EFFector Vol. 18, No. 33 September 29, 2005
A Publication of the Electronic Frontier Foundation ISSN 1062-9424
In the 349th Issue of EFFector:
- Feds Unable to Search Own Anti-Terrorism Database
- Trusted Computing Group to Lock Down Mobile Phones
- FCC Mandate Forces "Backdoors" for Broadband ISPs and VoIP Services
- Cell Phones Used to Track People Without Probable Cause
- EFF Asks Supreme Court to Consider Controversial Patent Case
- EFF in Canada: Protect Your Northern Rights!
- Come Celebrate EFF's 15th Anniversary, Sunday, Oct. 2
- miniLinks (8): More Rights Are Wrong for Broadcasters
Feds Unable to Search Own Anti-Terrorism Database
TSA Stops Deleting "Secure Flight" Records, But Drags Feet on Project Transparency
Washington, DC - After receiving hundreds of requests from Americans asking to know what personal information the government has obtained about them, the Transportation Security Administration (TSA) told passengers that it "does not have the capability to perform a simple computer-based search" to locate individual records.
TSA revealed last fall that it would use private passenger data from all domestic airline flights taken in June of 2004 to test its troubled "Secure Flight" passenger-screening system. In response to a fruitless Privacy Act request by four Alaska residents, EFF encouraged other airline passengers to request their own files. TSA recently began notifying the passengers who filed Freedom of Information Act (FOIA) and Privacy Act requests that it lacks the ability to easily search its own records. TSA also said that it would close such requests unless people provide additional detailed information, such as the air carrier, the dates of travel, and their phone numbers - part of the data that passengers were seeking in the first place.
"TSA is failing to follow the law," said EFF Staff Attorney Matt Zimmerman. "The Freedom of Information Act and the Privacy Act place very clear obligations on government agencies for searching their records, and TSA has simply said that it doesn't want to go through the effort. It's bad enough that Secure Flight has repeatedly failed to show that it can be a useful tool to strengthen airline security. However, that doesn't excuse the federal government from telling Americans about the private information it has gathered and used to test the project."
In light of the high volume of record requests that it has received, TSA recently agreed to stop deleting the passenger data it obtained for testing Secure Flight until it processed its backlog of requests. However, TSA told initial requestors that some of their data had already been deleted.
Secure Flight, a passenger-profiling system aimed at identifying security risks, is the successor of the controversial "CAPPS II" program that was cancelled in the wake of questions about its cost, effectiveness, and impact on privacy and civil liberties. The Secure Flight screening process would involve comparing airline passenger reservation data with an interagency terrorist watch list to determine who should be subject to more invasive screenings or arrest. After repeatedly misleading Congress and the public about its intention to use data provided by commercial data brokers to supplement the watch list, TSA recently announced that it would not use such data in the program for the time being. Despite the controversy surrounding the project, TSA has stated that it is moving forward this fall with plans for a partial roll-out involving two airlines.
For this release:
For more about Secure Flight:
Trusted Computing Group to Lock Down Mobile Phones
EFF Criticizes Plan for Restrictive New Cell Technology
San Francisco - The Trusted Computing Group (TCG), an industry consortium developing controversial computer security specifications, has released a wish list of applications of TCG technology to cell phone security. Unfortunately, much of this "security" aims to help cell phone carriers cement their control over their customers.
EFF attended TCG's announcement in San Francisco on Tuesday and criticized the proposals as steps in the wrong direction for the future of mobile communications.
"TCG is proudly offering to help cell phone carriers lock down your phone," said EFF Staff Technologist Seth Schoen. "The proposals described today aim to help your cell phone company decide who can publish software or media for your phone, whether you can load your own documents, and even whether you can switch carriers or resell your phone. These are not innovations that consumers will applaud."
TCG announced a set of eleven "use cases" that its members
will discuss how to support with TCG technologies in cell
phones. Among other applications, TCG suggested:
* "Device integrity" and "SIMlock/device personalization," which would prevent you from switching mobile carriers or reselling or donating your phone to someone else.
* "Platform integrity" and "software use" controls, which would let your cell phone company, not you, decide what software is allowed to run on your phone.
* "Digital rights management support" helps publishers, not you, control how you can use media on your cell phone.
TCG says these new applications are all in the name of "security" - whether they are protecting against viruses or ensuring that users can't take their phones with them when they change carriers and can't use third-party applications that aren't provided by their carriers. But this security is not necessarily for consumers' benefit. In many cases, TCG's proposals offer "security" only against you, not for you, and the legitimate security benefits could be achieved without also locking down consumer choice. You won't see such consumer benefits as being able to change cell phone carriers easily or freely use the media you have purchased.
TCG's proposals for cell phones contrast with its work on security chips for personal computers. In the PC environment, TCG has taken pains to say that its technology is not specifically aimed at restricting users. But TCG is now explicitly offering to help restrict users.
"The cell phone industry hasn't yet realized that cell phones are little computers, and that users expect the same amount of choice about how to use their phones as they enjoy with their PCs and PDAs," Schoen added. "We should be working to make cell phones more like PCs rather than making PCs more like restricted cell phones. But today TCG has demonstrated its eagerness to assist carriers who wish to force more restrictions on consumers, rather than offer them more control and flexibility."
For this release:
For TCG's announcements at the CTIA Wireless IT &
More about trusted computing on the PC:
FCC Mandate Forces "Backdoors" for Broadband ISPs and VoIP Services
EFF and Others to Challenge Privacy-Invasive Rule
Washington, DC - The Federal Communications Commission (FCC) has issued a "First Report and Order" confirming its expansion of the Communications Assistance to Law Enforcement Act (CALEA) to the Internet. EFF is planning to challenge the rule in court.
The new rule forces Internet broadband providers and "interconnected" Voice-over-IP (VoIP) providers to build backdoors into their networks to make it easier for law enforcement to listen in on private communications.
"A tech mandate requiring backdoors in the Internet endangers the privacy of innocent people, stifles innovation, and risks the Internet as a forum for free and open expression," said Kurt Opsahl, EFF staff attorney.
CALEA, which was passed in the early 1990s, forced telephone companies to make their networks wiretap-ready, but due to pressure from EFF and other privacy groups, explicitly exempted "information services" like broadband. Yet the new FCC order now requires "facilities-based" providers of any type of broadband Internet access service, as well as interconnected VoIP services, to make their networks easy to wiretap - a blatant contradiction of Congress's intent.
FCC officials themselves tacitly admit that the Commission has overreached. FCC Commissioner Michael J. Copps said that "[the] statute is undeniably stretched," and FCC Commissioner Kathleen Q. Abernathy issued a plea that Congress revisit its decision to exempt the Internet, stating that "application of CALEA to these new services could be stymied for years" by litigation.
"By mandating backdoors in any service that has the capability to replace functions provided by a telephone, the FCC has stretched the statute to the breaking point," said Lee Tien, EFF senior staff attorney.
For the original version of this release online:
More about CALEA:
Cell Phones Used to Track People Without Probable Cause
New Case Reveals Routine Abuse of Government Surveillance Powers
San Francisco - EFF is fighting the Department of Justice in a New York federal court case that will determine whether the government is required to show probable cause to believe a crime has been or will be committed before secretly tracking people using their cell phones.
"This is the first case considering when the government can track the movements of your cell phone, and the answer couldn't be more important," said EFF Staff Attorney Kevin Bankston. "Allowing the government to turn anyone's cell phone into a tracking device without probable cause will enable a surveillance society that would make Big Brother jealous."
Last month, the court denied a Justice Department request to monitor a cell phone's location. The ruling revealed that the DOJ has routinely been securing court orders for real-time cell phone tracking without demonstrating probable cause and without any law authorizing the surveillance.
Many cell phone users aren't aware that their phones can be used to track their location in real-time, even when they aren't using them. EFF filed a friend-of-the-court brief last week to oppose a DOJ motion asking the court to reconsider its pro-privacy decision. EFF argues that the Fourth Amendment requires a search warrant for such invasive surveillance, issued under the same strict standards as warrants that authorize phone and Internet wiretaps.
The government has tried to justify this gross expansion of its authority by combining two surveillance statutes, neither of which authorize cell phone tracking on their own. As EFF explains in its brief, there is no support anywhere for this argument - not in the statutes' language, nor in legislative history, case law, or academic commentary. Indeed, it contradicts the government's own electronic evidence manual. "It's as if the government wants the court to believe that zero plus zero somehow equals one," said Bankston.
EFF's brief marks the first time the DOJ has had to face lawyers presenting an opposing argument on this issue. "Secrecy breeds abuse," said EFF Staff Attorney Kurt Opsahl. "Before this court had the courage to stand up to the government, the hearings were hidden from the public and the judge only saw the government's point of view. This led to secret tracking orders - without basis in law - that threaten our fundamental liberties."
The DOJ is expected to appeal to the district court if Magistrate Judge James Orenstein denies the government's motion to reconsider. The court has not said when it intends to rule.
For the original version of this release online:
For EFF's amicus brief:
EFF Asks Supreme Court to Consider Controversial Patent Case
Lower Court Ruling Threatens Free Speech
San Francisco - EFF this week filed a brief asking the United States Supreme Court to review an important patent case that has broad implications for free speech and consumers' rights.
The Federal Circuit Court of Appeals ruled earlier this year that eBay violated MercExchange's online auction patents, and that eBay could be permanently enjoined, or prohibited, from using the patented technology. Then the court went a dangerous step further. It held that patentees who prove their case have a right to permanent injunctions unless the injunction poses a risk to public health. This "automatic injunction" rule deprives judges of their traditional discretion to consider how an injunction might affect other public interests - including free speech online.
If this rule is allowed to stand, free expression could suffer.
"We're not saying injunctive relief is never a good idea," said EFF Staff Attorney Corynne McSherry. "But courts must have the ability to look at how an injunction will affect a variety of public interests. That's especially true now, when so many companies are claiming patents on basic technologies that citizens use to communicate online."
In its brief, EFF argues that this ruling threatens free speech because patent owners who claim control over Internet publishing mechanisms are in a position to threaten anyone who uses them to broadcast their ideas, even for noncommercial purposes.
Added McSherry, "Given the explosion of new communications technologies, such as blogs, instant messaging, and wikis, this is hardly the time to limit courts' ability to consider the benefits that a given technology brings to freedom of expression, or evaluate the chilling effects of forbidding the use of that technology."
For this release:
For the EFF brief:
More about patents and how bad law can harm the public:
Come Celebrate EFF's 15th Anniversary Party!
When: Sunday, October 2nd, 2005, at 5 p.m. Where: EFF Headquarters in San Francisco, 454 Shotwell Street
EFF is 15 years old this year, and this Sunday night, we're having a party to celebrate! We're holding our anniversary bash at our San Francisco headquarters on Shotwell Street. The party starts at 5 p.m.
Join us for delicious Mexican food and drinks from Pancho Villa, hear a special address from our founders, John Perry Barlow and John Gilmore, taste our special 3D cake, and enjoy both the grooves of Gypsy Jazz from the Zegnotronic Rocket Society and the hypnotic beats of DJ Ripley and Kid Kameleon.
Our celebration is free of charge and open to anyone, so bring your friends and family. We look forward to celebrating with you!
Please let us know you're coming so we don't run out of food and libations! Send an email to email@example.com, or call 415-436-9333 x129.
EFF's office is located at 454 Shotwell Street and is BART accessible. Take BART to 16th and Mission, walk to 19th Street and take a left, and take another left on Shotwell Street, three blocks down. We are located between 18th and 19th on Shotwell.
Note: There is limited parking, but since we have only 30 spaces, they will be available to guests on a first come, first served basis. Stop by the EFF office to pick up a ticket, and we'll direct you to the lot. When the tickets are gone, the parking spaces are gone, so come on time!
Just in time for government hearings on the proposal for copyright reform in Canada, Canadian copyright expert Michael Geist announces the release of a 600-page peer-reviewed book that covers every aspect of the current bill from a public-interest perspective. Fittingly, it's under a Creative Commons license, so you can download it for free:
More Rights Are Wrong for Broadcasters
James Boyle deconstructs the flimsy rationale behind WIPO's broadcast treaty:
http://news.ft.com/cms/s/441306be-2eb6-11da-9aed-00000e2511c8.html EFF action alert urging Congress to scrutinize the treaty:
The Pizzaright Principle
Edward Felten proposes a new litmus test for determining whether an expansionist proposal for new intellectual property rights makes sense:
Balancing the Curriculum
Incoming graduate researchers at Goldsmith College, University of London, will receive training on copyright and IP issues that expands the discussion beyond the confines of the traditional "all rights reserved" model:
Will the Real ID Please Stand Up?
MIT's eCitizen project has launched a blog to examine the Real ID Act:
Cop to Suspect: Your DNA Is *Mine*
The Senate Judiciary Committee has approved a bill that would let the FBI extract and archive DNA samples from anyone placed under arrest:
What the Copyright Cartel Wants in a Broadcast Flag
Susan Crawford goggles at the broad language the RIAA is seeking in new legislation that would give the FCC the power to issue mandatory technology blueprints for "all possible home copying and transmission, all possible consumer devices, and all possible online audio services":
Eurocrats Against Data Retention
The EU's privacy watchdog is not convinced that Europe's proposed mandatory data retention is necessary:
miniLinksminiLinks features noteworthy news items from around the Internet.
Don't Blame the User for Security Screw-ups
Jakob Nielsen says stop shouting at poor consumers for problems caused by badly designed security software. Spoilsport:
Practical Guide to Political Blogging and Activism
Reporters Without Borders publishes an outstanding how-to for bloggers seeking to make their voices heard in the face of government monitoring, censorship, and worse:
EFF's own Legal Guide for Bloggers, which provides a collection of FAQs on the wide range of legal issues bloggers confront:
Levy Breaches in Sweden
A company that makes MP3 players refuses to pay the copyright levy on players, arguing that it's "outdated":
http://www.eff.org/cgi/tiny?urlID=530 (The Local)
A Christian band from San Diego is helping fans circumvent industry-mandated DRM, explaining, "We refuse to allow corporate policy to taint the family we've developed together":
Obscenity Regs to Hit the Net?
Susan Crawford looks at a draft telecom bill that could put the FCC in charge of "national consumer protection standards" aimed at stopping broadband, VoIP, and broadband video services from being used for annoying or "indecent" speech:
Piercing the Copyright Reality-Distortion Field
EFF pal Wendy Seltzer and friends annotate the USPTO's one-sided copyright quiz for kids, highlighting its unfortunate distortions:
Boucher Seeks to Cut Copyright's Red Tape
Representative Rick Boucher (D-VA) says he's working on new legislation to make it easier to license musical works:
Hollywood to Waste $30 Million Believing It Can Build
Better Copy Protection
That's the spot-on headline for a Techdirt piece criticizing Hollywood's plans to create home-grown DRM:
http://techdirt.com/articles/20050919/0124222_F.shtml Edward Felten's take: http://www.freedom-to-tinker.com/?p=898
Fair Use as...Illicit Housecleaning?
EFF's own Jason Schultz criticizes the strained analogies being used to describe the Google Print furor:
Red Hat and Patents
The deputy general counsel for Red Hat discusses patent reform and free software:
For a complete listing of EFF speaking engagements (with
locations and times), please visit the full calendar:
September 24-25 -
Annalee Newitz emcees Webzine 2005, San Francisco, CA
September 25 -
Jason Schultz speaks at ResFest "Copy Fight" panel
4:15 p.m., Palace of Fine Arts San Francisco, CA
October 2 -
EFF hosts EFF 15th Anniversary Party
EFF Headquarters, 454 Shotwell Street
San Francisco, CA
EFFector is published by:
The Electronic Frontier Foundation
454 Shotwell Street
San Francisco CA 94110-1914 USA
+1 415 436 9333 (voice)
+1 415 436 9993 (fax)
Donna Wentworth, Web Writer/Activist
Membership & donation queries:
General EFF, legal, policy, or online resources queries:
Reproduction of this publication in electronic media is encouraged. Signed articles do not necessarily represent the views of EFF. To reproduce signed articles individually, please contact the authors for their express permission. Press releases and EFF announcements & articles may be reproduced individually at will.
Current and back issues of EFFector are available via the Web at: