The Censorship Research Center announced on its blog today that it has halted testing of the Haystack anti-censorship software in Iran pending a security review by a third party. Based on this announcement, we recommend that users stop using all versions of the Haystack software immediately.
EFF is pleased to announce two new additions to our FOIA Litigation for Accountable Government (FLAG) Project: Staff Attorney Jennifer Lynch and Open Government Legal Fellow Mark Rumold. Our FLAG Project uses the Freedom of Information Act (FOIA) and other tools to uncover and expose important government information, protect individual liberties, and hold government agencies accountable.
Jennifer is already well-known in cyberlaw circles. Before joining EFF, Jennifer was the Clinical Teaching Fellow with the Samuelson Law, Technology & Public Policy Clinic at UC Berkeley School of Law. At the Samuelson Clinic, Jennifer specialized in privacy and intellectual property issues, including privacy and the smart electrical grid, digital books, open source and biotech, fair use in educational materials, and government use of social media in criminal investigations. Before the Clinic, Jennifer practiced with Bingham McCutchen in San Francisco, where she focused on commercial litigation and represented several California prisoners in a large civil rights case against state prison wardens.
In a major blow to user rights, the Ninth Circuit Court of Appeals has issued a decision that will go a long way toward ensuring that software buyers will rarely be software owners.
In a triumph of legal formalism over reality, the Court held that the copyright’s first sale doctrine – the law that allows you to resell books and that protects libraries and archives from claims of copyright infringement – doesn’t apply to software (and possibly DVDs, CDs and other “licensed” content) as long as the vendor saddles the transfer with enough restrictions to transform what the buyer may think is sale into a mere license.
Here's the back story: Timothy Vernor bought four packages of Autodesk's AutoCAD software at a garage sale and tried to sell them on eBay. Autodesk threatened Mr. Vernor with a copyright lawsuit, claiming that its software is only “licensed,” never sold and pointing to the fine print on the agreement it had with the original purchaser. With the assistance of the public interest litigators at Public Citizen, Vernor filed suit in Seattle against Autodesk, asking the court to clarify his right to resell the AutoCAD software packages that he paid good money for. He prevailed before the district court in 2009, prompting Autodesk to appeal.
Autodesk insisted that its software was “licensed,” rather than sold, and thus the original purchaser never “owned” it and neither could Mr. Vernor. And since Vernor didn’t own the software, Autodesk argued, his attempted sale of the software violated copyright law
EFF—joined by the Consumer Federation of America, the American Library Association, Association of Research Libraries, Association of College and Research Libraries, U.S. Public Interest Research Group, and Public Knowledge—filed an amicus brief supporting Mr. Vernor, arguing that copyright owners should not be able to trump the first sale doctrine by using a few “magic words” in a “license agreement.”
Unfortunately, the court agreed with Autodesk, holding that
a software user is a licensee rather than an owner of a copy where the copyright owner, in the documents included with the software packaging, (1) specifies that the user is granted a license; (2) significantly restricts the user’s ability to transfer the software; and (3) imposes notable use restrictions.
In other words, the right “magic words” can turn unsuspecting buyers into renters, which means they can’t claim the longstanding protections owners normally get, such as the right to resell their legally purchased software when they are done with it.
This decision is deeply disappointing, and it is very bad news for consumers. By undermining the crucial balance between copyright owners and users that supports used bookstores, libraries, and DVD rentals, it hurts both our ability to save a few dollars and our ability to retain, archive and access older, out-of-print materials. Libraries and second-hand sellers are often the only hope for these materials and the “long tail” community of researchers, historians and hobbyists that value them.
But the potential effects of this decision don’t stop there: it risks creating a situation in which violating contracts and end-user license agreements (EULAs) could result in a copyright infringement lawsuit (with the heavy club of statutory damages, attorneys fees and low standards for injunctions) rather than just a simple breach of contract claim.
We understand Mr. Vernor may seek en banc review of this decision, which means the entire court will hear the case and could reverse this dangerous ruling. We hope that the court agrees to review the case and treats it as an opportunity to put consumer rights and expectations ahead of the overreaching demands of software vendors.
Vanity Fair suggests that Sarah Palin's distinctive voice on Facebook and Twitter is actually someone else's. According to the article, she appears to have given a ghostwriter access to her social networking accounts to speak on her behalf:
When it was first set up, in January 2009, Palin's Facebook page might as well have been a file cabinet for official press releases ("Palin Pushes Parental Consent Legislation") written mostly in a stiff, third-person form. The same was true of her Twitter feed, which went live in April. After [writer Rebecca] Mansour's voice disappeared on [the pro-Palin blog] C4P, however, Palin's voice on Facebook and Twitter started sounding increasingly provocative and irascible. A company called Aries Petra Consulting was formed in September and registered to Mansour's home address, but under someone else's name. (In astrology, Aries is the ram—or "RAM.") SarahPAC's first payment to the firm was made in October, about two weeks before Palin began her book tour. By then, Palin's new virtual voice was growing in intensity. The more shrill it became, the more news Palin made: "QUIT MAKING THINGS UP DNC" … "OBAMA ADMINISTRATION'S ATROCIOUS DECISION: HORRIBLE DECISION, ABSOLUTELY HORRIBLE" … "ARE YOU CAPABLE OF DECENCY, RAHM EMANUEL?" The payments to Mansour were not made public until February 1, 2010, when SarahPAC had to disclose its quarterly filings with the Federal Elections Commission. The day before the disclosure, knowing what was coming, C4P made an official announcement acknowledging that . . . Mansour . . . had left the site months earlier and gone to work for SarahPAC.
Let's assume that Palin created her own Facebook account, and then hired Mansour to manage it. So what, right? Lots of high-profile people probably don't update their own Facebook pages. In fact, President Obama's Facebook page explicitly says that it's maintained by Organizing for America.
accessing someone else's account
sharing their passwords to let someone else access their accounts
transferring their accounts to someone else (without Facebook's written permission)
providing false personal information
UPDATE: Read about Facebook's response to this post here.
In a victory for democracy and transparency, the European Parliament adopted Written Declaration 12/2010 (WD 12) on the proposed Anti-Counterfeiting Trade Agreement earlier this week. WD 12 calls on EU negotiators to ensure that ACTA does not weaken citizens' fundamental rights of freedom of expression, privacy, and judicial due process, and will not require Internet intermediaries to act as copyright police at the behest of the entertainment industry. WD 12 also calls on EU negotiators to make the ACTA negotiation texts public, and to ensure that ACTA's proposed border measures do not interfere with access to affordable medicines.
WD 12 became the official position of the European Parliament on ACTA when it was signed by 377 Members of the European Parliament prior to today's deadline — more than the required majority of MEPs (369). While the written declaration is not binding on the European Parliament, its adoption by a clear majority sends an important political signal to EU ACTA negotiators at a critical time — just before the next, and possibly final, round of ACTA negotiations taking place in Japan later this month. The European Parliament must give a "consent vote" for the EU to be bound by ACTA; WD 12 should be seen by EU negotiators as a clear statement about how the MEPs will approach that vote.
Kudos and special thanks to our friends at La Quadrature du Net who led this effort, our amazing European EFF activists, fellow members of EDRi and the Transatlantic Consumer Dialogue, and our other allies who worked tirelessly to explain the impact of ACTA and convince Members of the European Parliament to sign WD 12 despite various pressures and constraints.
Let's hope that EU negotiators now recognize that ACTA should protect the fundamental rights of all citizens and 'net users, and not just the narrow interests of major content businesses.
On Saturday, after years of pressure from law enforcement officials, Internet classified ad web site Craigslist bowed to demands to remove its "Adult Services" section which critics charged encouraged prostitution and other sex-related crimes. Or at least it appears that it did. Without explanation, following the latest in a series of open letters from state attorneys general decrying the third party content permitted on the site, Craigslist replaced the "Adult Services" link that formerly appeared on the front page of the site with a white-on-black "censored" bar. Whether this move will substantially affect the rate of illegal prostitution across the country remains to be seen. Many, even some of Craigslist's critics, appear to have their doubts. If nothing else, however, this latest turn in the AGs v. Craigslist saga underscores the misguided nature of the AGs' tactics as well as the fundamental disagreement that we (and Congress) have with the AGs' vision of how the Internet should operate.
Through this now years-long struggle, Craigslist's legal position has been and remains absolutely, unequivocally correct: the Communications Decency Act of 1996 (or CDA) grants providers of "interactive computer services" an absolute shield against state criminal law liability stemming from material posted by third parties. Put simply, the law ensures that the virtual soapbox is not liable for what the speaker says: merely creating a forum in which users post ads that may violate state law plainly does not lead to liability for a web site operator.
The federal statutory immunity upon which Craigslist relies is not some clever loophole. Rather, the intermediary immunity provided by the CDA represents a conscious policy decision by Congress to protect individuals and companies who would otherwise be vulnerable targets to litigants who want to silence speech to which they object, illegal or not. We agree with Congress that a federal policy of holding lawbreakers liable for their own illegal behavior instead of holding intermediaries responsible for the illegal acts of others is the right one, both as a matter of fairness as well as an effective strategy by which speech and innovation can be encouraged and rewarded.
This clear protection plays an essential role in how the Internet functions today, protecting every interactive web site operator -- from Facebook to Craigslist to the average solo blog operator -- from potentially crippling legal bills and liability stemming from comments or other material posted to web sites by third parties. Moreover, if they were obligated to pre-screen their users' content, wide swaths of First Amendment-protected speech would inevitably be sacrificed as web site operators, suddenly transformed into conservative content reviewers, permitted only the speech that they could be sure would not trigger lawsuits (or intimidating visits from the attorney general). The ability to encourage speech of all sorts without fear of legal reprisal is a feature of the CDA 230 world, not a shortcoming, one that encourages the publication of a diverse range of viewpoints and not just those of rich and cautious media companies who can afford the financial risk of publication.
As the chief law enforcement officers of their respective states, the attorneys general certainly know that their legal threats are completely meritless. Yet these and other law enforcement officers have shown littleregard for what the law actually requires and have instead embarked on a vigorous campaign to strong-arm a company into submission based on bogus legal threats that nonetheless play well to many of their constituents. This strategy might amount to good politics, especially in an electionyear, but it continues to show remarkable disdain for the bedrock legal principles that have largely served the Internet well over the past 15 years.
It didn't have to be this way. Over the past two years, Craigslist repeatedly offered to go far above and beyond their legal obligations to work with law enforcement officials, offering to manually screen ads, require working phone and credit card numbers from ad posters (thereby creating digital footprints by which lawbreakers could be tracked), and help identify missing persons. Not surprisingly, however, having offered to do more than the law required but less than the AGs demanded, the AGs kept coming back for more, some flatly stating that the essential protections offered by CDA 230 should be repealed.
At least two lessons can be drawn from this latest skirmish in the battle between Craigslist and its critics. First, there sadly appears to be little upside to working with many of these law enforcement officials to resolve such important Internet policy disagreements. At each step of this public debate, the AGs have inevitably rewarded completely voluntary, non-mandatory offers of cooperation from Craigslist with further demands and insults. What possible motivation will other companies have to work with law enforcement to address similar concerns in the future?
Second, and more importantly, supporters of the First Amendment should loudly voice their opposition to this type of misguided rhetoric from elected officials. While Craigslist may have "voluntarily" shuttered its Adult Services section, they did so under constant threat from government officials who continually promised meritless lawsuits and even criminal prosecution if their target did not comply. No one (including Craigslist) disputes that sex trafficking is a reprehensible practice that should be vigorously opposed. The dispute lies in whether law enforcement officials should be permitted to bully and dragoon private web site operators into becoming de facto censors. Many, including EFF, profoundly disagree with the prospect of such a reimagined Internet, and the AGs at minimum owe it to the public to be honest about the First Amendment impact of what they are proposing.
This morning, the Third Circuit Court of Appeals in Philadelphia issued its highly anticipated ruling in a hotly contested cell phone location privacy case. EFF filed a friend-of-the-court brief and participated at oral argument in the case, arguing that federal electronic privacy law gives judges the discretion to deny government requests for cell phone location data when the government fails to show probable cause that a crime has been committed.
The Third Circuit today agreed with EFF, holding that federal law allows judges the discretion to require that the government obtain a probable cause search warrant before accessing cell phone location data. The Court further agreed with EFF that location information that can be used to demonstrate or infer that someone or something was in a private space such as the home may be protected by the Fourth Amendment, rejecting the government's argument that the privacy of location records held by phone companies is never constitutionally protected. Although the court did not definitively rule on the Fourth Amendment status of cell phone location information, it made clear that under some circumstances the privacy of such data could be constitutionally protected, and that judges have the discretion to require a warrant to avoid potentially unconstitutional seizures of location data.
The appeals court has remanded the case back to the original magistrate judge that initially denied the government's request to obtain cell phone location data without probable cause, asking the lower court to shore up its original decision with new fact-finding into the government's need for the requested data and the precision of that data in identifying a person's location. EFF looks forward to participating in those proceedings and opposing any attempt by the government to appeal today's decision. Thanks to our colleagues at the Center for Democracy and Technology, the American Civil Liberties Union and the ACLU of Pennsylvania for participating with us as friends-of-the-court in this case, and special thanks to Professor Susan Freiwald of the University of San Francisco Law School, who also submitted a brief and participated at oral argument along with EFF's Kevin Bankston.
Copyright trolls are nothing new, and Righthaven is just the latest group of lawyers to try to turn copyright litigation into a business model. What these lawyers have in common is that they seek to take advantage of copyright's draconian damages in order to bully Internet users into forking over money. To anyone who has watched the file-sharing lawsuits of the last few years or the current BitTorrent cases brought by a DC law firm, the Righthaven saga is developing into a familiar, unfortunate story. It also has some especially troubling twists.
The basic pattern: Righthaven has brought over a hundred lawsuits in Nevada federal court claiming copyright infringement. They find cases by (a) scouring the Internet for parts of newspaper stories posted online by individuals, nonprofits, and others, (b) buying the copyright to that particular newspaper story, and then (c) proceeding to sue the poster for copyright infringement. Like the RIAA and USCG before them, Righthaven is relying on the fact that their victims may face huge legal bills through crippling statutory damages and the prospect of paying Righthaven's legal fees if they lose the case. Consequently, many victims will settle with Righthaven for a few thousand dollars regardless of their innocence, their right to fair use, or other potential legal defenses.
However, Righthaven is unlike other copyright trolls in some key ways:
Righthaven is going after bloggers using text news stories for comment or discussion. Many lawsuit targets are using the newspaper articles to augment discussions about current events. Reposting all or part of news stories is part and parcel of digital commentary and discussion and usually the goal of the reposting is to share the uncopyrightable facts included in the article, not the copyrighted expression, like the specific turns of phrase used by the author. By targeting news, Righthaven's lawsuits could have a chilling effect on individuals' attempts to engage their communities in free and open discussion.
Righthaven is fighting the basic mode of Internet debate. Other copyright trolls have involved controversy over file-sharing programs and encoded digital media, like music and movies. But Righthaven is taking aim at folks who are using elementary "copy & paste" functionalities. Online discussion survives and thrives on showing others the original text before adding a commentary or response. Accurate quoting is a virtue of Internet discussion that can minimize mischarcterization and support progress in a debate.
Righthaven lawsuits are demanding that courts freeze and transfer the defendants' domain names. Imagine if a single copyright infringement on Huffingtonpost.com or Redstate.com could result in forfeiture of the entire domain. Effectively asking for control of all of a website's existing and future content -- instead of only targeting the allegedly infringing material -- is an overreaching remedy for a single copyright infringement not validated by copyright law or any legal precedent. This also indicates that the attorneys are willing to make overreaching claims in order to scare defendants into a fast settlement.
Righthaven goes straight for litigation. Righthaven isn't sending cease and desist letters or DMCA takedown notices that would allow the targeted bloggers or website operators to remove or amend only the news articles owned by Righthaven. Instead, Righthaven starts with a full-fledged lawsuit in federal court with no warning. It's sue first and ask questions later, which smacks of a strategy designed to churn up legal costs and intimidate defendants into paying up immediately, rather than a strategy aimed at remedying specific copyright infringements.
Righthaven is claiming that its activities are intended to have a "deterrent effect" on the reposting of news stories online, but it's hard to resist viewing Righthaven's actions as purely business-related. In addition to the sharp legal tactics discussed above, Righthaven appears to only buy copyrights that it believes can be used for lawsuits and otherwise has no involvement in the practice of journalism.
Righthaven also appears to be soliciting other newspapers to sign on with it. But newspaper publishers who think that suing bloggers a story at a time will save journalism are sorely mistaken. Newspaper publishers have actually been having meaningful discussions about innovative business models to support real journalism. Sadly, Righthaven -- if it continues to attract clients -- threatens to derail those conversations with a sideshow proven to distract from progress.
But no matter where a newspaper may stand on the debate about journalism's future, we think it is abundantly clear that a "sue the audience" tactic is nowhere near worth considering. Newspapers should resist the temptation to put themselves into the same position as the music industry circa 2004, where futile lawsuits distracted them from the incorporating new technology and creating new ways to market product to fans.
EFF is watching Righthaven and other copyright trolls closely for overbroad tactics that hurt free speech and fair use, and abuse the legal system. We're looking for good cases to defend and will deliver more news and analysis as the issue develops.