Boing Boing » eff

How the NSA leaks may help EFF sue the government into defending its bulk surveillance programs

Cory Doctorow — Wed, 19 Jun 2013 03:00:33 +0000

The "other shoe" in the Edward Snowden NSA leaks has been the potential effect of all these disclosures on the Electronic Frontier Foundation's efforts to force the government to account for itself in court. Since 2005 -- when Mark Klein, a former AT&T worker came into EFF's offices with documentary evidence of a secret room at AT&T's Folsom Street switching center, where the NSA was effectively making a copy of all the traffic on AT&T's network without a warrant -- the EFF has been trying to get the government to explain to a judge why they think this kind of bulk surveillance is legal.

But at every turn, the Bush and Obama DoJs have convinced judges that these questions can't be asked in court, let alone answered. The invocation of state secrecy has stymied all attempts to date at getting the government to square the circle on the Fourth Amendment and bulk, warrantless surveillance of every American's Internet traffic.

As Wired's David Kravets notes, judges may be a lot more skeptical about state secrecy now that this stuff just isn't much of a secret anymore:

First it was the President George W. Bush administration and then the President Barack Obama administration, which for years have been arguing in court that the state-secrets privilege shields the government from lawsuits accusing it of siphoning Americans’ electronic communications to the National Security Agency without warrants.
But with the recent Spygate leaks, including one that all calling metadata of Verizon customers is being forwarded to the NSA, the government is hard-pressed to maintain that line with a straight face.
“By contrast, the recent disclosures have greatly undermined the factual and legal basis for the government defendants’ separate and distinct state secrets motion,” the Electronic Frontier Foundation wrote in a recent court filing.
The EFF’s lawsuit, which has had a tortured history through the courts, is based in part on allegations of internal AT&T documents, first published by Wired, that outline a secret room in an AT&T San Francisco office and others which allegedly route internet traffic to the NSA.

Spygate Leaks Imperil State-Secrets Defense [David Kravets/Wired]

Where to get an EFF laptop sticker like Edward Snowden's

Cory Doctorow — Tue, 11 Jun 2013 00:37:52 +0000

Hugh from the Electronic Frontier Foundation sez, "Edward Snowden's computer sported stickers for EFF and Tor. You can buy the EFF sticker here."

Last chance for an ORGCon2013 ticket!

Cory Doctorow — Tue, 04 Jun 2013 10:28:11 +0000

Ruth from the Open Rights Group writes,

There are still some tickets left for ORGCon2013! Don't miss out on a rare opportunity to hear John Perry Barlow speak in London, this Saturday June 8th! John Perry Barlow, co-founder of Electronic Frontier Foundation, will be headlining ORGCon2013 along with writer of The Master Switch, Tim Wu.
Debate the big issues hitting the headlines, including the cry for a Snoopers' Charter revival following the Woolwich attack, and the calls for new Internet filters in the light of April Jones' murder. As politicians use the latest tragic news stories as an excuse to regulate the Internet, now is the time to get involved with digital rights!
The final programme has the perfect mix of panel debates, workshops, rapid fire talks and guest lectures! You can look forward to sessions on the Digital Arms Trade, freedom of speech, child protection on the internet, online censorship, copyright, creative citizenship...
Plus, hear from an impressive line-up of speakers including David Allen Green of #twitterjoketrial, Jeni Tennison, Policy Head at the Open Data Institute, Richard Allan Policy Director at Facebook, Diane Duane, Star Trek and Young Wizards writer, and many more! Individual tickets are priced at £28, £16 for ORG supporters and just £6 for students. FREE tickets if you join ORG today!

Open Rights Group - Join us at ORGCon2013! (Thanks, Ruth!)

(Disclosure: I co-founded the Open Rights Group and am pleased to serve as a volunteer advisor to it)

EFF files formal objection against DRM's inclusion in HTML5

Cory Doctorow — Wed, 29 May 2013 22:09:21 +0000

Regular readers will know that there's a hard press to put DRM in the next version of HTML, which is being standardized at the World Wide Web Consortium (WC3), and that this has really grave potential consequences for the open Web that the WC3 has historically fought to build.

The Electronic Frontier Foundation has joined the WC3 and filed a formal objection to this work item; EFF's Danny O'Brien has written an excellent explanation of what's at stake:

EFF is not the only group concerned here. When EME was finally ultimately declared in-scope for the HTML working group, the decision was made by W3C’s executive team, despite discontent among key standards developers and the subsequent protest of more than twenty thousand technologists and groups, including EFF. While disappointment at that decision outside the W3C has been widespread, the debate on the problems of DRM for that the web platform within the consortium has been muted. Its strategic advisory committee of W3C members has until now not spoken on the decision, despite many of that community having privately expressed concern.
EFF has a lot of experience working within these kinds of standards processes in an attempt to combat the effects of DRM. In 2002, we joined the activities of Broadcast Protection Discussion Group to highlight the dangers of its proposed digital TV DRM standard, which briefly became the government-mandated Broadcast Flag before being struck down in the courts. Subsequently we participated in Europe’s Digital Video Broadcasting (DVB) project, as they considered implementing imposing similar controls on European consumers. This new W3C standard comes from exactly same roots: Hollywood's desire to supress innovation and quash othe wishes of individual computer owners.
The entertainment industry's threats to impose control remain the same: if you don’t do as we say, you won’t get our premium content, and your technology will be rendered irrelevant. As we’ve seen with both music, and digital TV, the threat is empty. Commercial content goes where the users are. And users go where their rights and desires are best respected. We think that the guardian of those rights on the Web should be the W3C, and we’re happy to be help it ensure that remains the case.

Patent lawyers: Help! The evil Makers won't let us apply for bullshit 3D printing patents!

Cory Doctorow — Sun, 19 May 2013 13:10:36 +0000

Two minor characters from my novel Makers have apparently come to life and written an article for 3D Printing Industry. These two people are patent lawyers for Finnegan IP law firm, Washington, DC, which I don't recall making up, but this is definitely a pair of Doctorow villains (though, thankfully, I had the good sense not to give them any lines in the book -- they're far too cliched in their anodyne evil for anyone to really believe in).

These patent lawyers are upset because the evil Makers (capital-M and all!) are working with the Electronic Frontier Foundation to examine bad 3D printing patents submitted to the US Patent and Trademark Office. The problem is that 3D printing is 30 years old, so nearly all the stuff that people want to patent and lock up and charge rent on for the next 20 years has already been invented, and the pesky Makers are insisting on pointing out this inconvenient fact to the USPTO.

This breaks the established order, which is much to be preferred: the UPSTO should grant all the bullshit patents that companies apply for. The big companies can pay firms like Finnegan to file patents on every trivial, stale, ancient idea and then cross-license them to each other, but use them to block disruptive new entrants to the marketplace. The old system also has the desirable feature of arming patent trolls with the same kind of bullshit patents so that they can sue giant companies and disruptive startups alike, and Finnegan can be there to soak up the tens of millions of dollars in legal fees generated by all this activity.

Can't these darned Makers understand? The point of a patent isn't to protect novel, useful inventions! It's to put the brakes on out-of-control innovation and to ensure that the children of the partners at Finnegan can go to a good college! What will happen to GDP if we divert money from the honest business of barratry and allow it to be squandered on making and selling stuff that people find useful?

The America Invents Act changed U.S. patent law to allow preissuance submissions, a mechanism by which third parties can submit patents or printed publications to the United States Patent & Trademark Office (USPTO) for consideration during patent examination, along with “a concise description of the asserted relevance of each submitted document.”[2] The U.S. Congress intended preissuance submissions to help the USPTO increase the efficiency of examination and the quality of issued patents.[3] Congress did not, however, intend the use of this mechanism to interfere with patent examination.[4] Nor did it intend preissuance submissions to allow for third party protest or preissuance opposition.[5] Yet a segment of the 3D printing (3DP) community, known as Makers, is using preissuance submissions as a sword to oppose 3DP-related patent applications. Perhaps more importantly, they are leveraging the concept of crowdsourcing to do so, potentially creating problems for patent applicants everywhere.[6]
To understand why and how Makers are mobilizing to challenge patents through presissuance submissions, one must first understand what 3DP is, and the composition of the 3DP community. 3D printing—more formally known as additive manufacturing—is a technology that creates three dimensional objects from CAD files. There are many legacy and emerging 3DP technologies. Generally, 3DP works by fusing layer upon layer of materials, such as plastics, powder metals, and ceramics, to build a final, fully formed product, much as Athena sprung full-blown from the head of Zeus. This process requires a digital 3D model of the product, stored in a CAD file, and a 3D printer. Digital product models can be obtained by either (1) designing the product with a CAD program; (2) downloading an existing CAD file from the Internet; or (3) scanning an existing product with a 3D scanner to create a CAD file. Further, almost anyone can buy a 3D printer today; they are sold through Skymall and at Staples. Where 3DP was once cost prohibitive for most, ‘prosumer’ and home printers are now available at reasonable prices.

Crowdsourcing Prior Art to Defeat 3D Printing Patent Applications

(via Beyond the Beyond)

(Images: Caricature of William Otto Adolph Julius Danckwerts, Caricature of Charles Russell, Leslie Ward/Vanity Fair/Wikimedia Commons)

EFF beats the Trans Pacific Partnership to Peru, sounds the alarm about upcoming brutal, secret copyright treaty meeting

Cory Doctorow — Thu, 16 May 2013 20:00:44 +0000

Danny O'Brien from the Electronic Frontier Foundation sez,

The latest round of the Trans-Pacific Partnership starts today in Lima, Peru. Embedded in the trade agreement is an IP chapter that, according to leaks, exports the worst of US copyright law -- DRM blocks, extended copyright terms, ISPs as copyright cops -- without even of the judicial and constitutional counterbalances that US activists have fought so hard for.
In such a giant trade agreement, the Internet issues have sometime risked getting ignored by the mainstream press, and missed by the techies who'd be most affected.
But EFF's international rights director, Katitza Rodriguez, is Peruvian. She's spent the the last month working out of Lima's Escuelab hackerspace, talking to hackers, makers, journalists and artists about the dangers of IP chapter. The result has been petitions, memes, and videos, as well as meetings with politicians and articles in the Peruvian press.

We Beat Them to Lima: Opening a New Front Against Secret IP Treaties (Thanks, Danny!)

Bake a Mean Spirited Censorship Pie with the Electronic Frontier Foundation

Cory Doctorow — Fri, 10 May 2013 01:35:26 +0000

EFF is celebrating the new inductees into its Takedown Hall of Shame with a new cooking show! In this episode, EFF staffer Parker Higgins bakes a "Mean Spirited Censorship Pie" -- which is what all have to call the classic Southern dessert formerly known as "Derby Pie," now that Kern's Kitchen in Louisville is threatening to sue anyone who posts a family recipe with that name.

It's sarcastic, carbtastic, and informative -- delicious!

Baking With EFF: (Not) Derby Pie, the Trademarked Treat

EFF updates the Takedown Hall of Shame

Cory Doctorow — Tue, 07 May 2013 19:20:55 +0000

The Electronic Frontier Foundation has published its latest "Takedown Hall of Shame" installment, listing three companies that used baseless and stupid legal threats to censor the Internet. The current crop includes Kern's Kitchen in Louisville, which claims a trademark on the common term "Derby Pie" and threatens bloggers who post their family recipes for the classic desert -- they also target WordPress.com for their threats (one victim changed the name of the recipe to "Mean Spirited Censorship Pie").

Another inductee is Time Warner Cable, who went after a critic who put up a site making fun of the company's terrible customer service, trying to get its YouTube, Twitter and other social media sites taken down.

Finally, there's Fox, which earned a place in the Hall of Shame by sending out fraudulent takedown notices over my bestselling novel Homeland, swearing on pain of perjury that it represented me (it doesn't).

Takedown Hall of Shame Inductions, May 2013

EFF challenges bogus 3D printing patents

Cory Doctorow — Wed, 01 May 2013 00:37:45 +0000

Earlier this month, the Electronic Frontier Foundation asked the US Patent and Trademark Office to turn down six broad, bogus patents on 3D printing that could pave the way for even more patent-trolling on the emerging field of 3D printing. They worked with the Cyberlaw Clinic at Harvard’s Berkman Center for Internet and Society and Ask Patents, as well as with its own supporters to gather evidence on the prior art that invalidates these applications. It's part of a larger project to systematically challenge patents in emerging fields -- next up is mesh networks -- providing a layer of vigilance and common sense atop the reckless and indifferent patent office.

Here are copies of what we submitted to the Patent Office. The good news is that so far, the Patent Office has accepted our submissions (because of that, if you're thinking of making your own preissuance submissions, you might want to use these as a model). Now we wait to see whether our input influences the examiners.

* Fabrication of Non-Homogeneous Articles Via Additive Manufacturing Using Three-Dimensional Voxel-Based Models
* Build Materials and Applications Thereof
* Method for Generating and Building Support Structures With Deposition-Based Digital Manufacturing Systems
* Process for Producing Three-Dimensionally Shaped Object and Device for Producing Same (Ask Patents request for prior art)
* Additive Manufacturing System and Method for Printing Customized Chocolate Confections (Ask Patents request for prior art)
* Ribbon Filament and Assembly for Use in Extrusion-based Digital Manufacturing Systems (Ask Patents request for prior art)
Our work doesn’t stop here. Next we’re going to investigate a number of pending applications that impact mesh networking technology—another area with an extremely active open development community and with tremendous potential. We’ll be asking you to help us again soon. Stay tuned!

Just one more way that EFF is making the future a better one.

EFF and Partners Challenge Six 3D Printing Patent Applications

What's big, corrupt, terrifying and worse than ACTA? TPP. Here we go again!

Cory Doctorow — Tue, 30 Apr 2013 00:02:54 +0000

Remember ACTA, the terrifying, secret SOPA-on-steroids copyright treaty that the US government tried to ram down the world's throat? Well, it's back, only this time it's called the Trans-Pacific Partnership, and it's limited (for now) to the Pacific Rim. The TPP negotiators are meeting (in secret, natch) in Peru to twirl their mustaches and cackle, and EFF has posted a great infographic summing up their nefarious plan (see the whole thing after the jump):

The TPP is likely to export some of the worst features of U.S. copyright law to Pacific Rim countries: a broad ban on breaking digital locks on devices and creative works (even for legal purposes), a minimum copyright term of the lifetime of the creator plus seventy years (the current international norm is the lifetime plus fifty years), privatization of enforcement for copyright infringement, ruinous statutory damages with no proof of actual harm, and government seizures of computers and equipment involved in alleged infringement. Moreover, the TPP is worst than U.S. copyright rules: it does not export the many balances and exceptions that favor the public interest and act as safety valves in limiting rightsholders’ protection. Adding insult to injury, the TPP's temporary copies provision will likely create chilling effects on how people and companies behave online and their basic ability to use and create on the Web.

EFF, FSF, Creative Commons and many others ask W3C to reject DRM conspiracy

Cory Doctorow — Thu, 25 Apr 2013 13:59:31 +0000

John from the Free Software Foundation sez,

Hollywood is making yet another attempt to lock down the Web. Undeterred by SOPA's failure, Hollywood is conspiring with tech giants like Microsoft, Google, and Netflix to try to influence the World Wide Web Consortium (W3C). A proposal currently under consideration at W3C would *build accommodation for Digital Restrictions Management (DRM) into HTML itself.* The W3C's job is to keep the Web working for everyone; building DRM into HTML would be a dramatic departure from the NGO's mission.
Today a coalition, organized by the Free Software Foundation and including EFF and Creative Commons, released a joint letter to the W3C condemning the proposal. The coalition is also asking Web users to send a message to W3C by signing a petition>.
The coalition says, "Ratifying EME would be an abdication of responsibility; it would harm interoperability, enshrine nonfree software in W3C standards and perpetuate oppressive business models. It would fly in the face of the principles that the W3C cites as key to its mission and it would cause an array of serious problems for the billions of people who use the Web."

I wrote about this in detail in the Guardian in March.

Keep DRM out of Web standards -- Reject the Encrypted Media Extensions (EME) proposal (Thanks, John!)

CISPA: Congress wants to create unlimited Internet spying powers - KILL THIS BILL! KILL IT WITH FIRE!

Cory Doctorow — Wed, 17 Apr 2013 15:44:34 +0000

Rep. Rogers says #CISPA opponents are probably 14-year-olds in a basement. Tell him how wrong he is by tweeting to @repmikerogers.
— EFF (@EFF) April 16, 2013

CISPA is the latest Congressional proposal to do something unbelievably horrible with the Internet -- this time, it's letting US law enforcement and intelligence service raid all of your data, all the time, without letting you know, regardless of your service provider's privacy policy, in the name of preventing "cyberattacks," whatever they are.

It's about as horrible as it can be: the House Rules Committee won't even allow privacy-protecting amendments on the agenda; the bill's sponsor Rep. Mike Rogers dismisses people who oppose CISPA as 14-year-olds in their parents' basements; and a bunch of tech companies are lobbying in favor of CISPA because the bill cannily immunizes them from liability for firehosing your personal, sensitive information all over the place.

The sole bright light is this: the Obama White House has taken an uncharacteristically progressive stance on privacy this time around, and has threatened to veto the bill.

The Electronic Frontier Foundation is, as always, the best place to go to find things you can (and should, and MUST) do to kill this insane proposal.

South Korea lives in the future (of brutal copyright enforcement)

Cory Doctorow — Sat, 30 Mar 2013 16:13:13 +0000

The US-Korean Free Trade Agreement came with a raft of draconian enforcement rules that Korea -- then known as a world leader in network use and literacy -- would have to adopt. Korea has since become a living lab of the impact of letting US entertainment giants design your Internet policy -- and the example that industry lobbyists point to when they discuss their goals.

One of the laws that Korea adopted early was the infamous "three strikes" rule, where repeated, unsubstantiated accusations of copyright infringement leads to whole families being punished through restriction of, or disconnection from their Internet connections. Now the Korean National Human Rights Commission has examined the fallout from the country's three strikes rules, and called for its repeal due to high costs to wider Korean society.

Here's the Electronic Frontier Foundation's Danny O'Brien with more:

The entertainment industry has repeatedly pointed to South Korea as a model for a controlled Internet that should be adopted everywhere else. In the wake of South Korea's implementation, graduated response laws have been passed in France and the United Kingdom, and ISPs in the United States have voluntarily accepted a similar scheme.
But back in Korea, the entertainment industry's experiment in Internet enforcement has been a failure. Instead of tackling a few "heavy uploaders" involved in large scale infringement, the law has spiraled out of control. It has now distributed nearly half a million takedown notices, and led to the closing down of 408 Korean Internet users' web accounts, most of which were online storage services. An investigation led by the Korean politician Choi Jae-Cheon showed that half of those suspended were involved in infringement of material that would cost less than 90 U.S. cents. And while the bill's backers claimed it would reduce piracy, detected infringement has only increased as more and more users are subject to suspensions, deletion, and blocked content.
This Wednesday, Korea's National Human Rights Commission recommended that the three strikes law be re-examined, given its unclear benefits, and its potential violation of the human rights to receive and impart information and to participate in the cultural life of the community.

Korea's three strikes rules are similar to the "Six Strikes" rules that America's leading ISPs have voluntarily adopted and just put into effect. If you want to see the future of American Internet policy, and its fallout, look at Korea.

Korean Lawmakers and Human Rights Experts Challenge Three Strikes Law

Policy Laundering: how the US Trade Rep is trading away America's right to unlock its devices

Cory Doctorow — Wed, 27 Mar 2013 19:19:05 +0000

Some of America's worst copyright laws were passed through a profoundly undemocratic process called "policy laundering." This is what happens when an administration can't get Congress to pass a bad copyright law, so the US Trade Representative instead signs the US up to international treaties requiring America to pass the unpopular law. The 1998 Digital Millennium Copyright Act is one of the policy-laundered laws that has done enormous harm to the country.

Now the USTR is busy again, signing America up to treaties that undermine attempts by Congress to make phone unlocking and jailbreaking legal. America's official representative is going to other countries and telling them, "If you want to do business with America, you must ban jailbreaking and phone unlocking, and in return, we promise to keep those activities on the banned list, too."

In other words, America's trade reps are cramming a massively unpopular, harmful policy down the throats of its trading partners, while simultaneously locking America into the same policy, undermining Congress at the same time.

The Electronic Frontier Foundation wants you to take action on this. Maira Sutton and Parker Higgins have written a good article explaining policy laundering in depth.

U.S. wireless carriers claim that unlocking your phone to change carriers is illegal under Section 1201 of the DMCA, which prohibits the removal of digital rights management (DRM) technology. Section 1201 of the DMCA also set up a triennial rulemaking procedure, whereby the public can ask for exceptions to the rule that you cannot remove DRM from your devices. Phone unlocking was not approved in the last round of DMCA rulemaking, raising the specter of lawsuits against phone owners.
In light of public outrage over this, several members of Congress have introduced legislation to legalize phone unlocking. Already, opponents are saying that an effective narrow fix—a permanent phone-unlocking exemption from Section 1201—may violate the Korea-US trade agreement. Regardless of whether such a claim is true, such chatter can be enough to slow down the pace of change, and make any political reformers of the DMCA more cautious than they might otherwise be.
Big Content interest groups like the Motion Picture Association of America, Recording Industry Association of America, and International Federation of the Phonographic Industry—just to name a few—continue to have a strong influence on US trade negotiators. They are lobbying hard for our government to promote international policies to strengthen their control over how and when the public can interact and experience their creative products.

How the US Trade Rep Ratchets Up Worldwide Copyright Laws That Could Keep Your Devices Locked Forever

EFF blasts plans to build DRM into HTML5

Cory Doctorow — Thu, 21 Mar 2013 21:22:36 +0000

The Electronic Frontier Foundation has weighed in on the growing controversy over the proposal to build DRM into HTML5, the next version of the standard language for building Web pages and applications. Staff technologists Seth Schoen and Peter Eckersley have written a great essay explaining how this kind of work is totally incompatible with the mission of the W3C and how its proponents' insistence that this isn't really DRM are just hollow jokes:

The EME proposal suffers from many of these problems because it explicitly abdicates responsibilty on compatibility issues and let web sites require specific proprietary third-party software or even special hardware and particular operating systems (all referred to under the generic name "content decryption modules", or CDMs, and none of them specified by EME). EME's authors keep saying that what CDMs are, and do, and where they come from is totally outside of the scope of EME, and that EME itself can't be thought of as DRM because not all CDMs are DRM systems. Yet if the client can't prove it's running the particular proprietary thing the site demands, and hence doesn't have an approved CDM, it can't render the site's content. Perversely, this is exactly the reverse of the reason that the World Wide Web Consortium exists in the first place. W3C is there to create comprehensible, publicly-implementable standards that will guarantee interoperability, not to facilitate an explosion of new mutually-incompatible software and of sites and services that can only be accessed by particular devices or applications. But EME is a proposal to bring exactly that dysfunctional dynamic into HTML5, even risking a return to the "bad old days, before the Web" of deliberately limited interoperability.
Because it's clear that the open standards community is extremely suspicious of DRM and its interoperability consequences, the proposal from Google, Microsoft and Netflix claims that "[n]o 'DRM' is added to the HTML5 specification" by EME. This is like saying, "we're not vampires, but we are going to invite them into your house".
Proponents also seem to claim that EME is not itself a DRM scheme. But specification author Mark Watson admitted that "Certainly, our interest is in [use] cases that most people would call DRM" and that implementations would inherently require secrets outside the specification's scope. It's hard to maintain a pretense that EME is about anything but DRM.

Defend the Open Web: Keep DRM Out of W3C Standards (via /.)

See also:
* HTML5's overseer says DRM's true purpose is to prevent legal forms of innovation
* Why Tim Berners-Lee is wrong about DRM in HTML5

In-depth explanation of EFF's courtroom victory over the FBI's "National Security Letters"

Cory Doctorow — Tue, 19 Mar 2013 18:51:46 +0000

Last week, we brought you the wonderful news that a district court in San Francisco had struck down the law that allowed the FBI to issue its own "National Security Letters" (NSLs) -- secret search-warrants with permanent gag orders. Now, Matt Zimmerman, a senior staff attorney at the Electronic Frontier Foundation (who brought the case on behalf of an unnamed telco), explains in depth what EFF asked the court to recognize, how far they got, and what happens next:

The court made five critical findings. First, Judge Illston quickly rejected the government's dangerous argument that NSL recipients had no power to review the constitutionality of the statute. The government had suggested that the court could only review specific problems with specific NSLs, meaning that larger structural problems with the statute would remain untouched. As the court correctly noted, however, the statute specifically allows a court to determine whether an NSL is "unreasonable" or "unlawful" which includes determining whether the statute itself is unconstitutional.
Second, the district court found that the statute impermissibly authorizes the FBI to limit speech without constitutionally-mandated procedural protections. The Supreme Court articulated the scope for such protections in 1965 in Freedman vs. Maryland, a case in which it struck down a Maryland licensing scheme that required films to be submitted to a government ratings board prior to public showings. The problem with the statute wasn't necessarily its substantive reach as it was possible that films could be banned without violating the First Amendment -- if, for example, they met the First Amendment definition of "obscene." Instead, the court was concerned that the procedures for challenging a ban stacked the deck against theater owners...
... Fourth, the district court found that the statute was not "severable," meaning that Congress designed the NSL tool as a whole and that the powers it granted to the FBI were not intended to function separately if one of the powers was found to be unconstitutional. Because the nondisclosure provision was found to be unconstitutional on its face, the power to compel the disclosure of customer records must also fall. NSL statistics are consistent with this observation: 97% of all NSLs are delivered with a gag order.
Finally, the district court found that, regardless of other failings, the statute's standard of review violated separation of powers principles by forcing the courts to defer to the FBI's determinations and preventing independent review. It noted that a "[c]ourt can only sustain nondisclosure based on a searching standard of review." While courts do largely defer to the executive branch's judgment in national security matters, the standard in this statute required the court to consider the government's decision "conclusive" and only allowing the court to consider whether it was made in "bad faith." The court rightly noted that real judicial review requires more.

In Depth: The District Court's Remarkable Order Striking Down the NSL Statute

New bill to protect your webmail and location privacy needs your support

Cory Doctorow — Sat, 09 Mar 2013 20:00:15 +0000

The Electronic Communications Privacy Act (ECPA) of 1986 is an ancient law that governs the privacy of the files you keep on servers, including your webmail and other private stuff. The 1986 law assumes that any file left on a server for more than six months is abandoned, and gives law enforcement the power to retrieve it without a warrant. Many attempts have been made to update this, but the nation's law enforcement apparatus always kicks up a huge fuss when anyone proposes closing this glaring loophole.

Now there's a new, bipartisan bill from Representatives Zoe Lofgren (D-Calif.), Ted Poe (R-Texas) and Suzan DelBene (D-Wash.) that will update electronic privacy law for the bold world of the 1990s (at least!). The Electronic Frontier Foundation's Rainey Reitman has more:

We’re pleased to see Representatives Lofgren, Poe, and DelBene take up this crucial issue, but the current draft isn’t a perfect solution to all ECPA woes. For example, the bill has room for improvement on the issue of evidence suppression for email content collected without a warrant. We hope this already promising bill can be further improved through amendments.

By introducing this reform bill, the 113^th Congress has an opportunity to enact powerful protections for everyday Internet users – which would be particularly appreciated, since all too often Congress uses its power to try to undermine our digital civil liberties.

If you agree that the government shouldn’t be snooping through inboxes without a warrant, then please sign our petition, which will automatically send an email to Congress demanding they reform ECPA.

New Bill Would Ensure Law Enforcement Gets a Warrant Before Reading Email

US Trade Rep orders Canada to comply with the dead-and-buried ACTA treaty, Canada rolls over and wets itself

Cory Doctorow — Sat, 02 Mar 2013 16:43:57 +0000

Do you remember ACTA? It was a broad, Internet-destroying copyright treaty, negotiated with unprecedented secrecy (even Congress and the European Parliament were not allowed to know what was going on in the negotiations -- though CEOs of beer and fertilizer companies were kept apprised on a running basis). Well, ACTA died when the people of the world rejected it, marching by the thousands in the streets, and governments refused to ratify it.

But now it's back. The US Trade Representative gave marching orders to Canada's Harper government, and it has introduced a bill that would force Canadians to obey the provisions in ACTA, even though ACTA no longer exists. From EFF's Maira Sutton:

The Office of the United States Trade Representative (USTR) posted its 2013 Trade Policy Agenda and 2012 Trade Policy Report, which covers all of its ongoing negotiations over trade agreements. It reports that the US is working with Japan and other negotiating parties “to ensure that ACTA can come into force as soon as possible,” and encourages Canada “to meet its [ACTA] obligations.”
Canada did not miss a beat to satisfy this demand. The Canadian government introduced a bill today to make Canada compliant with provisions of ACTA, paving the way for its eventual ratification. Among the provisions outlined within the 52-page bill are increased criminalization of copyright and trademark law as well as a new authority for Canadian customs officials to seize and destroy goods they can determine to be “counterfeit or pirated goods” without any judicial oversight.

US Trade Office Calls ACTA Back From the Dead and Canada Complies

EFF fights lawsuit over publishing secret, expensive-to-see laws

Cory Doctorow — Sat, 23 Feb 2013 19:51:58 +0000

From rogue archivist Carl Malamud (who recently liberated a massive trove of expensive standards and regulations that you were legally obliged to comply with, but couldn't see without paying out large sums of money):

The Electronic Frontier Foundation (EFF) asked a federal judge today to protect the free speech rights of an online archive of laws and legal standards after a wrongheaded copyright claim forced the removal of a document detailing important technical standards required by the federal government and several states.
EFF and co-counsel David Halperin represent Public.Resource.Org, Inc., a non-profit organization that improves the public's access to laws and codes that affect their lives. As part of its work, Public Resource acquires and makes available public safety documents such as fire safety codes, food safety standards, and other regulations that have been incorporated into U.S. and international laws. But last month, the association of Sheet Metal and Air Conditioning Contractors (SMACNA) claimed an online post of a federally-mandated 1985 standard on air-duct leakage violated their copyright, and demanded it be removed. The standards are a crucial element of U.S. federal energy conservation efforts and an integral part of model codes such as the International Energy Conservation Code. After a threat of legal action from SMACNA, Public Resource took down the document until a court could affirm its right to publish the information.
“The public has a right to meaningful access to the laws that govern their lives,” said Carl Malamud, the president and founder of Public Resource. “Technical standards like the ones in this document have the force of law, and people need to know them in order to comply with regulatory obligations, keep the public safe, and avoid costly penalties. The right of citizens to read and speak the law is fundamental to an informed citizenry in the United States and throughout the world. Ignorance of the law is no excuse, which means we have to be able to read the law.”
In a petition for declaratory and injunctive relief filed today, EFF and Public Resource asked the court to rule that the posting the standards does not infringe any copyright.
“Building codes and other technical specifications touch our lives every day, and Public Resource is helping to make it easier for us to access and understand how they affect us,” said EFF Intellectual Property Director Corynne McSherry. “We're asking the judge today to let Public Resource continue its important work in increasing the public's access to the laws and regulations that govern us.”

More information from EFF on PRO v. SMACNA
More on public safety codes

Previously on Boing Boing:

March 20, 2012: Liberating America's secret, for-pay laws
May 15, 2012: Publishing America's for-pay, private Laws
August 30, 2012: Revealed at last: India's public safety code for tamarind pulp
December 30, 2012: Public Resource liberates global building codes, include the Eurocode -- free the law!

EFF's new international director: Danny O'Brien

Cory Doctorow — Thu, 21 Feb 2013 19:30:36 +0000

Oh my, this is good news: Danny O'Brien, my successor at EFF (who left to work for the Committee to Protect Journalists) has gone back to EFF, where he'll run the international team.

Understanding the Computer Fraud and Abuse Act: can you go to jail for violating a clickthrough agreement?

Cory Doctorow — Mon, 18 Feb 2013 22:59:13 +0000

The Computer Fraud and Abuse Act (CFAA) is a creaking, 1986-vintage US anti-hacking law. It makes it a felony to "exceed authorized access" on a computer you don't own, and some federal prosecutors (including Carmen Ortiz, who prosecuted Aaron Swartz) claim that this means that any time you violate the terms of service on website, that you commit a felony and can be imprisoned.

The Electronic Frontier Foundation has published detailed, user-friendly documentation for the CFAA, including the relevant case-law. It's a must-read for anyone who cares about justice in the 21st century. We click through dozens of impossible terms-of-service every day, and if violating them is a felony, we'll all vulnerable to threats of a long sentence.

The Computer Fraud and Abuse Act (“CFAA”), 18 U.S.C. § 1030, is an amendment made in 1986 to the Counterfeit Access Device and Abuse Act that was passed in 1984 and essentially states that, whoever intentionally accesses a computer without authorization or exceeds authorized access, and thereby obtains information from any protected computer if the conduct involved an interstate or foreign communication shall be punished under the Act. In 1996 the CFAA was, again, broadened by an amendment that replaced the term “federal interest computer” with the term “protected computer.”18 U.S.C. § 1030. While the CFAA is primarily a criminal law intended to reduce the instances of malicious interferences with computer systems and to address federal computer offenses, an amendment in 1994 allows civil actions to brought under the statute, as well.

Computer Fraud and Abuse Act (CFAA) (Thanks, Julian!)

CISPA is back: worst Internet law since SOPA needs you to fight it!

Cory Doctorow — Mon, 18 Feb 2013 17:56:08 +0000

CISPA is a sweeping, privacy-annihilating Internet law that we killed last year. The Congressmen who introduced it haven't learned their lesson and they've reintroduced it. The price of freedom is eternal vigilance, right? We killed CISPA once before. We will kill CISPA again. It only works if you take part.

Last year, Representatives Rogers and Ruppersberger introduced CISPA, which would create a gaping new exemption to existing privacy law. CISPA would grant companies more power to obtain “threat” information (such as from private communications of users) and to disclose that data to the government without a warrant -- including sending data to the National Security Agency.
This week, CISPA was reintroduced in the House of Representatives. EFF is joining groups like ACLU and Fight for the Future in combating this legislation.
Last year, tens of thousands of concerned individuals used the EFF action center to speak out against overbroad and ineffective cybersecurity proposals. Together, we substantially changed the debate around cybersecurity in the U.S., moving forward a range of privacy-protective amendments and ultimately helping to defeat the Senate bill.
Now we need your help again. Can you send a message to your Representatives asking them to oppose this bill?

CISPA is Back.

(Image: eye of providence, a Creative Commons Attribution Share-Alike (2.0) image from emperley3's photostream)

Six-strikes US copyright punishments will harm open WiFi

Cory Doctorow — Thu, 14 Feb 2013 22:38:32 +0000

You may have heard Jill Lesser, Executive Director of the Center for Copyright Information, explain that America's six-strikes copyright punishment system would not harm open WiFi. Adi Kamdar explains why Ms Lesser's totally mistaken:

Termination may not be part of the CAS, but that's not the point—the program still uses "protecting copyright" as an excuse to seriously hinder a user's online experience. For example, CAS involves not just "education" but also "Mitigation Measures," such as slowing down Internet speeds to 256 kbps for days—rendering your connection all but unusable in today's era of videochats and Netflix.
Lesser doesn't think that's a problem. As she told the radio show On The Media: "The reduction of speed, which one or more of the ISPs will be using as a mitigation measure, is first of all only 48 hours, which is far from termination."
But that's 48 hours of lower productivity and limited communication across the globe, based on nothing more than a mere allegation of copyright infringement.

Don't Be Fooled: "Six Strikes" Will Undoubtedly Harm Open Wireless

Looking for podcasters who've been shaken down by patent trolls

Cory Doctorow — Tue, 05 Feb 2013 23:36:25 +0000

The Electronic Frontier Foundation is looking for podcasters who've received legal threats from Personal Audio, a patent troll that claims a bullshit patent on "disseminating a series of episodes represented by media files via the Internet."

Privacy groups, activists and journalists call on Skype to document its privacy practices

Cory Doctorow — Fri, 25 Jan 2013 17:13:43 +0000

A coalition of journalists, privacy advocates, and Internet activists have published an open letter to Skype and Microsoft, calling on them to "publicly document Skype’s security and privacy practices" in a Transparency Report:

1. Quantitative data regarding the release of Skype user information to third parties, disaggregated by the country of origin of the request, including the number of requests made by governments, the type of data requested, the proportion of requests with which it complied — and the basis for rejecting those requests it does not comply with.
2. Specific details of all user data Microsoft and Skype currently collects, and retention policies.
3. Skype’s best understanding of what user data third-parties, including network providers or potential malicious attackers, may be able to intercept or retain.
4. Documentation regarding the current operational relationship between Skype with TOM Online in China and other third-party licensed users of Skype technology, including Skype’s understanding of the surveillance and censorship capabilities that users may be subject to as a result of using these alternatives.
5. Skype's interpretation of its responsibilities under the Communications Assistance for Law Enforcement Act (CALEA), its policies related to the disclosure of call metadata in response to subpoenas and National Security Letters (NSLs), and more generally, the policies and guidelines for employees followed when Skype receives and responds to requests for user data from law enforcement and intelligence agencies in the United States and elsewhere.

Open Letter to Skype (via /.)

Gay gamers strike back at "Gaymers" trademark

Rob Beschizza — Thu, 24 Jan 2013 14:17:18 +0000

Chris Vizzini registered the term "Gaymer" as a trademark, then sent a cease-and-decist letter to Reddit over /r/gaymers, the section of the site dedicated to gay gamers and their interests. The righteous backlash sees the targets teaming up with the Electronic Frontier Foundation to cancel the trademark. The term has been in use since the mid-1990s, adds Ars Technica's Joe Mullin; Vizzini did not launch his so-named blog until 2005.

EFF creates the "Mark Cuban Chair to Eliminate Stupid Patents"

Cory Doctorow — Thu, 20 Dec 2012 22:47:49 +0000

Broadcast.com founder Mark Cuban and Minecraft creator Markus Persson have donated $500,000 to the Electronic Frontier Foundation to endow the "Mark Cuban Chair to Eliminate Stupid Patents," which will be occupied by an attorney tasked with hunting down and destroying crappy patents that have been recklessly granted by the US Patent and Trademark Office to unscrupulous "inventors" who claim to have invented things that were obvious and/or already extant; and to pay for activists to fight for substantive patent reform:

Cuban's $250,000 donation also funds the hire of a new attorney experienced in patent reform and high profile patent litigation: Daniel Nazer, who will join EFF in January as a Staff Attorney. The rest of EFF's seasoned intellectual property team includes Intellectual Property Director Corynne McSherry, Senior Staff Attorney Kurt Opsahl, and Staff Attorney Mitch Stoltz. The team is also assisted by EFF fellows Michael Barclay and Jason Schultz.
Persson's separate donation of $250,000 cements EFF's ability to tackle the systemic problems with software patents. With a blend of lawyers, technologists, and activists, EFF will push for reform in the courts, through activism campaigns, and by educating the public and politicians about what is wrong with software patents and what needs to change.
"Temporary fixes aren't good enough – we need deep and meaningful reform to protect software development and keep it as free and democratic as possible," said Persson, creator of the popular videogame Minecraft. "New games and other technological tools come from improving on old things and making them better – an iterative process that the current patent environment could shut down entirely. This is a dangerous path we're on, and I'm glad to help EFF move us in the right direction."

EFF Patent Project Gets Half-Million-Dollar Boost from Mark Cuban and 'Notch'

EFF Power Up fundraiser: every dollar you give is matched 2-to-1

Cory Doctorow — Thu, 13 Dec 2012 17:00:44 +0000

The Electronic Frontier Foundation is running a fundraising challenge called "Power Up Your Donation," where every dollar donated is matched two-to-one by a group of major donors. My family has put up part of the $140,000 matching fund, because we're living in a world where technology could go either way: it might end up continuing to empower us and improve our lives, or become the agent of an unimaginably invasive corporate surveillance state. Without EFF and groups like it, we don't stand a chance. I worked for EFF for many years, and I've never seen an organization watch the pennies more closely and make a dollar go further.

Power Up Your Donation | Electronic Frontier Foundation

EFF delivers easy full-disk encryption for Ubuntu

Cory Doctorow — Fri, 09 Nov 2012 13:57:00 +0000

Douglas sez,

18 months ago Boing Boing posted about EFF's effort to get Ubuntu to make full disk encryption (FDE) easy upon install. EFF has delivered.
I'm sure many of us have had and continue to have the experience of trying to nudge someone (or ourselves) over from OS X or Windows to GNU/Linux and LUKS full disk encryption, but the process got roadblocked at some point because using the alternate installer to config the partitions and all for FDE was just too much of a hassle for parties involved. Now in Ubuntu 12.10, FDE is just a tickbox in the default installer. How cool is that?
This means it's a good time to donate to EFF. And if you're using Ubuntu 12.10, don't forget to fix the privacy problems for which EFF provides a tutorial (thanks again!).

(Thanks, Doug!)

EFF's Open Wireless campaign: help your neighbors, improve anonymity, support innovation

Cory Doctorow — Wed, 31 Oct 2012 23:29:48 +0000

The Electronic Frontier Foundation is stepping up its open wireless campaign, which encourages people and businesses to leave their Internet connections open to the public, and offers advice on doing this safely and sustainably. As EFF points out, most WiFi networks are latent for most of the time, and there are a million ways that leaving your network accessible to passersby or neighbors can really help out, from emergency access during disasters to the urgent need to send an email, look up a phone number, or check directions. EFF's Adi Kamdar writes,

We believe there are many benefits to having a world of open wireless. Two of the big ones for us have to do with privacy and innovation.
Open wireless protects privacy. By using multiple IP addresses as one shifts from wireless network to wireless network, you can make it more difficult for advertisers and marketing companies to track you without cookies. Activists can better protect their anonymous communication by using open wireless (though Tor is still recommended).
Innovations would also thrive: Smarter tablets, watches, clothing, cars—the possibilities are endless. In a future with ubiquitous open Internet, smartphones can take advantage of persistent, higher quality connections to run apps more efficiently without reporting your whereabouts or communications. Inventors and creators would not have to ask permission of cell phone companies to utilize their networks, both freeing up radio spectrum and reducing unnecessary barriers to entry.
This movement is just beginning, but in a sense it has always been around. People, businesses, and communities have already been opening up their wireless networks, sharing with their neighbors, and providing an important public good. We want this movement to grow without unnecessary legal fears or technical restraints.

Why We Have An Open Wireless Movement