Joly sez, "On March 4-5 2013 the Internet Society's North America Bureau webcast the Freedom to Connect 2013 conference in Washington DC. One keynote speaker was Glenn Greenwald, who has recently come to international attention as the journalist who broke the NSA surveillance story. In his hour long speech, he talks about Aaron Swartz, the imbalance of justice, the growth of the surveillance state, the nature of power in the digital age, and its implications for Internet freedom. There are a couple of small glitches in the recording, for which we apologize."
Hugh from the Electronic Frontier Foundation sez, "Edward Snowden's computer sported stickers for EFF and Tor. You can buy the EFF sticker here."
Ruth from the Open Rights Group writes,
There are still some tickets left for ORGCon2013! Don't miss out on a rare opportunity to hear John Perry Barlow speak in London, this Saturday June 8th! John Perry Barlow, co-founder of Electronic Frontier Foundation, will be headlining ORGCon2013 along with writer of The Master Switch, Tim Wu.
Debate the big issues hitting the headlines, including the cry for a Snoopers' Charter revival following the Woolwich attack, and the calls for new Internet filters in the light of April Jones' murder. As politicians use the latest tragic news stories as an excuse to regulate the Internet, now is the time to get involved with digital rights!
The final programme has the perfect mix of panel debates, workshops, rapid fire talks and guest lectures! You can look forward to sessions on the Digital Arms Trade, freedom of speech, child protection on the internet, online censorship, copyright, creative citizenship...
Plus, hear from an impressive line-up of speakers including David Allen Green of #twitterjoketrial, Jeni Tennison, Policy Head at the Open Data Institute, Richard Allan Policy Director at Facebook, Diane Duane, Star Trek and Young Wizards writer, and many more! Individual tickets are priced at £28, £16 for ORG supporters and just £6 for students. FREE tickets if you join ORG today!
(Disclosure: I co-founded the Open Rights Group and am pleased to serve as a volunteer advisor to it)
Here's an excerpt from Judge Alex Kozinski's opinion in US v Xavier Alvarez (PDF), in which the judge describes some of the reasons that people lie:
Saints may always tell the truth, but for mortals living means lying. We lie to protect our privacy ("No, I don't live around here"); to avoid hurt feelings ("Friday is my study night"); to make others feel better ("Gee you've gotten skinny"); to avoid recriminations ("I only lost $10 at poker"); to prevent grief ("The doc says you're getting better"); to maintain domestic tranquility ("She’s just a friend"); to avoid social stigma ("I just haven't met the right woman"); for career advancement ("I'm sooo lucky to have a smart boss like you"); to avoid being lonely ("I love opera"); to eliminate a rival ("He has a boyfriend"); to achieve an objective ("But I love you so much"); to defeat an objective ("I'm allergic to latex"); to make an exit ("It's not you, it's me"); to delay the inevitable ("The check is in the mail"); to communicate displeasure ("There's nothing wrong"); to get someone off your back ("I'll call you about lunch"); to escape a nudnik ("My mother's on the other line"); to namedrop ("We go way back"); to set up a surprise party ("I need help moving the piano"); to buy time ("I'm on my way"); to keep up appearances ("We're not talking divorce"); to avoid taking out the trash ("My back hurts"); to duck an obligation ("I've got a headache"); to maintain a public image ("I go to church every Sunday"); to make a point ("Ich bin ein Berliner"); to save face ("I had too much to drink"); to humor ("Correct as usual, King Friday"); to avoid embarrassment ("That wasn't me"); to curry favor ("I've read all your books"); to get a clerkship ("You're the greatest living jurist"); to save a dollar ("I gave at the office"); or to maintain innocence ("There are eight tiny reindeer on the rooftop")….
An important aspect of personal autonomy is the right to shape one’s public and private persona by choosing when to tell the truth about oneself, when to conceal, and when to deceive. Of course, lies are often disbelieved or discovered, and that, too, is part of the push and pull of social intercourse. But it’s critical to leave such interactions in private hands, so that we can make choices about who we are. How can you develop a reputation as a straight shooter if lying is not an option?
On May 1, Kiera Wilmot, a Florida high school student, was arrested for mixing toilet bowl cleaner with tin foil, causing a small, harmless explosion. Though she had a spotless school record, she was expelled and charged with a felony as an adult -- a harsh penalty widely ascribed to institutional racism (Wilmot is black). On May 16, thanks to Wilmot's bravery, a crowdfunded project by former NASA engineer Homer Hickam, and the ACLU, the charges against Wilmot were dropped and Wilmot and her twin sister were awarded a full bursary to the Advanced Space Academy program at the U.S. Space Camp in Huntsville, Ala..
Now, Wilmot has written a must-read editorial for the ACLU on her experience with zero-tolerance, detailing the awful treatment she received and the thoughtless way in which the gears of the a discipline-obsessed educational system grind up its own students:
The principal and dean of discipline came over and asked me to tell them what happened. I was kind of scared, but I thought they'd understand it was an accident. Before that, I've never gotten in trouble this year other than a dress code violation because my skirt was two inches too short. I told him it was my science experiment. In my third period class I was called up to discipline. I wrote a statement to the dean of discipline explaining what had happened. Afterward I was told to sit on the resource officer's office. They told me I made a bomb on school property, and police possibly have the right to arrest me. I didn't know what they classified as a bomb. I was worried I accidently made a bomb. I was really hurt and scared. I was crying.
They didn't read me any rights. They arrested me after sitting in the office for a couple minutes. They handcuffed me. It cut my wrist, and really hurt sitting on my hands behind my back.
They took me to a juvenile assessment center. I was sitting in this room with no clock so it felt like years of me sitting there. When my mom came, she didn't say anything. She just had this really disappointed look, and told me I lost privileges. But she's really been supportive of me. I don't know what would have happened if I didn't have my mom. I would have dug a hole and sat there for the rest of my life.
I don't think police should have been involved because I'm a good student for one. And two, it was a big deal, but it wasn't like people were hurt and the school was in shatters. I maybe should have gotten 10 days suspension or a work detail where on Saturday you wake up early and pick up trash around the school.
The Dutch MEP Marietje Schaake has a fantastic, must-read essay on the problem with "cyber-war." She lays out the case for securing the Internet (and the world of people and systems that rely on it) through fixing vulnerabilities and making computers and networks as secure and robust as possible, rather than relying on weaknesses in security as vectors for attacking adversaries.
Mass surveillance, mass censorship, tracking and tracing systems, as well as hacking tools and vulnerabilities can be used to harm people as well as our own security in Europe. Though overregulation of the internet should never be a goal in and of itself, regulation of this dark sector is much needed to align our values and interests in a digital and hyper-connected world. There are many European examples. FinFisher software, made by UK’s Gamma Group was used in Egypt while the EU condemned human rights violations by the Mubarak regime. Its spread to 25 countries is a reminder that proliferation of digital arms is inevitable.
Vupen is perhaps best labelled as an anti-security company in France that sells software vulnerabilities to governments, police forces and others who want to use them to build (malicious) software that allows infiltrating in people’s or government’s computers.
It is unclear which governments are operating on this unregulated market, but it is clear that the risk of creating a Pandora’s box is huge if nothing is done to regulate this trade by adopting reporting obligations. US government has stated that American made, lawful intercept technologies, have come back as a boomerang when they were used against US interests by actors in third countries. Other companies, such as Area Spa from Italy designed a monitoring centre, and had people on the ground in Syria helping the Assad government succeed in anti-democratic or even criminal behaviour by helping the crackdown against peaceful dissidents and demonstrators.
It's just not good policy to make the people who are supposed to be securing our computers dependent on insecurity in computers to achieve that end.
Here'a an excellent piece on the promise and peril of "smart cities," which could be part of a system to make cities fairer and more transparent, or could form the basis for an authoritarian lockdown. As Adam Greenfield says, "[the centralized model of the smart city is] disturbingly consonant with the exercise of authoritarianism." The author mentions Greenfield's upcoming book "The City is Here for You to Use" (a very promising-looking read) as well as Smart Cities: Big Data, Civic Hackers, and the Quest for a New Utopia, which is out in the fall.
These critics are advocating not that cities shun technology, but that they foster a more open debate about how best to adopt it—and a public airing of the questions cities need to ask. One question is how deeply cities rely on private companies to set up and maintain the systems they run on. Smart-city projects rely on sophisticated infrastructure that municipal governments aren’t capable of creating themselves, Townsend points out, arguing that the more they rely on software, the more cities are increasingly shunting important civic functions and information into private hands. In recent talks and in his upcoming book, “Smart Cities: Big Data, Civic Hackers, and the Quest for a New Utopia,” Townsend portrays companies as rushing to become the indispensable middlemen without which the city cannot function.
Cities can easily lose leverage to private companies their citizens rely on, as the persistent battles of political leaders against telecom companies over price increases show. And private-sector software can operate behind a veil: Townsend says that while cities have made lots of data freely available online, there’s less concern about opening up the proprietary tools used to analyze that data—software that might help a city official decide who is eligible for services, or which neighborhoods are crime hotspots. “It’s the algorithms in government that need to be brought out to the light of day, not the data,” he says. “What I worry about are the de facto laws that are being coded in software without public scrutiny.”
Another concern is what will be done to protect the huge amount of data cities can gather about their citizens. The wealth of video at the Boston Marathon bombings, though it came from private cameras, showed how useful surveillance footage can be—and also how pervasive. Cameras, sensors, and tracking technologies like the Mass Pike’s EZPass can reveal a great deal about your life: where you live and travel, what you buy, even what time you take a shower. Smart grid utility-metering systems, for instance, collect and transmit detailed energy consumption information, which help consumers understand and curb their energy use but can also reveal their habits. As such, they have come under fire for threatening privacy and civil liberties, and several states have adopted legislation governing what kind of data can be shared with third parties and how customers can opt out. In Massachusetts, automated license plate recognition technology used by police cruisers has raised concerns about authorities tracking the whereabouts of citizens. The American Civil Liberties Union of Massachusetts has been pushing for a License Plate Privacy Act that would limit law enforcement’s ability to retain and use the information.
The too-smart city [Courtney Humphries/Boston Globe]
(via Beyond the Beyond)
In an urgent, important blog post, computer scientist and security expert Ed Felten lays out the case against rules requiring manufacturers to put wiretapping backdoors in their communications tools. Since the early 1990s, manufacturers of telephone switching equipment have had to follow a US law called CALEA that says that phone switches have to have a deliberate back-door that cops can use to secretly listen in on phone calls without having to physically attach anything to them. This has already been a huge security problem -- through much of the 1990s, AT&T's CALEA controls went through a Solaris machine that was thoroughly compromised by hackers, meaning that criminals could listen in on any call; during the 2005/6 Olympic bid, spies used the CALEA backdoors on the Greek phone company's switches to listen in on the highest levels of government.
But now, thanks to the widespread adoption of cryptographically secured messaging services, law enforcement is finding that its CALEA backdoors are of declining utility -- it doesn't matter if you can intercept someone else's phone calls or network traffic if the data you're captured is unbreakably scrambled. In response, the FBI has floated the idea of "CALEA II": a mandate to put wiretapping capabilities in computers, phones, and software.
As Felten points out, this is a terrible idea. If your phone is designed to secretly record you or stream video, location data, and messages to an adverse party, and to stop you from discovering that it's doing this, it puts you at huge risk when that facility is hijacked by criminals. It doesn't matter if you trust the government not to abuse this power (though, for the record, I don't -- especially since anything mandated by the US government would also be present in devices used in China, Belarus and Iran) -- deliberately weakening device security makes you vulnerable to everyone, including the worst criminals:
Our report argues that mandating a virtual wiretap port in endpoint systems is harmful. The port makes it easier for attackers to capture the very same data that law enforcement wants. Intruders want to capture everything that happens on a compromised computer. They will be happy to see a built-in tool for capturing and extracting large amounts of audio, video, and text traffic. Better yet (for the intruder), the capability will be stealthy by design, making it difficult for the user to tell that anything is amiss.
Beyond this, the mandate would make it harder for users to understand, monitor, and fix their own systems—which is bad for security. If a system’s design is too simple or its operation too transparent or too easy to monitor, then wiretaps will be evident. So a wiretappability mandate will push providers toward complex, obfuscated designs that are harder to secure and raise the total cost of building and operating the system.
Finally, our report argues that it will not be possible to block non-compliant implementations. Many of today’s communication tools are open source, and there is no way to hide a capability within an open source code base, nor to prevent people from simply removing or disabling an undesired feature. Even closed source systems are routinely modified by users—as with jailbreaking of phones—and users will find ways to disable features they don’t want. Criminals will want to disable these features. Ordinary users will also want to disable them, to mitigate their security risks.
Felten's remarks summarize a report [PDF] signed by 20 distinguished computer scientists criticizing the FBI's proposal. It's an important read -- maybe the most important thing you'll read all month. If you can't trust your devices, you face enormous danger.
Remember our happy mutant comrade John Brennan, who removed his clothes at the Portland Airport during a TSA screening? He was acquitted of a ridiculous indecent exposure charge, and now he is appealing an equally stupid fine from the Transportation Security Administration for “interfering with the screening process.” This might sound silly, but it's serious business. As Brennan points out in his press release below, "This is the first time the TSA has followed through on assessing civil penalties for 'interference with screening" purely for nonviolent, non-obstructive protected expressive conduct.'"
I'm grateful to Brennan for being a civil liberties champion.
Read the rest
Short UK documentary about woman threatened with terrorism charges for videorecording cops while they stop-and-searched her boyfriend on the tube
Gemma sez, "You wrote a blog post about how I was assaulted by the police after filming my boyfriend being searched, back in 2009. The publicity we got from your post and the other press we got (Guardian and BBC) helped make thousands more people aware of this issue which led to the Metropolitan police eventually having to change their guidelines on photographing and filming the police. It was always my aim to get section 58a of the terrorism act clearer to all citizens in the UK and this hasn't changed. Today I'm releasing the animated short film about the case - It deals with broad issues of police accountability and citizen''s rights as well as the specifics of my case. We also hope it entertains you on its way."
Redditor Federal Reservations has made a handy post enumerating all the regressive, authoritarian, corporatist policies enacted by the Obama administration in its one-and-a-bit terms. You know, for someone the right wing press likes to call a socialist, Obama sure makes Richard Nixon look like Che Guevara. And what's more, this is only a partial list, and excludes the parade of copyright horrors and bad Internet policy emanating from the White House, via Joe Biden's push for Six Strikes, the US Trade Rep's push for secret Internet censorship and surveillance treaties like TPP and ACTA and TAFTA; the DoJ's push to criminalize every Internet user by expanding the CFAA, and much, much more.
Obama extends Patriot Act without reform - 
Signs NDAA 2011 (and 2012, and 2013) - 
Appeals the Federal Court decision that “indefinite detention” is unconstitutional - 
Double-taps a 16-year-old American-born US citizen living in Yemen, weeks after the boy's father was killed. Administration's rationale? He "should have [had] a far more responsible father" - 
Continues to approve drone strikes that kill thousands of innocent civilians including women and children in Pakistan, Yemen, and other countries that do not want the US intervening; meanwhile, according to the Brookings Institute's Daniel Byman, we are killing 10 civilians for every one mid- to high- level Al Qaeda/Taliban operative. This is particularly disturbing, since now any military-aged male in a strike zone is now officially considered an enemy combatant - 
Protects Bush’s war crimes as State Secrets -   
Waives sections of a law meant to prevent the recruitment of child soldiers in Africa in order to deepen military relationship with countries that have poor human rights records -
Read this if you want to stay out of jail.
When my friend Aaron Swartz committed suicide in January, he'd been the subject of a DoJ press-release stating that the Federal prosecutors who had indicted him were planning on imprisoning him for 25 years for violating the terms of service of a site that hosted academic journals.Read the rest
My latest Guardian column is "Copyright wars are damaging the health of the internet" and it looks at what we really need from proposed solutions to the copyright wars:
I've sat through more presentations about the way to solve the copyright wars than I've had hot dinners, and all of them has fallen short of the mark. That's because virtually everyone with a solution to the copyright wars is worried about the income of artists, while I'm worried about the health of the internet.
Oh, sure, I worry about the income of artists, too, but that's a secondary concern. After all, practically everyone who ever set out to earn a living from the arts has failed – indeed, a substantial portion of those who try end up losing money in the bargain. That's nothing to do with the internet: the arts are a terrible business, one where the majority of the income accrues to a statistically insignificant fraction of practitioners – a lopsided long tail with a very fat head. I happen to be one of the extremely lucky lotto winners in this strange and improbable field – I support my family with creative work – but I'm not parochial enough to think that my destiny and the destiny of my fellow 0.0000000000000000001 percenters are the real issue here.
What is the real issue here? Put simply, it's the health of the internet.
ORGCon North is the first regional conference to build on the success of the national sell-out event, ORGCon, which takes place in London every year. On Saturday 13th April Open Rights Group, the UK digital rights campaigning organisation, will be running ORGCon North at the Manchester Friends' Meeting House. The event is a great introduction to digital rights issues that affect every internet user - like freedom from surveillance and free speech on Twitter and Facebook. The event runs from 11am till 5pm and is hosted by ORG-Manchester, the local campaigning group.
ORGCon North gathers experts from many technology fields and civil liberties groups across the country debating some of the big issues like: Will copyright eat the internet? Do we have a right to be offensive? There will be a keynote speech from John Buckman, chair of the Electronic Frontier Foundation (EFF) and founder of the independent record label Magnatune. He will be talking about upcoming challenges to digital rights, drawing on his experiences in the UK and US. Open Rights Group are also offering an 'unconference track' with room for anyone to lead sessions or pop up a debate, to build to the conference they want.
Individual tickets are priced at £11 or £6 for ORG supporters. Tickets are free if you join ORG this month.
Hugh sez, "Apparently DHS checkpoints nowhere near the border are a new thing. This video cuts together recordings of such encounters and citizens' polite refusal to answer questions."
Top quote: "Am I being detained?"
Checkpoints (some would say illegal checkpoints) have been popping up quite frequently in the USA. As you see in this video, you DO NOT have to comply with their question's or demands. Don't forget, you have rights.