EFFector Vol. 19, No. 45 December 21, 2006 firstname.lastname@example.org A Publication of the Electronic Frontier Foundation ISSN 1062-9424 In the 406th Issue of EFFector:
- Lawsuit Demands Answers About Government's Secret 'Risk Assessment' Scores
- Help EFF Investigate Invasive Travel Screening Program
- Computer Security Expert Edward W. Felten Joins EFF Board of Directors
- Celebrate EFF's Sweet 16 on January 11!
- Visit EFF at Macworld, January 9-12!
- Akaka-Sununu Bill Corrects Many Bad Aspects of Real ID Act
- State AGs Reach Settlement on Sony BMG Rootkit Debacle
- DRM Fading for Music: The Year in Review
- Nominate a Pioneer for EFF's 2007 Pioneer Awards!
- miniLinks (11): Privacy Alert Network
For more information on EFF activities & alerts: http://www.eff.org/ Make a donation and become an EFF member today! http://eff.org/support/ Tell a friend about EFF: http://action.eff.org/site/Ecard?ecard_id=1061 effector: n, Computer Sci. A device for producing a desired change. : . : . : . : . : . : . : . : . : . : . : . : . : . : . : * Lawsuit Demands Answers About Government's Secret 'Risk Assessment' Scores Millions of U.S. Travelers Affected by Giant Data-Mining Program Washington, D.C. - The FLAG Project at the Electronic Frontier Foundation (EFF) filed suit against the Department of Homeland Security (DHS) in federal court this week, demanding immediate answers about an invasive and unprecedented data-mining system deployed on American travelers. The Automated Targeting System (ATS) creates and assigns "risk assessments" to tens of millions of citizens as they enter and leave the country. In November, DHS announced that the program would launch on December 4, but Homeland Security Secretary Michael Chertoff later admitted that the program had already been in operation for several years. "The news of this secret program sparked a nationwide uproar. DHS needs to provide answers, and provide them quickly, to the millions of law-abiding citizens who are worried about this 'risk assessment' score that will follow them throughout their lives," said EFF Senior Counsel David Sobel. Under ATS, individuals have no way to access information about their "risk assessment" scores or to correct any false information about them. But while you cannot see your score, it will be made readily available to untold numbers of federal, state, local, and foreign agencies. The government will retain the data for 40 years. While the publicly available information about ATS is disturbing enough, there are many critical details the government did not disclose. For example, DHS has not announced what the consequences might be of a "risk assessment" score that indicates an individual might be a threat. EFF's suit demands an urgent and expedited response to the Freedom of Information Act (FOIA) request filed earlier this month, including all Privacy Impact Assessments for the ATS, all records that describe redress for individuals who believe the system includes inaccurate information, and all records that discuss potential consequences for travelers as a result of the system. "ATS is precisely the sort of system that Congress sought to prohibit with the Privacy Act of 1974," said Sobel. "DHS needs to abide by the law and give Americans the information they deserve about this dangerous program." Congressional leaders have indicated that they are likely to convene hearings on ATS when the new Congress convenes in January. EFF's lawsuit cites that pending oversight as an additional reason why DHS must release details about the system on an expedited basis. For the FOIA complaint filed against the Department of Homeland Security: http://www.eff.org/Privacy/ats/ats_complaint.pdf For more on the ATS program and other travel screening issues: http://www.eff.org/privacy/travel/ For this release: http://www.eff.org/news/archives/2006_12.php#005045 : . : . : . : . : . : . : . : . : . : . : . : . : . : . : * Help EFF Investigate Invasive Travel Screening Program The invasive Automated Targeting System (ATS) described above was only recently revealed to the public, and EFF is attempting to document the system's effect on law-abiding individuals. If you have experienced difficulties when entering or leaving the United States, we'd like to hear from you. We are particularly interested in hearing from folks who have had repeated problems or have been told by government agents that they are on a "list" or that there is some unexplained "problem" that needs to be resolved. Please share your story with us by writing to
and providing as much detail as possible. We will treat all responses confidentially and may contact you to follow-up. For more on ATS: http://www.eff.org/privacy/travel : . : . : . : . : . : . : . : . : . : . : . : . : . : . : * Computer Security Expert Edward W. Felten Joins EFF Board of Directors Princeton Professor Behind Important E-voting Vulnerability Research San Francisco - The Electronic Frontier Foundation (EFF) welcomes the newest member of its Board of Directors, computer security expert Edward W. Felten. A professor of Computer Science and Public Affairs at Princeton University, Felten recently demonstrated the ability to manipulate results on a Diebold electronic voting machine - - showing that the equipment was extremely vulnerable to "vote-stealing" attacks that would undermine the accuracy of vote counts. Felten's research interests include computer security and privacy -- especially relating to media and consumer products -- and technology law and policy. He has published about 80 papers in the research literature and two books. Felten was the lead computer science expert witness for the Department of Justice in the Microsoft antitrust case. He has also testified before the Senate Commerce Committee on digital television technology and regulation and before the House Administration Committee on electronic voting. Felten is the founding Director of Princeton's Center for Information Technology Policy, and his weblog, at freedom- to-tinker.com, is widely regarded for its commentary on technology, law, and policy. In 2004, Scientific American magazine named Felten to its list of 50 worldwide science and technology leaders. "EFF confronts critically important issues on the cutting edge of technology and freedom," said Felten. "My research and EFF's work have often intersected over the years, and I'm very pleased to take the next step and join the board as we strive to keep the digital world innovative, free, and secure." In 2001, Felten and EFF sued the Recording Industry Association of America and the Secure Digital Music Initiative in a case challenging the constitutionality of the Digital Millennium Copyright Act (DMCA). EFF honored Felten with a Pioneer Award in 2005, which recognizes those who have made outstanding contributions to the development of computer-mediated communications and empower individuals in using computers and the Internet. He had previously served on EFF's advisory board. "I have always been a huge fan of Ed's work, using his technical expertise to expose weak and vulnerable technologies to those of us more technically challenged," said EFF Executive Director Shari Steele. "I'm delighted to have him join EFF's Board of Directors." Other members of EFF's executive board include Brad Templeton, John Perry Barlow, David Farber, John Gilmore, Brewster Kahle, Joe Kraus, Lawrence Lessig, and Pamela Samuelson. For Professor Felten's website: http://www.cs.princeton.edu/~felten/ For this release: http://www.eff.org/news/archives/2006_12.php#005047 : . : . : . : . : . : . : . : . : . : . : . : . : . : . : * Celebrate EFF's Sweet 16 on January 11! All teenagers have big dreams for their sweet 16, and EFF's no different: we want to throw the Best Party Ever, we want a new car, and we want to secure your digital rights. We're kidding about the car, but please do join EFF for a birthday bash to celebrate 16 years fighting for your rights. The party will be on January 11, 7-10 PM at 111 Minna Gallery in San Francisco. DJ Ripley and Kid Kameleon will be keeping the dancefloor hopping all night long. A $20 donation gets you in the door. No one will be turned away for lack of funds, and all proceeds go toward our work defending your digital freedom. What: EFF Sweet 16 Party When: January 11, 2007 7-10 PM Where: 111 Minna Gallery 111 Minna Street San Francisco, CA 94105 www.111minnagallery.com Tel: (415) 974-1719 This fundraiser is open to the general public. 21+ only, cash bar. Please RSVP to email@example.com For DJ Ripley: http://djripley.blogspot.com/ For Kid Kameleon: http://www.kidkameleon.com/ : . : . : . : . : . : . : . : . : . : . : . : . : . : . : * Visit EFF at Macworld, January 9-12! EFF will be at the Macworld Conference & Expo in San Francisco, California. We'll be in booth 3102, so please stop by and grab some swag during exhibit hours -- we look forward to seeing you! For more about Macworld: http://www.macworldexpo.com : . : . : . : . : . : . : . : . : . : . : . : . : . : . : * Akaka-Sununu Bill Corrects Many Bad Aspects of Real ID Act In 2005, Congress hastily passed legislation that rolled back privacy rights and moved the country towards a national ID system. The REAL ID Act states that drivers' licenses will only be accepted for "federal purposes"--like accessing planes, trains, national parks, and court houses-- if they conform to certain uniform standards. The law also requires a vast national database linking all of the ID records together. Estimated costs of $12 billion or more will be passed on to the states and, ultimately, average citizens in the form of increased DMV fees or taxes. Thankfully, new bipartisan legislation could correct some of REAL IDs many flaws and add critical privacy and civil liberties safeguards. With the "Identification Security Enhancement Act of 2006," Senators Daniel Akaka (D-HI) and John Sununu (R-NH) would cancel most of the standardization that might have led to a national ID card, call for more flexible standards, require encryption of the data itself, and prohibit the use of ID data by third parties. For more information on the problems with the Real ID Act: http://www.eff.org/Privacy/ID/RealID/ For this post: http://www.eff.org/deeplinks/archives/005048.php : . : . : . : . : . : . : . : . : . : . : . : . : . : . : * State AGs Reach Settlement on Sony BMG Rootkit Debacle Over a year since infecting CD purchasers' computers with flawed copy protection software, Sony BMG has reached a settlement with several state attorneys general (AGs) over the rootkit debacle. We've reviewed the Texas settlement agreement, which appears to be similar to agreements reached in other states, and it looks like the AGs used their investigatory and enforcement powers to obtain important additional relief for consumers. Among other things, the settlement requires Sony BMG to compensate consumers whose computers were damaged by the XCP or Media Max software and to continue providing the settlement benefits obtained in the private litigation for an additional six months (through June 30, 2007). Equally important are Sony BMG's future obligations. If Sony uses DRM on its CDs in the future, it will have to provide detailed pre- and post-sale disclosures to customers, provide an easy uninstaller, and notify consumers if it finds security flaws in the software. Well done, AGs! The Texas agreement is available here: http://www.oag.state.tx.us/newspubs/releases/2006/121406sony_afj.pdf Background regarding the Sony BMG litigation is available here: http://www.eff.org/IP/DRM/Sony-BMG For this post: http://www.eff.org/deeplinks/archives/005046.php : . : . : . : . : . : . : . : . : . : . : . : . : . : . : * DRM Fading for Music: The Year in Review Almost exactly one year ago, we predicted the beginning of the end for DRM on digital music. Now EMI has announced the release of the new Norah Jones single on Yahoo! Music in DRM-free MP3 format (many will remember that Yahoo! has been urging the major labels to give up DRM). So let's pause to recap the year in music DRM's slow demise, including: * Rhapsody and Napster begin streaming to any browser; * Major labels all give up on CD copy protection in US market in the wake of the Sony-BMG rootkit debacle; * Major labels abandon DRM-laden SACD and DVD-A formats; * Sony-BMG releases Jessica Simpson song in MP3; * Disney's Hollywood Records releases Jesse McCartney album as MP3s; * EMI artist Lily Allen releases new track as MP3; * EMI releases Norah Jones and Reliant K tracks as MP3s; * eMusic becomes the #2 online music store selling nothing but MP3 files from independent labels. Here's to more of the same in 2007. As we said in December 2005, "Once the DRM is gone, we can see what a real, robust, competitive digital music marketplace looks like." For this post and related links: http://www.eff.org/deeplinks/archives/005039.php : . : . : . : . : . : . : . : . : . : . : . : . : . : . : * Nominate a Pioneer for EFF's 2007 Pioneer Awards! EFF established the Pioneer Awards to recognize leaders on the electronic frontier who are extending freedom and innovation in the realm of information technology. This is your opportunity to nominate a deserving individual or group to receive a Pioneer Award for 2007. The International Pioneer Awards nominations are open both to individuals and organizations from any country. Nominations are reviewed by a panel of judges chosen for their knowledge of the technical, legal, and social issues associated with information technology. How to Nominate Someone for a 2007 Pioneer Award: You may send as many nominations as you wish, but please use one email per nomination. Please submit your entries via email to firstname.lastname@example.org. We will accept nominations until January 15, 2007. Simply tell us: 1. The name of the nominee, 2. The phone number or email address or website by which the nominee can be reached, and, most importantly, 3. Why you feel the nominee deserves the award. Nominee Criteria: There are no specific categories for the EFF Pioneer Awards, but the following guidelines apply: 1. The nominees must have contributed substantially to the health, growth, accessibility, or freedom of computer-based communications. 2. To be valid, all nominations must contain your reason, however brief, for nominating the individual or organization and a means of contacting the nominee. In addition, while anonymous nominations will be accepted, ideally we'd like to contact the nominating parties in case we need further information. 3. The contribution may be technical, social, economic, or cultural. 4. Nominations may be of individuals, systems, or organizations in the private or public sectors. 5. Nominations are open to all (other than current members of EFF's staff and board or this year's award judges), and you may nominate more than one recipient. You may also nominate yourself or your organization. 6. Persons or representatives of organizations receiving an EFF Pioneer Award will be invited to attend the ceremony at EFF's expense. More on the EFF Pioneer Awards: http://www.eff.org/awards/pioneer/ : . : . : . : . : . : . : . : . : . : . : . : . : . : . : * miniLinks The week's noteworthy news, compressed. ~ Privacy Alert Network Bill Scannell's new service alerts you to new privacy issues and guides you to take action. http://privacyalertnetwork.net/network.html ~ Has Australia Banned Linking? No, says Kim Weatherall -- but an Australian Federal Court has ruled that linking to an infringing file has a legal risk. http://weatherall.blogspot.com/2006_12_01_weatherall_archive.html#116650943490838832 ~ Fighting for Private Email The Warshack case, and why email should be as constitutionally protected as snail mail. http://www.startribune.com/789/story/884388.html ~ Questions Asked Over ATS Edward Hasbrouck summarizes the concerns the EU, the Senate and travelers have over the Automated Targeting System. http://hasbrouck.org/blog/archives/001197.html ~ Bill Gates on the Future of DRM "Huge problems" with DRM; he suggests people "should just buy a CD and rip it." http://www.techcrunch.com/2006/12/14/bill-gates-on-the-future-of-drm/ ~ Data Mining Is No Good for Fighting Terrorism The Cato Institute's Jim Harper and a chief scientist with IBM's data-mining group explain why in this report. http://www.cato.org/homepage_item.php?id=436 ~ Generic Infringement Letters Case Dismissed A 28-year old lawyer gets a case thrown out in the 9th Circuit for cookie-cutter patent troll letters. http://www.law.com/jsp/article.jsp?id=1166004320259 ~ Labels Seek Lower Royalty Rate The RIAA says music publishers and songwriters deserve lower mechanical royalty rates. http://www.hollywoodreporter.com/hr/search/article_display.jsp?vnu_content_id=1003466811 ~ Judge Posner Speaks in Second Life Judge Posner: "I'd like to hear from the raccoon." http://williampatry.blogspot.com/2006/12/transcript-of-judge-posner-in-second.html ~ The Wonderful World of Disney Interesting article about the life of Walt Disney and his knack for recognizing a good story. http://www.newyorker.com/fact/content/articles/061211fa_fact ~ Hollywood's Congressman to Head Key Committee Howard Berman will head up Judiciary's Internet and IP subcommittee in the House. http://www.latimes.com/business/la-fi-berman11dec11,0,3985003.story?track=tothtml : . : . : . : . : . : . : . : . : . : . : . : . : . : . : * Staff Calendar For a complete listing of EFF speaking engagements (with locations and times), please visit the full calendar: < http://www.eff.org/calendar/ December 29 - Seth Schoen speaking at the 23rd Chaos Computer Conference, 8:30 PM - 9:30 PM, in Berlin, Germany: http://events.ccc.de/congress/2006/Home : . : . : . : . : . : . : . : . : . : . : . : . : . : . : * Administrivia EFFector is published by: The Electronic Frontier Foundation 454 Shotwell Street San Francisco CA 94110-1914 USA +1 415 436 9333 (voice) +1 415 436 9993 (fax) http://www.eff.org/ Editor: Derek Slater, Activist email@example.com Membership & donation queries: firstname.lastname@example.org General EFF, legal, policy, or online resources queries: email@example.com Reproduction of this publication in electronic media is encouraged. Signed articles do not necessarily represent the views of EFF. To reproduce signed articles individually, please contact the authors for their express permission. Press releases and EFF announcements & articles may be reproduced individually at will. Current and back issues of EFFector are available via the Web at: http://www.eff.org/effector/ This newsletter is printed on 100% recycled electrons.