John from the Free Software Foundation sez,

Hollywood is making yet another attempt to lock down the Web. Undeterred by SOPA's failure, Hollywood is conspiring with tech giants like Microsoft, Google, and Netflix to try to influence the World Wide Web Consortium (W3C). A proposal currently under consideration at W3C would *build accommodation for Digital Restrictions Management (DRM) into HTML itself.* The W3C's job is to keep the Web working for everyone; building DRM into HTML would be a dramatic departure from the NGO's mission.

Today a coalition, organized by the Free Software Foundation and including EFF and Creative Commons, released a joint letter to the W3C condemning the proposal. The coalition is also asking Web users to send a message to W3C by signing a petition>.

The coalition says, "Ratifying EME would be an abdication of responsibility; it would harm interoperability, enshrine nonfree software in W3C standards and perpetuate oppressive business models. It would fly in the face of the principles that the W3C cites as key to its mission and it would cause an array of serious problems for the billions of people who use the Web."

I wrote about this in detail in the Guardian in March.

Keep DRM out of Web standards -- Reject the Encrypted Media Extensions (EME) proposal (Thanks, John!)

Rep. Rogers says #CISPA opponents are probably 14-year-olds in a basement. Tell him how wrong he is by tweeting to @repmikerogers.

— EFF (@EFF) April 16, 2013

CISPA is the latest Congressional proposal to do something unbelievably horrible with the Internet -- this time, it's letting US law enforcement and intelligence service raid all of your data, all the time, without letting you know, regardless of your service provider's privacy policy, in the name of preventing "cyberattacks," whatever they are.

It's about as horrible as it can be: the House Rules Committee won't even allow privacy-protecting amendments on the agenda; the bill's sponsor Rep. Mike Rogers dismisses people who oppose CISPA as 14-year-olds in their parents' basements; and a bunch of tech companies are lobbying in favor of CISPA because the bill cannily immunizes them from liability for firehosing your personal, sensitive information all over the place.

The sole bright light is this: the Obama White House has taken an uncharacteristically progressive stance on privacy this time around, and has threatened to veto the bill.

The Electronic Frontier Foundation is, as always, the best place to go to find things you can (and should, and MUST) do to kill this insane proposal.

The US-Korean Free Trade Agreement came with a raft of draconian enforcement rules that Korea -- then known as a world leader in network use and literacy -- would have to adopt. Korea has since become a living lab of the impact of letting US entertainment giants design your Internet policy -- and the example that industry lobbyists point to when they discuss their goals.

One of the laws that Korea adopted early was the infamous "three strikes" rule, where repeated, unsubstantiated accusations of copyright infringement leads to whole families being punished through restriction of, or disconnection from their Internet connections. Now the Korean National Human Rights Commission has examined the fallout from the country's three strikes rules, and called for its repeal due to high costs to wider Korean society.

Here's the Electronic Frontier Foundation's Danny O'Brien with more:

The entertainment industry has repeatedly pointed to South Korea as a model for a controlled Internet that should be adopted everywhere else. In the wake of South Korea's implementation, graduated response laws have been passed in France and the United Kingdom, and ISPs in the United States have voluntarily accepted a similar scheme.

But back in Korea, the entertainment industry's experiment in Internet enforcement has been a failure. Instead of tackling a few "heavy uploaders" involved in large scale infringement, the law has spiraled out of control. It has now distributed nearly half a million takedown notices, and led to the closing down of 408 Korean Internet users' web accounts, most of which were online storage services. An investigation led by the Korean politician Choi Jae-Cheon showed that half of those suspended were involved in infringement of material that would cost less than 90 U.S. cents. And while the bill's backers claimed it would reduce piracy, detected infringement has only increased as more and more users are subject to suspensions, deletion, and blocked content.

This Wednesday, Korea's National Human Rights Commission recommended that the three strikes law be re-examined, given its unclear benefits, and its potential violation of the human rights to receive and impart information and to participate in the cultural life of the community.

Korea's three strikes rules are similar to the "Six Strikes" rules that America's leading ISPs have voluntarily adopted and just put into effect. If you want to see the future of American Internet policy, and its fallout, look at Korea.

Korean Lawmakers and Human Rights Experts Challenge Three Strikes Law

Some of America's worst copyright laws were passed through a profoundly undemocratic process called "policy laundering." This is what happens when an administration can't get Congress to pass a bad copyright law, so the US Trade Representative instead signs the US up to international treaties requiring America to pass the unpopular law. The 1998 Digital Millennium Copyright Act is one of the policy-laundered laws that has done enormous harm to the country.

Now the USTR is busy again, signing America up to treaties that undermine attempts by Congress to make phone unlocking and jailbreaking legal. America's official representative is going to other countries and telling them, "If you want to do business with America, you must ban jailbreaking and phone unlocking, and in return, we promise to keep those activities on the banned list, too."

In other words, America's trade reps are cramming a massively unpopular, harmful policy down the throats of its trading partners, while simultaneously locking America into the same policy, undermining Congress at the same time.

The Electronic Frontier Foundation wants you to take action on this. Maira Sutton and Parker Higgins have written a good article explaining policy laundering in depth.

U.S. wireless carriers claim that unlocking your phone to change carriers is illegal under Section 1201 of the DMCA, which prohibits the removal of digital rights management (DRM) technology. Section 1201 of the DMCA also set up a triennial rulemaking procedure, whereby the public can ask for exceptions to the rule that you cannot remove DRM from your devices. Phone unlocking was not approved in the last round of DMCA rulemaking, raising the specter of lawsuits against phone owners.

In light of public outrage over this, several members of Congress have introduced legislation to legalize phone unlocking. Already, opponents are saying that an effective narrow fix—a permanent phone-unlocking exemption from Section 1201—may violate the Korea-US trade agreement. Regardless of whether such a claim is true, such chatter can be enough to slow down the pace of change, and make any political reformers of the DMCA more cautious than they might otherwise be.

Big Content interest groups like the Motion Picture Association of America, Recording Industry Association of America, and International Federation of the Phonographic Industry—just to name a few—continue to have a strong influence on US trade negotiators. They are lobbying hard for our government to promote international policies to strengthen their control over how and when the public can interact and experience their creative products.

How the US Trade Rep Ratchets Up Worldwide Copyright Laws That Could Keep Your Devices Locked Forever

The Electronic Frontier Foundation has weighed in on the growing controversy over the proposal to build DRM into HTML5, the next version of the standard language for building Web pages and applications. Staff technologists Seth Schoen and Peter Eckersley have written a great essay explaining how this kind of work is totally incompatible with the mission of the W3C and how its proponents' insistence that this isn't really DRM are just hollow jokes:

The EME proposal suffers from many of these problems because it explicitly abdicates responsibilty on compatibility issues and let web sites require specific proprietary third-party software or even special hardware and particular operating systems (all referred to under the generic name "content decryption modules", or CDMs, and none of them specified by EME). EME's authors keep saying that what CDMs are, and do, and where they come from is totally outside of the scope of EME, and that EME itself can't be thought of as DRM because not all CDMs are DRM systems. Yet if the client can't prove it's running the particular proprietary thing the site demands, and hence doesn't have an approved CDM, it can't render the site's content. Perversely, this is exactly the reverse of the reason that the World Wide Web Consortium exists in the first place. W3C is there to create comprehensible, publicly-implementable standards that will guarantee interoperability, not to facilitate an explosion of new mutually-incompatible software and of sites and services that can only be accessed by particular devices or applications. But EME is a proposal to bring exactly that dysfunctional dynamic into HTML5, even risking a return to the "bad old days, before the Web" of deliberately limited interoperability.

Because it's clear that the open standards community is extremely suspicious of DRM and its interoperability consequences, the proposal from Google, Microsoft and Netflix claims that "[n]o 'DRM' is added to the HTML5 specification" by EME. This is like saying, "we're not vampires, but we are going to invite them into your house".

Proponents also seem to claim that EME is not itself a DRM scheme. But specification author Mark Watson admitted that "Certainly, our interest is in [use] cases that most people would call DRM" and that implementations would inherently require secrets outside the specification's scope. It's hard to maintain a pretense that EME is about anything but DRM.

Defend the Open Web: Keep DRM Out of W3C Standards (via /.)

See also:

* HTML5's overseer says DRM's true purpose is to prevent legal forms of innovation

* Why Tim Berners-Lee is wrong about DRM in HTML5

Last week, we brought you the wonderful news that a district court in San Francisco had struck down the law that allowed the FBI to issue its own "National Security Letters" (NSLs) -- secret search-warrants with permanent gag orders. Now, Matt Zimmerman, a senior staff attorney at the Electronic Frontier Foundation (who brought the case on behalf of an unnamed telco), explains in depth what EFF asked the court to recognize, how far they got, and what happens next:

The court made five critical findings. First, Judge Illston quickly rejected the government's dangerous argument that NSL recipients had no power to review the constitutionality of the statute. The government had suggested that the court could only review specific problems with specific NSLs, meaning that larger structural problems with the statute would remain untouched. As the court correctly noted, however, the statute specifically allows a court to determine whether an NSL is "unreasonable" or "unlawful" which includes determining whether the statute itself is unconstitutional.

Second, the district court found that the statute impermissibly authorizes the FBI to limit speech without constitutionally-mandated procedural protections. The Supreme Court articulated the scope for such protections in 1965 in Freedman vs. Maryland, a case in which it struck down a Maryland licensing scheme that required films to be submitted to a government ratings board prior to public showings. The problem with the statute wasn't necessarily its substantive reach as it was possible that films could be banned without violating the First Amendment -- if, for example, they met the First Amendment definition of "obscene." Instead, the court was concerned that the procedures for challenging a ban stacked the deck against theater owners...

... Fourth, the district court found that the statute was not "severable," meaning that Congress designed the NSL tool as a whole and that the powers it granted to the FBI were not intended to function separately if one of the powers was found to be unconstitutional. Because the nondisclosure provision was found to be unconstitutional on its face, the power to compel the disclosure of customer records must also fall. NSL statistics are consistent with this observation: 97% of all NSLs are delivered with a gag order.

Finally, the district court found that, regardless of other failings, the statute's standard of review violated separation of powers principles by forcing the courts to defer to the FBI's determinations and preventing independent review. It noted that a "[c]ourt can only sustain nondisclosure based on a searching standard of review." While courts do largely defer to the executive branch's judgment in national security matters, the standard in this statute required the court to consider the government's decision "conclusive" and only allowing the court to consider whether it was made in "bad faith." The court rightly noted that real judicial review requires more.

In Depth: The District Court's Remarkable Order Striking Down the NSL Statute

The Electronic Communications Privacy Act (ECPA) of 1986 is an ancient law that governs the privacy of the files you keep on servers, including your webmail and other private stuff. The 1986 law assumes that any file left on a server for more than six months is abandoned, and gives law enforcement the power to retrieve it without a warrant. Many attempts have been made to update this, but the nation's law enforcement apparatus always kicks up a huge fuss when anyone proposes closing this glaring loophole.

Now there's a new, bipartisan bill from Representatives Zoe Lofgren (D-Calif.), Ted Poe (R-Texas) and Suzan DelBene (D-Wash.) that will update electronic privacy law for the bold world of the 1990s (at least!). The Electronic Frontier Foundation's Rainey Reitman has more:

We’re pleased to see Representatives Lofgren, Poe, and DelBene take up this crucial issue, but the current draft isn’t a perfect solution to all ECPA woes. For example, the bill has room for improvement on the issue of evidence suppression for email content collected without a warrant. We hope this already promising bill can be further improved through amendments.

By introducing this reform bill, the 113^th Congress has an opportunity to enact powerful protections for everyday Internet users – which would be particularly appreciated, since all too often Congress uses its power to try to undermine our digital civil liberties.

If you agree that the government shouldn’t be snooping through inboxes without a warrant, then please sign our petition, which will automatically send an email to Congress demanding they reform ECPA.

New Bill Would Ensure Law Enforcement Gets a Warrant Before Reading Email

Do you remember ACTA? It was a broad, Internet-destroying copyright treaty, negotiated with unprecedented secrecy (even Congress and the European Parliament were not allowed to know what was going on in the negotiations -- though CEOs of beer and fertilizer companies were kept apprised on a running basis). Well, ACTA died when the people of the world rejected it, marching by the thousands in the streets, and governments refused to ratify it.

But now it's back. The US Trade Representative gave marching orders to Canada's Harper government, and it has introduced a bill that would force Canadians to obey the provisions in ACTA, even though ACTA no longer exists. From EFF's Maira Sutton:

The Office of the United States Trade Representative (USTR) posted its 2013 Trade Policy Agenda and 2012 Trade Policy Report, which covers all of its ongoing negotiations over trade agreements. It reports that the US is working with Japan and other negotiating parties “to ensure that ACTA can come into force as soon as possible,” and encourages Canada “to meet its [ACTA] obligations.”

Canada did not miss a beat to satisfy this demand. The Canadian government introduced a bill today to make Canada compliant with provisions of ACTA, paving the way for its eventual ratification. Among the provisions outlined within the 52-page bill are increased criminalization of copyright and trademark law as well as a new authority for Canadian customs officials to seize and destroy goods they can determine to be “counterfeit or pirated goods” without any judicial oversight.

US Trade Office Calls ACTA Back From the Dead and Canada Complies

From rogue archivist Carl Malamud (who recently liberated a massive trove of expensive standards and regulations that you were legally obliged to comply with, but couldn't see without paying out large sums of money):

The Electronic Frontier Foundation (EFF) asked a federal judge today to protect the free speech rights of an online archive of laws and legal standards after a wrongheaded copyright claim forced the removal of a document detailing important technical standards required by the federal government and several states.

EFF and co-counsel David Halperin represent Public.Resource.Org, Inc., a non-profit organization that improves the public's access to laws and codes that affect their lives. As part of its work, Public Resource acquires and makes available public safety documents such as fire safety codes, food safety standards, and other regulations that have been incorporated into U.S. and international laws. But last month, the association of Sheet Metal and Air Conditioning Contractors (SMACNA) claimed an online post of a federally-mandated 1985 standard on air-duct leakage violated their copyright, and demanded it be removed. The standards are a crucial element of U.S. federal energy conservation efforts and an integral part of model codes such as the International Energy Conservation Code. After a threat of legal action from SMACNA, Public Resource took down the document until a court could affirm its right to publish the information.

“The public has a right to meaningful access to the laws that govern their lives,” said Carl Malamud, the president and founder of Public Resource. “Technical standards like the ones in this document have the force of law, and people need to know them in order to comply with regulatory obligations, keep the public safe, and avoid costly penalties. The right of citizens to read and speak the law is fundamental to an informed citizenry in the United States and throughout the world. Ignorance of the law is no excuse, which means we have to be able to read the law.”

In a petition for declaratory and injunctive relief filed today, EFF and Public Resource asked the court to rule that the posting the standards does not infringe any copyright.

“Building codes and other technical specifications touch our lives every day, and Public Resource is helping to make it easier for us to access and understand how they affect us,” said EFF Intellectual Property Director Corynne McSherry. “We're asking the judge today to let Public Resource continue its important work in increasing the public's access to the laws and regulations that govern us.”

More information from EFF on PRO v. SMACNA

More on public safety codes

Previously on Boing Boing:

March 20, 2012: Liberating America's secret, for-pay laws
May 15, 2012: Publishing America's for-pay, private Laws
August 30, 2012: Revealed at last: India's public safety code for tamarind pulp
December 30, 2012: Public Resource liberates global building codes, include the Eurocode -- free the law!