EFFector Vol. 18, No. 43 Dec 9, 2005
A Publication of the Electronic Frontier Foundation ISSN 1062-9424
In the 359thIssue of EFFector:
- Help EFF Fight for Your Digital Rights!
- Security Questions Remain in New Sony BMG Security Patch
- North Carolina Sued for Illegally Certifying Voting Equipment
- Government Still Pushing for Cell Phone Tracking Without Probable Cause
- New Canadian Voice in Digital Rights Issues
- PATRIOT Reauthorization Slogs On
- Help Us Bust the Goldberg Online Gaming Patent
- Nominate a Pioneer for EFF's 2006 Pioneer Awards!
- miniLinks (12): Musicians Against DRM
- Staff Calendar
Help EFF Fight for Your Digital Rights!
Dear EFFector Readers,
In July of 2005, EFF turned 15 years old. In these 15 years of fighting for your digital rights, EFF has always been on the front lines, identifying threats before most people understand how new technologies -- and the politics of controlling them -- can impact freedom. This year, EFF has continued to grow stronger and more effective. Here are a few things we've accomplished this year:
1) We fought at the Supreme Court in the Grokster case to protect innovators' right to create new tools. Even though the Court sent the case back to trial, it firmly held the line on the Betamax principle that protects technologies with substantial noninfringing uses and denied Hollywood's quest to control the standards for future technologies.
2) We sued Sony BMG for infecting its customers' computers with digital rights management (DRM) software that increases vulnerability to security threats and lets Sony track and control listening behavior.
3) We cracked the code of tiny dots many popular laser printers embed on printouts, exposing how they reveal the serial number, time, and date of the printing.
4) We pushed for processes that would ensure transparency in electronic voting machines, including verifiable paper trails and systems that would enable real audits and recounts of election results.
5) We created "EFF's Legal Guide for Bloggers" to educate bloggers about libel law, copyright law, labor law, adult material and political advocacy, including specific versions aimed at student bloggers and those blogging from work.
6) We fought against the broadcast flag, a proposal that would allow Hollywood design control over the next generation of digital TV receivers. We were part of a lawsuit that struck down the flag. We also created a toolkit and sponsored "build-ins" to help people construct flag-free, open source digital television recorders.
7) We launched the "EFF Patent Busting Project" and identified the worst patents affecting free speech on the Internet. We are about to file several "re-examination requests" with the US Patent and Trademark Office (USPTO) asking it to revoke these overreaching patents.
8) We successfully opposed the DOJ in numerous jurisdictions when they requested permission to track cell phone users without showing the court probable cause of wrongdoing.
9) We've helped win several cases defending the First Amendment-protected right to anonymous speech in the digital age and supported technologies that enhance anonymity, including Tor.
10) We educated the public on the dangerous ubiquity of surveillance by exposing invasive tracking by data miners, national ID schemes, RFIDs, and biometrics.
11) We fought to prove that online journalists deserve the same legal protections for newsgathering as offline journalists.
12) We fought for the right to reverse engineer a product to make new interoperable technology. We were there when Lexmark sued over refilling printer cartridges, when Chamberlain sued over garage door openers, and when Blizzard threatened the open-source BNETD emulator.
13) We were on the front lines during last November's national elections, with an elite squad of attorneys specially trained in the problems arising from electronic voting machines increasingly used throughout the country.
14) We created a comprehensive privacy curriculum to educate activists and the nonprofit community about the law and technology of government surveillance.
15) We brought suit on behalf of Indymedia and established that the federal anti-terrorism laws do not trump the First Amendment.
And this is the short list! For more information about the Electronic Frontier Foundation and the work that we do, visit http://www.eff.org and http://www.eff.org/legal/victories .
EFF receives about 2/3 of our funding from individual donors like you. We need your support to continue our important work. Please take a minute right now to follow the link below and make a financial contribution to our cause. We sincerely appreciate your support.
Shari Steele Executive Director Electronic Frontier Foundation
Security Questions Remain in New Sony BMG Security Patch
Previous Patch for SunnComm MediaMax Had Separate Vulnerability
Sony BMG released a second patch on Thursday to correct the security vulnerability in its compact discs released with SunnComm MediaMax software Version 5 -- a flaw that affects millions of CDs in the U.S. and Canada. The first patch, released earlier this week, had a flaw of its own that was discovered Wednesday by researchers Ed Felton and Alex Halderman. Security researchers are reviewing the new patch.
Sony has been under fire for using two software technologies -- SunnComm MediaMax and First4Internet's Extended Copy Protection (also known as XCP) -- which Sony BMG claims to have placed on the music CDs to restrict consumer use of the music on the CDs. However, by including the flawed and overreaching programs in millions of music CDs sold to the public, Sony BMG has created serious security, privacy and consumer protection problems.
The vulnerability in SunnComm MediaMax version 5 was initially discovered by security firm iSEC Partners after EFF requested an examination of the software. The flaw defeats Windows' security measures and allows malicious programs, such as viruses and trojans, to take control of users' computers.
EFF, along with the law firms of Green Welling, LLP, and Lerach, Coughlin, Stoia, Geller, Rudman and Robbins, LLP, and the Law Offices of Lawrence Feldman, filed a class action lawsuit last month against Sony BMG that included claims arising from SunnComm CDs as well as those using First4Internet XCP software.
For a list of CDs affected:
Frequently Asked Questions About SunnComm MediaMax:
North Carolina Sued for Illegally Certifying Voting Equipment
EFF Asks Court to Void Approval of Diebold and Others Without Source Code Review
Raleigh, North Carolina - The Electronic Frontier Foundation (EFF) on Thursday filed a complaint against the North Carolina Board of Elections and the North Carolina Office of Information Technology Services on behalf of voting integrity advocate Joyce McCloy, asking that the Superior Court void the recent illegal certification of three electronic voting systems.
North Carolina law requires the Board of Elections to rigorously review all voting system code "prior to certification." Ignoring this requirement, the Board of Elections on December 1st certified voting systems offered by Diebold Election Systems, Sequoia Voting Systems, and Election Systems and Software without having first obtained let alone reviewed the system code.
"This is about the rule of law," said EFF Staff Attorney Matt Zimmerman. "The Board of Elections has simply ignored its mandatory obligations under North Carolina election law. This statute was enacted to require election officials to investigate the quality and security of voting systems before approval and only approve those that are safe and secure. By certifying without a full review of all relevant code, the Board of Elections has now opened the door for North Carolina counties to purchase untested and potentially insecure voting equipment."
North Carolina experienced one of the most serious malfunctions of e-voting systems in the 2004 presidential election when over 4,500 ballots were lost in a voting system provided by e-voting vendor UniLect Corp. Electronic voting systems across the country have come under fire during the past several years as unexplained malfunctions combined with efforts by vendors to protect their proprietary systems from meaningful review have left voters with serious questions about the integrity of the voting process.
"North Carolina voters deserve to have their election laws enforced," said co-counsel Don Beskind of the Raleigh law firm of Twiggs, Beskind, Strickland & Rabenau, P.A. "Election transparency is a requirement, not an option. The General Assembly passed this law unanimously, and it is now time for the Board of Elections to meet their obligations."
On behalf of McCloy, EFF and Beskind intervened in and convinced a judge to dismiss a separate lawsuit filed last month by Diebold, which sought to be exempted from the state's transparency laws. Diebold represented to the court that it would be "unable" to comply with the code escrow requirement of the statute. Inexplicably, the Board of Elections certified Diebold despite its admitted inability to comply with the law.
A hearing in McCloy's case against the Board of Elections is set for Wednesday, December 14. EFF and Beskind have asked the Court for a temporary restraining order preventing North Carolina's 100 counties from purchasing any of the recently certified systems unless and until the Board of Elections complies with its statutory obligations.
For the full complaint:
For this release:
Government Still Pushing for Cell Phone Tracking Without Probable Cause
EFF Urges New York Judge to Reject Latest Surveillance Request
New York - The Electronic Frontier Foundation (EFF) has asked a federal magistrate judge in New York City to reject a Department of Justice (DOJ) request to track a cell phone user without first showing probable cause of a crime. In a brief filed in New York on Tuesday, EFF and the Federal Defenders of New York argue that no law authorizes the government's request, and that granting the order would threaten Americans' Fourth Amendment right against unreasonable searches.
This latest briefing comes after a decision last week in Maryland denying a similar order, which combined with two recent denials published by federal courts in New York and Texas, represents an unprecedented judicial rebuke to the DOJ's surveillance practices. The DOJ's apparently routine practice of asking for and receiving cell-tracking orders without probable cause only recently came to light as a result of these newly published decisions; typically, such requests are made and granted in secret, without any public accounting.
"Even though three federal courts have now completely rejected the Justice Department's arguments for tracking a cell phone without probable cause, it is still asking other judges for these plainly illegal surveillance orders," said Kevin Bankston, EFF Staff Attorney. "How many public denials is it going to take before the Justice Department either stops seeking such orders altogether, or is willing to appeal one of these decisions and subject its baseless arguments to scrutiny by higher courts?"
The DOJ, despite claims that its cell phone tracking requests are routine, necessary, and perfectly legal, has so far chosen not to appeal any of the recent decisions.
For more on cell phone tracking:
For this release:
New Canadian Voice in Digital Rights Issues
Online Rights Canada Launches with EFF, CIPPIC Support
Toronto - Online Rights Canada (ORC) launched in Canada Friday, giving Canadians a new voice in critical technology and information policy issues. The grassroots organization is jointly supported by the Canadian Internet Policy & Public Interest Clinic (CIPPIC) and the Electronic Frontier Foundation (EFF).
"Canadians are realizing in ever-greater numbers that the online world offers tremendous opportunities for learning, communicating, and innovating, but that those opportunities are at risk as a result of corporate practices, government policies and legal regimes that hinder online privacy and free speech," said Philippa Lawson, Executive Director and General Counsel of CIPPIC. "Online Rights Canada provides a home on the Internet for grassroots activism on digital issues that are important to ordinary Canadians."
"With the Canadian government preparing for a January election, all of last year's legislation is back on the drawing board. Canadians now have another chance to present a public interest perspective on issues like copyright reform and increased government surveillance," said Ren Bucholz, EFF's Policy Coordinator, Americas. "We are happy to be launching ORC at such a critical time."
One of ORC's first actions is a petition drive against unwarranted surveillance law. A bill proposed in Parliament last month would have allowed law enforcement agencies to obtain personal information without a warrant and forced communications providers to build surveillance backdoors into the hardware that routes phone calls and Internet traffic. The petition asks Canadian lawmakers to protect citizens' privacy rights when the new government convenes in 2006. Other important issues for ORC will include copyright law, access to information, and freedom from censorship.
"Today, ORC focuses on digital copyright and lawful access. But there is no reason to restrict the site to those two issues," said CIPPIC Staff Counsel David Fewer. "Our hope is that ORC will evolve into the first place to go for Canadians looking for opportunities to protect their online rights. Anyone can be an activist - Online Rights Canada will give you the tools you need."
Online Rights Canada is the latest group to join the global fight for digital rights. Digital Rights Ireland launched earlier this week, and the Open Rights Group launched in the United Kingdom last month.
For Online Rights Canada:
For this release:
PATRIOT Reauthorization Slogs On
Next Steps Unclear, Action Still Needed
The PATRIOT Act took a step closer to reauthorization today as Senator Arlen Specter of Pennsylvania announced that he would sign the conference report.
Backroom deals have watered-down the best reforms, and opportunistic politicians have bolted on unpopular additions. However, several other senators refuse to go along with the deal, and a filibuster may be in the offing next week. Call your senators and representative now, and demand they vote "no" on PATRIOT renewal!
Conference report, in three parts:
http://www.eff.org/Privacy/Surveillance/Terrorism/DRAFT_Nov16_pgs1to97.pdf http://www.eff.org/Privacy/Surveillance/Terrorism/DRAFT_Nov16_pgs98to153.pdf http://www.eff.org/Privacy/Surveillance/Terrorism/DRAFT_Nov16_pgs154to220.pdf
Call Congress today:
Help Us Bust the Goldberg Online Gaming Patent
As many of you know, EFF has gone into the Patent Busting business. We're closing in on our third target -- the Goldberg Online Gaming patent, but we need your help. We've written up a description of the killer prior art needed to take this patent down; now you need to help us find it. Take a look at the description and send it around to any friends or colleagues you might know who are familiar with multi- player online gaming technology, especially pre-1996 technology that involved network tournament games, advertising to users, or any kind of real-time ranking system. In particular, we are interested in any information on a multiplayer space fantasy game called "Federation," "The ImagiNation Network," and pre-1996 "Shadow of Yserbius" and "Netrek" -- but all tips are welcome!
For more on Goldberg Online Gaming Patent:
Prior art description:
Prior art submission form:
Nominate a Pioneer for EFF's 2006 Pioneer Awards!
EFF established the Pioneer Awards to recognize leaders on the electronic frontier who are extending freedom and innovation in the realm of information technology. This is your opportunity to nominate a deserving individual or group to receive a Pioneer Award for 2006.
The International Pioneer Awards nominations are open both to individuals and organizations from any country. Nominations are reviewed by a panel of judges chosen for their knowledge of the technical, legal, and social issues associated with information technology.
This year's award ceremony will be held in Washington, DC, in conjunction with the Computers, Freedom and Privacy conference (CFP), which takes place in early May.
How to Nominate Someone for a 2006 Pioneer Award:
You may send as many nominations as you wish, but please use one email per nomination. Please submit your entries via email to email@example.com. We will accept nominations until February 1, 2006.
Simply tell us:
1. The name of the nominee,
2. The phone number or email address or website by which the nominee can be reached, and, most importantly,
3. Why you feel the nominee deserves the award.
There are no specific categories for the EFF Pioneer Awards,
but the following guidelines apply:
1. The nominees must have contributed substantially to the health, growth, accessibility, or freedom of computer-based communications.
2. To be valid, all nominations must contain your reason, however brief, for nominating the individual or organization and a means of contacting the nominee. In addition, while anonymous nominations will be accepted, ideally we'd like to contact the nominating parties in case we need further information.
3. The contribution may be technical, social, economic, or cultural.
4. Nominations may be of individuals, systems, or organizations in the private or public sectors.
5. Nominations are open to all (other than current members of EFF's staff and board or this year's award judges), and you may nominate more than one recipient. You may also nominate yourself or your organization.
6. Persons or representatives of organizations receiving an EFF Pioneer Award will be invited to attend the ceremony at EFF's expense.
More on the EFF Pioneer Awards:
miniLinks features noteworthy news items from around the Internet.
Musicians Against DRM
The lead singer of OK Go explains why he fought against DRM on his CDs. http://www.eff.org/cgi/tiny?urlID=543
EU readers: call your MEP now!
The European Parliament is set to vote for mandatory data
retention on December 14. If you're in Europe, please call
(not email) your MEP before December 13, and ask him or her
to support MEP Charlotte Cederschiöld's amendment to
reinstate reimbursement for industry and save consumers from
having to bear the costs of this overbroad regime. More info
French March Toward Worse EUCD Laws Ever
Still difficult to make out the details of the French equivalent of the DMCA, but there do appear to be some really terrible ideas fighting to be included.
Oh, You'll Pay. You Will Pay, My Friend.
European publishers claim that search engines' use of publicly available content will require them to pay the originators. Who will start the bidding for instant obscurity?
Court Checks the ID of Secret Air Travel Law
EFF founder John Gilmore gets another day in court in his fight to travel across the US without being required to show ID.
Denver Rally for Bus Protestor
Deb Davis was charged for not showing ID on a public bus.
Fair Use, Farewell?
The Free Expression Policy Project takes a look at the threats to fair use.
China Has Their Number
Chinese mobile phone owners will have to register their phones with the authorities, who seek to control "illegal text messaging practices" and "improper political commentary."
National CyberEducation Project
An even-handed look at IP issues online.
Losing Face with FaceBook
Perceptive college article on the privacy dangers of government access to social software sites.
RIAA vs One More Person
An Oklahoma woman is the next to stand up against the RIAA's lawsuits, claiming she didn't even have a working computer when the RIAA says she was infringing.
Pay the Price for Saluting the Broadcast Flag
In the run-up to the 2006 elections, IPac is looking to fund the opponents of politicians who support the MPAA's TV- crippling technology.
EFFector is published by:
The Electronic Frontier Foundation
454 Shotwell Street
San Francisco CA 94110-1914 USA
+1 415 436 9333 (voice)
+1 415 436 9993 (fax)
Rebecca Jeschke, Media Coordinator
Membership & donation queries:
General EFF, legal, policy, or online resources queries:
Reproduction of this publication in electronic media is encouraged. Signed articles do not necessarily represent the views of EFF. To reproduce signed articles individually, please contact the authors for their express permission. Press releases and EFF announcements & articles may be reproduced individually at will.
Current and back issues of EFFector are available via the Web at: