EFF Joins Mozilla, Fight for the Future, Public Knowledge and Others in Launching the Internet Defense League
Earlier this year, EFF worked with Internet defenders across the globe to beat back SOPA, a U.S. Internet censorship bill that would have sacrificed the free speech rights of users in the name of fighting online “piracy.” Concerted action by millions of Internet users killed SOPA, but we know that protecting online rights takes vigilance. In fact, SOPA supporters are already pushing their censorship agenda through new bills, secret international trade agreements, and “voluntary” agreements negotiated between Big Content and service providers. And the threats don’t stop there: our rights to communicate and browse the web in private are also at risk, thanks to proposed Big Brother surveillance measures.
We know that when we work together, we can protect our Internet. So, we’re joining with some of our friends from the anti-SOPA fight in creating the Internet Defense League to help Internet users, organizations, and companies fight back whenever online rights are threatened.
Here’s how you can be an Internet superhero
Sign up. If you have a website, the Internet Defense League will send you sample alert code to get working in advance. The next time there's an emergency, we'll tell you and send new code. Then it's your decision to pull the trigger.
Come celebrate with us. On Thursday July 19th, we’ll be celebrating Internet freedom at events in several cities. As Hollywood’s latest superhero movie opens in theaters for a midnight showing, IDL members in select cities can celebrate the launch around powerful spotlights rented for the occasion. The spotlights will beam the IDL’s “cat-signal” into the stratosphere, across obliging clouds, or onto neighboring buildings. Parties are being planned in San Francisco, New York, Washington, DC, London, and even Ulaar Bataar, Mongolia. If you'd like to host an event in your city but don't have the funds, send an email to our partners at Fight for the Future (include thoughts on the location, the kind of crowd you can draw, and other ideas). If you can self-fund an event in your city, don't bother donating, just email Fight for the Future.
EFF staff members will be at the Spotlight Party in San Francisco, so come say hello. Join EFF staff members Marcia Hofmann, Rainey Reitman, Parker Higgins, Mark Burdett, Adi Kamdar, Jillian York, and Trevor Timm at the San Francisco Spotlight Party on Thursday July 19. The event will get started at 8PM at the Mozilla Offices, 2 Harrison Street, 7th Floor. RSVP here
Good news, TV fans! Aereo, a startup that lets viewers watch broadcast TV over the Internet from tiny, personal antennas, can stay up and running - at least for now. Several television networks are trying to sue it out of existence, beginning with a motion asking a federal court to shut it down until a legal decision is reached. It's a typical move, and one that forces many innovative startups into bankruptcy long before any court has ruled on whether their business is legal. Last week, however, Judge Alison Nathan of the federal court in Manhattan denied the motion and made Aereo the first Internet TV business of its kind to live long enough to defend its business model.
This decision is a win for free TV viewers and for innovation, but it may be just one battle in a long war. Rather than continuing to fight in the district court, the networks have filed an appeal in the Second Circuit appeals court, where they may try to overturn the 2008 Fox v. Cablevision decision that has made New York a friendly place for Internet TV entrepreneurs.
Aereo was founded by serial entrepreneur Chaitanya Kanojia with funding from media mogul Barry Diller. As we've described, the company set up a large array of dime-sized TV antennas atop a Brooklyn warehouse, in sight of the transmitters on the Empire State Building. Each user is assigned a unique antenna, effectively rented from Aereo. The local TV programming captured by that antenna can be recorded or watched live on Internet-capable devices, all under control of the user.
The lawsuit, filed in May of this year, revolves around whether Aereo is making "public performances" of copyrighted TV shows. Copyright law gives owners the right to license, or stop, public performances. Private performances - like a family and friends watching a movie at home - are beyond the law's reach. The case is also a battle of metaphors: the TV networks say that Aereo is doing the same thing as a cable system, while Aereo (assisted by EFF and Public Knowledge in an amicus brief) claims that it is simply taking the place of a personal "rabbit ears" antenna and a personal video recorder.
Judge Nathan ruled that Aereo's system was similar to the Cablevision "remote DVR" system that the Second Circuit found legal in 2008. That system, which let cable subscribers record and play shows from a personal hard drive at the cable company's facility, was deemed to be making private performances - essentially a service that empowered TV watchers to do what they could do anyway with their own personal equipment. Judge Nathan distilled the Cablevision decision to three items: under Cablevision, a video transmission is "private" and outside of TV studios' control if
1. It comes from a unique copy made for each subscriber;
2. The transmission to the subscriber comes from that copy; and
3. No other subscriber can view a transmission from that copy.
Because Aereo's system also had these characteristics, the judge said that it too makes "private performances" and doesn't violate copyright.
Judge Nathan's ruling was tied very closely to the Cablevision decision, which she was required to follow. The judge's order made it clear that were it not for Cablevision, she would have shut Aereo down. On appeal, it's likely that the studios will try to convince the Second Circuit to overrule Cablevision or confine it to a narrow set of facts. That would be a big step backwards. Cablevision has made the Second Circuit (which encompasses New York, Connecticut, and Vermont) a good place for Internet TV innovation. It lets customers in those states choose what TV shows to watch and what technologies to watch it with - without the content owners having a veto over the technology makers. That's a win for everyone, and EFF will keep working to preserve it.
In Wake of Carrier IQ Scandal, Berkeley Study Shows Americans Have Serious Qualms About Mobile Industry Practices
On Friday, EFF filed comments with the Federal Communications Commission about the privacy and data security practices of mobile wireless service providers. Mobile privacy is an issue we've been increasingly concerned about in the wake of the Carrier IQ privacy scandal, which was part of the inspiration for our Mobile User Privacy Bill of Rights. Citing recent academic research as well as troubling industry practices, EFF called the FCC's attention to some of the major pitfalls in modern mobile privacy norms. We urged the FCC to consider consumer rights in evaluating carrier obligations to protect user privacy and called for more transparency about carrier data collection and retention policies.
Modern cell phones raise grave and well-known privacy and security issues. A recent UC Berkeley study of Americans' use of mobile phones and privacy
found widespread understanding that sensitive personal information such as text messages, contact lists, and voicemail is stored on phones, and that substantial percentages of respondents with smartphones used them to engage in activities that might generate sensitive information, including visiting websites, using social networks, and using location services.... These activities can reveal communications with circles of contacts, health-related or other personal research queries, and a wide variety of intellectual and political interests, to name just a few revealing types of information.
The UC Berkeley study also found that Americans generally dislike the idea that carriers retain location data: 46% responded that carriers should not retain such data at all, while 28% answered that location data should be kept for less than a year. Obviously, Americans believe that this data should be private, and thus carrier retention policies do not meet the ordinary consumer's needs.
Current industry practices also raise concerns about the security of data on the device itself, which can be compromised by current carrier practices of delaying or even blocking security updates. EFF reported on this problem in 2011, noting that "[a]lthough Apple, Google, and Microsoft should develop security fixes faster, they are fundamentally limited by carrier intransigence."
These factors and others contribute to the perfect storm that allows companies to disregard the privacy of their users and gives users meager meaningful choice when it comes to safeguarding their data on mobile devices.
The FCC solicited feedback on mobile device privacy, and this is our first submission in the current round of filings. We expect to file reply comments at the end of the month. Read more about the FCC process or submit reply comments yourself.
In Bahrain and Oman, netizens are coming under fire once again. In Bahrain--where opposition activists have frequently been detained and maligned on social networks--Nabeel Rajab, president of the Bahrain Center for Human Rights, a fellow member of IFEX, wassentenced on July 10 to three months in prison for a tweet. Rajab was arrested in May and charged with inciting protest on social networks. After being released on bail, he was then arrested again on June 6 on charges of "insulting in public" after tweeting for Bahrain's rulers to step down. Rajab has been persecuted by the Bahraini government for more than a year for his activism as part of their broader crackdown on opposition. EFF once again calls on the international community to condemn the persecution of bloggers and citizen journalists at the hands of Bahrain's regime.
In neighboring Oman, where a spate of netizen arrests have occurred in the past year, four young men have received similarly harsh sentences for content posted to social networks. Hamoud Al Rashidi was sentenced to six months in prison and a fine of 200 rials, while Hamad Al Kharousi, Mahmoud Al-Rawahi, and Ali Al-Mikbali were all sentenced to one year in prison and a fine of 200 rials, all for "defaming" ruler Sultan Qaboos on social networks. Al Rashidi was convicted under Article 126 of Oman's Criminal Law, which criminalizes defamation of "His Majesty the Sultan or his authority publicly." The other three men were convicted under Article 126 and Articles 16 and 19 of Oman's Cybercrime Law. EFF condemns the sentencing of these four men and calls on the Omani authorities to immediately overturn the convictions.
Maldivian Blogger Attacked; Government Denies Political Motivation
Long before Egypt's infamous blackout, the Maldives was the first country to cut off Internet access to its citizens. In 2004, then-President Maumoon Abdul Gayoom cut off access in the wake of protests against his ruling regime. Although press freedom improved in the country following the end of Gayoom's 30-year rule in 2008, attacks on journalists have increased since demonstrations in January that resulted in the ousting of President Mohamed Nasheed.
Most recently, the country's best known blogger, Ismail Rasheed (more commonly known as "Hilath"), was stabbed in the throat and forced to flee the country. Though Rasheed, who has received death threats in the past has blamed the attack on Islamists, a Maldivian government spokesperson told the AFP that the attack had "nothing to do with religious extremism or his work as a journalist" and was the work of a rival gang. Another official condemned the stabbing but implied that Rasheed should have known he was a target, stating: "We are not a secular country. When you talk about religion there will always be a few people who do not agree."
Malaysian Blogger Detained; Government Invokes State Secrets Act
In Malaysia, where the Internet is uncensored but still far from free, blogger Syed Abdullah sits in jail awaiting charges following a complaint filed by thirty people claiming 64 of the blogger's articles were a "provocation, incitement, and insult" to the Sultan of the state of Johor. The blogger was arrested at a toll booth on July 4 and has remained in police custody since. According to the Committee to Protect Journalists, officials are currently investigating the complaint and could charge Abdullah under the Official Secrets Act, which provides for harsh sentences for the dissemination of information classified as a state secret. If charged and found guilty, the blogger could face up to seven years in prison.
Human Rights Watch Releases New Study of Iraq's Proposed Cybercrimes Law
EFF has written before about Iraq's harsh proposed informatics crime law, which includes mandatory life sentences for vague "crimes" such as "compromosing the unity of the state" online. Now, a new 16-page report from Human Rights Watch provides detailed legal analysis of the bill and finds that the draft law is part of "a broad effort by Iraqi authorities to suppress peaceful dissent by criminalizing legitimate information sharing and networking activities." A second reading of the law by Iraq's Council of Representatives is expected this month. EFF will continue to monitor this egregious bill closely.
We just received new information today about drone flights in the United States, including extensive details about the specific drone models some entities are flying, where they fly, how frequently they fly, and how long they stay in the air. The 125 drone certificates and accompanying documents the FAA released today total thousands of pages and were released in response to EFF’s Freedom of Information Act lawsuit, which has already uncovered the list of all entities licensed to fly domestic drones.
The 18 entities represented in the files include police departments from Seattle, Washington to North Little Rock, Arkansas; about 10 public colleges and universities; a few federal agencies, including the USDA and the Department of Energy—Idaho National Lab; and other entities like the City of Herrington, Kansas and the Mississippi Department of Marine Resources. For every entity, the files include the actual Certificate of Authorization (COA) application information submitted to the FAA (for each entity, that file is called "COA.xls"), and many other supporting records. The files go back several years and include COAs for every year that the entity has had drones. For some entities this is as early as 2004.
We’ve included the records below in zipped folders separated by entity. Given how voluminous the records are, we’ve only been able to perform a cursory review so far. We plan to review them in more detail over the next week and post analysis here once we do. In the meantime, we encourage you to download the files and find out more about the drones flying near you.
The FAA documents we received mainly address saftey issues with drone flights, but there are still many unanswered questions about the privacy implications of drones. EFF is asking the Internet community to help us push for more transparency around the use of drones for domestic surveillance. We're proud to be teaming up with MuckRock in this initiative. If you are curious about how your local law enforcement agency may be using drones to surveil Americans, please visit Muckrock's site to submit an online public records request.
This week, comments from Democratic Senators, a panel of witnessses, and the director of the National Security Agency (NSA) called on the Senate to enact cybersecurity legislation. But a new poll shows that Americans don't want to sacrifice civil liberties by allowing unfettered data exchanges between corporations and the government. Discussions this week were part of an effort to break the partisan stalemate over the Cybersecurity Act, a bill that would allow Internet companies to monitor the sensitive communications of users and pass that data to the government without any judicial oversight. The Cybersecurity Act would also give companies the right to "modify or block data packets" if they do it with "defensive intent," while offering little in the way of liability for companies that overstep their authority.
In response to ongoing delays in passing the bill, backers of the Cybersecurity Act have been attempting to drum up fears about catastrophic cyberattacks. Yesterday, Senators Sheldon Whitehouse and Richard Blumenthal called on the Senate to enact cybersecurity legislation despite the ongoing civil liberties concerns with the proposed legislation. Speaking to the Senate, Senator Blumenthal warned of doomsday scenarios, saying: "The consequences of a debilitating attack will be catastrophic for our nation."
Speaking in a similar vein earlier this week, Army Gen. Keith Alexander, head of the Pentagon's Cyber Command, gave a speech cautioning against potential terrorist cyberattacks and warned that, "The conflict is growing, the probability for crisis is mounting." In response to civil liberties concerns, Alexander stated: "The reality is we can do protection of civil liberties and privacy and cybersecurity as a nation." This is a particularly ironic statement because Alexander, as director of the NSA, oversees the warrantless surveillance program begun by the Bush Administration which collects en masse the Internet communications and communications records of millions of Americans (like browsing habits, emails, and chats).
And in a hearing yesterday morning before the Senate Homeland Security and Governmental Affairs Committee, witnesses who testified (which included no representatives from the civil liberties community1) urged passage of a cybersecurity bill. RAND Corporation's Brian Michael Jenkins said that it was more important to "get these things moving" than to find "the absolute perfect legislation."
We couldn't disagree more. While the perfect should never be the enemy of the good, cybersecurity legislation enacted in haste today could undermine the civil liberties of Internet users generations from now. Congress must take time to ensure all legislation it passes won't undermine fundamental online rights. None of the current cybersecurity proposals come close to fitting that criteria.
There was one bright moment in the hearing yesterday. In his written testimony (PDF), Dr. Stephen Flynn of Northeastern University called on the government to "resist the secrecy reflex" when it comes to security issues, adding:
[S]trict rules that preclude the sharing of homeland security information with unvetted individuals too often translates into leaving essential expertise on the sidelines. Even when security information is shared with vetted company security officers, they are precluded from passing along the details to their bosses who do not hold active security clearances. As a result, investment and operational decisions are often made with scant attention paid to the potential security stakes. The federal government should make a concerted effort to increase transparency with the broader public as well.
This week also saw the publication of a new survey that shows that the majority of Americans don't want to sacrifice their online privacy in the name of cybersecurity. A United Technologies/National Journal Congressional Connection Poll found that 63% of those polled believed government and businesses should not be allowed to share information because it would hurt privacy and civil liberties.
In fact, the United Technologies/National Journal poll found that Americans were concerned about cybersecurity—67% of those surveyed were worried about the country's computer networks—but that didn't translate into support for proposals that could undermine online privacy rights. This matches with EFF's own stance. EFF has long advocated for better computer security through projects like our free HTTPS Everywhere browser add-on, our security audit of open source software, and our ongoing coverage of Syrian state-sponsored malware. But while we understand and appreciate security issues, we don't believe that safeguarding networked devices necessitates eviscerating all existing privacy law. Any cybersecurity proposal that gives the government free rein to snoop through our private communications without a warrant is the wrong solution.
The United Technologies/National Journal poll also reflected the party-line disagreements that have helped stall progress on cybersecurity legislation. While Democratic respondents were divided on the role of government regulation in cybersecurity issues, a large majority of Republicans and independent responders to the poll opposed government standards.
Unfortunately, our elected officials are doing little to assuage the concerns of Americans who cherish their online civil liberties. Senate Majority Leader Harry Reid has threatened to bring the issue to the floor for a vote before the end of July, leaving concerned citizens only a few weeks to speak out against the major privacy implications of this sweeping legislation. EFF is asking individuals to email Congress through our online form or call your Senator to urge them to oppose cybersecurity legislation that sacrifices online privacy.
1. Witnesses were Michael V. Hayden (Chertoff Group), Brian Michael Jenkins (RAND Corporation), Frank J. Cilluffo (Homeland Security Policy Institute, George Washington University), Stephen E. Flynn, Ph.D. (George J. Kostas Research Institute for Homeland Security, Northeastern University). See more here.
Today, the Fifth Circuit Court of Appeals affirmed a district court order imposing sanctions on Evan Stone, attorney for adult film producer Mick Haig Productions, who improperly issued subpoenas without leave of court to ISPs seeking the identities of anonymous subscribers in a mass end-user copyright infringement case.
The Mick Haig lawsuit was hardly unique, with Stone attempting to, in the words of the Court of Appeals, "repeat his strategy of suing anonymous internet users for allegedly downloading pornography illegally, using the powers of the court to find their identity, then shaming or intimidating them into settling for thousands of dollars -- a tactic that he has employed all across the state and that has been replicated by others across the country." EFF has been a leader in opposing such "copyright troll" cases and will continue to fight against them. These lawsuits are fraught with legal deficiencies that short-cut the privacy and due process rights of Internet users in the name of generating settlement income for plaintiffs instead of actually vindicating valid claims through the proper use of the legal process. What was new in the Mick Haig case was what district court Judge David Godbey described as Stone's "staggering chutzpah": Stone issuing subpoenas on his own without court permission, even though the court appointed EFF and Public Citizen to brief him on the relevant legal questions and even though Stone continued to argue that he should be able to proceed, all the while obtaining subscriber information from ISPs and (apparently) sending threat letters to subscribers directly.
In today's ruling, the Court of Appeals held that Stone had waived all of his various (meritless) arguments such as that he could have issued a different kind of subpoena to obtain the subscriber information, that sanctions couldn't be issued under the specific Federal Rules cited by the district court, and that EFF and Public Citizen lacked standing to bring a sanctions motion. Moreover, the Court held that "no miscarriage of justice will result from the sanctions imposed as a result of Stone’s flagrant violation of the Federal Rules of Civil Procedure and the district court’s orders."
Lifting the temporary stay that it had earlier granted during the pendency of the appeal, the Court of Appeals affirmed the sanctions award ordered by the district court. In addition to paying a $10,000 sanction to the court, the sanctions award ordered that:
1) Stone shall serve a copy of this Order on each ISP implicated and to every person or entity with whom he communicated for any purpose in these proceedings.
2) Stone shall file a copy of this Order in every currently-ongoing proceeding in which he represents a party, pending in any court in the United States, federal or state.
3) Stone shall disclose to the Court whether he received funds, either personally or on behalf of Mick Haig, and whether Mick Haig received funds for any reason from any person or entity associated with these proceedings, regardless of that person’s status as a Doe Defendant or not, (excepting any fees or expenses paid by Mick Haig to Stone).
4) Stone shall pay the Ad Litems’ attorneys’ fees and expenses reasonably incurred in bringing the motion for sanctions [in the amount of $22,040].
Also lifted is a stay on a subsequent contempt sanctions order -- imposed by Judge Godbey when Stone failed to comply with the initial sanctions order -- ordering Stone to pay $500 into the court registry per day "for each day he delays compliance with the Sanctions Order."
Stone's behavior was indeed some of the most flagrant ever seen in this space, a difficult feat with the bar already set so low given the standard intimidation and shame tactics used in many of these cases. Hopefully, the Fifth Circuit's order will help deter at least some of the most extreme abuses used by copyright troll litigants.
To summarize the staggering chutzpah involved in this case: Stone asked the Court to authorize sending subpoenas to the ISPs. The Court said “not yet.” Stone sent the subpoenas anyway. The Court appointed [EFF and Public Citizen] to argue whether Stone could send the subpoenas. Stone argued that the Court should allow him to – even though he had already done so – and eventually dismissed the case ostensibly because the Court was taking too long to make a decision. All the while, Stone was receiving identifying information and communicating with some Does, likely about settlement. The Court rarely has encountered a more textbook example of conduct deserving of sanctions.
There is a new campaign centered on blogger Hussein Ghrer—who was arrested along with other bloggers and colleagues, including Ghazzawi, in a raid on the Syrian Center for Media and Freedom of Expression (SCM) in February and is still in prison. The campaign, which is available in several languages, aims to draw attention to Ghrer's announcement of an indefinite hunger strike to demand his unconditional release. Ghrer's nearly five-month long detention exceeds the maximum legal limits for incarceration without referral to court, which under Syrian law is 60 days.
The campaign to free blogger Hussein Ghrer
Though the campaign is focused on Ghrer, Syrian blogger Yazan Badran wrote yesterday: "Make no mistake, #FreeRazan, #FreeBassel or #FreeHussein, all mean the same thing: We want them back, we want them all." Indeed, bloggers and activists continue to campaign for the release of Bassel Khartabil. (Though Ghazzawi remains under threat, she is currently not being held in detention.)
The target of these campaigns is to raise awareness, as several bloggers who have been detained and then released from Syrian prisons have reported their belief that the media attention they received helped them to evade torture. Activists have created several campaign images and are encouraging users on Twitter and Facebook to use them as avatars. They are also utilizing the Twitter hashtag #FreeHussein.
EFF adds our voice in support of the campaigns to free Hussein Ghrer and Bassel Khartabil. And to the families of all the bloggers, netizens, and video activists who have lost their lives in the Syrian conflict, we offer our condolences: their voices will not be forgotten.