The Senate Intelligence Committee has affirmatively stated that it will not consider the Bush Administration's dangerous "FISA modernization" surveillance legislation until critical details about the NSA spying program are revealed. Noting that "the Administration's refusal to satisfy these document requests span over a year," the Intelligence Committee demanded "the President's orders authorizing the warrantless surveillance and the Department of Justice's opinions on the legality of the program."
The previous free trade agreements (FTAs) have been particularly troubling for Internet communications since they have required trading partners to treat all temporary reproductions of images and sound files in computer memory as copyright-infringing, but have not exported the fair use limitation of U.S. copyright law: a limitation that provides important balance within the U.S. system, as well as room for the American technology industry to innovate. As the Ninth Circuit recently affirmed in the Perfect10 v. Google decision, under U.S. law temporary copies necessary to enable end-user use of Internet technologies (such as search engines) are highly transformative, and thus non-infringing fair use. Given that, the FTAs appeared to require trading partners to adopt copyright laws that are inconsistent with, and more stringent than, current U.S. law.
As has been widely reported, Apple is embedding its customers' names and email addresses in the clear into files purchased from the iTunes Store. Apple has apparently been doing this for some time. Both the new iTunes Plus "DRM-free" downloads and FairPlay-restricted downloads are affected.
As Playlist explains, the name/email embedded into the file can easily be found with a couple terminal commands. And the iTunes software itself reveals the name/email of the purchaser in "info" pane for each song. In other words, anyone who later comes into possession of the song, and who knows where to look, will be able to see the original purchaser's name and email address.
There's nothing more fun than upgrading to a new version of your software. You get new bugfixes, new features, and, of course, the ever-fascinating release notes. That's where owners of ATI video cards will learn that the latest update to ATI's Catalyst drivers now offers"improved TV quality and Broadcast Flag support which enables full US terrestrial DTV support".
It's a little unclear from that README whether the new support is for a new, hardware revision of ATI's Theater 650 digital TV tuner, or simply a new software implementation of the digital TV copy control for current owners of the Theater 650. However you look at it, though, "broadcast flag support" is hardly an upgrade.
I don't think I could ever say anything as well as Cory Doctorow, as demonstrated by his spot-on (and engagingly written) editorial on Internet filtering (aka censorware) that appeared in the Guardian today:
[Censorware] firms are profiteers, waxing rich on the fears of the free world and the oppression of totalitarian states. They operate without transparency and without accountability, and hide behind the excuse that they only supply ratings, leaving firms and ISPs to do the dirty work of choosing which ratings to block - "we only load the pistol and aim it, it's the mayor/your boss/a librarian who pulled the trigger".
This article originally appeared in The Washington Post.
Copyright Silliness on Campus
By Fred von Lohmann
Wednesday, June 6, 2007; A23
What do Columbia, Vanderbilt, Duke, Howard and UCLA have in common? Apparently, leaders in Congress think that they aren't expelling enough students for illegally swapping music and movies.
The House committees responsible for copyright and education wrote a joint letter May 1 scolding the presidents of 19 major American universities, demanding that each school respond to a six-page questionnaire detailing steps it has taken to curtail illegal music and movie file-sharing on campus. One of the questions -- "Does your institution expel violating students?" -- shows just how out-of-control the futile battle against campus downloading has become.
- Google Street View -- Where's the Pro-Privacy Technology?
Even EFF attorneys get their privacy invaded by street-
- Face Non-Recognition Technology
An example of what privacy-protection in Google Street View
might look like.
- What Google Is Doing With Your Data
The secretive company reveals part of what it does with
your search term history.
- On the Receiving End
Ars Technica reports that another innocent person has successfully stood up to the RIAA's misguided lawsuit campaign. Tanya Andersen, a disabled single mother who was sued in 2005 by the RIAA, went to court to fight the accusations. Forensic researchers were unable to find any trace of illegal downloading on her computer, and both parties have now agreed to a dismissal.
Andersen was essentially exonerated of any wrongdoing and can now ask the court to make the RIAA cover her attorneys' fees. Meanwhile, she has filed a countersuit against the record industry.
Last week, we posted to say that iTunes Plus files seem to exhibit some strange variations above and beyond the widely reported fact that they contain the purchaser's name and email address/Apple ID. We've since had time to look at these files more closely, and we can say a little more about what's going on inside.
When a transpartisan coalition called for footage of the 2008 Presidential Debates to be placed in the public domain, or released under a Creative Commons license, only one network quickly stepped up. CNN agreed to make all footage available to the public for commentary, republishing, remixing, or other uses, ?without restriction.?
Recently, Washington Post reporter Ed O'Keefe got a CNN executive to explain on camera CNN?s reasons for its decision. Here's a transcript of the video:
We've warned that, once the REAL ID Act is implemented, uses of the standardized national ID and associated databases would inevitably expand far beyond their initial purpose and facilitate a wide range of surveillance activities. In fact, mission creep is already happening -- look no further than the immigration bill currently before the Senate, which would in effect require individuals to show a REAL ID or a U.S. passport in order to get a job.
REAL ID is fundamentally flawed and needs to be repealed, not expanded. Please find your Senators phone numbers here and tell them to support Senate Amendment 1236, the Baucus/Tester Real ID Amendment to S.1348, the Comprehensive Immigration Reform Act of 2007. The Senate could be taking up this amendment soon, so it's crucial that you take action now.
Last week, Congressional representatives threatened to subpoena information regarding the NSA's illegal domestic spying program. The Administration has repeatedly refused to comply with requests for documents including the President's orders authorizing the program and legal opinions related to it. It's long past time that Congress issued subpoenas and forced the Administration's hand.
The current state of patent law allows for all sorts of ridiculous claims that wouldn?t pass muster if basic common sense principles were applied. Here?s a particularly egregious example to ponder:
U.S. Patent No. 7,228,298
Apparatus and method for perusing selected vehicles having a clean title history
Assignee: Carfax, Inc.
Issued: June 5, 2007
Filed: September 3, 2002
Abstract: A system and method for allowing a consumer to search a database containing used vehicles from a variety of sellers that can be queried to provide search results that include only vehicles having clean title histories.
Here's Claim 1:
1. A method for perusing and searching used vehicles comprising:
Most people assume that consumers have a fair use right to time shift television to watch at a later time. As a result, lots of companies now sell digital video recorders (DVRs) that enable you to do this, including TiVo, and it's generally accepted that selling DVRs is perfectly legal (of course, the movie studios still don't like it, as demonstrated by their lawsuit against ReplayTV).
Should the answer be any different if a cable company gives subscribers the ability to record programs to a remote server, rather than to a hard drive sitting in the DVR in their living room?
A new generation of cable TV devices are on the way, but cable companies are working to ensure they can control innovation in novel features and limit your ability to use TV content.
Back in 1996, Congress directed the FCC to foster useful, competitive alternatives to cable providers' proprietary set-top boxes. That led to the creation of the CableCARD, which has helped open the digital cable set-top market to devices like TiVo Series 3 and Windows Media Center. Proprietary boxes still have a leg up on CableCARD devices because the latter can't access two-way services like Video-on-Demand or Switched Digital Video channels that cable operators plan to deploy, so a CableCARD successor is now in the works.
June 12, 2007
Senator Ellen Corbett
Chair, Senate Judiciary Committee
State Capitol, Room 3092
Sacramento, CA 95814
RE: A.B. 1484, Model State Trademark Law
Dear Senator Corbett,
The undersigned, a group of law professors, consumer advocates, and trademark lawyers practicing in California, write to express our deep concerns regarding AB 1484, the proposed revision to California?s trademark law.
The SPY Act is supposed to help stop spyware, deceptive adware, and other malicious software, but it is unlikely to do any good and could actually make things worse. If enacted, it would block lawsuits similar to the one EFF brought against Sony-BMG for infecting customers' computers with privacy-invasive copy protection. Don't let badware makers off the hook -- tell Congress to go back to the drawing board and draft a more sensible law.
Both the Federal Trade Commission and Department of Justice have said that they already have the authority they need to go after badware vendors, and this bill doesn't add any funds or significant tools for federal enforcement.
As EFF members will recall, we were part of a large coalition of groups that raised serious concerns about the introduction of Goodmail, an email authentication and certification service that charges those who send email to guarantee delivery, splitting the money with the ISPs who are supposed to delivery you your email.
What would HR 811 do? Among other things:
* Raise the floor, not create a ceiling. The higher standards required by HR 811 would provide the beginning, not the end, of serious election reform. States wishing to, say, ban all electronic voting machines, impose stricter audit requirements, or force vendors to publicly disclose all of their source code will remain free to do so, as they are today. If HR 811 becomes law, however, states would not be permitted to lag behind in many important areas as so many do today.
Discussions on streamlining ? or what some delegates are describing as ?downsizing? ? the set of 71 proposals into a shorter ?actionable? list are proceeding fairly expeditiously. The Chair, the Ambassador of Barbados, Trevor Clarke, is running this week?s meeting in much the same way he ran the last PCDA meeting in February. The 71 proposals are listed in Annex B to a report prepared by the Chair of the 2006 WIPO General Assembly, (the Manalo report) (see here and here), and are grouped into 6 clusters. Prior to this week?s meeting, the Chair assigned each Regional Group of countries the task of synthesizing a particular cluster of proposals.
According to the Washington Post, "An internal FBI audit has found that the bureau potentially violated the law or agency rules more than 1,000 times while collecting data about domestic phone calls, e-mails and financial transactions in recent years, far more than was documented in a Justice Department report in March that ignited bipartisan congressional criticism."
That report [PDF] painted a horror story, including massive abuses of so-called National Security Letters (NSLs). Before PATRIOT, the FBI could only use NSLs to obtain the records of suspected terrorists or spies. But under PATRIOT the FBI can use them to get private records about anybody without any court approval, as long as it believes the information could be relevant to an authorized terrorism or espionage investigation.
AT&T has announced plans to sell out its customers.
No, this time we're not talking about spying on telephone and Internet communications on the government's behalf. AT&T is now kowtowing to the entertainment industry and jointly developing undisclosed technical measures in yet another desperate attempt to stop "piracy."
On its face, this may seem reasonable, but problems arise once you start to ask hard questions about exactly what AT&T's up to.
A judge ordered [PDF] the FBI today to finally release agency records about its abuse of National Security Letters (NSLs) to collect Americans' personal information. The ruling came just a day after the EFF urged [PDF] the judge to immediately respond in its lawsuit over agency delays.
EFF sued the FBI in April for failing to respond to a Freedom of Information Act (FOIA) request about the misuse of NSLs as revealed in a Justice Department report. As we noted yesterday, more evidence of abuse was uncovered by the Washington Post, and EFF urged the judge Thursday to force the FBI to stop stalling the release of its records on the deeply flawed program.
With Senators once again attempting to push through immigration reform, check out Jim Harper's excellent article about how the proposal's employment verification section implicates your privacy. Along with expanding the scope of REAL ID before it's even implemented and effectively forcing all Americans to present this standardized national ID in order to get a job, Title III of the immigration bill would establish an "electronic employment verification system" (EEVS) that relies on an extensive government database filled with personal information.
THE NEW WIPO DEVELOPMENT AGENDA
PCDA Recommendations to 2007 General Assembly
(As adopted 9:38 pm June 15, 2007)
The PCDA decided to make the following recommendations to the 2007 General Assembly:
1. To adopt the recommendations for action in the agreed proposals contained in the Annex;
2. To immediately implement the recommendations contained in the list submitted by the Chair of the PCDA, in accordance with paragraph X of the Report of the Fourth Session of the PCDA;
3. A Committee on Development and IP be established immediately to:
a. develop a work-program for implementation of the adopted recommendations;
b. monitor, assess, discuss and report on the implementation of all recommendations adopted, and for that purpose it shall coordinate with relevant WIPO bodies;
c. discuss IP and development related issues as agreed by the Committee, as well as those decided by the General Assembly.
Forcing all state DMVs to issue new standardized drivers' licenses under REAL ID seems bound for catastrophe, and the federal government's recent passport delay debacle provides more reason to expect the worst.
According to the AP, "The State Department has been flooded with passport applications since new rules requiring passports for air travelers went into effect in January. The resulting backlog has caused delays of up to three months for passports and ruined or delayed the travel plans of thousands of Americans." The House of Representatives recently voted to delay the rules for 17 months.
Not even a week after AT&T announced plans to adopt undefined technical measures to stop "piracy," NBC Universal has asked [PDF] the FCC to declare that "broadband service providers have an obligation to use readily available means" (emphasis added) to stop copyright infringement. On the unintentionally funny-and-scary scale of one to ten, this is easily an 11.
The comments were submitted as part of the FCC's Notice of Inquiry about broadband policy. Most of the debate in this inquiry has focused around imposing "network neutrality" rules and limiting ISPs' ability to break the Internet as an open platform for innovation by discriminating against particular content and application providers.
A landmark bill that would require tough privacy and security safeguards for Radio Frequency Identification (RFID) tags in state-issued IDs sailed through the California Senate recently on a broad bipartisan vote. It's already over its first hurdle in the Assembly, and, if you live in California, we need your help to push it through.
Without proper protections, RFIDs in IDs can broadcast your private information to anyone and leave you vulnerable to tracking and identity theft. That's why EFF, the ACLU, the Privacy Rights Clearinghouse, and other groups have been working hard to get support for the Identity Information Protection Act (SB 30).
- Bush Administration Attacks 'Shield' for Bloggers
Should bloggers have "reporter's privilege"?
- Which ISPs Are Spying on You?
Wired News asks the major ISPs about what information they
gather on their customers.
- Watchdog Group Slams Google on Privacy
A watchdog group says Google's privacy policies are the
worst on the Internet.
- Yahoo's China Policy Rejected
Yahoo shareholders rejected plans for the company to adopt
When a company like Viacom sends more than 160,000 DMCA takedown notices to YouTube, there is a risk that some fair use "dolphins" will get caught along with the infringing "tuna." Well, another "dolphin" got caught up in the DMCA takedown driftnet. Thanks to the "hotline" established by Viacom at EFF's urging, however, this time the creators of the video were able to get the mistake corrected.
In May 2004, Sony opened up its own store for selling digital music: Sony Connect. From the start, the service was plagued with self-inflicted woes. Thanks to Sony?s use of DRM and a proprietary music format (ATRAC), music bought through Sony Connect could only be played on Sony?s expensive digital music players. And those devices came loaded with software that was awkward and hard to use.
Not surprisingly, Sony is rumored to be pulling the plug on Sony Disconnect, or at least downsizing it. In any case, the problems of Sony's premiere music service make a point that deserves emphasis: customers don?t like having their options limited and being herded into using poorly designed technology.
In April, a California court ruled that Kaleidescape did not violate its contract with the DVD Copy Control Association (DVD CCA) by distributing a device that rips and plays DVDs. But now the DRM licensing authority, which is mostly controlled by movie studios, is planning to change the contract and more clearly forbid DVD ripping.
This is a classic demonstration of what's wrong with DRM under the DMCA: it puts a licensing cartel in charge of innovation, and lets copyright holders block disruptive technologies at a whim. Only those tools that DVD CCA blesses can come to market. That's why there are still no mass market tools for backing up your DVDs or copying movies to portable devices, for instance.
A crucial meeting that will determine the future of the proposed WIPO Broadcasting Treaty has been underway this week at WIPO. WIPO' s Standing Committee on Copyright and Related Rights was scheduled to meet from 18-21 June, and then hold a Preparatory Conference on June 22, to agree the rules for the Diplomatic Conference scheduled for November. But at 8:45 pm last night, the U.S. delegation took the floor and said that it did not support moving forward to a Diplomatic Conference this year, on the grounds that there was so little agreement on a proposed text and key elements of what a Broadcasting Treaty should contain. Many Member States agreed that there was no prospect of coming to a consensus by week-end, including Brazil, India and the Africa Group.
Thousands of individuals and sixteen states have already told the federal government to dump the privacy-invasive REAL ID Act, which would standardize drivers' licenses into a national ID and create databases linking the records together. But instead of listening to the public, members of Congress are renewing their efforts to ram the unfunded mandate down everyone's throats. A provision smuggled into the major immigration reform bill would effectively force every American to present a standardized national ID in order to get a job and establish a huge "employment verification" system filled with personal information.
The proposal is set for a floor vote next week -- call your Senators now to stop the national ID expansion.
Please note that this is an unofficial version transcribed by the NGO coalition (Petra Buhr (IP Justice), Sherwin Siy (Public Knowledge), and Gwen Hinze (Electronic Frontier Foundation)), on the basis of Member States' comments in the afternoon session of June 22, 2007 at the SCCR S2 and as adopted 5:02 pm June 22, 2007.
WORLD INTELLECTUAL PROPERTY ORGANIZATION
Second Special Session of the SCCR
Geneva, June 18 to 22, 2007
of the Second Special Session of the SCCR
on the Protection of Broadcasting Organizations
prepared by the Chair
Following the decision of the WIPO General Assembly in its Thirty-third Session in September/October 2006, the Standing Committee on Copyright and Related Rights (SCCR) convened in the First and Second Special Sessions, from January 17 to 19, and from June 18 to 22, 2007.
Online free speech faces many threats today, but the Internet's incredible abundance and variety of expression might never have blossomed to begin with if the first major court battle had gone the wrong way.
Tuesday marks the ten year anniversary of the U.S. Supreme Court?s landmark decision in Reno v. ACLU, which recognized that free speech on the Internet merits the highest standards of Constitutional protection. EFF participated as both plaintiff and co-counsel in the case, which successfully challenged the online censorship provisions of the Communications Decency Act (CDA) of 1996. The Court?s decision -- its first involving the Internet -- was issued on June 26, 1997.
- Former FISA Judge Criticizes Wiretap Program
Judge Lamberth says "you can't trust the executive."
- Video of Judge Lamberth's speech:
- Justice Dept. vs. States on Phone Privacy
Can the feds stop states from investigating whether telcos
helped the NSA spy on Americans?
- Google Transparency
Google's new Public Policy Blog discusses... Google's
When the new music webcasting royalty rates kick in on July 15, your favorite station may sound just like it does today -- silent. A broad coalition of music webcasters turned their stations off today in protest of the Copyright Arbitration Royalty Board's recent rate ruling, which threatens to crush commercial services like Pandora as well as small and non-commercial webcasters.
Not all hope is lost, though. In 2002, an Internet radio day of silence helped spur Congress to reduce royalty rates and save small and non-commercial webcasters. Bills currently in the House and Senate would nullify the royalty ruling and bring some sensible changes to the rate-setting standards.
During a public speech last week, the judge who presided over the super-secret Foreign Intelligence Surveillance Court (FISC) from 1995 to 2002 criticized the Bush Administration's warrantless domestic surveillance.
Judge Royce Lamberth made a simple point that bears repeating: "[J]udges understand the war has to be fought, but it can?t be at all costs? We still have to preserve our civil liberties. Judges are the kinds of people you want to entrust that kind of judgment to more than the executive."
In other words, our system of checks and balances doesn't ? and shouldn't ? allow the executive to say "trust us" and get to spy on anyone and everyone at will.
Somewhere in his busy schedule ? in between writing brilliant sci-fi novels, commenting on the current state of copyright law and intellectual property, co-editing the popular blog BoingBoing, and teaching at USC ? EFF Fellow Cory Doctorow finds time to podcast.
Cory has been podcasting his fiction, reading his novels in serialized form that can be downloaded from his site as MP3, since 2005. Having mostly sped through his own work, he is now moving on to other people?s stuff, and he is starting with Bruce Sterling?s seminal book, The Hacker Crackdown.
Having voted to authorize subpoenas for information on the NSA spying program last week, the Senate Judiciary Committee has now officially issued them.
We've still got a long way to go before the privacy-invasive REAL ID Act is off the books, but yesterday's vote in the Senate may one day be seen as a critical moment on the road to victory.
A provision smuggled into the major immigration reform bill would have effectively forced every American to present a standardized national ID in order to get a job as part of a mandatory employment verification system. But by a vote of 52-45, the Senate refused to end debate on an amendment that would have ripped the REAL ID provisions out of the bill. And now it seems that the entire immigration bill reform package is on ice, at least for the foreseeable future.
Slashdot and Wired Compiler ran posts yesterday about Privatunes, a program that claims to remove personally identifying information from iTunes Plus files (the current version is closed source and Windows only, thought the site says that this will change in the future).
Privatunes 0.9 overwrites the user's name and address. Unfortunately, the Privatunes coders didn't read our last post about iTunes tracking data — aside from the name and email address, there are other fields that Apple, or a litigant that subpoenas Apple, could use to identify the purchasers of iTunes Plus files, even if they've been run through Privatunes 0.9.
Germany?s Federal Ministry of Justice has circulated a controversial draft bill (here in German only) that is bad news for online privacy. From preliminary reports it seems that it attempts to outlaw the ability to send anonymous email by ordering ISPs to retain data traceable to individuals, and requiring a passport from anyone attempting to set up a webmail account.
- Fair Use and Intellectual Property: Defending the Balance
- Free Speech
- UK Investigatory Powers Bill
- Know Your Rights
- Trade Agreements and Digital Rights
- State-Sponsored Malware
- Abortion Reporting
- Analog Hole
- Anti-Counterfeiting Trade Agreement
- Bloggers' Rights
- Broadcast Flag
- Broadcasting Treaty
- Cell Tracking
- Coders' Rights Project
- Computer Fraud And Abuse Act Reform
- Content Blocking
- Copyright Trolls
- Council of Europe
- Cyber Security Legislation
- Defend Your Right to Repair!
- Development Agenda
- Digital Books
- Digital Radio
- Digital Video
- DMCA Rulemaking
- Do Not Track
- E-Voting Rights
- EFF Europe
- Electronic Frontier Alliance
- Encrypting the Web
- Export Controls
- FAQs for Lodsys Targets
- File Sharing
- Fixing Copyright? The 2013-2016 Copyright Review Process
- Genetic Information Privacy
- Hollywood v. DVD
- How Patents Hinder Innovation (Graphic)
- International Privacy Standards
- Internet Governance Forum
- Law Enforcement Access
- Legislative Solutions for Patent Reform
- Locational Privacy
- Mandatory Data Retention
- Mandatory National IDs and Biometric Databases
- Mass Surveillance Technologies
- Medical Privacy
- National Security and Medical Information
- National Security Letters
- Net Neutrality
- No Downtime for Free Speech
- NSA Spying
- Offline : Imprisoned Bloggers and Technologists
- Online Behavioral Tracking
- Open Access
- Open Wireless
- Patent Busting Project
- Patent Trolls
- PATRIOT Act
- Pen Trap
- Policy Analysis
- Public Health Reporting and Hospital Discharge Data
- Reading Accessibility
- Real ID
- Search Engines
- Search Incident to Arrest
- Section 230 of the Communications Decency Act
- Social Networks
- SOPA/PIPA: Internet Blacklist Legislation
- Student Privacy
- Stupid Patent of the Month
- Surveillance and Human Rights
- Surveillance Drones
- Terms Of (Ab)Use
- Test Your ISP
- The "Six Strikes" Copyright Surveillance Machine
- The Global Network Initiative
- The Law and Medical Privacy
- TPP's Copyright Trap
- Trans-Pacific Partnership Agreement
- Travel Screening
- Trusted Computing
- Video Games