The Computer Fraud and Abuse Act (CFAA) is a creaking, 1986-vintage US anti-hacking law. It makes it a felony to "exceed authorized access" on a computer you don't own, and some federal prosecutors (including Carmen Ortiz, who prosecuted Aaron Swartz) claim that this means that any time you violate the terms of service on website, that you commit a felony and can be imprisoned.
The Electronic Frontier Foundation has published detailed, user-friendly documentation for the CFAA, including the relevant case-law. It's a must-read for anyone who cares about justice in the 21st century. We click through dozens of impossible terms-of-service every day, and if violating them is a felony, we'll all vulnerable to threats of a long sentence.
The Computer Fraud and Abuse Act (“CFAA”), 18 U.S.C. § 1030, is an amendment made in 1986 to the Counterfeit Access Device and Abuse Act that was passed in 1984 and essentially states that, whoever intentionally accesses a computer without authorization or exceeds authorized access, and thereby obtains information from any protected computer if the conduct involved an interstate or foreign communication shall be punished under the Act. In 1996 the CFAA was, again, broadened by an amendment that replaced the term “federal interest computer” with the term “protected computer.”18 U.S.C. § 1030. While the CFAA is primarily a criminal law intended to reduce the instances of malicious interferences with computer systems and to address federal computer offenses, an amendment in 1994 allows civil actions to brought under the statute, as well.
Computer Fraud and Abuse Act (CFAA)
CISPA is a sweeping, privacy-annihilating Internet law that we killed last year. The Congressmen who introduced it haven't learned their lesson and they've reintroduced it. The price of freedom is eternal vigilance, right? We killed CISPA once before. We will kill CISPA again. It only works if you take part.
Last year, Representatives Rogers and Ruppersberger introduced CISPA, which would create a gaping new exemption to existing privacy law. CISPA would grant companies more power to obtain “threat” information (such as from private communications of users) and to disclose that data to the government without a warrant -- including sending data to the National Security Agency.
This week, CISPA was reintroduced in the House of Representatives. EFF is joining groups like ACLU and Fight for the Future in combating this legislation.
Last year, tens of thousands of concerned individuals used the EFF action center to speak out against overbroad and ineffective cybersecurity proposals. Together, we substantially changed the debate around cybersecurity in the U.S., moving forward a range of privacy-protective amendments and ultimately helping to defeat the Senate bill.
Now we need your help again. Can you send a message to your Representatives asking them to oppose this bill?
CISPA is Back.
(Image: eye of providence, a Creative Commons Attribution Share-Alike (2.0) image from emperley3's photostream)
You may have heard Jill Lesser, Executive Director of the Center for Copyright Information, explain that America's six-strikes copyright punishment system would not harm open WiFi. Adi Kamdar explains why Ms Lesser's totally mistaken:
Termination may not be part of the CAS, but that's not the point—the program still uses "protecting copyright" as an excuse to seriously hinder a user's online experience. For example, CAS involves not just "education" but also "Mitigation Measures," such as slowing down Internet speeds to 256 kbps for days—rendering your connection all but unusable in today's era of videochats and Netflix.
Lesser doesn't think that's a problem. As she told the radio show On The Media: "The reduction of speed, which one or more of the ISPs will be using as a mitigation measure, is first of all only 48 hours, which is far from termination."
But that's 48 hours of lower productivity and limited communication across the globe, based on nothing more than a mere allegation of copyright infringement.
Don't Be Fooled: "Six Strikes" Will Undoubtedly Harm Open Wireless
The Electronic Frontier Foundation is looking for podcasters
who've received legal threats from Personal Audio, a patent troll that claims a bullshit patent on "disseminating a series of episodes represented by media files via the Internet."
A coalition of journalists, privacy advocates, and Internet activists have published an open letter to Skype and Microsoft, calling on them to "publicly document Skype’s security and privacy practices" in a Transparency Report:
Open Letter to
1. Quantitative data regarding the release of Skype user information to third parties, disaggregated by the country of origin of the request, including the number of requests made by governments, the type of data requested, the proportion of requests with which it complied — and the basis for rejecting those requests it does not comply with.
2. Specific details of all user data Microsoft and Skype currently collects, and retention policies.
3. Skype’s best understanding of what user data third-parties, including network providers or potential malicious attackers, may be able to intercept or retain.
4. Documentation regarding the current operational relationship between Skype with TOM Online in China and other third-party licensed users of Skype technology, including Skype’s understanding of the surveillance and censorship capabilities that users may be subject to as a result of using these alternatives.
5. Skype's interpretation of its responsibilities under the Communications Assistance for Law Enforcement Act (CALEA), its policies related to the disclosure of call metadata in response to subpoenas and National Security Letters (NSLs), and more generally, the policies and guidelines for employees followed when Skype receives and responds to requests for user data from law enforcement and intelligence agencies in the United States and elsewhere.
Chris Vizzini registered the term "Gaymer" as a trademark
, then sent a cease-and-decist letter to Reddit over /r/gaymers
, the section of the site dedicated to gay gamers and their interests. The righteous backlash sees the targets teaming up with the Electronic Frontier Foundation to cancel the trademark
. The term has been in use since the mid-1990s
, adds Ars Technica's
Joe Mullin; Vizzini did not launch his so-named blog until 2005. — Rob
Broadcast.com founder Mark Cuban and Minecraft creator Markus Persson have donated $500,000 to the Electronic Frontier Foundation to endow the "Mark Cuban Chair to Eliminate Stupid Patents," which will be occupied by an attorney tasked with hunting down and destroying crappy patents that have been recklessly granted by the US Patent and Trademark Office to unscrupulous "inventors" who claim to have invented things that were obvious and/or already extant; and to pay for activists to fight for substantive patent reform:
Cuban's $250,000 donation also funds the hire of a new attorney experienced in patent reform and high profile patent litigation: Daniel Nazer, who will join EFF in January as a Staff Attorney. The rest of EFF's seasoned intellectual property team includes Intellectual Property Director Corynne McSherry, Senior Staff Attorney Kurt Opsahl, and Staff Attorney Mitch Stoltz. The team is also assisted by EFF fellows Michael Barclay and Jason Schultz.
Persson's separate donation of $250,000 cements EFF's ability to tackle the systemic problems with software patents. With a blend of lawyers, technologists, and activists, EFF will push for reform in the courts, through activism campaigns, and by educating the public and politicians about what is wrong with software patents and what needs to change.
"Temporary fixes aren't good enough – we need deep and meaningful reform to protect software development and keep it as free and democratic as possible," said Persson, creator of the popular videogame Minecraft. "New games and other technological tools come from improving on old things and making them better – an iterative process that the current patent environment could shut down entirely. This is a dangerous path we're on, and I'm glad to help EFF move us in the right direction."
EFF Patent Project Gets Half-Million-Dollar Boost from Mark Cuban and 'Notch'
The Electronic Frontier Foundation is running a fundraising challenge called "Power Up Your Donation," where every dollar donated is matched two-to-one by a group of major donors. My family has put up part of the $140,000 matching fund, because we're living in a world where technology could go either way: it might end up continuing to empower us and improve our lives, or become the agent of an unimaginably invasive corporate surveillance state. Without EFF and groups like it, we don't stand a chance. I worked for EFF for many years, and I've never seen an organization watch the pennies more closely and make a dollar go further.
Power Up Your Donation | Electronic Frontier Foundation
The Electronic Frontier Foundation is stepping up its open wireless campaign, which encourages people and businesses to leave their Internet connections open to the public, and offers advice on doing this safely and sustainably. As EFF points out, most WiFi networks are latent for most of the time, and there are a million ways that leaving your network accessible to passersby or neighbors can really help out, from emergency access during disasters to the urgent need to send an email, look up a phone number, or check directions. EFF's Adi Kamdar writes,
We believe there are many benefits to having a world of open wireless. Two of the big ones for us have to do with privacy and innovation.
Open wireless protects privacy. By using multiple IP addresses as one shifts from wireless network to wireless network, you can make it more difficult for advertisers and marketing companies to track you without cookies. Activists can better protect their anonymous communication by using open wireless (though Tor is still recommended).
Innovations would also thrive: Smarter tablets, watches, clothing, cars—the possibilities are endless. In a future with ubiquitous open Internet, smartphones can take advantage of persistent, higher quality connections to run apps more efficiently without reporting your whereabouts or communications. Inventors and creators would not have to ask permission of cell phone companies to utilize their networks, both freeing up radio spectrum and reducing unnecessary barriers to entry.
This movement is just beginning, but in a sense it has always been around. People, businesses, and communities have already been opening up their wireless networks, sharing with their neighbors, and providing an important public good. We want this movement to grow without unnecessary legal fears or technical restraints.
Why We Have An Open Wireless Movement
The Village Voice received an improbable trademark over the use of "BEST OF" in connection with lists of the best things on offer in various cities, and now they're suing Yelp for creating their own "Best of" lists. This ridiculous suit is only possible because of the US Patent and Trademark Office's bungling, terrible methods, as the Electronic Frontier Foundation's Corynne McSherry writes, and will only be resolved when the USPTO cleans up its act:
What is going on at the Patent and Trademark Office? For decades, folks have been complaining (with good reason) that the patent examiners need to do a better job of screening out bogus patent applications. It’s clear that the problem extends to the trademark side as well. The PTO has allowed companies and individuals to register marks in any number of obviously generic and/or descriptive terms, such as “urban homestead” (to refer to urban farms), “gaymer” (to refer to gay gamers), and “B-24” (to refer to model B-24 bombers).
Once a mark is registered, it is all too easy for the owner to become a trademark bully. And while companies like Yelp have the resources to fight back (as we expect it will), small companies and individuals may not. Just as dangerous, the trademark owner may go upstream, to intermediaries like Facebook who have little incentive to do anything other than take down an account or site that’s accused of infringement.
"Good enough for government work" isn't good enough for free speech. It’s time the PTO did its part to stop trademark bullies and tightened up the trademark application process. Fewer bogus registrations means fewer bogus threats, and more online creativity and competition. That's a win for everyone.
Stupid Lawyer Tricks (And How the PTO Could Help Stop Them)
After Arijit got thrown off of a Delta flight for wearing a TSA-mocking t-shirt I designed, a lot of people began to email, asking where they could buy one for themselves. Well, it seemed a bit weird to do a reissue and pocket a royalty for a shirt on the basis of someone else's legal hassles, so I worked with Arijit and Woot, and we've decided to reissue the shirt with all the profits being divided evenly between EFF, the ACLU, and the Southern Poverty Law Center. Get yours today for a mere $15! Wear it with pride! Don't blame me if you get kicked off an airplane!
Also available in handsome tote form at $10 each.
Threat Level: Doctorow
The Electronic Frontier Foundation has published a comprehensive, multi-lingual guide to keeping sites that are undergoing distributed denial-of-service (DDoS) attacks alive.
Denial of service (DoS) and distributed denial of service (DDoS) attacks are increasingly common phenomena, used by a variety of actors—from activists to governments—to temporarily or indefinitely prevent a site from functioning efficiently. Often, the attack saturates the target with server requests designed to flood its bandwidth, leaving the server unable to respond to legitimate traffic.
Though the owners of major sites often have the resources to fend off or even prevent such attacks, smaller sites—such as those belonging to small independent media or human rights organizations—are sometimes permanently disabled due to a lack of resources or knowledge.
This guide aims to assist the owners of such websites by providing advice on choosing an appropriate webhost, as well as a guide to mirroring and backing-up their websites so that the content can be made available elsewhere even if their site is taken down by a DoS or DDoS attack.
Keeping Your Site Alive
The Electronic Frontier Foundation has joined the defense team for Matthew Inman, creator of The Oatmeal, who is one of the parties named to a bizarre lawsuit by Charles Carreon, who recently threatened Inman with a $20,000 demand on behalf of the website Funnyjunk, then sued Inman (and a host of others) when he made fun of the threat.
“This lawsuit is a blatant attempt to abuse the legal process to punish a critic,” said EFF Intellectual Property Director Corynne McSherry. “We're very glad to help Mr. Inman fight back.”
EFF Will Represent The Oatmeal Creator in Fight Against Bizarre Lawsuit Targeting Critical Online Speech
Hugh sez, "Today, EFF launched a new campaign against software patents. In this campaign, we outline seven proposals that we think will address some of the greatest abuses of the current software patent system, including making sure that folks who independently arrived at an invention can’t be held liable for infringing on a software patent. But our campaign isn't just about our proposals — we also want to hear, and amplify, the views of the technical community. Many engineers, researchers, and entrepreneurs have suggested that reform is not enough and that software should not be patentable, period. We want to record these views, which is why our Defend Innovation campaign is designed to solicit comments from all of the stakeholders. We'll incorporate what we learn into a formal publication that we can take to Congress that reflects the views of innovators, academics, lawyers, CEOs, VCs, and everyone else who is concerned about the software patent system."