Utah Considering Expansion of Warrantless Internet Subpoenas

According to Slashdot, the state already passed a bill allowing the AG to subpoena ISP or cell carrier customer information under very specific circumstances, namely when dealing with suspicion of a child-sex crime. Now it is contemplating a new bill that would expand this power that bypasses proper judicial oversight.

The expansion definitely is suspect and I hope either it is defeated in the state legislature or, if it should pass on the momentum of its predecessor law, it faces a stiff challenge on a constitutional basis. It seems to me that there should remain a burden on law enforcers, even when dealing with truly deplorable harms to children, to build suspicion into probable cause and secure a warrant. What is the rational here, really?

The sole saving grace is that committee members reviewing the bill balked at a blanket expansion and have pushed back the scope to just suspected felonies and two specific online misdemeanors–cyber-stalking and cyber-bullying. Lowering the bar to mere suspicion, even with these limits, inflames my 4th Amendment lobe something fierce.

Boston Cops Fight Cellphone Recordings

The notion that cheap, ubiquitous recording devices could potentially level the playing field between citizens and authorities is a powerful one. It is a trend that seems either sparse in reality or at least sparsely covered in the media.

On Boing Boing, Cory shares news of increased arrests of citizens recording law enforces at work. Reading through the Boston.com piece, there is more going on here than at first glance. In the states where police have been arresting citizens for recording them, apparently a two-party law has been in effect. These laws are designed to require consent between two parties when recording a private conversation. The officers have been interpreting the law to mean that their consent is required before they can be recorded.

Not surprisingly, a common sense interpretation is evolving around these laws, one which doesn’t favor the officers. Several courts have weighed in on the distinction between public and private recording.

As Cory notes, no doubt even a strong series of bright line rulings won’t stop the officers from continuing to abuse the law, not necessarily for convictions but just for chilling effect. Hopefully, as long as they do, there will be activists willing to keep pushing back so we can figure out the most appropriate role of technology in balancing power between authorities and the citizens they police.

Patry’s Books, Update on Patriot Act Committee Review, and More

  • William Patry’s next book
    His latest book, “Moral Panics and the Copyright Wars” is not surprisingly on my list to be read. Undoubtedly his planned new book will be even more provocative, clearly intentionally so, as he explains he is going to actually layout ideas for actively reforming copyright.
  • And a review of Party’s current book
    Nate Anderson has the review at Ars which warns about Patry’s particularly strong bias in this discussion. Regardless, I am personally encouraged by the characterization as not being a popular book. I’ve already read several of those on the subject of copyright so even more look forward to a potential challenge.
  • Live blogging of Patriot Act committee review
    According to this very current post, a live blog essentially, from the EFF, it looks like the committee vote is still pending. So far, it looks like there have been more wins in terms of which amendments are making it in, very few that preserve or broaden the scope of the law.
  • NY AG sues Intel over protecting its monopoly
    According to this WaPo piece by Cecilia Kang, this is not the first time the chip maker has gotten into this sort of trouble. The EU has been taking them to task for some time, apparently over the same tactics of disguising preferential payments to resellers as rebates. I am not a fan of Cuomo’s efforts on other fronts, though, where his motivates seem to be more paternalistic and over-protective than minimally invasive on issues of regulation.
  • Problematic precedent over private domain registration
    At Techdirt, Mike Masnick is careful to explain that even under CAN SPAM the relevant law under which this ruling was made, private registration being falsification of info is not enough to get one in hot water. But it is troubling as it could be built upon, at least in the ninth circuit, to yield unintended and potentially over broad consequences for a service that has plenty of legitimate uses especially around privacy online.
  • Google expands its use of OAuth
    I think this Register piece confuses the correct application of OpenID, which obviates repeated logins, from OAuth, which confers trust between applications. Regardless, that Google is backing the specification should help its adoption as well as easing consumer annoyances with managing data sharing. I also suspect that this could ease the portability efforts of Google’s own Data Liberation project by providing for secure, direct data exchange rather than the need to export and download before re-importing data into a competitive service.
  • MPAA encourages FCC to consider three strikes, filtering
    Wired has the details on the trade associations filing to the FCC on its broadband plan. Their position is hardly surprising and is just part of a lot of heated rhetoric on a very of fronts they’ve been spewing lately. Unfortunately, big content is building a lot of momentum, if not necessarily success, behind both three strikes regimes and filtering, at least abroad.

Assessing Voting Machine Security, Threatened Voices, and More

  • State of the courts on protecting email privacy
    The EFF has posted a nice survey of the state of several recent rulings in a couple of federal circuits. It is a nice backgrounder for the story I linked to yesterday, where a judge ruled that execution of a warrant need not include notification if the email being searched was stored on a third party server.
  • Act now on two critical bills facing committee vote
    The EFF has posted an action alert to contact your Congress critters on a Patriot Act reform bill as well as a states secret reform act. The committee vote for both is schedule for tomorrow, so act now.
  • First hand account of unsecured machines prior to election day
    Professor Felten took an informal survey of his local polling places. He did so in the few days leading up to election day as this has been when many researchers have been able to show windows of opportunity for attack. The results are not good, with only a small minority of an admittedly small sample of locations having the machines adequately locked away.
  • EU softens on open formats for public services
    Ryan Paul has the story at Ars based on a leaked draft of a document previous versions of which showed much stronger promise. In addition to a general dilution of the language around open-ness in this present version, Paul points out a troubling rationalization, emphasizing interoperability over open-ness and using that to advance homogeneity as a now more preferred means to that end.
  • Brazilian sets up adversarial testing of its voting systems
    Mike Masnick at Techdirt points out that not only is that country’s government setting up this testing that US vendors have roundly resisted, but has also put forward a bounty to whichever research team that successfully hacks the machine.
  • Latest moral panic from Hollywood over net neutrality
    At Techdirt, Mike Masnick has an unusually lengthy and detailed analysis of an FCC filing from the MPAA on the net neutrality rule making currently underway. A lot of this rhetoric is consistent with big content’s panics of the past so it’s not surprising that Masnick concludes that this is all there is to the filing.
  • Map of threatened bloggers around the world
    Ethan Zuckerman of the Berkman Center has a good write up of a solid bit of hacktivism on his blog. Threatened Voices is consistent with several efforts in that it will be an ongoing, of necessity incomplete effort and hopefully a necessary prelude, that of gathering collective knowledge, to further action.

Shorter Copyright Terms, Chilling and Warming Effects, and More

  • Why we need shorter copyright terms
    Glyn Moody provides a strong, well reasoned case for shorter terms bolstering creativity. As an author, he has skin in the game and bases much of his argument on his own, first hand experience.
  • UK border agency suspends DNA profiling
    This Register piece offers a bit more explanation of the agency’s rational. As such, it seems like a narrow case, to me, not worth the unintended consequences and the inevitable high cost in terms of eroded civil liberties.
  • EU claiming head start on net neutrality
    Nate Anderson at Ars discusses remarks by EC Viviane Reding. Her target largely seems to be the de-regulatory approach of the US, contending what I have believed for some time, that removing requirements around whole sale provisions is decreasing competition for access.
  • Japanese court overturns secondary liability for infringement
    Cory has the link and an explanation at BB. The ruling on appeal seems to have hinged on the software author’s intent. It also defies the common stance in other countries, increasing pushes for strict liability, even liability for inducement.
  • EFF on new FTC rules for social media and ads
    The EFF got an answer from the FTC’s Cleland who claims that traditional media has rules around endorsements and review products so doesn’t need these new rules. This has a high bogosity quotient and the EFF is looking to press the issue as part of its larger initiative on blogger’s rights.
  • Chilling and warming effects in spat between BB and Ralph Lauren
    Wendy Seltzer has an excellent teaching moment type of post on Freedom to Tinker. It recaps the DMCA claim and ultimate, warming effect resolution between the clothier and the copyfighting culture blog.
  • Google starts fixing issues with access to Usenet archives
    Wired has a good follow up to what appears to be a direct response to their earlier criticism of Google’s curation of the Usenet archives it acquired a while ago. Google is optimistic that there is a single specific bug responsible for the poor search Poulsen described in his first post.
  • Amendment would deny protections to bloggers
    The EFF has news of another bit of legislation selectively curtailing protections for online speech. One of the senators responsible apparently claims the amendment to be a procedural gambit but this seems like an awful dangerous waiver if it doesn’t pay off for the greater good.
  • Wikileaks looking to embed submission form
    Dana Oshiro at RWW has the details of the info warehouse site’s plans to partner up with high profile sites to help with its collection of interesting data.

Three Strikes Hypocrisy, PATRIOT Act Reforms Falter, and More

  • More opinions on FTC rule for bloggers and product reviews
    Adam Theiere of the Technology Liberation Front provides a good list of links to folks chewing on the recently announced FTC rule. Like me, most still have more questions than answers. Adam calls out some potentially disturbing implications, namely that it looks like traditional media may largely get a pass on these new rules.
  • Hypocrisy abounds with three strikes champion Sarkozy
    According to the quote Cory extracted from this story, this isn’t even the first time Sarkozy has been caught out infringing copyright. I am sure the French president sees a difference in kind between P2P based infringement and what he has done, repeatedly, though the law makes no such distinction.
  • New release backs DVD Jon’s venture with Amazon’s legitimate MP3 store
    As Dana Oshiro explains at RWW, Johansen’s DoubleTwist was launched to use his knowledge of circumvention to enable device shifting. I don’t know much else beyond that but have to imagine that their use of Amazon’s MP3 store may increase their profile to the point where we may see some uncomfortable questions brought to bear on the venture’s other offerings.
  • PATRIOT Act review fails to reign in search powers
    The EFF tweeted the link to this NYTs piece. It looks like the provisions of the bill set to expire will be renewed largely as is. The article details the last minute edits that led to some vastly weakened measures being swapped in to replace my aggressive reforms proposed earlier. There is still the JUSTICE Act to consider but this is disheartening.
  • Piracy Payback offers a way to pay for your P2P indulgences
    Nate Andersion describes the idea at Ars, one that doesn’t seem like either side of the P2P conflict really want or are likely to use. Worse, I can easily see how an adversarial label could snare the company with secondary liability for inducing users to partake of P2P regardless of any fees collected on their behalf.
  • One of The Pirate Bay brings criminal charges against anti-piracy group
    Mike Masnick at Techdirt has the very torturous details of BREIN’s efforts in bringing its suit against The Pirate Bay. As it turns out, brokep seems to have uncovered evidence that part of their twisted efforts was to falsify a report, essentially committing perjury, and on that basis is pressing his own fraud charges.

Federal Register Opens Its Data, Apple Reverses on Politically Charges App, And More

  • Apple approves political app if formerly rejected
    Via Daring Fireball. Not much explanation offered from the reversal, the author chooses to believe it was due to public pressure. It seems a bit of a devil’s bargain as one of the updates on their site says Apple insisted that critical statements about the approval process be removed from the app’s description in the store.
  • Federal Register opens up its data
    Google’s public policy blog is just one of those reporting this landmark event. I’ve bookmarked Felten’s discussion of FedThread to discuss further but I expect it will only be the first of many projects intended to take advantage of this new wealth of both current and historic data.
  • Q and A about the Federal Register
    An O’Reilly Radar piece by Public Resource’s own Carl Malamud that gives much more detail about the recent good news. Carl speaks directly to the CIO of the Government Printing Office and the Directory of the Office of the Federal Register.
  • Fear of failure stymying open source in the government
    An intriguing thought shared by Glyn Moody from an event in which he recently participated. The implication, to me, is that commercial, closed software is perceived to be less risky and hence easier to justify to tax payers. I do like that the quote calls out failure as a necessary component to experimentation and innovation. I think it is an interesting challenge regardless of open or closed source, but definitely can see how it fear of failing would chill adoption of open source in particular.
  • Thawte ending its web of trust, personal email certificates
    According to their FAQ, they are citing the cost of continuing to offering personal email certificates backed by their web of trust. I think the implication is clear, that it is also due to lack of interest. Do you know anyone using one of their email certificates?
  • Royal Mail sends nasty gram to Wikleaks
    Glyn Moody does an excellent job following up this almost inevitable story after the postal database was posted a while ago. Glyn also digs into the sui generis rights the EU decided to grant over databases, in particular the near zero net effect doing so actually had.
  • Palm fixes developer program, encourages open source
    I am glad to see my skepticism deflated by this Ars story posted by Ryan Paul. This confirms Sarah’s comments on my link to jwz’s story and includes a lot of positive details like some respectable hires by Palm from the larger community.
  • FSF files amicus brief for Bilski
    PJ has her usual, excellent analysis at Groklaw. With briefs filed by RedHat and the SFLC, it was almost a foregone conclusion there would be one from the FSF, too. The brief adds to the strong anti-patent rhetoric with some compelling examples of software in use by the government that would be adversely affected by a damaging patent claim against free software interests.
  • Eolas files patent claims against big tech companies
    As Jacqui Cheung explains at Ars, Eolas won a much older claim against Microsoft and had that ruling ultimately upheld on appeal. They are apparently now feeling their oats and targeting the likes of Apple and Google.
  • Calling shenanigans on Fox’s coverage of the PATRIOT Act reform
    The EFF has links to some fact checking by the CATO Institute’s Julian Sanchez, including a bit of video covering what the news outlet is getting wrong. The EFF post has links to coverage around the web if you want more information for better context, too.

PATRIOT Act Reform Stumbles, Jamming Junk Mail, and More

  • Reform of PATRIOT Act gutted during mark-up
    According to the EFF, one of the author’s of the amendment that would help restore some privacy protections acted to weaken the very same amendment at the last minute. The only rationale offered is that the original text of the amendment would interfere with ongoing investigations.
  • Humorous, anarchistic pamphlet designed for reply mailers
    Cory points out a clever hack of those ubiquitous pre-paid business reply envelopes that come with every junk offer for a credit card or subscription. The social commentary is priceless, suggesting a collapse of corporate culture into a neo-savage utopia. Doesn’t appear to be a print form of the work, though, so more of a gag than something you could actually use.
  • Court invalidates the top patent EFF has been working to bust
    According to Mike Masnick at Techdirt this was not a direct result of the EFF’s patent busting work. Mike also hints at the cold comfort to those trolled with this patent, that they still had to pay fees and endure legal hassle. The win is encouraging, though, but tempered by how long the process ultimately took.
  • Tenth anniversary of OpenSSH celebrated with a new release
    It definitely is a work horse, indispensable to anyone dealing with remote administration of even a single *nix machine. Here’s to ten years more, or however long until someone comes up with something not only better but provably more secure.
  • Still much to be concerned about US-Canada border searchers
    According to The Globe and Mail, it isn’t just the search powers and policies on the US side that are problematic. According to the article, the border patrols mandate extends well into your electronics and with precious little oversight. It also reminds me of a recent Spark story about not just a physical search, but a Google search causing problems.
  • Proving a computer kernel correct
    This is a pretty astonishing accomplishment. Schneier uses to demonstrate the scale of the problem for the operating system kernels you and I use every day. He estimates something on the order of 20,000 man years to accomplish that task.
  • Federal judge upholds first-sale doctrine for software
    The EFF tweeted this link, which details a suit against Autodesk by a user trying to resell his software on eBay. The article mentions another, similar case where the judge there also ruled in favor of the consumer’s right to resell.

New JUSTICE Act Would Reform PATRIOT, FISA Amendments

I was thrilled to see Cory’s post on Boing Boing about the JUSTICE Act linking to and abstracting from Kevin Bangston’s write up at EFF.

On December 31, three provisions of the USA PATRIOT Act that broadly expanded government surveillance authority in the wake of 9/11 are set to expire.1 The Obama Administration made clear in a letter this week to Senate Judiciary Committee Chairman Patrick Leahy that although the Justice Department supports reauthorization of those provisions, it is also open to discussing modifications to the law β€œto provide additional protection for the privacy of law abiding Americans.”

Senators Feingold and Durbin introduced the bill to capitalize on that opening for discussing amendment to these provisions. As a compromise the bill would renew two of the three provisions but with critical checks that would help restore protections against unjustified surveillance. It looks like it will go a long way towards reining back in the National Security Letters and even more critically would repeal immunity for the telcos that participated in the illegal but still contested wiretaps that the FISA Amendment Act protected.

It is too soon to make any predictions but I am optimistic about the chances for this bill. The concession of some powers to law enforcers may make the bill much more passable than past attempts at reform. The EFF in particular will be following the bill’s progress closely. If passed with the immunity repeal intact, it would allow their cases on the warrantless wiretaps to proceed.

Week in Review for 8/16/2009

Quick News Links

  • Are IT’s glory days over?
    This is a far less inflammatory NYT piece than it first appears. Even Siebel on further conversation tries to wave away some of the impact. Randall Stross does a good job of finding enough alternate viewpoints for you to draw your own, imprecise conclusions.
  • Alpha of next Firefox version released
    Some good details from Ars on what the next version will include based on what is available in this first alpha. The point version seems warranted as the focus seems to be on performance and other optimizations rather than large, new features.
  • Tenenbaum lawyers commit to continuing defense against RIAA
    This is a bit of encouraging news reported by Nate Anderson at Ars. Even beyond Nesson’s commitment to keep fighting for Tenenbaum and to seek even wider redress, I think Nate hits on a critical point of this fight. Statutory damages were designed with corporate infringers and commercial pirates in mind. Leveraging them against individuals is hardly fair as Nesson has repeatedly contended.
  • Considering the competitive strategy of Chrome OS vs. Microsoft
    This is a fascinating piece by Zachary at Tech Review. He explores much more than the technical arguments around the Chrome OS. He makes a pretty good argument for the business reasons and historical circumstances that may ultimately lead to Google winning out over Microsoft.
  • Some advertising networks using Flash to foil opt-out
    I’ve talked about the risk of Flash cookies, before. Wired, here, covers a government report that has uncovered some distressing uses that I wish I could say surprised me, but a recent post by Ed Felten on Freedom to Tinker suggested that there are certainly worse things than simple browser cookies. This is at least one thing he meant by that.
  • Flash cookie research prompts an advertising to change policy
    A good follow up from Wired. It suggests that there is definitely room for more privacy tracking work, maybe something similar to StopBadWare, either as a substitute for regulation or to supplement and augment it.
  • Music labels plan to introduce their own music file format
    BBG among others picked up this story. I think this is another case of the industry unhappy with their current revenue streams, trying to invent a new demand. I am doubtful it will succeed, given the ease of acquisition for a single, through legitimate or other channels. I also don’t think high quality album art and similar add ons are enough to make it worth more than the singles as MP3 or other existing audio format files.
  • Beta glimpse of Google’s new search engine
    RWW has some quick side-by-side comparisons. The new engine appears to be some infrastructure improvements in the search engine across the board, from crawling, to speed and quality of results.
  • More on forthcoming improvements to Google’s search
    Wired’s WebMonkey has a few more details, and also weighs in that the developer sandbox version yields faster, better results. Good news for Google with the social services focusing on search and Microsoft still trying to claw their way into the space.
  • A standardized operating system for robots
    I’ve heard this story, before. A couple of robotics kit makers promised a standardized base to which other vendors could make add-ons and peripherals. I don’t think this is a technical problem, I think it is a market problem. Until there is a compelling need for robotics in the home, I don’t think there is the kind of demand needed to drive this sort of open standardization.
  • Lockpicking and the internet
    The meat of this post by Schneier actually locks at the security problems with newer electronic locks but I was more interested by the first half. There he seems to be using online info on locks to make implications about disclosure. If we don’t have access to information on these locks, we can’t know how they will fail and can’t then build good security.
  • UK Pirate Party launched
    The BB story and its link simply report that the party has its infrastructure yp and running and is registered with the appropriate authorities in the UK. I do think it is good further evidence of how copyright issues are seeping into policy discussions in more and more places.
  • Issues the Pirate Party in the UK needs to address
    The Slashdot piece suggests that the part will also focus on surveillance as an issue. I think that is consistent with the platform of other instances of the party. Sadly, I don’t see any real in-depth discussion at the linked story beyond copyright reform.
  • New uTorrent includes network management friendly features
    uTorrent and others have just about always had the ability to throttle transfers which is a good idea when using a potentially limited connection. The new features in the beta, according to the Register, would appear to give users more insight into usage and make the client a better network citizen over all.
  • Two Brits convicted of refusing to decrypt data
    According to the Register, there are few details as this case was made public in a government report. The report doesn’t reveal the defendants names or any other details. They may not have even been defendants in a case originally, merely prosecuted for defying police powers granted by RIPA.
  • Movie industry now wants internet disconnect power
    According to this BB piece, the point of contention is once again judicial review. The movie industry finds it too time consuming and inconvenient. Excuse me? Protecting citizens’ rights and due process is inconvenient? Forget the antiquated business models, this poor grasp of the purpose of the judiciary is far more concerning.
  • Interpreting IBM’s stance on patents
    A nice bit of work by Glyn Moody. No doubt if IBM responds, they’ll continue to muddy the waters, but I think the material Moody has turned up make it clear that IBM wants the perception of being reform friendly but doesn’t want to have to give up its portfolio any time soon.
  • First formally proven operating system kernel
    Formally proven software is difficult given the complexities of real world software. This is a pretty amazing feat for something of the scale of an operating system kernel and immediately useful where reliability is the utmost priority, like safety systems.
  • New campaign for photographers’ rights
    Details and a link at BB. Seems like a long overdue effort. I like the bust card, a good way to help educate folks on the ground and ensure they have the info to hand they need to protect themselves as needed.
  • EFF criticizes Burning Man for limiting attendees fair use rights
    As the EFF notes, BMO’s motives may have be praise worthy but this sort of co-opting of people’s rights is never a good idea. The unintended consequences constitute to large a risk for the tactic to be worth trying.
  • Burning Man responds to EFF’s criticism
    BB has an extensive quote here with which I am sympathetic. The goals aren’t really the question, just the means. There has to be a better way to accomplish what the organizers want without resorting to this tactic.
  • Mozilla project to allow non-coders to help with Firefox development
    RWW has the details of a program announced earlier. The idea in a nutshell is to perform distributed usability testing, an ambitious plan that could really kick start the user facing developments in future versions of Firefox.
  • Sony adopts the ePub format, but with DRM
    RWW confirms what was unclear in some other coverage, that Sony is supporting a DRM wrapper around ePub, something which the format allows. It leaves me feeling a bit ambiguous as I like seeing further adoption of this otherwise open format but the fact that it can be so easily locked up bothers me. It makes me question whether ePub can in fact do what MP3 did as a de facto standard in pressuring Apple to drop DRM for their music offering.
  • Google Books adds CC license option
    This is indeed good news, straight from the CC blog itself. While it is preserving authors’ choice, though, the license is not a searchable option which means that if you don’t know what you are looking for, just doing a broader subject search, you’re still likely to get a mixed bag of copyrighted and open content.
  • Creating an AI to explore the nature of evil
    According to this SciAm article, this is a bit less practical than I was expecting. It seems more like a philosophical exercise rather than one with any sort of applications in cognitive psychology or robotics. The model doesn’t seem terrifically detailed, either, though I supposed that is understandable given how hesitant researchers are with examining even less squeamish aspects of the human psyche.
  • Firefox extension to frees court documents locked behind paywall
    The pertinent details are quoted in the BB post. The idea is to crowd source the micro payments to get a single copy of a previously protected document and then share that one copy forward to everyone else using the extension or the database that drives it. Shame we need this bit of hacktivism but very clever nonetheless.
  • Ubuntu removes controversial, experimental search extension
    Via Groklaw, no real explanation in the launchpad ticket to which the link points as to why. Top be fair, the extension was always described by Canonical as an experiment, so this could be a legitimate move as much as a result of pressure from public outcry.

Quick Security Alerts

Quick Follow Up Links