Peabody Energy is at it again, trying to stifle critical speech intended to call attention to the company's practices. Last year, Peabody tried to intimidate a website that spoofed the Peabody-sponsored "Consortium for Clean Coal Utilization (CCCU)." This week, Peabody targeted a website that focused on concerns about the impact of Peabody's activities on children's health. The site ostensibly had Peabody offer a free inhaler to any family living within 200 miles of a coal plant, stating:
Why Free Inhalers? Because COAL CARES. Coal Cares™ is a brand-new initiative from Peabody Coal, one of America's proud family of coal companies, to reach out to American youngsters with asthma and to help them keep their heads high in the face of those who would treat them with less than full dignity. For kids who have no choice but to use an inhaler, Coal Cares™ lets them inhale with pride.
It's a brilliant bit of identity correction but Peabody, once again, was unable to take a joke. On Wednesday, Peabody's lawyers sent a letter demanding that its name be removed from the website. And that meant that EFF, once again, was forced to explain that this kind of biting, funny political activism is also legally protected free speech. The legal analysis is not hard: the trademark fair use doctrine and the First Amendment both protect the use of Peabody's trademarks as a necessary part of political commentary. Moreover, the site was entirely noncommercial and several courts have held that noncommercial uses are exempt from federal trademark infringement claims (and for you law geeks, they are also statutorily exempt from dilution claims). As one court recently held in a similar "identity correction" case:
The Lanham Act regulates only economic, not ideological or political, competition . . . “Competition in the marketplace of ideas” is precisely what the First Amendment is designed to protect.
But these activists aren't about to be intimidated by a scary lawyer letter. Instead, they provided an additional response that noted that Peabody had a point, just not the censorship one it had tried to make. As they said in a statement today:
Your threat, although entirely baseless (see this response, and the EFF's blog post later today), did make us realize one thing: that Peabody, despite being our country's largest coal producer, and one of the largest lobbyists against common-sense policy, accounts for a mere 17% of U.S. coal production. . . .
As even you may agree, the root of the problem is not Peabody, but rather our system of subsidies, regulations, and lobbying that lets your whole industry continue its lethal work. To make this clear, we have changed every instance of the word “Peabody” on www.coalcares.org to a rotating selection of the names of other large U.S. coal producers who, like Peabody, also need to be stopped from killing kids.
We'll see if Peabody's industry partners appreciate the humor, and the political criticism, better than Peabody did. Even if they don't, the lesson is clear: the best response to critical speech is more speech, not legal threats.
When governments and companies assemble on an international level to discuss "Internet freedom," EFF's policy experts go on alert. All too frequently, government-level discussions about Internet freedom turn into opportunities to discuss tangential issues, many of which have negative implications on online freedom: laws and policies promoting censorship and surveillance on the Internet. With that in mind, EFF attended the Council of Europe (CoE) meeting on Internet Freedom: From Principles to Global Treaty Law? to ensure that European countries’ fundamental values--human rights, democracy and the rule of law--are upheld. EFF went in prepared to fight any attempt to promote pervasive spying proposals or government attempts to control the Internet. The Council of Europe largely succeeded in fostering a positive, rights-centered tone at the meeting. However, EFF remains concerned about the demonstrated support for a dangerous "cybercrime" initiative that invites online surveillance abuses.
Over 150 participants attended the meeting, including representatives from governments, companies and civil society. The Council of Europe’s expert group on cross-border Internet proposed a set of draft principles--ten ideas intended to guide countries' national and international Internet-related policies, norms, and rules. At the moment, the draft principles state that Internet governance arrangements must ensure the protection of user rights and freedoms in accordance with international human rights standards and the rule of law. Moreover, the draft states that the European Convention on Human Rights, one of the leading international legal instruments protecting human rights, “[applies] to the Internet and, more generally, to the information society as a whole in the same way as [it applies] to offline activities.” Notably, the expert group's decisive stand in favor of human rights principles did not inspire the kind of heated arguments that typically accompany the inclusion of human rights language in international policy documents in othervenues. The draft included no references to abusive surveillance measures, and, overall, EFF is looking forward to hearing more discussion about how this set of principles will be applied in the real world.
Amidst the discussion of human rights and public interest Internet policy principles came an inspiring real-world example from Birgitta Jonsdottir, an Icelandic member of parliament who is fighting to transform Iceland into a free-speech haven. She is currently battling a US government attempt to collect her Twitter records as part of an investigation into Wikileaks. Flanked by US government representatives on her panel, Jonsdottir gave a stirring presentation on the Icelandic Modern Media Initiative (IMMI) and its promise to protect free expression for journalists and whistle-blowers from all over the world. IMMI is promoting an Icelandic law that will create a supportive jurisdiction for the publication of investigative journalism and other threatened online media. The Initiative is garnering increasing support: the European Parliament passed a resolution “to position [Iceland and the EU] strongly as regards to legal protection on freedom of expression and information,” a position that will surely bolster IMMI’s work.
The meeting did, however, play host to the kind of dangerous surveillance rhetoric we worry about when countries gather to discuss Internet freedom. Speaking to the conference via pre-recorded web video, the CoE Secretary General issued a troubling statement referring to the Convention on Cybercrime as “the only convention in the world to protect people on the Internet.” "Cybercrime" is a buzzword typically used in combination with plans to give law enforcement entities more power to surveil users online, a policy package that can also endanger citizen privacy in developing countries where weak judicial powers and low legal safeguards make it easy for democratically elected leaders to abuse online surveillance capabilities.
We were equally uncomfortable when the US government representative referenced Hillary Clinton’s February 2011 speech on "Net freedom"; a speech that, for all of its laudable commitment to a free and open Internet, regrettably endorsed the Budapest Cybercrime Convention’s overbroad surveillance powers and lack of legal safeguards and more broadly pledged to support efforts of other nations to bolster their "cybercrime" law enforcement capacity. The pitfalls in these initiatives to help others nations' law surveillance capabilities are only beginning to be made apparent; we have recently seen how the Paraguayan government sought US government assistance in spying on its political enemies.
The CoE is not yet looking at a global treaty and has made clear on its website that these principles can be formalized into a "soft law" framework of voluntary practices. Governments, businesses and civil society groups should reflect deeply about the CoE draft principles that might guide the development of national and international policy. In addition, policymakers and NGOs should compare all of the various proposals that are being hatched in other governmental and intergovernmental organizations to determine which have the most powerful and unequivocal language for protecting human rights. The Dynamic Coalition on Internet Rights and Principles at the United Nations Internet Governance Forum (IGF) could be a productive locus for this work; they are an open network of individuals and organizations that have shown a robust commitment to upholding human rights on the Internet and upholding the right to anonymity.
Safeguarding users’ rights is easier said than done, particularly when governments' complex demands are debated at an international scale. But EFF in Europe (working with fellow travelers, like EDRi) will continue to demand that governments protect Internet rights online and preserve an open and free Internet for all, and we will continue to keep the public informed on how this discussion evolves.
Update: An official Senate version of the draft PROTECT IP Act has been released and is available here. This version changes the “interactive computer services” language mentioned in our post below to “information location tools,” a term that points back to section 512(d) of the Digital Millennium Copyright Act. In that context it’s been generally understood to refer to search engines, though there’s no guarantee we wouldn’t see efforts to expand the definition in actions under this bill. But in any case, requiring search engines to remove links to an entire website raises serious First Amendment concerns considering the lawful expression that may be hosted on the same domain.
- - - - - - - - - - - - -
Last year’s rogue website legislation is back on the table, with a new name: the "Preventing Real Online Threats to Economic Creativity and Theft of Intellectual Property Act of 2011"or (wink, wink) "PROTECT IP". The draft language is available here.
The earlier bill, which failed to pass thanks largely to a hold on the legislation placed by Senator Ron Wyden of Oregon, would have given the government dramatic new copyright enforcement powers targeted at websites "dedicated to infringing activities," even where those websites were not based in the United States. Despite some salient differences (described below) in the new version, we are no less dismayed by this most recent incarnation than we were with last year’s draft.
First, the legislation now includes a private right of action for intellectual property owners. This means that IP owners as well as the government can seek injunctions against websites "dedicated to infringing activities" in addition to court orders against third parties providing services to those sites. (Notably, IP owners can also bring actions to enforce the court orders.) Consider whether Viacom would have bothered to bring a copyright infringement action against YouTubewith the attendant challenges of arguing around the DMCA safe harborshad it had this cause of action in its arsenal. The act includes language that says it's not intended to "enlarge or diminish" the DMCA's safe harbor limitations on liability, but make no mistake: rights holders will argue that safe harbor qualification is simply immaterial if a site is deemed to be dedicated to infringement.
Second, the scope of the language has been expanded to include additional categories of third-party providers that can be subject to court orders. Under the new act, "interactive computer services" and "servers of sponsored links" can be required to cease linking to particular websites. We'd heard about a potential "search engine provision," but these additions arguably go much further. An interactive computer service (the term, and its definition, are borrowed from the Communications Decency Act) could include not only Bing but also sites like Facebook, Twitter, and potentially any service or web page where a URL might turn up.
Court orders against interactive computer services don't apply in every context, though. The new version of the bill includes what appear to be some redundant and some alternative remedies where "nondomestic" domains are involved, remedies that are available in actions by the Attorney General but not private actors. (In the language of the bill, a "nondomestic" domain is one "for which the domain name registry that issued the domain name and operates the relevant top level domain, and the domain name registrar for the domain name, are not located in the United States.") The main distinction seems to be that interactive computer services can be ordered to stop linking only in actions brought by the Attorney General against nondomestic domains, but not in actions brought by the Attorney General against domains that are not nondomestic, nor in any actions brought by private plaintiffs.
Also, the new language no longer requires explicit action on the part of domain name registries and registrars, although it still reaches operators of nonauthoritative domain name system servers. Because of Immigration and Customs Enforcement’s ongoing practice of seizing domain names by prevailing on registries and registrars, however, the revision doesn’t seem all that meaningful. EFF denounced the earlier bill for its potential dangerous effects on the Internet's domain name system, and we’ll discuss the implications of the current legislation for DNS in more detail in a future post.
Finally, the bill now requires any potential plaintiffwhether it's the government or an IP ownerto make some attempt to identify a person or entity in connection with the infringement before proceeding against the domain name itself. The effort to inject a little due process into the mix is a good step, but it falls far short of the mark given the potential implications of these actions for online speech.
We’re still chewing through the issues, but on balance, it's clear PROTECT IP is no improvement on COICA.
Earlier this month the FBI, DEA and the Department of Justice Criminal Division responded to our FOIA litigation for records related to the Department of Justice’s controversialefforts to push Congress to expand the Communications Assistance to Law Enforcement Act (CALEA).1 Although the agencies stated in their court filings (here, here, and here) that they had thousands of pages of records, so far they have only turned over a few hundred pages (and the DOJ Criminal Division has yet to give us any documents). The documents we received — emails, briefing documents and powerpoint presentations — are heavily redacted and still fail to provide any specific details—including technical details — on the purported surveillance problems the government claims require expanding the law.
We discuss the FBI’s documents below and will be writing more about the DEA’s documents in a later post. (As noted, the DOJ Criminal Division has failed to release any documents so far.)
The FBI produced several hundred pages of heavily redacted documents and completely withheld several hundred pages more. As we mentioned in an earlier post about FBI lying to a federal court in another FOIA case, the Bureau has claimed much of the information in these documents is “outside the scope” of EFF’s FOIA request—even though it appears that the material blocked out directly relates to the subject of our request (see example).
Nevertheless, the information we can read in the documents still fails to make the case that the FBI needs any expansion to CALEA, much less back doors into our communications services like Skype, Google Talk or Blackberry.
While several emails and slides discuss at a high-level the problems the bureau is facing, the FBI has still withheld important information that would flesh out the details of these problems. For example, several emails discuss a company or companies that may not be complying with intercept orders (see, for example, EFF/Lynch 25-26, 29, 33 and 402). However, the FBI has redacted important information about the problems it has faced and the name(s) of the compan(ies) involved. This is also true for several presentations we received, as well as a counterintelligence memo sent to 13 branch offices. For example, a slide titled “Challenges and constraints faced by Law Enforcement” (EFF/Lynch 76) is almost completely blank. Similarly, the “recent examples” section of several slides titled “Legislative and Policy Challenge” (EFF/Lynch 95-102), has been blocked out (see example above). And all pages of the counterintelligence memo, which cryptically mentions a VoIP provider that could be Skype, are either almost completely redacted or withheld in full. (see EFF/Lynch 275-285)
The documents FBI released recently in response to our “Going Dark” FOIA request are even less informative. For three separate documents, the agency has only included the cover page, including a whitepaper from July 2008 titled “‘Going Dark—Law Enforcement’s Need to Preserve Lawful Interception Capabilities” (Going Dark 1443) and two attachments to a redacted document titled “The Going Dark Initiative” that discuss specific legislative proposals in response to the “Going Dark Problem.” (see Going Dark 146) In each case, all pages that might possibly explain the FBI’s rationale and need for “Updating and Improving Federal ELSUR [Electronic Surveillance] Laws and Assistance Mandates” have been withheld in full. (see Going Dark 147-148).
Finally, the FBI has redacted important information from a questionnaire on surveillance activities that appears to have been shared with Congress and was intended to include only “high-level unclassified information.” (Going Dark 59-67)
It doesn’t appear from the records we have received so far (at least from the parts that aren’t redacted) that the agency has been crippled by the “Going Dark Problem” or that “the bad guys” have gotten away. In fact, in the two concrete examples not fully redacted (and these are the same examples FBI Director Mueller used to justify his call for expanding CALEA in an October 2010 speech) the agency was ultimately successful. In “Operation Achilles” the FBI “broke up an international online child porn and exploitation ring in 2008 that used anonymizers and encryption services to conceal their activities.” And in a cocaine bust that suffered from electronic surveillance problems “creat[ing] delays and prevent[ing] the interception of pertinent communications,” the agency was still able to obtain an indictment. (EFF/Lynch 130).
The records we have received fall far short of justifying any amendment to CALEA, much less the broad expansion the Department of Justice appears to be seeking. Without any specific details about the agency’s claimed problems trying to execute intercept orders, Congress and the public should be wary of any claim that expanding CALEA to apply to additional electronic communications service providers is an appropriate solution to the FBI’s supposed "Going Dark" problem.
The documents referenced in this blog post are available below. You can also check out all the documents from the case on our main CALEA FOIA page.
FBI's First Release of Documents Responsive to EFF's CALEA FOIA Request (pp. EFF/Lynch 1-285).
FBI's Second Release of Documents Responsive to EFF's CALEA FOIA Request (pp. EFF/Lynch 290-366).
FBI's Final Release of Documents Responsive to EFF's "Going Dark" FOIA Request.
1. CALEA currently requires telecommunications and broadband providers' systems to be technically capable of complying with intercept orders. Law enforcement has been lobbying for Congress to expand those requirements to require surveillance backdoors into any electronic communications service offered over the Internet, be it Gmail or Facebook or Skype or any other.
2. These pages refer to the numbers at the bottom of each page in the FBI's CALEA documents.
3. These pages refer to the pdf page numbers in the FBI's "Going Dark" documents (unlike with the CALEA documents, the FBI did not individually number the pages).
EFF is thrilled to announce the newest member of our international team, Jillian York. Jillian is the Director for International Freedom of Expression -- an always-critical issue that has come into sharp relief over the last few months with the events in Egypt, Tunisia, Syria, and beyond.
Jillian comes to us from Harvard's Berkman Center for Internet & Society, where she worked on the OpenNet Initiative and Herdict projects. Jillian is a longtime blogger and activist, and is well known for her research and insight into Internet filtering at the government level, the policing of content in corporate online spaces, and digital activism. Jillian writes for and is on the board of directors of Global Voices, and is a regular columnist for Al Jazeera.
We are very pleased that Jillian is joining our international team during this critical time for global freedom of expression issues. This year, we've seen how the Internet and social networking tools have given activists around the world new platforms to interact, organize, and spread their message well beyond their countries' borders. But these digital platforms also provide authoritarian governments with ways to expose and potentially retaliate against these activists. This is extraordinarily important work and Jillian will be a valuable resource for EFF and international activists. Welcome Jillian!
Google announced today that it will join Amazon in offering consumers a cloud-based music locker service. Google’s news, which had been rumored for some time, presents an opportunity to both answer and ask some questions about the future of the music industry.
Those questions make clear that while services like these do improve the ability for fans to access their music, they still only get us a little bit closer to the larger goal: making sure artists get paid and fans are happy.
Do music locker services violate current copyright laws?
Unlike streaming services, such as Rhapsody or Mog, Google’s and Amazon’s music lockers allow users to upload their own music files and then access those files from either the Internet or devices equipped to run those companies’ programs (in Google’s case, that means a phone running the Android operating system).
For this kind of personal locker, Amazon and Google believe they don’t need licenses from record labels that own copyrights in the songs – and we agree. Essentially, all these services do is allow you to upload a song you already own and access that file from different browsers and devices, not much different from transferring a song you bought to your iPod.
Apparently to avoid any potential copyright liability, neither Amazon nor Google “de-duplicate” users’ files, which means that users access the same files they themselves uploaded, even when those files are identical to others on the system. As a result, millions of identical files may exist in the same cloud.
Whether or not Amazon’s and Google’s copyright fears are well founded is still an open question and may depend, at least in part, on the ongoing litigation between EMI and MP3Tunes. MP3Tunes is a music locker, but – unlike Amazon and Google – it does de-duplicate its files and it provides a search engine on the side allowing users to search for more music. EMI claims that MP3Tunes should be held responsible for infringing content stored in the lockers of some of its users, while MP3Tunes contends that it is immune from liability under the "safe harbor" provisions in the Digital Millennium Copyright Act (DMCA).
While we wait for a ruling in the MP3Tunes case, it appears that Amazon and Google have chosen to play it safe by storing potentially millions of identical files (just another example of how copyright laws fail to address modern uses of copyrighted works).
Are music locker services the answer to an ailing recording industry?
Personal music locker services are certainly an improvement on current industry services. By allowing music fans increased access to the content they already own, services like Amazon’s and Google’s improve consumers’ music experiences by making it easier to listen to that music where and whenever they want.
But we’re a long way from realizing the potential of cloud-based music services, which could increase consumers’ access to music they already own while offering new ways to find and purchase music and other add-on content from artists.
It has been widely reported that Google attempted to secure licensing deals that would have allowed it to offer more to consumers – for example, the ability to access music one owns without having to take the time to upload it to the cloud (which can be a slow process). But it seems the record labels are still blocking efforts to give music fans with more or easier access to new music, whether by compulsory licenses or other non-traditional revenue streams. Not only does less access hurt fans, but it hurts artists who might otherwise benefit from innovative business models. So while we applaud Amazon’s and Google’s attempt to better their customers’ music experience, there’s no question that their services fall far short of what fans and artists really need and want.
This past week has been trying in a number of countries, including China, where a new central agency has been established to oversee the Internet, in a move that some experts have said would allow for tighter regulations. At the same time, rumors of a possible Facebook deal in China have been cause for concern, as such a launch would likely mean Chinese users would have access only to a censored version of the platform.
Were Facebook to bring a censored version of its social networking service to China, it wouldn’t be the first instance of a US company engaging in censorship overseas: Google famously filtered its search results from 2006 to 2010 by order of the Chinese government, and search engines Yahoo! and Bing continue to filter results. The OpenNet Initiative considers China to be one of the most pervasive filterers of online content.
Though no deal has yet been struck, Facebook spokesperson Adam Conner was quoted as saying, “Maybe we will block content in some countries, but not others. We are occasionally held in uncomfortable positions because now we're allowing too much, maybe, free speech in countries that haven't experienced it before.”
Tunisia Reverts to Filtering
In Tunisia, where many of the Internet filters came down along with the Ben Ali government, new evidence suggests that sites are now being blocked based on military order. A blockpage posted by Nawaat’s Sami Ben Gharbia (who will be speaking at EFF’s upcoming Geek Reading at EFF on May 20) shows the Facebook page of democracy activist Jalel Brick “filtered under a requisition from the investigating judge at the Permanent Military Tribunal in Tunis.”
Prior to the uprising that led to the fall of President Zine El Abidine Ben Ali in January of 2011, Tunisia pervasively filtered political content, including websites of human rights organizations and political opposition.
This latest move is worrying to Tunisian activists, who say that the new Internet censorship law was quietly passed by the interim government.
A Facebook Ban in Pakistan?
On May 6, The Express Tribune reported that Pakistan’s Lahore High Court was reviewing previous petitions filed against Facebook for blasphemous content in consideration of a possible permanent ban of the social networking site.
In May 2010, after receiving a petition from the Islamic Lawyers’ Group, a high court in Pakistan ordered the Pakistan Telecommunication Authority (PTA) to block Facebook temporarily following a “Draw Mohammed Day” competition hosted users of the site. The ban was lifted after two weeks, however, the court asked the government to take steps to prevent access to blasphemous and sacrilegious content online.
Though the case has reportedly been postponed for hearing, EFF will be tracking developments closely and will report back on any updates.
The California Public Utilities Commission (PUC) has released a proposal for strong privacy protections for "smart meter" data, closely following the recommendations from EFF and the Center for Democracy and Technology. If adopted and finalized, the plan could become a model for how to protect sensitive consumer information while providing new ways to save energy.
California's PG&E is currently in the process of installing "smart meters" that will collect detailed data of energy use —750 to 3000 data points per month per household—for every energy customer in the state. These meters are aimed at helping consumers monitor and control their energy usage, but the information that is collected can reveal much more about a household's daily activities: when people wake up, when they come home, when they go on vacation, and maybe even when they take a hot bath.
Many third parties will want access to this sensitive information, and the California PUC has recommended strong protections for the transfer of the data to others. This should help prevent the data's misuse, hopefully blocking new intrusions into our home and private life. We hope the California PUC goes on to adopt its proposal, creating a blueprint for energy data and privacy protection that can be used across the country.