RIAA Wins, Campuses Lose as Tennessee Governor Signs Campus Network Filtering Law

Last week, the RIAA celebrated the signing of a ridiculous new law in Tennessee that says:

Each public and private institution of higher education in the state that has student residential computer networks shall:

[...]

[R]easonably attempt to prevent the infringement of copyrighted works over the institution's computer and network resources, if such institution receives fifty (50) or more legally valid notices of infringement as prescribed by the Digital Millennium Copyright Act of 1998 within the preceding year.

While the entertainment industry failed to get "hard" requirements for universities in the Higher Education Act passed by Congress earlier this year, the RIAA succeeded in Tennessee (and is pushing in other states) with this provision that gives Big Content the ability to hold universities hostage through the use of infringement notices. Moreover, the new rules will cost Tennessee a pretty penny -- in the cost review attached to the Tennessee bill, the state's Fiscal Review Committee estimates that the new obligations will initially cost the state a whopping $9.5 million for software, hardware, and personnel, with recurring annual costs of more than $1.5 million for personnel and maintenance. Not a penny of this will go to artists, nor to any of the record labels RIAA represents.

Unfortunately, the entertainment industry lobby seems to be succeeding, bit-by-bit, in persuading legislators to coerce universities into buying "infringement suppression" technologies -- expensive technologies that won't stop file sharing on campus networks. Even if the technologies did work (magical thinking in light of encryption), does anyone think they would somehow force students back into record stores or the iTunes Store? After all, today students on campus can swap multiple gigabytes hand-to-hand for pennies (see, e.g., blank DVD-R disks, or the price of portable hard drives, as well as the ease of copying from iPod to iPod).

It makes no sense to force universities to spend millions on technologies that will hobble innovation on campus while failing to stop file-sharing. Why not use those millions to compensate creators and copyright owners, and thereby make file-sharing legal, instead? Now, more than ever, the universities need to come forward with a collective licensing proposal that will protect their campus communities and their own bottom lines.

Meanwhile, universities under the gun should make sure to shun the hype of network filtering when possible and seek solutions more amenable to teaching and academic freedom -- our whitepaper on copyright infringement technologies on campus networks is a good place to start. For more detail, EDUCAUSE has in-depth resources on P2P, file sharing, and the Higher Education Act.

[Permalink]

FCC Unanimously Approves Use of Television "White Spaces"

Advocates for the opening of the "white spaces" were rewarded with a resounding victory earlier this month when the FCC unanimously voted in favor of allowing unlicensed use of the unused spectrum between TV channels. (For a more complete explanation of white spaces, check out our earlier blog post.) While FCC Chairman Kevin Martin had telegraphed his support for white spaces at the conclusion of technical trials, the landslide vote opens doors for innovation and is a victory for the public over the entrenched media incumbents.

However, it's important to consider the remaining variables in play. The end goal is better wireless broadband access in America -- more Internet, in more places, at lower cost. While innovators have been given a significant green light by the FCC through this vote, there are other milestones to be met and obstacles to overcome: a possible legal challenge from the broadcasters, full implementation of spectrum avoidance technology, and FCC certification of consumer-ready devices. These will all have an effect on the amount of time it takes for white space devices to reach consumers.

Regardless, the FCC's unanimous approval is a major win for the public. It's easy to imagine the FCC playing it safe and succumbing to the incumbent broadcasters instead, closing the gates on improved wireless technology at the outset. But the current Commission's commitment to innovation, its investment in researching the technology, and the efforts of public interest groups and regular folks speaking out made the difference and is paving the way for a better future in wireless broadband.

[Permalink]

Google Reaches Settlement With Authors and Publishers Over Google Book Search

Today, Google announced a settlement with authors and publishers in the class action lawsuits over Google Book Search. The settlement still needs to be approved by a New York federal court, but under the plan, Google will:

• pay authors and publishers $125 million, part of which will be used to create a Book Rights Registry allowing copyright owners to register their works and receive a share of subscriptions, book sales and ad revenues;
• allow users to purchase full books, saved to an "electronic bookshelf;"
• will offer institutional subscriptions, including a free online portal for public libraries;
• will point users to locations to buy or borrow searched books.

The settlement also says that authors and publishers will be able to activate "preview" and "purchase" modes for books that are in-print and copyrighted, as well as monetize out-of-print books that are digitized by Google.

You can find more information from the settlement agreement website, the official Google blog, the Authors Guild (advocacy organization for authors), and the Association of American Publishers (trade association for U.S. commercial publishers)

Stay tuned for more as we digest the complete settlement agreement.

UPDATE: We have posted our additional thoughts about the settlement agreement here.

[Permalink]

EFF's "Yellow Dots of Mystery" on Instructables

Since late 2004, EFF has been warning the public about "printer dots" -- tiny yellow dots that appear on documents produced by many color laser printers and copiers. These yellow dots form a coded pattern on every page the printer produces and can be used to identify specific details about a document; for example, the brand, model, and serial number of the device that printed it and when it was printed. In short, the printer dots are a surveillance tool that can link each printed page to the printer that printed it.

To help individuals learn more about printer dots and how to find them, EFF posted a video and tutorial to Instructables, titled, "Yellow Dots of Mystery: Is Your Printer Spying on You?". You can also watch the video here:

Privacy info. This embed will serve content from youtube.com.

Printer dot surveillance is a disturbing end run around individuals' right to anonymous speech. Anonymity is a vital freedom -- it can help political or religious speakers, labor organizers, or whistleblowers avoid retribution for their beliefs and opinions. Around the world, anonymity is an important practical protection for dissidents and religious groups against persecution by repressive governments.

Furthermore, it's deeply troubling that printer manufacturers implemented this surveillance mechanism under the table after secret meetings between government representatives and technology manufacturers. Printer companies don't disclose the tracking to their customers and so the existence of these yellow tracking dots remains secret.

In the meantime, you can do your part by spreading the word about printer dots, sending EFF samples from your own color laser printers, and contacting manufacturers to express your privacy concerns directly through the Seeing Yellow site. And of course, you can support our work on privacy, anonymity, and free speech issues by becoming an EFF member.

[Permalink]

FCC Chair Supports Moving Forward on White Space Tech

Last Wednesday, Federal Communications Commission (FCC) Chairman Kevin Martin spoke in favor of opening up "white spaces" at a press conference while the FCC's Office of Engineering and Technology (OET) published its much-anticipated report on white space technology trials. The Commissioners also announced plans to vote on white spaces at their next meeting, November 4th, although predictably, white space opponents have requested a delay of the vote.

[Read the entire post]

Bush Signs Intellectual Property Enforcement Bill

On Monday, President Bushed signed a controversial intellectual property enforcement bill into law. This set of proposals for heightened intellectual property enforcement first appeared at the end of 2007 in the House's original PRO IP Act. The winding history of the bill not only sheds light on the agenda of the entertainment industry, but leads to an instructive conclusion -- that the vigilance of public interest groups and involved citizens is having a positive impact on copyright policy.

Many elements of the entertainment industry's wish list for this session of Congress went unfulfilled, largely thanks to the efforts of Public Knowledge. Some of the provisions stripped from the bill since last year include:

• Higher damages for filesharing. We originally reported on this provision when the bill was first introduced in the House. The initial draft sought to allow the entertainment industry to seek damages per song as opposed to per album as is the case now. This provision was removed after a "Copyright Office roundtable" on the provision revealed that it was not at all necessary to increase damages. And since then, we've seen at least one judge implore Congress to do something about "unprecedented and oppressive" damage awards in filesharing cases.
• Vast government IP enforcement bureaucracy. The original "IP Czar" language created more than an administrative role -- it would have established an entire IP enforcement bureaucracy. The bill that passed on Monday appears to simply move the existing "International Intellectual Property Enforcement Coordinator" from the Department of Commerce to the Executive Office of the President, notably lacking language providing explicit authority to hire, fire, and create new bureaucracies for intellectual property enforcement.
• Pro bono government lawyers. The Senate, which redrafted the bill after receiving it from the House, originally sought to enable the Attorney General to file civil lawsuits for copyright infringement on behalf of copyright holders. This offended the Department of Justice (DoJ), which balked at the prospect of becoming "pro bono lawyers for private copyright holders regardless of their resources." The DoJ argued against the provision in a letter and Senator Wyden was successful in having it removed.

It's important to recognize that even in the face of the bill's signing, we've won some key battles. With your vigilance on copyright issues and by taking actions with public interest organizations like EFF and Public Knowledge, we can make even greater progress in keeping bad law from being made.

[Permalink]

Government Painfully Fuzzy on the Effects of Infringement

Last week, the U.S. Chamber of Commerce urged President Bush to sign the PRO-IP Act, claiming that "counterfeiting and piracy of [intellectual property] is a growing problem that costs U.S. businesses nearly $250 billion in revenue each year [and] has already caused the loss of an estimated 750,000 American jobs..." Both figures, $250 billion and 750,000 jobs, are cartoonishly large and have activated the investigatory instincts of some smart reporters. What have they found?

Wired blogger David Kravets' investigation led to nowhere -- the U.S. Chamber of Commerce claimed that the jobs figure comes from the U.S. Department of Commerce. Meanwhile, the U.S. Department of Commerce claimed that the measurement was provided by the U.S. Chamber of Commerce. (Thanks to the government's ignorance, Kravets became stuck in an infinite loop and needed to be rebooted.)

Julian Sanchez at Ars Technica had a bit more luck in his dogged pursuit for answers, going so far as to file a Freedom of Information Act request with the Department of Commerce! But after reaching a few dead ends and ending up with a flawed International Trade Commission survey from 1988, he concludes that "...both numbers are seemingly decades old, gaining a patina of currency and credibility by virtue of having been laundered through a relay race of respectable sources, even as their origin recedes into the mists."

It's clear that the government has been thoroughly hoodwinked -- the big players in the copyright industry pretend that the effects of infringement are absolute and harmful, despite many ambiguities and a lack of hard facts. One thing is for sure -- it is harmful for the government to ratchet up IP enforcement based on this flawed, empty data.

[Permalink]

Chinese Skype Client Hands Confidential Communications to Eavesdroppers

This Wednesday, Information Warfare Monitor published damning evidence showing that TOM-Skype, the version of the voice and chat program distributed in China not only blocks keywords from chat conversations, but also spies on and remotely reports the contents of Skype users' private text conversations. This directly contradicts Skype's previous assurances that "full end-to-end security is preserved and there is no compromise of people’s privacy", even on the customized Chinese client.

This special breached version of Skype, distributed by the Chinese portal company TOM Online, has long been known to block certain contentious phrases from instant message conversations. IWM's Nart Villeneuve's research shows that when these keywords are mentioned in conversations, the client software also sends an encrypted message to one of eight remote servers hosted in China.

Due to poor security on these servers, Villeneuve was able to uncover what was being sent: extensive logs on user activity, including archives of more than 166,000 censored messages from 44,000 users.

The TOM-Skype client was introduced as part of a business deal between Skype's parent company, eBay, and the Chinese Internet company. Skype has denied involvement in TOM's additions to their core client software, but it was well aware that TOM had introduced censorship features into the Chinese Skype client. At that time it asserted that its users' privacy was nonetheless secure. We now know that Skype is in no position to make that assurance.

This breach is not an isolated Chinese problem. All Skype users are affected; conversations will be monitored even if only one side of a coversation is using the Chinese client. As of June 2007, there were 42 million registered users of TOM's compromised client, increasing at a rate of 70,000 new users per day. Anyone communicating with those millions will find their communications monitored and potentially reported to an unknown third-party - even if they are not using the TOM client themselves.

What can Skype do? While it might disclaim responsibility, arguing that this political spyware was not directly written by its own coders, the company is directly implicated by its close relationship with TOM. When Chinese visitors go to the Skype homepage, they are redirected to a page offering a download of TOM's compromised client version. TOM's Skype page in turn indicates that TOM's version is an authorized Skype product for Chinese users. Skype does not warn its visitors of the differences between the non-Chinese client and TOM's client, and has made no effort to pro-actively monitor what differences there are, or convey the implications of those differences to users.

Villeneuve spent many hours decoding the extra packets to understand what was going on: Skype's own engineers could surely have spotted this behavior in seconds. Instead, an eBay spokesman said that the software's behaviour was "changed without [its] knowledge or consent and [it is] extremely concerned."

At a minimum, eBay can show its commitment to "the security and privacy of [its ] users" by terminating its relationship with TOM and withdrawing TOM's permission to use eBay trademarks. It should no longer redirect to TOM, instead presenting an eBay-developed Chinese-localized version of Skype. It should also prominently warn its own users of the dangers of talking to those using the compromised client. It should attempt to obtain binding assurances from TOM that all copies of the logged data have been destroyed, and should advise all affected users whether this has taken place.

In the meantime, if you want to chat securely, consider using Off the Record Messaging (OTR) on another instant messaging network. OTR is a publicly audited security protocol that does not depend on a third-party. It can run on a number of different instant messaging networks, and is implemented by a range of software products on MacOS, Windows, and Linux. For more peace of mind, use OT in conjunction with open source products like Pidgin, Miranda or Adium. The code of open source software is available for examination by anyone, which minimizes the possibility of a government trojan being inserted into the final downloadable version. OTR will not prevent governments from monitoring the destination of instant messages, but it will protect the contents of your messages.

(Villeneuve also found logs containing information about user's Skype voice calls, including times and destination usernames and numbers. There is no indication that the contents of Skype voice calls themselves were recorded or transmitted. Because Skype's audio encryption protocol remains secret, however, we only have eBay's assurances on its invulnerability to external surveillance. From now on, users may have less reason to trust the company's word on matters of privacy or security without external confirmation.)

[Permalink]

California Governor Signs Off On New Protections for Free Speech

California Governor Arnold Schwarzenegger yesterday signed Assembly Bill 2433 and filled a significant gap in protection for anonymous speech online. Authored by Assemblymember Paul Krekorian and co-sponsored by EFF, the California Anti-SLAPP Project and the California Newspaper Publishers Association, the new law allows speakers who successfully oppose the use of bogus out-of-state litigation to obtain their identities to recover attorneys' fees. Assemblymembers Sally Lieber and Anthony Portantino co-authored the bill.

One of the most pernicious threats to anonymity is the filing of trumped-up lawsuits as an excuse to force ISPs to reveal speakers’ identities. Once such a lawsuit is filed, speakers who want to protect their anonymity must find a way to pay a lawyer to go to court and prevent disclosure of their personal information. That can be a real hardship—in fact, even the threat of having to go to court may discourage many people from speaking out in the first place.

Californians have long had an extra layer of protection against these lawsuits. Thanks to California’s anti-SLAPP law (SLAPP stands for Strategic Lawsuits Against Public Participation) they can file a special motion to strike any cause of action based upon their speech or petition activity. The anti-SLAPP law works fine to stop an abusive subpoena if the underlying lawsuit is filed in California. But there’s a loop-hole: An appellate court recently ruled that the anti-SLAPP provisions don't apply if the underlying lawsuit is filed outside of California. As a result, speakers and companies in California were exposed to frivolous satellite litigation without the shield of deterrence provided by the anti-SLAPP law. AB 2433 closed this loophole by amending California law to provide that individuals whose information is subpoenaed can move to quash the subpoena (i.e, to prevent production of the requested information) and, if they succeed, seek compensation for the costs of going to court.

Kudos to Assemblymember Krekorian and his coauthors for spearheading this legislation and protecting free speech online!

[Permalink]

Secret Counterfeiting Treaty Must be Made Public

EFF and more than 100 public interest organizations from around the world are calling for answers about the Anti-Counterfeiting Trade Agreement (ACTA) today.

Based on leaked documents and industry comments about ACTA, we believe the treaty could require Internet service providers to monitor all consumers' Internet communications, interfere with fair use of copyrighted materials, and criminalize peer-to-peer electronic file sharing. However, the full text of the treaty and other relevant documents remain secret. That's why the coalition today is demanding the immediate release of the ACTA draft.

Time is running out: ACTA proponents want this secret treaty signed before the end of the year. Contact your senator now and urge them to make this process public.

[Permalink]