Whitepapers
A Better Way Forward: Voluntary Collective Licensing of Music File Sharing
April, 2008The current battles surrounding peer-to-peer file sharing are a losing proposition for everyone. The record labels continue to face lackluster sales, while the tens of millions of American file sharers—American music fans—are made to feel like criminals. Every day the collateral damage mounts—privacy at risk, innovation stymied, economic growth suppressed, and a few unlucky individuals singled out for legal action by the recording industry. And the litigation campaign against music fans has not put a penny into the pockets of artists. We need a better way forward.
Packet Forgery By ISPs: A Report on the Comcast Affair
November, 2007Comcast is the second largest Internet Service Provider (ISP) in the United States. Some time around May 2007, Comcast installed new software or equipment on its networks that began selectively interfering with some of Comcast's customers' TCP/IP connections.
Detecting packet injection: a guide to observing packet spoofing by ISPs
November, 2007Certain Internet service providers have begun to interfere with their users' communications by injecting forged or spoofed packets - data that appears to come from the other end but was actually generated by an Internet service provider (ISP) in the middle. This spoofing is one means (although not the only means) of blocking, jamming, or degrading users' ability to use particular applications, services, or protocols.
Six Tips to Protect Your Search Privacy
September, 2006Google, MSN Search, Yahoo!, AOL, and most other search engines collect and store records of your search queries. If these records are revealed to others, they can be embarrassing or even cause great harm. Would you want strangers to see searches that reference your online reading habits, medical history, finances, sexual orientation, or political affiliation?
How To Not Get Sued for File Sharing
July, 2006As of July 2006, the RIAA has sued over 20,000 music fans for file sharing in just under three years. In 2004, the Motion Picture Association of America (MPAA) joined< this misguided, anti-consumer crusade. Filing lawsuits against anonymous "Doe" defendants, the RIAA and MPAA seek to uncover the identities of P2P users and force them to pay thousands of dollars in settlements. Many innocent individuals are being caught in the crossfire. While there is no way to know exactly what the RIAA and MPAA are going to do or who they are going to sue, users of publicly-accessible P2P networks can take the following steps to reduce their chances of being sued:
Unintended Consequences: Seven Years under the DMCA
April, 2006This document collects a number of reported cases where the anti-circumvention provisions of the DMCA have been invoked not against pirates, but against consumers, scientists, and legitimate competitors. It will be updated from time to time as additional cases come to light. The latest version can always be obtained at www.eff.org.
IAAL*: What Peer-to-Peer Developers Need to Know about Copyright Law
January, 2006This piece is meant as a general explanation of the U.S. copyright law principles most relevant to P2P file-sharing technologies.
Investigating Machine Identification Code Technology in Color Laser Printers
July, 2005At the request of the United States Secret Service, manufacturers developed mechanisms that print in an encoded form the serial number and the manufacturer's name as indiscernible markings on color documents. This paper investigates these codes in detail.
When Push Comes to Shove: A Hype-Free Guide to Evaluating Technical Solutions to Copyright Infringement on Campus Networks
June, 2005For years, university administrators have faced a growing challenge: fighting copyright infringement on campus networks. Confronting this challenge has not been easy and neither has choosing the right tool for the job.
Digital Rights Management: A failure in the developed world, a danger to the developing world
March, 2005Fair Use and Digital Rights Management: Preliminary Thoughts on the (Irreconcilable?) Tension between Them
March, 2005As of July 2006, the RIAA has sued over 20,000 music fans for file sharing in just under three years. In 2004, the Motion Picture Association of America (MPAA) joined< this misguided, anti-consumer crusade. Filing lawsuits against anonymous "Doe" defendants, the RIAA and MPAA seek to uncover the identities of P2P users and force them to pay thousands of dollars in settlements. Many innocent individuals are being caught in the crossfire. While there is no way to know exactly what the RIAA and MPAA are going to do or who they are going to sue, users of publicly-accessible P2P networks can take the following steps to reduce their chances of being sued.
Dangerous Terms: A User's Guide to EULAs
February, 2005We've all seen them – windows that pop up before you install a new piece of software, full of legalese. To complete the install, you have to scroll through 60 screens of dense text and then click an "I Agree" button. Sometimes you don't even have to scroll through to click the button. Other times, there is no button because merely opening your new gadget means that you've "agreed" to the chunk of legalese.
Noncommercial Email Lists: Collateral Damage in the Fight Against Spam
November, 2004In their zeal to stop spam, many organizations and companies are blocking the delivery of wanted messages, especially those sent through email lists. This problem is exacerbated by the fact that most blocking processes are not transparent to the email sender or recipient, and email users are generally given little or no control over which emails are blocked.
Meditations on Trusted Computing
May, 2004In 1641, in his Meditations on First Philosophy, mathematician and philosopher Rene Descartes asked how it is that we can trust our senses. What if, he asked, everything we experience is actually part of a delusion created by an omnipotent demon bent on deceiving us? It turns out that a similar question has been weighing on the minds of Microsoft, Intel, and a number of other computer companies.
Accessibility and Auditability in Electronic Voting
May, 2004Nearly one-third of American voters – over 50 million people – live in districts that will use electronic voting terminals to elect the next president.1 However, widespread reports of voting terminal failures,2 and growing concern about the security of these machines, are fueling fierce debate over how to ensure the integrity of our elections.
Best Practices for Online Service Providers
April, 2004Online service providers (OSPs) are vital links between their users and the Internet, offering bandwidth, email, web, and other Internet services. Because of their centrality, however, OSPs face legal pressures from all sides: from users, industry, and government. Here we offer information for people who run and use OSPs in order to help them make sound, ethical decisions about how to safeguard private data and preserve freedom of expression online.
Trusted Computing: Promise and Risk
October, 2003Computer security is undeniably important, and as new vulnerabilities are discovered and exploited, the perceived need for new security solutions grows. "Trusted computing" initiatives propose to solve some of today's security problems through hardware changes to the personal computer.
Unsafe Harbors: Abusive DMCA Subpoenas and Takedown Demands
September, 2003The DMCA has been used to invade the privacy of Internet users, harass Internet service providers, and chill online speech. The subpoena and takedown powers of Section 512 are not limited to cases of proven copyright infringement, and are exercised without a judge's review. The following is a small sampling of abuse, overreaching, and mistakes in the use of Section 512(h) subpoenas, Section 512(c)(3)(A) notices, and equivalents. Judicial oversight could curb these abuses without interfering with copyright enforcement.
Biometrics: Who's Watching You?
September, 2003Among the many reactions to the September 11 tragedy has been a renewed attention to biometrics. The federal government has led the way with its new concern about border control. Other proposals include the use of biometrics with ID cards and in airports, e.g. video surveillance enhanced by facial-recognition technology. The purpose of this document is to sketch out EFF's concerns about biometrics.
Digital Rights Management: The Skeptics' View
April, 2003A wide variety of technologies travel under the banner of "digital rights management" (DRM). In appropriate circumstances, these technologies can solve real problems for users, technology vendors, and content owners. Some, however, have made more ambitious claims for DRM, suggesting that these technologies represent the best hope for the entertainment industries as they struggle to evolve in a networked economy. But DRM is not without costs.
