EFF Moves to Block New Jersey Township's Attempt to Unmask Critical Blogger

Posted by Matt Zimmerman

Today, EFF took action in our latest representation aimed at protecting the anonymity of an online speaker. And in this case, for a slight change of pace, the at-fault litigant is a governmental entity.

On June 13, 2007, the New Jersey Township of Manalapan filed a malpractice suit against its former attorney Stuart Moskovitz, alleging misconduct regarding the Township's purchase of polluted land in 2005. The decision to file suit was met by a lively debate in the regional press and among local bloggers. One blogger who was particularly critical of the Township, of this and other decisions, was Blogspot blogger "datruthsquad" (http://datruthsquad.blogspot.com). Inexplicably, attorneys for the Township issued a subpoena to Google (owner of Blogspot) demanding that the identity of this anonymous critic be turned over, along with datruthsquad's contact information, blog drafts, e-mails, and "any and all information related to the blog." Despite repeated requests from EFF (now representing datruthsquad) to explain how this could be anything other than an attempt to out a vocal critic, attorneys for the Township refused to withdraw the subpoena and informed EFF that it could go to court to object to the subpoena if it so chose.

Today, EFF filed a motion to quash the subpoena and for a protective order to prevent the Township from issuing similar subpoenas in the future. Oral argument is currently scheduled for December 21st.

This case offers a number of twists that set it apart from an "ordinary" Doe case, but one in particular is worth noting: even if the Township had some legitimate need for the identity of its vocal critic (which it does not), it is absolutely barred from using an ordinary discovery subpoena to obtain such identity-related information. The federal Stored Communications Act (18 USC §§ 2701-11) forces governmental entities to use other more restrictive procedures when they seek to uncover information stored with online providers, procedures that are subject to more intense court scrutiny. No matter how compelling the Township's justification, the law says that discovery subpoenas simply can't be used by the government for such purposes.

Will that inconvenient fact make any difference to the Township? Stay tuned.

For more information, see our Manalapan v. Moskovitz case page.

[Permalink]

Year-End 2007: Darknet Assumptions Still True

Posted by Fred von Lohmann

Princeton's Professor Ed Felten (full disclosure: he's an EFF board member) in a recent post on his blog reminds us that one of the core "Darknet premises" -- that DRM systems on mass media content will inevitably be broken -- continues to prove itself true. The victim this year, AACS:

We’ve been following, off and on, the steady meltdown of AACS, the encryption scheme used in HD-DVD and Blu-ray, the next-generation DVD systems. By this point, Hollywood has released four generations of AACS-encoded discs, each encrypted with different secret keys; and the popular circumvention tools can still decrypt them all. The industry is stuck on a treadmill: they change keys every ninety days, and attackers promptly reverse-engineer the new keys and carry on decrypting discs.

One thing that has changed is the nature of the attackers. In the early days, the most effective reverse engineers were individuals, communicating by email and pseudonymous form posts. Their efforts resulted in rough but workable circumvention tools. In recent months, though, circumvention has gone commercial, with Slysoft, an Antigua-based maker of DVD-reader software, taking the lead and offering more polished tools for reading and ripping AACS discs.

To many who follow DRM issues closely, this is hardly news; the regular breaking of DRM systems, followed by the steady leak of formerly-protected content into file-sharing channels, is now so common that it barely rates a mention in the tech press.

But copyright policy-makers still haven't gotten the message (hey, policy-maker: DRM does not slow piracy!!). Whether they get the message or not, this steadily mounting pile of empirical evidence continues to show that the anti-circumvention provisions of the DMCA (i.e., "thou shalt not circumvent DRM") are a failure if the goal was to impede digital infringement. At the same time, of course, the DMCA continues to be a valuable tool for rightsholders who want to use DRM to impede competition, innovation, and free speech.

[Permalink]

Arizona Affirms Strong Protections For Anonymous Speech Online

Posted by Corynne McSherry

An Arizona appellate court today joined a growing judicial consensus recognizing the need to protect the anonymity of online speakers from overreaching discovery requests.

Mobilisa, a Washington-based communications company, went to court last year to seek the identity of an individual who had obtained an email initially sent by company's CEO to his mistress. The individual forwarded the email to company employees. A lower court agreed to issue a subpoena requiring Doe's ISP to reveal Doe's personal information. Doe and the ISP, represented by longtime EFF cooperating attorney Charles Lee Mudd, Jr., immediately appealed. EFF and Public Citizen (with help from Arizona attorney John Flynn) filed an amicus brief in support of Doe, pointing out that strong protection for the right to engage in anonymous communication--to speak, read, listen, and associate without revealing your full identity--is fundamental to a free society. In fact, the tradition of anonymous speech is older than the United States. Founders Alexander Hamilton, James Madison, and John Jay wrote the Federalist Papers under the pseudonym "Publius."

Concerns about political or economic retribution, harassment, or even threats to their lives lead many people today to choose to speak anonymously. For these individuals and the organizations that support them, secure anonymity is critical, often to their very safety, and courts should not permit the use of trumped up legal claims as an excuse to silence people who need anonymity. At the same time, people who have legitimate grievances against anonymous speakers should be able to pursue them in court. Recognizing these competing concerns, courts around the country have set up a flexible test for those seeking to unmask anonymous speakers: they require litigants who seek an anonymous speaker's identity to show that they have given notice of the attempt to the Doe (so she can protect herself), present evidence to show their case is legitimate, and shown that their need for the information outweighs Doe's right to anonymity.

We're very pleased that the Arizona Court of Appeals affirmed this test and thereby struck the right balance between the competing interests of subpoenaing parties and the anonymous speakers they seek to unmask, recognizing that once an online user's anonymity and privacy have been eviscerated, they cannot be repaired.

[Permalink]

A Second Chance to See "Spying on the Home Front"

Posted by Rebecca Jeschke

As Congress gears up to debate giving amnesty to telecoms involved in illegal spying, the terrific Frontline documentary "Spying on the Home Front" will be rebroadcast Tuesday on many PBS stations across the country. This program examines just how far the government has gone with its surveillance program, and features EFF Legal Director Cindy Cohn discussing EFF's ongoing case against AT&T for its illegal collaboration with the NSA. AT&T whisleblower Mark Klein also tells his compelling story about his discovery of a "secret room" diverting AT&T network traffic to the NSA.

But our case is only part of the story. As Salon blogger Glenn Greenwald put it, the documentary "powerfully dramatizes the severity of privacy erosion at the hands of a federal government operating largely in the dark."

Check your local listings for times, or you can always watch the program on the Frontline website. Then tell lawmakers to stop the spying and to block amnesty for telecoms that broke the law.

[Permalink]

Join EFF for Jonathan Zittrain's "The Future of the Internet -- And How to Stop It"

Posted by Richard Esguerra

Next week, at 7:30 p.m. on Wednesday, November 28, noted cyberlaw scholar Jonathan Zittrain will deliver a presentation called "The Future of the Internet -- And How to Stop It." Zittrain will cover the pitfalls and solutions he sees looking forward, as freedom in the Internet ecosystem becomes increasingly threatened by the spread of closed, "appliancized tools" and rash approaches to security challenges. The event is being hosted by News.com at CNET Networks in San Francisco, and it's free and open to the general public. RSVP to: bayff-rsvp@eff.org

Check out the event page for more information.

[Permalink]

You Bought It, You Own It: Quanta v. LG Electronics

Posted by Fred von Lohmann

Earlier this week, EFF filed an amicus brief with the U.S. Supreme Court in Quanta v. LG Electronics, a case that asks whether patent owners can impose restrictions on what you can do with a product after you buy it. The brief, filed on behalf of EFF, Consumers Union, and Public Knowledge, makes a simple point: when a consumer buys a patented product from an authorized seller, the patent owner is not entitled to use patent law to restrict the purchaser's subsequent ability to use, repair, or resell the product.

In other words, you bought it, you own it.

"You bought it, you own it" is a principle that EFF has been fighting for on several fronts, against efforts by patent and copyright owners to put their intellectual property rights ahead of your tangible property rights. So, for example, EFF is defending Troy Augusto in his fight to resell CDs on eBay, notwithstanding UMG's "not for resale" labels. In 2004, EFF filed a brief in ACRA v. Lexmark, where Lexmark relied on a "single use only" label on laser printer toner cartridges to interfere with the market for refilled cartridges. And EFF has fought against copyright owners who try to use DRM to reach into your living room and restrict your uses of the CDs, DVDs, and other media that you've purchased.

In Quanta v. LG, the Supreme Court will addresses this issue in the patent context. For over a century, the Supreme Court has stood behind the "patent exhaustion doctrine," which establishes that the patent is "exhausted" upon the first sale of a product. Once it's been sold, the purchaser is free to use, repair, or resell it without fear of patent liability.

But trouble began in 1992, when the Federal Circuit (the federal court of appeal that handles patent cases) turned the patent exhaustion doctrine on its head in a case called Mallinckrodt v. Medipart, finding that patent owners could trump the exhaustion doctrine by imposing "conditions" on the sale. This opened the door for the "single use only" labels that you find on Lexmark's printer toner cartridges. It also gives the green light to a host of other post-sale use restrictions, such as "personal use only, not for resale" or "for use only with authorized components." Needless to say, these restrictions jeopardize independent repair services and refurbishers, and are already interfering with secondary markets like eBay and Craigslist. All of this is bad news for consumers.

Fortunately, EFF isn't alone in this fight. A number of amicus briefs have been filed urging the Supreme Court to reassert the patent exhaustion doctrine, including briefs from Dell, HP, eBay, IBM, NCR, independent auto repair services, and at least one biotech firm. Briefs in support of LG will be filed in December, and oral argument is set for January 16.

[Permalink]

Ninth Circuit Issues Decision in Al-Haramain Warrantless Wiretapping Case

Posted by Kurt Opsahl

Today the Ninth Circuit issued an opinion in Al-Haramain Islamic Foundation v. Bush, returning the case to the District Court for further consideration. Al-Haramain had sued the government, alleging that they had a document proving the Islamic charity was subject to the NSA warrantless surveillance program. The government asserted the case should be dismissed based on the state secret privilege. The Ninth Circuit found that while the very subject matter of the case was not a state secret, the document (which had been inadvertently disclosed by the government) remains a state secret, and returned the case to the lower court to determine whether the Foreign Intelligence Surveillance Act preempted the common law state secrets privilege.

The Ninth Circuit also issued an order separating Al-Haramain from Hepting v. AT&T, EFF's case against the telecommunications company for its participation in the warrantless surveillance program. Previously, the cases had been consolidated, and both were argued at the same hearing on August 15, 2007. There was no indication on when the appeals court might rule in the Hepting case.

[Permalink]

Senate Judiciary Committee Passes Surveillance Bill Without Telecom Amnesty

Posted by Richard Esguerra

UPDATE: Another victory -- the House of Representatives just passed the RESTORE Act, which does not give the telecoms amnesty. Read EFF's Media Release here.

With your help, EFF scored a victory today, as the Senate Judiciary Committee approved a surveillance bill without giving legal amnesty to telecoms that participated in warrantless spying programs. Telecom amnesty is aimed at derailing dozens of lawsuits against the telecoms for participating in a massive warrantless domestic surveillance program -- including EFF's class-action suit against AT&T.

The committee's vote on surveillance legislation came amidst continuing public opposition to telecom amnesty. Last week, Senator Dianne Feinstein of California made a statement in support of telecom amnesty, prompting outcry from her constituents in California -- this week, both the Sacramento Bee and the San Francisco Chronicle joined the chorus of editorials opposing telecom immunity.

We're heartened by this development and send big thanks to the members of the Senate Judiciary Committee that stood strong. But we're not out of the woods yet. Additional skirmishes over telecom amnesty are guaranteed when the surveillance bill reaches the Senate floor. Staunch allies of the administration are likely to continue pushing for amnesty, and others may be considering dangerous proposals that ultimately function as "trojan horses" for telecom amnesty.

Meanwhile, the House of Representatives is currently considering the RESTORE Act, the House surveillance bill similarly designed to update to Foreign Intelligence Surveillance Act (FISA). The RESTORE Act does not provide amnesty for telecoms and is supported by key leaders in the Democrat-controlled House.

[Permalink]

EFF to host student fellows for Google Policy Fellowship program

Posted by Richard Esguerra

This week, Google announced the Google Policy Fellowship, a program that gives students the chance to spend the summer working alongside host organizations on topics of Internet and technology policy. Much like how the Summer of Code project aims to develop and promote open source projects, Google is hoping that the policy fellowship project will advance debate on key policy issues affecting the public.

Fellows will receive a summer stipend while working with host organizations on particular topics, and EFF is opening its doors to host interested applicants. Google's application deadline is January 1, 2008--you can find out more about how to apply here.

[Permalink]

Undermining Freedoms in China: Yahoo! Learns the Cost of Facilitating Human Rights Abuses

Posted by Danny O'Brien

Yesterday, Yahoo! settled a US lawsuit with Shi Tao and Wang Xiaoning, two of the Chinese journalists who were imprisoned and tortured after their identities were handed over by Yahoo! to the Chinese authorities.

"It was clear to me what we had to do to make this right for them", said Jerry Yang in a statement today.

The terms of the settlement are secret, but the drubbing Yahoo! has received over this case has been excruciatingly public for the company. Few CEOs want to be described as representative of "moral pygmies" in a Congressional committee room.

Hopefully Yahoo!'s officers have learnt their lesson. Privacy and free expression should never be seen as something that can quietly be brushed aside when doing business in repressive regimes. We certainly hope, however, that Yahoo doesn't just view this as something they needed to "make right" once and that this spurs a broader movement by them and others to resist efforts to turn them into the handmaidens of oppression around the world.

Playing up to dictators can impose real costs on a Net company. If foreign Internet companies are to have any edge over local firms in these high risk markets, it is because the offer the possibility that they will not capitulate to the authorities, and will not bend to vague demands to restrict, or filter, or spy on their users for the local state. A defense of user privacy and free speech is, in the words of the marketplace, a "unique selling point" for US Internet companies in these markets, and they should trade on that fact, and design their technology to support these rights, not remove them.

The alternative - handing over data on political speakers, developing pro-active filtering tools and aggressively complying with the vague hints of the ruling bodies - opens companies up to the risk of lawsuits over here, and a swift race to the bottom with their domestic competition over there.

As companies like Google and Yahoo! have learned by hard experience, the bad publicity alone from facilitating human rights abuses is profoundly damaging to their global reputations.

But when seeking to prevent such behavior, it's important to remember that bad publicity can only have an effect on companies when there is publicity. It took a great deal of detective work to uncover what happened in the cases of Shi Tao and Wang Xiaoning. We do not know how many other dissidents have suffered in the same way from American online businesses choosing to ignore international human rights law. And in the rush to spotlight the failings of household brands here, the misbehavior of less well known Chinese giants, like Baidu.com, are often overlooked in the public policy debate - even when those companies benefit from domestic US capital markets like the NASDAQ.

Yahoo!'s decision to do the right thing by the families and friends of these imprisoned journalists should only be a start for that company. Hopefully, it will spur them to move from the back of the pack and become a leader among net companies of developing policies and practices that protect their users' worldwide.

EFF long ago proposed some basic principles for Congress to consider when drafting legislation to help companies doing business in repressive regimes to say "no" to human rights abuses. Maybe it's time to revisit them, and to urge Yahoo and others to take them on themselves, and for American investors to require that Chinese companies who want access to our capital markets comply as well.

[Permalink]