Skip to main content

EFFector - Volume 14, Issue 30 - ALERT UPDATE: "Anti-Terrorism" Surveillance Bill To Pass This Week

   EFFector       Vol. 14, No. 31       Oct. 16, 2001     editors@eff.org

   A Publication of the Electronic Frontier Foundation     ISSN 1062-9424

    In the 191st Issue of EFFector (now with over 29,300 subscribers!):

     * ALERT UPDATE: "Anti-Terrorism" Surveillance Bill To Pass This Week
     * Public Interest Postion on Junk Email: Protect Innocent Users
     * EFF Comments On W3C's Draft Patent Policy
     * EFF Participates in FMC's Panel Discussion on Digital Music
     * Announcing the EFF Contest of the Century!
     * EFF Thanks CoffeeCup Software, Inc.
     * Administrivia

   For more information on EFF activities & alerts: http://www.eff.org/

   To join EFF or make an additional donation:
     http://www.eff.org/support/
   EFF is a member-supported nonprofit. Please sign up as a member today!
     _________________________________________________________________

ALERT UPDATE: "Anti-Terrorism" Surveillance Bill To Pass This Week

   Both the US Senate and House of Representatives have passed slightly
   different versions of the "Uniting and Stregthening America Act" (USA
   Act), an ostensibly anti-terrorism bill with many terrorism-unrelated,
   alarming provisions that erode protection againsts improper government
   surveillance, among other problems. The House version contains
   (probably worthless) "sunset" provisions that would expire some of the
   wiretap-related sections of the bill after several years unless they
   are re-ratified; but these provisions are not expected to survive the
   final draft.

   Final passage, despite our and your activism efforts, is essentially
   assured, and will be by way of a conference committee and a final vote
   on the merged version of the bill that results from the committee.
   However, it would not hurt to contact your legislators once again to
   express your disapproval of this legislation, and to contact the White
   House to urge President Bush to refuse to sign the final bill into law
   (not likely, but you'll be counted among those on record in opposition
   to the USA Act.)

   EFF will issue a statement if/when the bill passes, and, with other
   organizations, will work to monitor implementation of the new law, and
   examine avenues for legal challenges against its more troubling
   provisions.

   To our friends in other countries: You would do well to keep a close
   eye on what your own government is doing. The US is hardly alone in
   taking misguided steps toward become a more totalitarian society in
   the hope of stopping terrorism.

   For bill texts and analyses, see the EFF Surveillance Archive:
     http://www.eff.org/Privacy/Surveillance/

                                  - end -
     _________________________________________________________________


Public Interest Postion on Junk Email: Protect Innocent Users

  EFF Statement Regarding Anti-Spam Measures

   Executive Summary: Any measure for stopping spam must ensure that all
   non-spam messages reach their intended recipients.

   For the past several years, the Electronic Frontier Foundation (EFF)
   has watched with great interest the debate regarding what to do about
   unsolicited bulk email from strangers, or spam. We have been asked to
   lend our support to bills that have been introduced in Congress, and
   we have been approached in various other ways to help lead the fight
   against this annoying intrusion into people's email mailboxes.

   While members of the EFF staff and board find this unsolicited email
   to be as annoying as everyone else, we believe that the two most
   popular strategies for combatting it so far--legislation and anti-spam
   blacklists--have failed in their fundamental design. Anti-spam bills
   have been badly written, are unconstitutionally overbroad, and
   frequently wander into areas where legislators have no expertise, such
   as the establishment of Internet standards. And anti-spam blacklists,
   such as the MAPS RBL (Mail Abuse Prevention System Realtime Blackhole
   List, the most popular), result in a large number of Internet service
   providers (ISPs) surrepticiously blocking large amounts of non-spam
   from innocent people. This is because they block all email from entire
   IP address blocks--even from entire nations. This is done with no
   notice to the users, who do not even know that their mail is not being
   delivered.

   The focus of efforts to stop spam should include protecting end users
   and should not only consider stopping spammers at all costs.
   Specifically, any measure for stopping spam must ensure that all
   non-spam messages reach their intended recipients. Proposed solutions
   that do not fulfill these minimal goals are themselves a form of
   Internet abuse and are a direct assault on the health, growth,
   openness and liberty of the Internet.

   Email is protected speech. There is a fundamental free speech right to
   be able to send and receive messages, regardless of medium. Unless
   that right is being abused by a particular individual, that individual
   must not be restricted. It is unacceptable, then, for anti-spam
   policies to limit legitimate rights to send or receive email. To the
   extent that an anti-spam proposal, whether legal or technical, results
   in such casualties, that proposal is unacceptable.

    The Two Extremes of the Current Email Battlefield

   The legislative proposals that have dominated the anti-spam policy
   debate for the last several years have failed, and rightly so. The
   several existing state laws against spam are of questionable
   constitutionality, too hard to enforce even if they should be
   enforced, and have done nothing to stem the tide of spam. National
   legislation will not solve the problem either, while creating a morass
   of unintended consequences.

   Serious problems with the anti-spam legislation we have seen to date
   include:
     * misdefinitions of key terms and concepts, including "commercial,"
       "list," and "spam" itself;
     * technology-specific requirements that will be rapidly obsolete;
     * a focus on punishing expression rather than protecting privacy;
     * the giving of broad power or obligation to ISPs to control the
       private email of their customers;
     * jurisdictional problems;
     * unnecessary and excessive criminalization of private, civil
       disputes;
     * requirements with which senders will find it impossible to comply;
     * and a clear pattern of providing a defense for ISPs in the form of
       immunity from the simple realities and responsibilities of the
       marketplace, rather than one of enabling individuals to protect
       themselves.

   But poorly-focused legislation is not the only failing proposal here.
   Many groups of often well-meaning people have worked on ways to avoid
   the various annoyances and problems caused by unsolicited bulk email.
   Anti-spam blacklisting groups, such as MAPS and ORBs, put heavy
   pressure on ISPs to conform to a set of restrictive anti-spam policies
   and to virally pressure other ISPs to adopt the same policies. It is
   estimated that over 50% of US-based ISPs and up to one third of global
   ISPs already participate in the blacklisting.

   But blacklisting is interfering with the delivery of a significant
   amount of non-spam email. Systems administrators who will not adopt
   the suggested anti-spam policies find themselves unable to deliver
   their non-spamming users' mail to recipients who are on systems that
   participate in blacklisting. This blocking is being done at too high a
   cost. Ultimately, civil rights and the ability of non-spammers to
   communicate cannot be sacrificed to serve the goal of blocking
   unsolicited bulk email.

   The search for a nonexistent, and ultimately impossible, legislative
   or ISP-level blacklist "magic bullet" solution has actually distracted
   the Internet community for the last five years from the real solution:
   better voluntary user-end filtering and/or voluntary, informed and
   flexible ISP-level filtering. Only an end user-controlled solution
   will uphold the rights of the end users while serving to deter spam by
   removing most of the audience and making it unprofitable to continue
   junk emailing.

    The Right Way to Look at Spam

   Until we include the free speech rights of all end-users instead of
   trying to stop a few wrongdoers at the cost of innocent users, any
   solution for dealing with spam will be fundamentally flawed. End
   users, known as "customers" to ISPs, should demand that none of their
   wanted email be censored in attempts to filter out unwanted messages.
   In addition, Netizens should express their dismay at spam by
   boycotting products advertised with spam.

   On a larger scale, EFF supports combatting spam by providing end-users
   with adequate tools to filter unwanted messages on the receiving end.
   We also support the development of more robust and subtle technology
   for this purpose. Brightmail, for example, has created a system that
   does a good, if still imperfect, job. Others that attempt to do this
   are listed at http://spam.abuse.net/tools/mailblock.html. From a
   technical standpoint, we would like to see the development of better
   filtration software on servers, something that could work
   interactively with the mail recipient in defining what he or she
   regards as spam using pattern recognition. That is, every time
   somebody gets a message of a sort he or she does not want, s/he could
   send it to the filter, thereby making that filter smarter over time,
   as well as giving it the ability to "learn" as spam techniques
   develop.

   The rights of users to send and receive email must not be compromised
   for quick and dirty ways to limit unsolicited bulk email. Neither
   misguided and ignorant legislation, nor collusive, high pressure
   protection schemes, have a legitimate function or place in our online
   future. The Constitution, and the promise of a free, open Internet
   that exists for and is controlled by its participants, requires us to
   do better.

                                  - end -
     _________________________________________________________________


EFF Comments On W3C's Draft Patent Policy

  Staff Technologist's Letter to Patent Policy Working Group

   Dear W3C Patent Policy Working Group Members:

   The Electronic Frontier Foundation (EFF), the leading civil liberties
   organization working to protect rights in the digital world, submits
   the following comments on the PPWG's draft patent policy.
   In general, the draft policy of August 16 makes progress in addressing
   the thorny patent issues standards groups may encounter. We join other
   commentators, for example, in supporting the proposed Disclosure
   Obligations in Section 7 of the draft.

   We focus our attention on the most controversial provision, Section
   5.2, which creates a RAND ("reasonable-and-non-discriminatory")
   licensing mode for W3C Working Groups. Adopting this policy would mean
   that, for the first time, W3C would have a formal mechanism for
   promoting some patent-encumbered web standards -- with the knowledge
   that these standards could not be implemented by everybody.

   As WWW inventor Tim Berners-Lee observes in _Weaving the Web_,
   "patents ... are a great stumbling block for Web development. ...
   Small companies may be terrified to enter the business [in the face of
   patent claims]." Because of its harmful effects on smaller
   organizations, and the resulting risks to openness and
   interoperability on the web, we urge W3C to reconsider its support for
   a RAND licensing mode.

   The draft policy notes that

     participants in a standards body will be unwilling and unable to
     work collaboratively if, at the end of the process, the
     jointly-developed standard can only be implemented by meeting
     licensing terms that are unduly burdensome, unknown at the
     beginning or even the end of the design process, or considered
     unreasonable.

   This uncertainty is a significant risk to standards development, but
   participants are not the only beneficiaries of the process (nor the
   only parties whose support is called for). Where a standards body
   undertakes to develop public standards for general use -- clearly the
   aim of W3C standards work -- the larger community of prospective users
   and implementors also has a deep interest in standards' licensing
   terms. As the policy continues, this community has a "longstanding
   preference for Recommendations that can be implemented on a
   royalty-free (RF) basis".

   This "preference" must not be treated lightly; it has been essential
   to the success of the World Wide Web and the Internet as a whole, and
   one of the key features setting the Web apart from closed, proprietary
   content-delivery systems. Royalty-free web standards have provided the
   raw material for an explosion of creativity and the development of
   diverse but interoperable implementations.
   For many members of the web community, the RF licensing tradition is
   not merely a "preference", but a requirement. Royalty-based technology
   licensing, whether "discriminatory" or "non-discriminatory", grew up
   amidst large commercial players, who could typically afford a sizable
   licensing fee, accepting it as a cost of doing business. As you know,
   the World Wide Web community is much more diversified. It includes
   tiny startups, multinational corporations, individuals, non-profit
   organizations, consortia, libraries and archives, among other kinds of
   entities. Many of these participants are ill-equipped to cope with the
   one-size-fits-all world of RAND licensing, and have very different
   notions of what is "reasonable" or even "non-discriminatory".

   Much of the software which runs today's web is open source, like the
   W3C's own reference implementations. The world's most popular HTTP
   server package, Apache, is a leading example; W3C's own web site is
   using it, as is EFF's. But although a flat royalty structure might
   seem perfectly "reasonable" to a large corporation, the Apache
   Software Foundation -- and Apache licensees -- might well see things
   otherwise. Prospective implementors are all different, but when any
   implementor is left behind by a patent licensing system, everyone
   suffers.

   The draft policy attempts to distinguish between high-level and
   low-level web standards, in a largely informal way. Section 2.2,
   reporting on consensus within the Patent Policy Working Group, draws
   this distinction:
   [I]t is especially important that the Recommendations covering
   lower-layer infrastructure be implementable on an RF basis.
   Recommendations addressing higher-level services toward the
   application layer may have a higher tolerance for RAND terms.

   We agree that openness of infrastructure is particularly important.
   However, the distinction between infrastructure and higher-level
   services does not seem to be clearly drawn (nor does the policy appear
   to implement this consensus view in any specific way, e.g. by
   categorically forbidding the RAND licensing mode for certain Working
   Groups deemed "architectural"). Experience has shown that this
   distinction can be unstable; services once optional often become
   indispensable. We cannot stress enough that services originally
   conceived of as applications may eventually -- even rapidly -- come to
   be seen as infrastructural. For example, HTTP is often used as an
   example of an extremely high-level network protocol, yet it serves an
   infrastructural role, in turn, for other protocols like SOAP.

   We recognize that W3C cannot guarantee that none of its
   Recommendations will ever be encumbered by patent claims. W3C has no
   control over third party patent holders who are not W3C members, and
   there is no way to be absolutely certain that an encumbrance will not
   appear after a Recommendation has been issued or even implemented. (A
   troubling example is BT's hyperlink patent, which was definitely not
   foreseen as a risk to implementors of WWW user agents.) However, this
   does not mean that W3C should allow its members to use the W3C
   Recommendation process to knowingly promote encumbered technologies as
   public standards!

   W3C does have the ability to decline to endorse a standard where it is
   already aware of licensing problems (e.g. through the proposed
   disclosure requirements). It seems that the community strongly expects
   W3C to use that ability, and to preserve the existing RF tradition in
   the eventual W3C Patent Policy.

   EFF thanks W3C for extending the comment period and for the
   opportunity to comment on this draft. Please do not hesitate to
   contact us for any further information or clarification.

   Sincerely,

   Seth Schoen
   EFF Staff Technologist

                                  - end -
     _________________________________________________________________


EFF Participates in FMC's Panel Discussion on Digital Music

  Future of Music Coalition to Conduct Discussion/Music Program in Berkeley -
  Wednesday, October 24th

   WHO:
   ~Jenny Toomey - Executive Director, Future of Music Coalition and
   performing artist
   ~Brian Zisk - Serial entrepreneur focusing on digital music, open
   source, and distribution technologies.
   ~Fred von Lohmann - Senior Staff Attorney, EFF

   WHAT:
   Panel discussion of issues related to digital music on the net,
   including copyright law, royalty collection in the digital realm, the
   protection of copyrighted work through encryption and watermarking,
   and the use of legislation and lawsuits to protect established
   business models. These issues, which are often reported in the media
   as centralized struggles between isolated business interests, need to
   be understood in the light of their larger impact on creators and
   citizens. Following the discussion portion of the program, there will
   be a live musical performance by Jenny Toomey.

   WHEN:
   Wednesday, October 24, 2001, 12:30 pm - 4:00 pm

   WHERE:
   Boalt Hall Law School, UC Berkeley Campus
   Room: Booth Auditorium
   Corner of Bancroft Way and Piedmont Ave., Berkeley, CA 94720
   Tel: 510-642-8073
   email: ltrask@law.berkeley.edu

   SPONSORED BY: Electronic Frontier Foundation, Berkeley Center for Law
   & Technology, and School of Information Management and Systems

   This event is free and open to the general public. For more
   information, contact Larry Trask as the Berkeley Center for Law &
   Technology (510-642-8073, ltrask@law.berkeley.edu)

                                  - end -
     _________________________________________________________________


Announcing the EFF Contest of the Century!

   You've been diligently reading all of those EFFectors and scouring the
   EFF website for those gems of information about topics such as online
   free speech, privacy, and intellectual property.

   Well, here is your chance to test your knowledge and have some fun
   trying to win a prize!

   A few lucky winners will receive recognition on the EFF contest web
   page and a vintage EFF T-shirt as a prize for being the first few to
   deliver the correct answers to the contest questions displayed at
   http://www.eff.org/cgi-bin/contest/contest.html

   Please note that those under 13 years of age and anyone employed by
   EFF are not eligible to participate. EFF thanks DMH for coding the
   contest Perl scripts. The contest will run for one week or until the
   next EFFector announcing the contest winners, whichever comes first.

   It's a great way to learn about the work EFF does and a chance to win

                                  - end -
     _________________________________________________________________


EFF Thanks CoffeeCup Software, Inc.

   The Electronic Frontier Foundation gives a warm thank you to Angel
   Chavez and CoffeeCup Software ( http://www.coffeecup.com ) for their
   kind donation of the CoffeeCup HTML Editor To EFF.

   CoffeeCup Software, Inc. was founded in 1996, and has many software
   web products including HTML editors for both the Linux and MS
   platforms. The software uses no proprietary coding.

                                  - end -
     _________________________________________________________________


Administrivia

   EFFector is published by:

   The Electronic Frontier Foundation
   454 Shotwell Street
   San Francisco CA 94110-1914 USA
   +1 415 436 9333 (voice)
   +1 415 436 9993 (fax)
     http://www.eff.org/

   Editors:
   Katina Bishop, EFF Education & Offline Activism Director
   Stanton McCandlish, EFF Technical Director/Webmaster
     editors@eff.org

   To Join EFF online, or make an additional donation, go to:
     http://www.eff.org/support/

   Membership & donation queries: membership@eff.org
   General EFF, legal, policy or online resources queries: ask@eff.org

   Reproduction of this publication in electronic media is encouraged.
   Signed articles do not necessarily represent the views of EFF. To
   reproduce signed articles individually, please contact the authors for
   their express permission. Press releases and EFF announcements &
   articles may be reproduced individually at will.

   To subscribe to or unsubscribe from EFFector via the Web, go to:
     http://www.eff.org/signup/mailserv.html

   To subscribe to EFFector via e-mail, send to majordomo@eff.org a
   message BODY (not subject) of:
     subscribe effector
   The list server will send you a confirmation code and then add you to
   a subscription list for EFFector (after you return the confirmation
   code; instructions will be in the confirmation e-mail).

   To unsubscribe, send a similar message body to the same address, like
   so:
     unsubscribe effector

   (Please ask listmaster@eff.org to manually remove you from the list if
   this does not work for you for some reason.)

   To change your address, send both commands at once, one per line
   (i.e., unsubscribe your old address, and subscribe your new address).

   Back issues are available at:
     http://www.eff.org/effector

   To get the latest issue, send any message to
   effector-reflector@eff.org (or er@eff.org), and it will be mailed to
   you automatically. You can also get, via the Web:
     http://www.eff.org/pub/EFF/Newsletters/EFFector/current.html
     _________________________________________________________________
JavaScript license information