EFFector Vol. 20, No. 29 July 24, 2007 firstname.lastname@example.org A Publication of the Electronic Frontier Foundation ISSN 1062-9424 In the 433rd Issue of EFFector:
- Action Alert: Keep Copyright Holders' Hands Off of Campus Networks
- Thursday Hearing on Secret Orders for Domestic Spying
- NSA Subpoena Deadline Looms -- What Happens Next?
- Ask.com Takes the Lead on Log Retention; Microsoft and Yahoo! Follow
- In This Edition of Privacy Theater, Google's Cookie Monster
- REAL ID Amendment Throws Good Money After Bad
- Innocent RIAA Defendant Fights Back, Wins $70,000 Fee Award
- Update on DRM in Music Radio Negotiations
- Public Interest Groups Respond to NBC on Mandatory ISP Filtering
- Harry Potter and the Deathly Digital Fingerprints
- Visit EFF at OSCON, DEFCON and LinuxWorld
- miniLinks (7): Google Policy Blog: "We're Putting Our Money Where Our Mouth Is"
For more information on EFF activities & alerts: http://www.eff.org/ Make a donation and become an EFF member today! http://eff.org/support/ Tell a friend about EFF: http://action.eff.org/site/Ecard?ecard_id=1061 effector: n, Computer Sci. A device for producing a desired change. : . : . : . : . : . : . : . : . : . : . : . : . : . : . : * Action Alert: Keep Copyright Holders' Hands Off of Campus Networks Major copyright holders are backing a legislative proposal to make colleges do their dirty work. The Higher Education Reauthorization Act is supposed to make going to college more affordable, but a last-minute amendment threatens to force certain schools to divert funds away from education and toward policing corporate copyrighted content on their campus networks. Twenty-five schools annually will be singled out and required to provide evidence to the Secretary of Education about their efforts to stop file sharing, including use of "technology-based deterrents" (read: network surveillance technologies). This amendment is a moving target and may come up for a vote very soon, so it's critical that you call your Senators now and voice your opposition: http://action.eff.org/site/Advocacy?id=306 Schools are already being forced to expend significant resources in the face of the RIAA's lawsuit campaign against students. More enforcement won't stop file sharing, as students will simply migrate towards other readily accessible sharing tools that can't be easily monitored. But it will chill academic freedom, as legitimate uses of the network will inevitably be stifled. The federal government shouldn't be in charge of schools' network management decisions. Congress ought to reject this misguided proposal and take up real solutions that get artists paid and let students keep sharing. Please take action and call your Senators now: http://action.eff.org/site/Advocacy?id=306 Thanks to EDUCAUSE for alerting us to this bill. Check out their site for more about the bill here: http://connect.educause.edu/blog/hwachs/urgentcalltoaction/44790 Read EFF Senior Staff Attorney Fred von Lohmann's analysis, A Better Way Forward on University P2P: http://www.eff.org/deeplinks/archives/005291.php For this post and related links: http://www.eff.org/deeplinks/archives/005372.php : . : . : . : . : . : . : . : . : . : . : . : . : . : . : * Thursday Hearing on Secret Orders for Domestic Spying Justice Department Withholds Records on Electronic Surveillance Washington, D.C. - On Thursday, July 26, at 11 a.m., the Electronic Frontier Foundation (EFF) will argue for the release of court orders that supposedly authorize the government's highly controversial electronic domestic surveillance program that intercepts and analyzes millions of Americans' communications. The White House first acknowledged the surveillance program's existence in 2005, claiming that it could be conducted without warrants or judicial authorization of any kind. But in January of this year, Attorney General Alberto Gonzales announced that the Foreign Intelligence Surveillance Court (FISC) had authorized collection of some communications and that the surveillance program would now operate under its approval. EFF filed a Freedom of Information Act (FOIA) request with the Department of Justice (DOJ) for the FISC orders and other records concerning the purported changes in the program, but when the DOJ did not comply, EFF filed suit in federal court. Thursday's hearing, before Chief Judge Thomas F. Hogan of the U.S. District Court for the District of Columbia, will include oral arguments from both EFF and the DOJ. WHAT: EFF v. Department of Justice WHEN: 11 a.m. Thursday, July 26 WHERE: United States District Court for the District of Columbia Courtroom 25A 333 Constitution Avenue, N.W. Washington, D.C. 20001 For more on EFF's lawsuit: http://www.eff.org/flag/07403TFH For more information on EFF's FOIA Litigation for Accountable Government (FLAG) Project: http://www.eff.org/flag/ Contact: David Sobel Senior Counsel Electronic Frontier Foundation email@example.com For this release: http://www.eff.org/news/archives/2007_07.php#005373 : . : . : . : . : . : . : . : . : . : . : . : . : . : . : * NSA Subpoena Deadline Looms -- What Happens Next? The Senate Judiciary Committee has now issued subpoenas for documents related to the NSA spying program. But last Wednesday, the Judiciary Committee agreed to delay the deadline for the Administration to respond. What's going to happen next? Can the Executive branch ignore these committee subpoenas? Disclosure of the requested documents could be a critical step toward revealing the full extent of the NSA's illegal spying and the role that telecommunications companies like AT&T played in it. The American public deserves to know the truth about the program, and Congress should, to the fullest extent, use its powers to make the Executive comply. You can help, too, by showing your support for Congress' investigation now: http://action.eff.org/site/Advocacy?id=270 For links to the four subpoenas: http://leahy.senate.gov/press/200706/062707a.html For this post and related links: http://www.eff.org/deeplinks/archives/005364.php : . : . : . : . : . : . : . : . : . : . : . : . : . : . : * Ask.com Takes the Lead on Log Retention; Microsoft and Yahoo! Follow We've often regretted that the most popular search engines have been keeping a dossier of everything you search for -- forever. It's easy to forget just how intrusive this kind of record can be until something like the AOL search history leak occurs and confronts users with even a portion of the search logs that track their everyday on-line activities. Thus, it's exciting to hear that Ask.com plans to take a leap into the lead of search engine privacy by expressly allowing users to opt-out of tracking -- as the Associated Press and Ars Technica report, Ask has pledged to launch a service called AskEraser that allows users to decline to stop their search histories from being logged. And now, it looks like our hope that other search engines would follow Ask's lead is becoming a reality, and faster than we expected: Microsoft announced over the weekend that it is now intending to offer users the ability to opt out of having their searches automatically associated with a single identifier. Meanwhile, Yahoo! is reportedly shortening its retention period to 13 months, so far the shortest such period amongst the major search engines. Read the full post and see related links: http://www.eff.org/deeplinks/archives/005370.php : . : . : . : . : . : . : . : . : . : . : . : . : . : . : * In This Edition of Privacy Theater, Google's Cookie Monster Contrary to Google's recent statements, the company's new policy for issuing cookies won't meaningfully help protect users' privacy. Shorter cookie life spans can help limit a site's ability to track you, but Google's change doesn't amount to any practical difference. To its credit, Google did decide in March to delete key identifying information in its search logs, including cookie ID numbers, after 18 months. As we said at the time, this is a good first step towards protecting users' privacy, but more is needed. Unfortunately, Google's new policy for issuing cookies doesn't move the ball forward. If you actually want to limit how Google and other search engines can track you via cookies and other means, check out our white paper, Six Tips to Protect Your Online Search Privacy: http://www.eff.org/Privacy/search/searchtips.php Read Google's July 16 blog post, Cookies: expiring sooner to improve privacy: http://googleblog.blogspot.com/2007/07/cookies-expiring-sooner-to-improve.html For this post and related links: http://www.eff.org/deeplinks/archives/005362.php : . : . : . : . : . : . : . : . : . : . : . : . : . : . : * REAL ID Amendment Throws Good Money After Bad When we last left the REAL ID Act, members of Congress tried and failed to expand the reach of its privacy- invasive national ID mandate. Now Congress is set to consider yet another desperate attempt to lock-in this awful law, with Senator Lamar Alexander proposing 300 million dollars in additional federal funding as an amendment attached to the Department of Homeland Security Appropriations Bill. This measly sum won't put a dent in the estimated 23 billion dollar burden that states and taxpayers will have to bear. And it doesn't do anything to fix the fundamental flaws in the policy itself: standardizing drivers' licenses into a national ID will do little to improve national security, but it will imperil your privacy by exposing you to a wide range of tracking and surveillance activities. The Alexander Amendment may be voted on this week, and the ACLU has set up an action alert so you can call your representatives and oppose it: http://www.realnightmare.org/actioncenter/111/ You should also use EFF's Action Center and tell Congress to repeal REAL ID entirely: http://action.eff.org/site/Advocacy?id=275 To learn more about what's wrong with REAL ID, see our issue page: http://www.eff.org/Privacy/ID/RealID/ For this post: http://www.eff.org/deeplinks/archives/005368.php : . : . : . : . : . : . : . : . : . : . : . : . : . : . : * Innocent RIAA Defendant Fights Back, Wins $70,000 Fee Award After more than three years of litigation, a single mom who was improperly swept up in the RIAA's P2P litigation "driftnet" has finally been vindicated. An Oklahoma court has ordered the RIAA to pay nearly $70,000 in fees and costs to defendant Debra Foster. EFF, Public Citizen, the ACLU, and the American Association of Law Libraries filed an amicus brief in the case supporting Foster's motion for fees. Last Tuesday, Judge West brought Foster's epic to an end at last and granted her compensation. The ruling sends a message to both RIAA defendants and the RIAA itself that the music companies can be held accountable when they bring improper claims based on inadequate information. Read the amicus brief filed by EFF, Public Citizen, the ACLU, and the American Association of Law Libraries: http://www.eff.org/legal/cases/Capitol_v_Foster/amicus_in_support_of_fees.pdf For the full story: http://www.eff.org/deeplinks/archives/005363.php : . : . : . : . : . : . : . : . : . : . : . : . : . : . : * Update on DRM in Music Radio Negotiations As we reported in mid-July, the major label-backed licensing authority SoundExchange conditioned lower royalty rates for large commercial webcasters on implementing DRM. This issue is proving quite contentious, and it looks like the webcasters have refused the offer. What's at stake here isn't just the implementation of DRM- laden streaming formats like WMA but also whether the RIAA will get to dictate the sorts of technologies that webcasters use in the future. After all, while DRM would certainly frustrate certain tools that allow users to time- shift, it won't make a lick of difference to software like Total Recorder and Audio Hijack that can record sound as it's outputted in unencrypted form to a sound card. You can bank on the RIAA coming back for more restrictions once it gets DRM in the door, as long as it can hold the threat of ridiculous royalty rates over webcasters' heads. Check out Jon Healey's Los Angeles Times article: http://opinion.latimes.com/bitplayer/2007/07/new-hiccup-in-w.html Find out more at Wired's Listening Post: http://blog.wired.com/music/2007/07/dima-and-sounde.html For this post and related links: http://www.eff.org/deeplinks/archives/005367.php : . : . : . : . : . : . : . : . : . : . : . : . : . : . : * Public Interest Groups Respond to NBC on Mandatory ISP Filtering A few weeks ago, NBC submitted comments to the FCC asking it to adopt new rules declaring that "broadband service providers have an obligation to use readily available means" to stop copyright infringement. Basically, NBC wants the FCC to force ISPs to police their users and play copyright cop. Public Knowledge and a coalition of public interest groups -- including EFF -- have filed a response, pointing out that a policy of this sort would be bad for free speech, bad for innovation, and wildly outside the FCC's mandate. Download the coalition response: http://www.publicknowledge.org/pdf/pk-etal-fcc-07-52-20070716.pdf For this post and related links: http://www.eff.org/deeplinks/archives/005369.php : . : . : . : . : . : . : . : . : . : . : . : . : . : . : * Harry Potter and the Deathly Digital Fingerprints A few days before last Friday's release of Harry Potter and the Deathly Hallows, someone leaked a (genuine) copy of the book using file-sharing networks and photo-sharing web sites -- photographing every single page with a digital camera. The quality isn't great -- the leaker evidently didn't have a nifty Internet Archive Scribe station -- but the text is legible. Perhaps the leaker didn't realize that the digital camera he or she used -- a Canon Rebel 300D -- left digital fingerprints behind in every image. We downloaded a copy of the leak and took a look at the images with the open-source ExifTool, one of dozens of programs capable of reading the industry-standard EXIF digital photo metadata format. As the press reported, the camera's serial number is in there, along with over 100 other facts including the date and time that the photos were taken and an assortment of photo-geek details about focus and lighting conditions. Read EFF Staff Technologist Seth Schoen's complete post and find out what we discovered: http://www.eff.org/deeplinks/archives/005371.php Find out if your color laser printer is spying on you: http://www.eff.org/Privacy/printers/ : . : . : . : . : . : . : . : . : . : . : . : . : . : . : * Visit EFF at OSCON, DEFCON and LinuxWorld EFF will be at the O'Reilly Open Source Convention (OSCON) in Portland, Oregon next this on Wednesday, July 25, and Thursday, July 26. Come visit us at booth #121 and grab some cool schwag: http://conferences.oreillynet.com/os2007/ EFF will head down to DEFCON in Las Vegas, Nevada, on August 3-5. Along with hanging out at our booth, EFF staffers will present an "Ask EFF" Q&A panel discussion. Mark your calendar and bring your questions! http://www.defcon.org/ "Ask EFF" panelists: Kevin Bankston, EFF Staff Attorney Marcia Hofmann, EFF Staff Attorney Danny O'Brien, EFF International Outreach Coordinator Kurt Opsahl, EFF Senior Staff Attorney Matt Zimmerman, EFF Staff Attorney EFF will also participate in the .org Pavilion at this year's LinuxWorld in San Francisco, California, on August 7-9. Come visit us at booth L.org 6 and grab some (more!) schwag: http://www.linuxworldexpo.com/live/12/ : . : . : . : . : . : . : . : . : . : . : . : . : . : . : * miniLinks The week's noteworthy news, compressed. ~ Google Policy Blog: "We're Putting Our Money Where Our Mouth Is" The search engine giant bids $4.6 billion to influence broadband debate. http://googlepublicpolicy.blogspot.com/2007/07/our-commitment-to-open-broadband.html ~ Google Raises the Stakes Against Wireless Providers Some analysis of what motivates Google to put that much money in its mouth. http://news.com.com/Google+pushes+for+rules+to+aid+wireless+plans/2100-1036_3-6198063.html?tag=nefd.pop ~ When Mobile Phones Aren't Truly Mobile NY Times: Wireless carriers view total control over customers as their inherited birthright. http://www.nytimes.com/2007/07/22/business/yourmoney/22digi.html?ref=technology ~ Copyright Board of Canada Gives Thumbs-Up to "iPod Tax" A ruling says that Canadians who buy digital music devices should pay an extra tax. http://arstechnica.com/news.ars/post/20070720-copyright-board-of-canada-gives-thumbs-up-to-ipod-tax.html ~ Exploiting the iPhone Security researchers have found the iPhone vulnerable to attack. http://www.securityevaluators.com/iphone/ ~ University of Kansas Adopts One-Strike Policy for Copyright Infringement A new campus policy threatens to toss students off the residence network forever if they are caught downloading illegally. http://arstechnica.com/news.ars/post/20070720-university-of-kansas-adopts-one-strike-policy-for-copyright-infringement.html ~ Is Blogging Hazardous to Your Career? A study claims that nearly 10% of companies have fired bloggers. http://blog.wired.com/27bstroke6/2007/07/nearly-ten-perc.html : . : . : . : . : . : . : . : . : . : . : . : . : . : . : * Administrivia EFFector is published by: The Electronic Frontier Foundation 454 Shotwell Street San Francisco CA 94110-1914 USA +1 415 436 9333 (voice) +1 415 436 9993 (fax) http://www.eff.org/ Editor: Julie Lindner, Education Outreach Coordinator firstname.lastname@example.org Membership & donation queries: email@example.com General EFF, legal, policy, or online resources queries: firstname.lastname@example.org Reproduction of this publication in electronic media is encouraged. Signed articles do not necessarily represent the views of EFF. To reproduce signed articles individually, please contact the authors for their express permission. Press releases and EFF announcements & articles may be reproduced individually at will. Current and back issues of EFFector are available via the Web at: http://www.eff.org/effector/ Click here to change your email address: http://action.eff.org/addresschange This newsletter is printed on 100% recycled electrons.