Colorado-based Ciber Inc., the largest laboratory that tests software used in U.S. voting systems, has been temporarily banned from approving new systems following problems discovered last summer by the Election Assistance Commission. In July, the EAC began a new oversight program that increased the level of scrutiny that independent testing authorities ("ITAs") must satisfy in order to be able to review candidate voting systems. The EAC found that Ciber was not following proper quality-control procedures and could not document that it was conducting all the required tests. Ciber's renewed petition for accreditation is currently under EAC review.
Join EFF for a birthday bash to celebrate 16 years fighting for your rights. The party will be on January 11, 7-10 PM at 111 Minna Gallery in San Francisco. DJ Ripley and Kid Kameleon will be keeping the dancefloor hopping all night long. EFFers will also be on hand to briefly recap the year in digital rights, and we'll be receiving a very generous birthday present from Scott Beale of Laughing Squid.
A $20 donation gets you in the door. No one will be turned away for lack of funds, and all proceeds go toward our work defending your digital freedom.
This fundraiser is open to the general public. 21+ only, cash bar.
Another key member of the House of Representatives has weighed in on the disputed Florida Congressional election, saying that not only the litigants but the House itself would benefit from more open discovery. On Thursday, the incoming Chairwoman of the House Administration Committee, which has the responsibility for evaluating any House election contest, submitted a letter to the Florida First District Court of Appeal expressing concern with the inability of the Plaintiffs to pursue their claims.
In her letter, Chairwoman Millender-McDonald (D-CA) stated:
It is [...] of concern that the parties have been unable to agree upon, and that, on December 29th, the lower court declined to order, the requested access to the hardware and software (including the source code) needed to test the contestant's central claim: voting machine malfunction.
Want to know if your Congressional representatives filled their campaign coffers with the entertainment industry's cash? Look no further than the Center for Public Integrity's awesome Media Tracker. The new version helps you learn more about major media companies, including a detailed history of all campaign contributions to all candidates for Congress and the Presidency, dating back to 1998. The neat "Power Trips" tracks legislators' travel that was paid for by a company.
To get you started, check out the new House Internet and Intellectual Property Subcommittee Chairman Howard "Hollywood" Berman. Telling, no?
The Supreme Court has denied a request to review Gilmore v. Gonzales, a case challenging a government order that requires travelers to show ID before boarding planes at American airports. The Transportation Security Administration has refused to let the public see the order, claiming that it's "sensitive security information."
This evening at CES 2007, Disney's CEO Bob Iger delivered a keynote jam-packed with multimedia glitz. But here's the line that got the spontaneous audience applause:
"The best way to combat piracy is to bring content to market on a well-timed, well-priced basis."
In fact, he didn't say a single word about DRM or other content restrictions. What a nice change from CES 2004, where Hewlett-Packard's Carly Fiorina went out of her way to kowtow to the entertainment industry's "piracy" fears. This year, most of Mr. Iger's keynote was about celebrating a certain pirate (Jack Sparrow), rather than demonizing fans.
Let's hope we'll be seeing more of that in 2007.
On January 4, a federal judge issued an injunction prohibiting the whole world from posting links to important documents about Eli Lilly's drug, Zyprexa, on a public wiki. On January 8, EFF was in court on behalf of one of the wiki's contributors.
Here's the story in a nutshell.
Internal Eli Lilly documents leaked out of a products liability lawsuit about Lilly's best-selling drug, Zyprexa. The New York Times got them, and reported (plus follow up pieces: 1, and 2) that the documents show that Lilly has deliberately downplayed potentially dangerous side effects of the drug, as well as pushing the drug for "off-label" uses not approved by the FDA.
Great gadgets for your music collection are all over CES: servers that stream to devices throughout your house, slick portable players and music cell phones, place-shifting software that lets you -- and your friends -- hear your collection from any computer, and much more. But if you want to do more with your DVD collection, you can basically forget about it.
Michael Gartenberg sums up one theme of CES nicely:
"A few years ago, it was all about convergence, the merging of all functionality into a single device. This year, it's all about how to integrate the diversity of devices that consumers are using into a whole that allows for the information and content they want to flow seamlessly from device to device....
"DRM restricts the flow of content seamlessly. Likewise, home networks are still a huge issue (but lots of stuff being shown at CES that can help potentially overcome some of this stuff)."
If you want to liberate your media from its DRM chains without circumventing them, you are increasingly dependent on the analog hole (all your digital outputs are belong to Hollywood, right?).
We've already talked up the Neuros MPEG4 Recorder on this blog, and at CES we found a similar device called the iRecord. You can record any analog video or audio output direct to your iPod or PSP using this gadget. While Hollywood says it's illegal for you to rip your DVD to your iPod, you can copy the DVD this way. (And how else are you going to get your shows from your TiVo Series 3 to your iPod? Hollywood and the cable companies killed TiVoToGo on the Series 3, you'll recall.)
On Wednesday, January 17, the San Francisco Police Commission will meet to vote on the installation of 8 additional public surveillance cameras in the city. If you live there, it's critical that you take action now to stop this ineffective, expensive, and privacy-invasive initiative.
Studies have shown that surveillance cameras do not reduce crime on city streets, and have enormous potential for abuse. Public monies are better spent on alternatives with proven track records in reducing crime.
What you can do: The most important thing you can do is attend the Police Commission meeting to tell them that you oppose the camera installation.
Where: San Francisco City Hall, Room 400
When: Wednesday, January 17th, 5:30pm
- Sununu: FCC Tech Mandates Must Be Banned
Republican Senator proposes law that would stop broadcast,
audio flags in their tracks.
- How to Save the Classics
If libraries dump the classics, the real solution is the
- Sealand for Sale
One used crypto-utopia, going cheap.
- Studios OK DeCSS on Movie Downloads
Requires new blank DVDs, new burners - and probably
reprogramming of the audience's wishes.
HD-DVD and Blu Ray discs haven't been on the market for long, but a tool called BackupHDDVD is already available to help users evade the discs' DRM. Is this tool the end of the AACS encryption scheme, or will the movie studios be able to repair the hole? Computer security experts Ed Felten and Alex Halderman have the answer in a series of posts that puts in layman's terms how AACS works and how it might be attacked.
The bottom line: "[BackupHDDVD] isn't a big deal by itself, but it is the first step in the meltdown of AACS."
Way back in 1996, Congress directed the FCC to foster useful, competitive alternatives to cable providers' proprietary set-top boxes. As we saw at CES, several alternatives that rely on CableCARD technology are finally coming to market, and now the FCC has taken another step towards putting them on a more level competitive playing field.
Yesterday, the FCC denied Comcast's request for a permanent waiver from the "integration ban," which in effect forces cable providers to rely on CableCARD in their own set-top boxes. Without the ban, providers would be able to continue pushing their own proprietary set-top boxes on customers, treating CableCARD devices (such as TiVo Series 3 HD) like second-class citizens. The ban had been delayed twice before due to cable industry pressure and will go into effect on July 1.
Over the past year, a self-described "fifth-tier blogger" who publishes under the pseudonym Spocko (www.spockosbrain.com) posted audio clips of what he deemed to be offensive and violent talk radio rhetoric from ABC-owned and San Francisco-based KSFO-AM and apparently succeeded in encouraging several advertisers to pull their ads from the station. ABC-corporate struck back, sending a vague, threatening letter to his hosting company, 1&1 Internet, who promptly shut him down instead of standing up for his rights. (Spocko, now back online, subsequently moved his business to Computer Tyme, a host with more backbone.)
The new Congress has barely begun, but the major record labels are already up to their old tricks.
Sen. Dianne Feinstein has re-introduced the PERFORM Act, a backdoor assault on your right to record off the radio. Satellite and digital radio stations as well as Internet webcasters would have to adopt digital rights management (DRM) restrictions or lose the statutory license for broadcasting music. Letters from constituents like you helped beat this dangerous proposal last year -- take action now to block it again.
This bill aims to hobble TiVo-like devices for satellite and digital radio. Such devices would be able to include "reasonable recording" features, but that excludes choosing and playing back selections based on song title, artist, or genre. Want to freely move recordings around your home network or copy them to the portable player of your choice? You'll be out of luck if PERFORM passes.
Thanks to everyone that attended our party Thursday night! The event at the 111 Minna Gallery to celebrate our 16th year was packed with hundreds of civil libertarians and digital luminaries. In addition to having fun and mingling with our many beloved supporters, EFF raised several thousand dollars in cash donations. As an added bonus, we had the pleasure of receiving a check in the amount of $3561 from Laughing Squid founder Scott Beale. Thanks, Scott! The outpouring of support proves we'll be here for another 16 years, fighting to defend your digital rights.
Update: Watch speeches from Legal Director Cindy Cohn and Chairman of EFF's Board Brad Templeton at the party here.
EFF's audio segment, Line Noise, returns with a visit to the Consumer Electronics Show. Activist Derek Slater takes a look at the latest gadgets, with an eye to how the market has been affected by the shifting sands of copyright law.
Hey, RIAA, satellite radio and webcasters already pay you licensing fees. Leave their engineers alone.
Much of the coverage of the PERFORM Act, S. 256, recently reintroduced by Senator Feinstein (D - Calif.), seems to treat the issue as a tussle between XM and the RIAA over royalties. More important, however, is the DRM mandate tucked in there.
Webcasters and satellite radio both rely on compulsory licenses that permit them to broadcast whatever music they like, so long as they pay a license fee and follow a variety of rules (like playing no more than 3 songs from any one album in any 3-hour time period, if you're a webcaster).
"I would like to make it clear that I regret filing DMCA claims in this case, because the real issue at hand wasn't at all about copyright."
EFF was back in court January 16-17 defending the right of an anonymous wiki contributor to post links to important internal Eli Lilly documents about its biggest-selling drug, Zyprexa. After hearing two days of testimony from those involved (and not involved) with the disclosure of the Lilly documents, the judge has ordered additional briefs and promised a decision sometime in early February.
Unfortunately, he also extended his January 4 injunction that bars anyone from posting the documents or information that would "facilitate the dissemination of the documents" (presumably, including links) to zyprexa.pbwiki.com until he is able to issue his ruling.
The Santa Barbara News-Press needs a lesson in the First Amendment. Insisting that an anonymous comment posted for a few hours on a news blog skewed a labor unionization vote, the publisher of the newspaper is demanding that Google disclose the blogger's account information.
The 183 member states of the UN's World Intellectual Property Organization are gathered in Geneva this week to discuss the controversial draft WIPO Broadcasting Treaty. EFF's main concern with the current treaty draft - shared by the other 40 public interest groups, companies and industry groups that have submitted a joint statement to WIPO this week - is that it is not limited to signal theft.
Microsoft is trying to set its Zune media player apart from the iPod by showcasing its remarkably limited sharing feature. Many reviews have harped on how shared songs can only be played three times over three days. But the restrictions are actually even worse -- if you read the fine print, you'll find that "The Zune to Zune sharing feature may not be available for all audio files on your device."
In fact, Engadget reports that certain songs bought at Microsoft's own store cannot take advantage of Zune's sharing. All the songs come wrapped in DRM, and apparently Microsoft doesn't tell customers at the time of purchase whether songs can be shared or not.
Apparently, this year's MIDEM conference, the music industry's international trade show, took place in a parallel universe where the major record labels may be willing to ditch music download DRM. And this parallel universe may be coming to an online store near you in 2007.
Last weekend, Darren Barefoot posted Get a First Life, a hysterical parody of virtual world Second Life's website. The creators of Second Life responded with a letter that is so right-thinking and clever that it would horrify the over-reaching copyright and trademark holders whose missives litter the archives of ChillingEffects.org
Instead of a cease-and-desist letter, Linden Labs sent a proceed-and-permit letter.
The Election Assistance Commission is charged with ensuring that our voting systems are reliable and secure. Each machine is "supposed" to be subjected to rigorous tests before being certified, and the EAC was recently empowered to oversee that process.
At least that's the theory. As Aaron Burstein and Joseph Lorenzo Hall show in their recent opinion piece in Roll Call, however, the revelation that the EAC de-certified a major testing company (Ciber) in the summer of 2006 but did not notify election officials until long after the 2006 election demonstrates that EAC suffers from a culture of secrecy that undermines the very goals it is supposed to protect.
Ars Technica (via Tim Lee) explains some of the many ways that HDCP restrictions will break compatibility with your digital video devices. HDCP restricts connections to video displays through DVI (including HDMI) digital outputs, so that content can only be outputted to hobbled, DRM-restricted systems. You may have invested thousands of dollars in HD displays and receivers, but HDCP could force you to throw them out and buy new ones.
Along with intentionally limiting the devices you can use, HDCP also produces arbitrary and unpredictable incompatibilities. Ars provides a few examples:
- Andy Griffith Stands Up to Warrantless Wiretapping
Mayberry's privacy rights more secure than the modern
- How Do New NSA Spy Warrants Work? One Expert Speculates
Jim Dempsey tries to work out what it might mean.
- Your Privacy Law Role-Call
All the new privacy bills on their way to Congress, as
collected by PogoWasRight.
- Brewster Kahle's Orphan Works Case Denied
Professor Chris Sprigman offers legal analysis.
On January 26th, Stanford Law School will host a symposium called "Beyond a Physical Conception of the Fourth Amendment: Search and Seizure in the Digital Age." Six experts will present papers on a variety of privacy and technology issues, including RFIDs and protections for private information stored online. EFF Staff Attorneys Kevin Bankston and Kurt Opsahl will be there, and you can find out more about attending here.
Over five years since it first began, the NSA's massive domestic spying program remains shrouded in secrecy. Recently, the Bush Administration announced that it has let the shadowy FISA court review the program, but that's not enough -- the President must abide by the law and answer to the traditional court system, Congress, and the American public. Use our Action Center to demand immediate Congressional investigations.
Three federal courts have already rejected the government's bogus arguments and allowed cases to go forward regarding the secret surveillance. With its back against the wall, the Administration has finally conceded that judicial review should be involved at some level.
This YouTube clip from the Andy Griffith Show is the sort of civics lesson that Attorney General Alberto Gonzales would do well to study. Guilherme Roschke from the Electronic Privacy Information Center (EPIC) has some background (via BoingBoing):
I shared the video with my colleagues here at the Electronic Privacy Information Center. With some digging, one of my colleagues figured out that this show aired on October 30, 1967. That's two weeks after the Supreme Court heard the oral arguments in Katz vs. United States. The FBI had tapped a phone booth without a warrant, and convicted a gambler based on that. The Katz court overturned the conviction, stating that the 4th amendment prohibits this sort of a wiretap without a warrant.
Nearly three years ago, EFF published a paper advocating voluntary collective licensing for P2P, a system that would get artists paid and allow fans to keep sharing music however they like for a flat fee. It seems the major record labels may finally be coming around to this sensible solution:
"This year, with music sales still sinking like a rock, the record labels are no longer apoplectic about the possibility of such a fee, which could be collected by Internet service providers through their customers' monthly subscription charges.
Slyck News has posted an interview with muslix64, the coder responsible for the BackUpHDDVD tool that helps movie fans get around the next-gen DVDs' DRM restrictions. Muslix64 makes plain that he's no "pirate" -- he's just an "angry customer" who wanted to play his lawfully-acquired movie on his own PC.
"With the HD-DVD, I wasn't able to play my movie on my non-HDCP HD monitor. Not being able to play a movie that I have paid for, because some executive in Hollywood decided I cannot, made me mad..." (link, mine)
DRM isn't doing anything to stop "Internet piracy," but it is creating more and more frustrated customers like muslix64.
Over five years since it first began, the NSA's massive domestic spying program remains shrouded in secrecy. Despite the President's determination to dodge meaningful oversight, key members of the newly elected Congress may soon take steps to rein in this illegal activity.
In an interview with the LA Times, Senator Jay Rockefeller, the new Chairman of the Senate Intelligence Committee, "rejected the Bush administration's claim that it had brought a controversial domestic spying program into compliance with the law, saying he wanted strict new rules requiring the government to obtain a separate warrant every time it places a wiretap on a U.S. resident."
In an instant, Seclists.org, including thousands of pages, vanished from the Internet this week. And if your online service providers have as weak a backbone as GoDaddy, the same thing could happen to your site.
Here's the story (as recounted by News.com): A list of MySpace user names and passwords began floating around online weeks ago, including in a Seclists.org post and many other places online. Rather than ask the Seclists.org's owner, Fyodor Vaskovich, to remove a single offending page, MySpace wrote to his domain name registrar GoDaddy, which shut down all 250,000 Seclists.org pages.
Did GoDaddy demand to receive a court order first? Was it at any legal risk? No. Apparently all it took was a single informal request from MySpace, and Seclists.org was gone, a mere 52 seconds after GoDaddy notified Vaskovich.
The Real ID Act took a blow last week, when Maine became the first state to formally declare its opposition. The Maine legislature voted overwhelmingly to refuse to comply with the act's mandates, and requested that Congress repeal the law.
The Real ID Act essentially forces states to create a national ID. Under the law, state drivers licenses will only be accepted for "federal purposes" -- like accessing planes, trains, national parks, and court houses -- if they conform to certain uniform standards. The law also requires a vast national database linking all of the ID records together. Estimated costs of $12 billion or more will be passed on to the states and, ultimately, average citizens in the form of increased DMV fees or taxes.
The basic story has been widely covered: working with the RIAA, the Georgia police recently raided the studios of Aphilliates Music Group and arrested DJ Drama and DJ Cannon over the hip hop "mixtape" CDs that the studio is famous for. These are the same mixtapes that the record labels often pay DJs to create to promote their own hip hop artists.
In the aftermath of the arrests, the blogosphere is taking over the coverage, demonstrating its value as a medium that continues to cover events after many traditional journalists have branded it "yesterday's news" or "too complicated for our readers."
It's been just over a week since the WIPO Standing Committee on Copyright and Related Rights met in Geneva with the intention of finalizing a new signal-based Broadcasting Treaty to be the basis of negotiations at an inter-governmental Diplomatic Conference scheduled for November. However, after three days of intense meetings, it's impossible to say with any certainty what a new version of the treaty would say.
Yesterday, we had a new development in the ongoing fight over the release of incriminating internal Eli Lilly documents relating to their top-selling drug, Zyprexa (background here: 1, 2, 3). In an "order and invitation" issued yesterday, Judge Weinstein has "invited" Alex Berenson, the New York Times reporter who broke the Zyprexa documents story, to appear in court "to explain the circumstances of his obtaining documents sealed by the court."
- DMCA for China?
A new copyright law would make it an offense in China to
"break encryption set by copyright owners."
- AACS to Pursue DRM Circumventors
Says it will use "both technical and legal measures." So,
will they be suing their own members for leaving the title
keys in the clear?
- Vista's New DRM Crumbles
Alex Ionescu bypasses the driver-signing requirement for
playing Vista premium content. This would mean that you
could play HD movies using open source hardware, except
that Alex is cagey about publishing with the DMCA hanging
over his head.
After numerous delays, Microsoft has launched its new Vista operating system and proclaimed the "Wow starts now." Thanks for filling us in, Microsoft, but what is there to be wowed about? Maybe Microsoft's talking about the collective gasp among consumers who are looking at the litany of restrictions buried within Vista's End User License Agreement (EULA).
As law professor Michael Geist explains in an editorial this week, "In the name of shielding consumers from computer viruses and protecting copyright owners from potential infringement, Vista seemingly wrestles control of the ‘user experience' from the user."
Florida Governor Charlie Crist says his state should dump the touch-screen voting systems that were installed after the disputed 2000 presidential race in favor of more reliable optical-scanning machines. Voters would mark up a paper ballot and be able to verify their vote on the spot with a paper receipt.
"You go to an ATM machine, you get some kind of a record. You go to the gas station, you get a record. If there's a need for a recount, it's important to have something to count," said Crist. The governor plans to ask the Florida legislature for $20 million to replace the touch-screen machines.