public support, Sir Tim Berners-Lee, Barbara van Schewick, and Larry Lessig have penned a collective letter to European citizens urging them to pressure their constituents. The letter mirrors previous concerns that the rules won't be worth much unless they're changed to prohibit exceptions allowing "fast lanes," discrimination against specific classes of traffic (like BitTorrent), and the potential paid prioritization of select “specialized” services. These loopholes let ISPs give preferential treatment to select types of content or services, providing they offer a rotating crop of faux-technical justifications that sound convincing.

The letter also urges the EU to follow India, Chile, The Netherlands, and Japan in banning "zero rating," or the exemption of select content from usage caps:"Like fast lanes, zero-rating lets carriers pick winners and losers by making certain apps more attractive than others. And like fast lanes, zero-rating hurts users, innovation, competition, and creative expression. In advanced economies like those in the European Union, there is no argument for zero-rating as a potential onramp to the Internet for first-time users.

The draft guidelines acknowledge that zero-rating can be harmful, but they leave it to national regulators to evaluate zero-rating plans on a case-by-case basis. Letting national regulators address zero-rating case-by-case disadvantages Internet users, start-ups, and small businesses that do not have the time or resources to defend themselves against discriminatory zero-rating before 28 different regulators."
Here in the States the FCC decided to not ban zero rating and follow this "case by case" enforcement, which so far has simply resulted in no serious enforcement whatsoever, opening the door ever wider to the kind of pay-to-play lopsided business arrangements net neutrality rules are supposed to prevet. Of course European ISPs have been busy too, last week falling back on the old, bunk industry argument that if regulators actually do their job and protect consumers and small businesses from entrenched telecom monopolies, wireless carriers won't be able to invest in next-generation networks.

Those that care about net neutrality have just four days left to make their voices heard.

Permalink | Comments | Email This Story
Categories: Tech News

Techdirt Reading List: Steal This Idea: Intellectual Property And The Corporate Confiscation Of Creativity

Thu, 2016-07-14 12:47
We're back again with another in our weekly reading list posts of books we think our community will find interesting and thought provoking. Once again, buying the book via the Amazon links in this story also helps support Techdirt.

This week, we've got an oldie, but a goodie, it's economist Michael Perelman's 2002 book Steal This Idea: Intellectual Property and the Corporate Confiscation of Creativity. And, I should note that despite the price being listed in the widget as $32 (at the time I type this), if you click through, there are used copies of the book currently on offer for $0.01. I will state upfront that there's actually plenty in this book that I end up disagreeing with, in that Perelman seems to reflexively dislike corporations and assume that corporations and the public are almost always at odds, which sometimes appears to cloud his thinking -- but that's only on the margins.

For the most part, this book is an excellent exploration into how the concept of intellectual property has been abused over and over and over again to harm the public, rather than help them. The book is chock full of examples and history and details of how companies have turned intellectual property into a tool to hurt creators, inventors and the public. Some of the arguments you've probably heard before, but this book goes into great detail on some examples that you may have missed. If you're skeptical of the use of intellectual property, this book is for you. If you think intellectual property can do no wrong, this book is definitely for you. And, yes, it's a bit outdated today, but many of the examples still apply, and the general ideas and principles it discusses absolutely still apply.

Permalink | Comments | Email This Story
Categories: Tech News

For The First Time, A Federal Judge Has Suppressed Evidence Obtained With A Stingray Device

Thu, 2016-07-14 11:48

Evidence acquired using Stingray devices has rarely been suppressed. This is due to the fact that it's almost impossible to challenge. The reason it's almost impossible to challenge is because the FBI -- and the law enforcement agencies it "partners" with (via severely restrictive nondisclosure agreements) -- will throw out evidence and let suspects walk rather than expose the use of IMSI catchers.

Earlier this year, a Baltimore city circuit judge threw out evidence obtained with the Baltimore PD's cell tower spoofing equipment. And this was no run-of-the-mill drug bust. An actual murder suspect had evidence suppressed because of the BPD's warrantless deployment of a Stingray device. Without the use of the Stingray, the BPD would not have been able to locate the suspect's phone. And without this location, there would have been no probable cause to search the apartment he was in. You can't build a search warrant on illegally-obtained probable cause, reasoned the judge. Goodbye evidence.

"I can't play the 'what if' game with the Constitution," [the judge] said, lamenting that it protects people from illegal searches even when the defendant is "likely guilty."

Now, it's finally happened at a higher level. For the first time ever, a federal judge has suppressed evidence obtained by the warrantless use of a Stingray device.

U.S. District Judge William Pauley in Manhattan on Tuesday ruled that defendant Raymond Lambis' rights were violated when the U.S. Drug Enforcement Administration used such a device without a warrant to find his Washington Heights apartment.

The DEA had used a stingray to identify Lambis' apartment as the most likely location of a cell phone identified during a drug-trafficking probe. Pauley said doing so constituted an unreasonable search.

"Absent a search warrant, the government may not turn a citizen's cell phone into a tracking device," Pauley wrote.

The opinion [PDF] notes the DEA first tried to locate Lambis using cell site location info but found it wasn't precise enough. So, it deployed a Stingray to track him down, ultimately ending with a DEA tech roaming an apartment's hallways with a cell site simulator until Lambis was located.

A few hours later, DEA agents showed up at the apartment, where Lambis' father allowed them to enter and Lambis himself consented to a search of his room and belongings.

It's pretty tough to work your way backwards from a consensual search to a suppression order, but Lambis' lawyer was apparently up to the challenge. But -- as in the Baltimore PD case -- the DEA would never have known which apartment Lambis was located in without the use of a cell site simulator, and that's where it all falls apart for the DEA.

The government tried to argue that two fairly recent cases involving thermal imaging (Kyllo) and drug dogs (Thomas) weren't applicable, as its "limited search" only disclosed information it could obtain without a warrant: cell site location. This is at odds with its reasons for deploying the cell site simulator -- which was that the CSLI it obtained wasn't precise enough to locate the suspect.

The court finds the government's attempt to route around these two precedential decisions unavailing, noting that the use of a cell site simulator is actually more intrusive than the search methods used in the cases the DEA's lawyers wanted to have ignored.

The Government attempts to diminish the power of Second Circuit precedent by noting that Thomas represents a minority position among circuit courts. But this Court need not be mired in the Serbonian Bog of circuit splits. An electronic search for a cell phone inside an apartment is far more intrusive than a canine sniff because, unlike narcotics, cell phones are neither contraband nor illegal. In fact, they are ubiquitous. Because the vast majority of the population uses cell phones lawfully on a daily basis, “one cannot say (and the police cannot be assured) that use of the relatively crude equipment at issue here will always be lawful.”

The court also points out that the DEA -- for whatever reason -- obtained a warrant for the cell site location info. It wonders why it didn't bother to obtain a warrant for the cell site simulator deployment, seeing as it obtained a warrant for information it could have obtained without one. It also notes that a warrant for CSLI is not the same as a warrant for obtaining precise location info via the use of sophisticated electronic equipment.

The fact that the DEA had obtained a warrant for CSLI from the target cell phone does not change the equation. “If the scope of the search exceeds that permitted by the terms of a validly issued warrant . . . , the subsequent seizure is unconstitutional without more.” Horton v. California, 496 U.S. 128, 140 (1990)... Here, the use of the cell-site simulator to obtain more precise information about the target phone’s location was not contemplated by the original warrant application. If the Government had wished to use a cell-site simulator, it could have obtained a warrant. And the fact that the Government previously demonstrated probable cause and obtained a warrant for CSLI from Lambis’s cell phone suggests strongly that the Government could have obtained a warrant to use a cell-site simulator, if it had wished to do so.

The government also tried to use the Supreme Court's horrendous Strieff decision to save the evidence, but the court notes that the "temporal proximity" between the illegal Stingray search and the consensual search of the apartment was too close to allow the illegality of the original search to dissipate.

The government also tried to use the Third Party Doctrine to salvage its warrantless search, but the court refuses to be sold on this bad idea.

This Court need not address whether the third party doctrine is “ill suited to the digital age, in which people reveal a great deal of information about themselves to third parties in the course of carrying out mundane tasks,” United States v. Jones, 132 S. Ct. 945, 957 (2012) (Sotomayer, J., concurring), because even under the historic framework of the doctrine, it is not available to the Government here. The doctrine applies when a party “voluntarily turns over [information] to third parties.” Smith v. Maryland, 442 U.S. 735, 744 (1979) [...] However, the location information detected by a cell-site simulator is different in kind from pen register information: it is neither initiated by the user nor sent to a third party.

[...]

Unlike CSLI, the “pings” picked up by the cell-site simulator are not transmitted in the normal course of the phone’s operation. Rather, “cell site simulators actively locate phones by forcing them to repeatedly transmit their unique identifying electronic serial numbers, and then calculating the signal strength until the target phone is pinpointed.”

These points are good. The following, though, is even better. The court finds the government can't attempt to use the Third Party Doctrine when it has chosen to act as the "third party" in this equation.

For both the pen register and CSLI, the Government ultimately obtains the information from the service provider who is keeping a record of the information. With the cell-site simulator, the Government cuts out the middleman and obtains the information directly. Without a third party, the third party doctrine is inapplicable.

The Second Circuit has yet to make a decision on the reasonable expectation of privacy in CSLI. If this is appealed, it may finally have to handle that question. Then again, CSLI is only partially implicated here and it may be able to let the Fourth Amendment's reach be determined on a case-by-case basis until something more directly addressing the issue comes along. If nothing else, the ruling here should encourage more federal agencies operating in this district to get a warrant "just in case." Then again, the secrecy surrounding Stingray devices discourages the creation of paper trails, so it may be that the government will continue to roll the Fourth Amendment dice until a higher court tells them otherwise.



Permalink | Comments | Email This Story
Categories: Tech News

Huge Win: Court Says Microsoft Does Not Need To Respond To US Warrant For Overseas Data

Thu, 2016-07-14 10:44
We've been following an important case for the past few years about whether or not the US can issue a warrant to an American company for data stored overseas. In this case, Microsoft refused to comply with the warrant for some information hosted in Ireland -- and two years ago a district court ruled against Microsoft and in favor of the US government. Thankfully, the 2nd Circuit appeals court today reversed that ruling and properly noted that US government warrants do not apply to overseas data. This is a hugely important case concerning the privacy and security of our data.

The key issue here is that the US government was basically on a fishing expedition for information hosted on Microsoft Outlook.com email servers. And there are a few really key issues, concerning jurisdiction, privacy and the all important difference between a subpoena and a warrant (something that many people seem to think are the same thing). Microsoft's own response to the lawsuit did a really good job explaining the issues and how the government wanted to pretend a warrant was a subpoena, and what that meant for the 4th Amendment: The Government cannot seek and a court cannot issue a warrant allowing federal agents to break down the doors of Microsoft's Dublin facility. Likewise, the Government cannot conscript Microsoft to do what it has no authority itself to do -- i.e., execute a warranted search abroad. To end-run these points. the Government argues, and the Magistrate Judge held, that the warrant required by ECPA is not a "warrant" at all. They assert that Congress did not mean "warrant" when using that term, but instead meant some previously unheard of "hybrid" between a warrant and subpoena duces tecum. The Government takes the extraordinary position that by merely serving such a warrant on any U.S.-based email provider, it has the right to obtain the private emails of any subscriber, no matter where in the world the data may be located. and without the knowledge or consent of the subscriber or the relevant foreign government where the data is stored.

This interpretation not only blatantly rewrites the statute, it reads out of the Fourth Amendment the bedrock requirement that the Government must specify the place to be searched with particularity, effectively amending the Constitution for searches of communications held digitally. It would also authorize the Government (including state and local governments) to violate the territorial integrity of sovereign nations and circumvent the commitments made by the United States in mutual legal assistance treaties expressly designed to facilitate cross-border criminal investigations. If this is what Congress intended, it would have made its intent clear in the statute. But the language and the logic of the statute, as well as its legislative history, show that Congress used the word "warrant" in ECPA to mean "warrant," and not some super-powerful "hybrid subpoena." And Congress used the term "warrant" expecting that the Government would be bound by all the inherent limitations of warrants, including the limitation that warrants may not be issued to obtain evidence located in the territory of another sovereign nation.

The Government's interpretation ignores the profound and well established differences between a warrant and a subpoena. A warrant gives the Government the power to seize evidence without notice or affording an opportunity to challenge the seizure in advance. But it requires a specific description (supported by probable cause) of the thing to be seized and the place to be searched and that place must be in the United States. A subpoena duces tecum, on the other hand, does not authorize a search and seizure of the private communications of a third party. Rather. it gives the Government the power to require a person to collect items within her possession, custody, or control, regardless of location, and bring them to court at an appointed time. It also affords the recipient an opportunity to move in advance to quash. Here, the Government wants to exploit the power of a warrant and the sweeping geographic scope of a subpoena, without having to comply with fundamental protections provided by either. There is not a shred of support in the statute or its legislative history for the proposition that Congress intended to allow the Government to mix and match like this. In fact, Congress recognized the basic distinction between a warrant and a subpoena in ECPA when it authorized the Government to obtain certain types of data with a subpoena or a "court order," but required a warrant to obtain a person's most sensitive and constitutionally protected information -- the contents of emails less than 6 months old.
It was unfortunate that two judges at the district court level basically ignored this argument, so it's good to see the appeals court shoot it down completely. For the reasons that follow, we think that Microsoft has the better of the argument. When, in 1986, Congress passed the Stored Communications Act as part of the broader Electronic Communications Privacy Act, its aim was to protect user privacy in the context of new technology that required a user’s interaction with a service provider. Neither explicitly nor implicitly does the statute envision the application of its warrant provisions overseas. Three decades ago, international boundaries were not so routinely crossed as they are today, when service providers rely on worldwide networks of hardware to satisfy users’ 21st–century demands for access and speed and their related, evolving expectations of privacy.

Rather, in keeping with the pressing needs of the day, Congress focused on providing basic safeguards for the privacy of domestic users. Accordingly, we think it employed the term “warrant” in the Act to require pre?disclosure scrutiny of the requested search and seizure by a neutral third party, and thereby to afford heightened privacy protection in the United States. It did not abandon the instrument’s territorial limitations and other constitutional requirements. The application of the Act that the government proposes ? interpreting “warrant” to require a service provider to retrieve material from beyond the borders of the United States ?would require us to disregard the presumption against extraterritoriality that the Supreme Court re?stated and emphasized in Morrison v. National Australian Bank Ltd., 561 U.S. 247 (2010) and, just recently, in RJR Nabisco, Inc. v. European Cmty., 579 U.S. __, 2016 WL 3369423 (June 20, 2016). We are not at liberty to do so.
In the full discussion, the court points out where the lower court went wrong, thinking that thanks to the PATRIOT Act, a warrant could apply to the location of the service provider rather than the location of the server. But the court says that's clearly wrong, and the Congressional record makes it pretty clear that it was looking to apply the law just to the United States. As for the idea that the warrant was really a subpoena in disguise, the court says that's not how it works: Warrants and subpoenas are, and have long been, distinct legal instruments. Section 2703 of the SCA recognizes this distinction and, unsurprisingly, uses the “warrant” requirement to signal (and to provide) a greater level of protection to priority stored communications, and “subpoenas” to signal (and provide) a lesser level. 18 U.S.C. § 2703(a), (b)(1)(A). Section 2703 does not use the terms interchangeably. Id. Nor does it use the word “hybrid” to describe an SCA warrant. Indeed, § 2703 places priority stored communications entirely outside the reach of an SCA subpoena, absent compliance with the notice provisions. Id. The term “subpoena,” therefore, stands separately in the statute, as in ordinary usage, from the term “warrant.” We see no reasonable basis in the statute from which to infer that Congress used “warrant” to mean “subpoena.”

[....] We see no reason to believe that Congress intended to jettison the centuries of law requiring the issuance and performance of warrants in specified, domestic locations, or to replace the traditional warrant with a novel instrument of international application.
There is, of course, the further issue of Microsoft being a US company, but the court says that doesn't magically make its overseas data subject to these kinds of warrants, because the intent of the law is to protect the privacy of users' communications, not to make it easier for the government to snoop. The reader will recall the SCA’s provisions regarding the production of electronic communication content: In sum, for priority stored communications, “a governmental entity may require the disclosure . . . of the contents of a wire or electronic communication . . . only pursuant to a warrant issued using the rules described in the Federal Rules of Criminal Procedure,” except (in certain cases) if notice is given to the user....

In our view, the most natural reading of this language in the context of the Act suggests a legislative focus on the privacy of stored communications. Warrants under § 2703 must issue under the Federal Rules of Criminal Procedure, whose Rule 41 is undergirded by the Constitution’s protections of citizens’ privacy against unlawful searches and seizures. And more generally, § 2703’s warrant language appears in a statute entitled the Electronic Communications Privacy Act, suggesting privacy as a key concern.

The overall effect is the embodiment of an expectation of privacy in those communications, notwithstanding the role of service providers in their transmission and storage, and the imposition of procedural restrictions on the government’s (and other third party) access to priority stored communications. The circumstances in which the communications have been stored serve as a proxy for the intensity of the user’s privacy interests, dictating the stringency of the procedural protection they receive—in particular whether the Act’s warrant provisions, subpoena provisions, or its § 2703(d) court order provisions govern a disclosure desired by the government. Accordingly, we think it fair to conclude based on the plain meaning of the text that the privacy of the stored communications is the “object[] of the statute’s solicitude,” and the focus of its provisions.
The court goes on at length arguing that the Stored Communications Act's default is that communication privacy must be protected, and the exceptions are narrow.

All three judges on the panel agreed, but one -- Judge Gerard Lynch -- wrote a concurrence that tries to undercut the strong 4th Amendment/privacy arguments in the overall opinion, basically noting that he believes the decision doesn't come down to 4th Amendment issues or privacy protection, but merely how Congress drew up the law in the Stored Communications Act -- and basically argues that if Congress doesn't like this result, it can just rewrite the law.

It's also important to note that Rule 41 is the underpinning of much of this case, and that's the rule that the courts recently agreed to change to allow the DOJ more power to simply hack overseas servers. That shouldn't directly impact this particular case or similar situations, but does show how the DOJ is looking for ways to create endruns around limitations on domestic laws to try to get international data.

Still, for now, this ruling is a surprisingly good one, reinforcing privacy protections in overseas data. Kudos to Microsoft for going to court over this when it would have been quite easy for it to just give in and hand over the data. I assume that the US government will seek to get this ruling overturned, either via an en banc hearing on the 2nd Circuit or going to the Supreme Court, so the case isn't over yet. But, as for right now, it's in a good position.

Permalink | Comments | Email This Story
Categories: Tech News

Daily Deal: Windscribe VPN Lifetime Subscription

Thu, 2016-07-14 10:39
Windscribe is much more than a VPN. It’s a desktop application and browser extension that work in conjunction to protect your online privacy, unblock websites, and remove ads and trackers from your everyday browsing. With Windscribe, you’ll never mess with confusing settings and options menus again; just turn it on on your desktop once, and it’s good to go in the background forever. It is available for $39 from the Techdirt Deals Store.

Note: The Techdirt Deals Store is powered and curated by StackCommerce. A portion of all sales from Techdirt Deals helps support Techdirt. The products featured do not reflect endorsements by our editorial team.

Permalink | Comments | Email This Story
Categories: Tech News

Yes, ISIS Is Using Encryption -- But Not Very Well

Thu, 2016-07-14 09:37
I've been seeing a few anti-encryption supporters pointing to a new ProPublica report on terrorists using encrypted communications as sort of proof of their position that we need to backdoor encryption and weaken security for everyone. The article is very detailed and thorough and does show that some ISIS folks make use of encrypted chat apps like Telegram and WhatsApp. But that's hardly a surprise. It was well known that those apps were being used, just like it's been well known that groups like Al Qaida were well aware of the usefulness of encryption going back many years, even predating 9/11. It's not like they've suddenly learned something new. So, the fact that they're now using tools like WhatsApp and Telegram is hardly a surprise. It also kinda highlights the idiocy of trying to backdoor American encryption. Telegram is not a US company and WhatsApp's encryption is based on the open source Signal protocol, meaning that any American backdoor encryption law isn't going to be very effective.

But, really, what strikes me, from reading the whole article beyond the headline notion of "ISIS uses encryption," is that it lists example after example of the fact that folks in ISIS use encryption badly and often seem prone to revealing their information. This is not unique to ISIS. Lots of people are not very good about protecting themselves. Hell, I'm probably not very good about my own use of encryption. But, of course, I'm also not trying to blow things up or kill people. Either way, story after story after story in the article highlights the rather bumbling aspects of teaching ISIS supporters how and why to use encrypted communications and to avoid surveillance. My favorite example: On Jan. 4, 2015, an exasperated coordinator repeatedly explained to a befuddled caller with a Lebanese accent that he could only bring a basic cell phone to Syria, according to a transcript.

“The important thing is that when you arrive in Turkey you have a small cell phone to contact me,” the coordinator said. “Don’t bring smart phones or tablets. OK, brother?”

For the fourth time, the recruit asked: “So we can’t have cell phones?”

“Brother, I said smart phones: iPhone, Galaxy, laptop, tablet, etcetera.”

Sounding a bit like a frustrated gate agent at a crowded airport, the coordinator added: “Each of you can only bring one suitcase. If you come alone, just bring one suitcase. That is, a carry-on and one suitcase.”

“I didn’t understand the last thing, could you explain?”

“Brother, call me when you get to Turkey.”
Then there was the case where someone planned a plot using an encrypted WhatsApp conversation, but police were already bugging the guy so they heard what he was saying anyway: In April, Italian police overheard a senior figure in Syria urging a Moroccan suspect living near Milan to carry out an attack in Italy, according to a transcript. Although the voice message had been sent through an encrypted channel, the Moroccan played it back in his car, where a hidden microphone recorded it.

In the message, the unidentified “sheik” declared: “Detonate your belt in the crowds declaring Allah Akbar! Strike! (Explode!) Like a volcano, shake the infidels, confront the throng of the enemy, roaring like lightning, declare Allah Akbar and blow yourself up, O lion!”

The suspects exchanged recorded messages over WhatsApp, an encrypted telephone application that is widely used in Europe, the Arab world and Latin America
All of these examples keep making the same point that many people have been making for a long time. Yes, encryption hides some aspect of communications. That's part of the point. But the idea that it creates a "going dark" situation is massively exaggerated. There are many other ways to get the necessary information, through traditional surveillance and detective work. And the report suggests that's working. And the fact that many ISIS recruits are particularly unsophisticated in understanding how and when to use encryption only makes that kind of thing easier for people tracking them. In discussing the Paris attacks, for example, the article notes that while some of the attackers were told to use encryption, they didn't. Abaaoud’s operatives did not always follow security procedures, however. In June of last year, Turkish immigration authorities detained Tyler Vilus, a French plotter en route to Paris with someone else’s Swedish passport. Allowed to keep his cellular phone in a low-security detention center, Vilus brazenly sent an unencrypted text message to Abaaoud in Syria, according to a senior French counterterror official.

“I have been detained but it doesn’t seem too bad,” the message said, according to the senior official. “I will probably be released and will be able to continue the mission.”

Instead, U.S. spy agencies helped retrieve that text and French prosecutors charged Vilus with terrorist conspiracy.
Anyway, it's no surprise that terrorists are going to use encryption. Of course they have been for over a decade and will continue to do so. The issue is that it's not as horrible as law enforcement is making it out to be. Just as plotters have always been able to plan in ways that law enforcement has been unable to track (such as discussing in person, in other languages, or through simple ciphers or codes). That's always happened and somehow we managed to get by. Yes, sometimes law enforcement doesn't get to know absolutely everything about everyone. And that's a good thing. And sometimes, yes, that means that terrorists will be able to plan bad things without law enforcement knowing it. But that's part of the trade-off for living in a free society.

Permalink | Comments | Email This Story
Categories: Tech News