Annoying lawsuit for Annoying Orange —

On Slashdot, a reader called benrothke reviews a book called Locked Down: Information Security For Lawyers. This sounds like a vital book -- my experience of lawyers (and accountants, doctors and other professions that deal with sensitive information) is that they really don't get information security, routinely transmitting potentially compromising documents in the clear as email attachments. Not only don't they understand PGP -- they think it's good security to attach an encrypted ZIP archive to one email and follow it up with another email containing the password to decrypt it (facepalm). Anything that gets this sort of profession thinking well about security is most welcome.

The book quotes an ABA 2011 technology survey in which 21% of large law firms reported that their firm had experiences some sort of security breach, and 15% of all firms reported that they suffered a security breach. It is figures like those which show that attorneys really need to read this book and take the information to heart.

The books 17 chapters are in a readable 150 pages, with an additional 120 pages of appendices. Written in an easily understandable style and non-technical for the technologically challenge lawyer.

When it comes to the security of client data, in chapter 4 the authors write that encryption is a topic that most attorneys don't want to touch with a ten-foot pole. But it has reached a point where attorneys must understand how and when encryption should be used. Just as important, they need to know about key managements, and what good encryption is. The chapter provides a high-level detail on what needs to be done regarding encryption.

Chapter 13 is on secure disposal, is an important topic to everyone, and not just lawyers. Digital media needs to be effectively disposed of; and for many lawyers, they often think that means reformatting a hard drive or simply erasing files. The chapter effectively details the issues and offers numerous valuable hardware and software-based solutions.

Book Review: Locked Down: Information Security For Lawyers

Locked Down: Information Security For Lawyers [Amazon]

What the Mounties pirate —

Two minor characters from my novel Makers have apparently come to life and written an article for 3D Printing Industry. These two people are patent lawyers for Finnegan IP law firm, Washington, DC, which I don't recall making up, but this is definitely a pair of Doctorow villains (though, thankfully, I had the good sense not to give them any lines in the book -- they're far too cliched in their anodyne evil for anyone to really believe in).

These patent lawyers are upset because the evil Makers (capital-M and all!) are working with the Electronic Frontier Foundation to examine bad 3D printing patents submitted to the US Patent and Trademark Office. The problem is that 3D printing is 30 years old, so nearly all the stuff that people want to patent and lock up and charge rent on for the next 20 years has already been invented, and the pesky Makers are insisting on pointing out this inconvenient fact to the USPTO.

This breaks the established order, which is much to be preferred: the UPSTO should grant all the bullshit patents that companies apply for. The big companies can pay firms like Finnegan to file patents on every trivial, stale, ancient idea and then cross-license them to each other, but use them to block disruptive new entrants to the marketplace. The old system also has the desirable feature of arming patent trolls with the same kind of bullshit patents so that they can sue giant companies and disruptive startups alike, and Finnegan can be there to soak up the tens of millions of dollars in legal fees generated by all this activity.

Can't these darned Makers understand? The point of a patent isn't to protect novel, useful inventions! It's to put the brakes on out-of-control innovation and to ensure that the children of the partners at Finnegan can go to a good college! What will happen to GDP if we divert money from the honest business of barratry and allow it to be squandered on making and selling stuff that people find useful?

The America Invents Act changed U.S. patent law to allow preissuance submissions, a mechanism by which third parties can submit patents or printed publications to the United States Patent & Trademark Office (USPTO) for consideration during patent examination, along with “a concise description of the asserted relevance of each submitted document.”[2] The U.S. Congress intended preissuance submissions to help the USPTO increase the efficiency of examination and the quality of issued patents.[3] Congress did not, however, intend the use of this mechanism to interfere with patent examination.[4] Nor did it intend preissuance submissions to allow for third party protest or preissuance opposition.[5] Yet a segment of the 3D printing (3DP) community, known as Makers, is using preissuance submissions as a sword to oppose 3DP-related patent applications. Perhaps more importantly, they are leveraging the concept of crowdsourcing to do so, potentially creating problems for patent applicants everywhere.[6]

To understand why and how Makers are mobilizing to challenge patents through presissuance submissions, one must first understand what 3DP is, and the composition of the 3DP community. 3D printing—more formally known as additive manufacturing—is a technology that creates three dimensional objects from CAD files. There are many legacy and emerging 3DP technologies. Generally, 3DP works by fusing layer upon layer of materials, such as plastics, powder metals, and ceramics, to build a final, fully formed product, much as Athena sprung full-blown from the head of Zeus. This process requires a digital 3D model of the product, stored in a CAD file, and a 3D printer. Digital product models can be obtained by either (1) designing the product with a CAD program; (2) downloading an existing CAD file from the Internet; or (3) scanning an existing product with a 3D scanner to create a CAD file. Further, almost anyone can buy a 3D printer today; they are sold through Skymall and at Staples. Where 3DP was once cost prohibitive for most, ‘prosumer’ and home printers are now available at reasonable prices.

Crowdsourcing Prior Art to Defeat 3D Printing Patent Applications

(via Beyond the Beyond)

(Images: Caricature of William Otto Adolph Julius Danckwerts, Caricature of Charles Russell, Leslie Ward/Vanity Fair/Wikimedia Commons)

<iframe width="600" height="450" src="http://www.youtube.com/embed/qikQjh-Vtv0?showinfo=0&autoplay=1" frameborder="0" allowfullscreen></iframe>

Hacking Politics is a new book recounting the history of the fight against SOPA, when geeks, hackers and activists turned Washington politics upside-down and changed how Congress thinks about the Internet. It collects essays by many people (including me): Aaron Swartz, Larry Lessig, Zoe Lofgren, Mike Masnick, Kim Dotcom, Nicole Powers, Tiffiny Cheng, Alexis Ohanian, and many others. It's a name-your-price ebook download.

Hacking Politics is a firsthand account of how a ragtag band of activists and technologists overcame a $90 million lobbying machine to defeat the most serious threat to Internet freedom in memory. The book is a revealing look at how Washington works today – and how citizens successfully fought back.

Written by the core Internet figures – video gamers, Tea Partiers, tech titans, lefty activists and ordinary Americans among them – who defeated a pair of special interest bills called SOPA (“Stop Online Piracy Act”) and PIPA (“Protect IP Act”), Hacking Politics provides the first detailed account of the glorious, grand chaos that led to the demise of that legislation and helped foster an Internet-based network of amateur activists.

Hacking Politics

Rogue archivist Carl Malamud sez, "105 law professors and law librarians have endorsed a call to change U.S. Copyright law to exclude edicts of government. Edicts are "the law" and include all pronouncements of government that are binding on citizens and residents, including statutes, regulations, court opinions, and legally-mandated codes. If ignorance of the law is no excuse, then we must all be able to read, know, and speak the law without restraint. The text of the proposed amendment reads:"

“Edicts of government, such as judicial opinions, administrative rulings, legislative enactments, public ordinances, and similar official legal documents are not copyrightable for reasons of public policy. This applies to such works whether they are Federal, State, or local as well as to those of foreign governments.”

The Edicts of Government Amendment (Thanks, Carl!)

My latest Guardian column is "3D printed guns are going to create big legal precedents," and it looks at an underappreciated risk from 3D printed guns: that courts will be so freaked out by the idea of 3D printed guns that they'll issue reactionary decisions that are bad for the health of the Internet and its users:

More interesting is the destiny of the files describing 3D printed guns. These model-files have been temporarily removed from the internet at the behest of the US State Department, which is investigating the possibility that they violate the International Traffic in Arms Regulations. Wilson says that he's on safe ground here, because the regulations do not cover material in a library, and he says the internet is like a library. As this is taking place in the US, there's also the First Amendment to be considered, which limits government regulation of speech.

Here's where things get scary for me. Defense Distributed is headed for some important, possibly precedent-setting legal battles with the US government, and I'm worried that the fact that we're talking about guns here will cloud judges' minds. Bad cases made bad law, and it's hard to think of a more emotionally overheated subject area. So while I'd love to see a court evaluate whether the internet should be treated as a library in law, I'm worried that when it comes to guns, the judge may find himself framing the question in terms of whether a gun foundry should be treated as a library.

3D printed guns are going to create big legal precedents

When US Federal Judge Otis Wright ruled against Prenda Law (a gang that used sloppy accusations of illegal downloads of pornographic movies to extort millions from people who didn't want the embarrassment of being publicly sued), he ordered Prenda's lawyers to give copies of his ruling to judges in all the other places where they were suing their victims. Judge Wright's ruling called Prenda a "fraud" and said its lawyers engaged in "moral turpitude."

One of Prenda's most colorful lawyers is Jacques Nazaire. He's asked a judge in Georgia to ignore the Judge Wright's order, because Judge Wright is a California judge, and California has gay marriage.

It doesn't stop there. It notes that California courts have different immigration rules and (randomly) that NY has different gun rights. Basically, it throws out every hot button issue that stereotypical conservatives might disagree with stereotypical liberals on.

Of course, all of that is meaningless. While it's true that Judge Wright's ruling is in no way a precedential ruling for the Georgia court, it's still a ruling about federal law, not any specific state law. And the ruling itself is about flat out misconduct (including potential racketeering and tax evasion claims) by the plaintiff in this case, because of actions in a nearly identical case. That's not about California having a "mandate" over Georgia. It's about very relevant additional information that the court should know about.

Nazaire then goes on to list out a ridiculous parade of horribles that he claims would happen if the Georgia court "followed the aforesaid California Order" including that law firms wouldn't be able to use boilerplate text any more. This makes absolutely no sense at all. First of all, the inclusion of Judge Wright's order is not about having the Georgia court "follow" the order, but adding additional important information about the parties in this particular case. Separately, the idea that adding a California ruling into the docket suddenly means lawyers wouldn't be able to cut and paste any more... just doesn't make any sense at all.

Prenda Lawyer Says Judge Wright's Order Is Inapplicable In Georgia Because California Recognizes Gay Marriage [Mike Masnick/TechDirt]

The US State Department has ordered Defense Distributed to take down the designs for a working 3D printed gun, citing export control rules set out in the International Traffic in Arms Regulations. Defense Distributed's Cody Wilson is appealing, and says that ITAR does not apply to "non-profit public domain releases of technical files designed to create a safe harbor for research and other public interest activities" -- though this carve out is for works stored in a library. Wilson's appeal may turn, then, on whether the Internet is a library for the purposes of this regulation. In the meantime, the designs are still up on The Pirate Bay, and are for sale in printed form in an Austin bookseller. More than 100,000 copies of the designs were downloaded from Defense Distributed's servers in the brief time that they were online.

“Until the Department provides Defense Distributed with final [commodity jurisdiction] determinations, Defense Distributed should treat the above technical data as ITAR-controlled,” reads the letter, referring to a list of ten CAD files hosted on Defcad that include the 3D-printable gun, silencers, sights and other pieces. “This means that all data should be removed from public acces immediately. Defense Distributed should review the remainder of the data made public on its website to determine whether any other data may be similarly controlled and proceed according to ITAR requirements.”

Wilson, a law student at the University of Texas in Austin, says that Defense Distributed will in fact take down its files until the State Department has completed its review. “We have to comply,” he says. “All such data should be removed from public access, the letter says. That might be an impossible standard. But we’ll do our part to remove it from our servers.”

Wilson's project is raising some important legal questions, such as whether design files can be considered expressive speech under the First Amendment, and whether the Internet is a library. The question of code-as-speech was famously considered in the Bernstein case, where strong crypto was legalized. However, as we discovered in the 2600 case, judges are less charitably inclined to code-as-speech arguments when they're advanced by non-academics, especially those with counter-culture stances.

Impact litigation -- where good precedents overturn bad rules -- is greatly assisted by good facts and good defendants. I would much rather the Internet-as-library question be ruled on in a less emotionally overheated realm than DIY guns.

State Department Demands Takedown Of 3D-Printable Gun Files For Possible Export Control Violations [Andy Greenberg/Forbes]

(Thanks to everyone who sent this in!)

Rep. Zoe Lofgren (D-CA), Rep. Thomas Massie (R-KY) and Rep. Jared Polis (D-CO) have introduced a landmark technology bill called The Unlocking Technology Act of 2013 [PDF] that reforms the way our devices our regulated. It fixes a glaring hole in the Digital Millennium Copyright Act (DMCA), changing the rules so that you are allowed to remove restrictions and locks from your devices provided that you don't violate other laws (as it stands, removing a lock, even to do something legal, like installing unapproved software on your iPhone or change carriers, is banned by the DMCA). The bill clarifies that security researchers don't violate the law by publishing information about flaws in the devices we trust and depend upon, and makes it legal to break "lock-out codes" that stop mechanics from fixing cars.

This is a watershed moment in 21st century technology law, and it's desperately needed. Every day that goes by sees us more dependent on devices that are increasingly designed to be as opaque as possible -- devices made by companies whose business-model treats customers as adversaries who undermine profits when they turn to third parties for software, repairs and services. It is only the presence of the terrible rules in the DMCA that makes this business attractive -- without these rules, technology locks would be quickly broken in the marketplace and competition -- as well as transparency -- would thrive. If you want to be sure that the devices that fill your rooms, your pockets -- and increasingly, your body -- are well-behaved and trustworthy, please support this bill.

FixTheDMCA.org and a broad coalition of groups are calling on Americans to write to their representatives in support of this bill. Until now, almost all technology activism has been reactive, fighting against bad rules. We finally have the chance to make some good rules, to establish a positive agenda for freedom, trustworthiness and transparency in the devices that form the nervous system of the 21st century.

"The Unlocking Technology Act of 2013" has 3 parts:

- It amends Section 1201 to make it clear that it is completely legal to "circumvent" if there is no copyright infringement.

- It legalizes tools and services that enable circumvention as long as they are intended for non-infringing uses.

- It changes Copyright Law to specify that unlocking cell phones is not copyright infringement.

You can read the full text of the bill here.

Finally, there's a bill in Congress that legalizes cell phone unlocking and fixes the DMCA.