Main Menu

Home
About
Archive
Contact Us
Search
DHS Watch
Subscribe / RSS
Link Directory
Submit Content
Liberty Library

Freedom Quote

If ye love wealth greater than liberty, the tranquility of servitude greater than the animating contest for freedom, go home from us in peace. We seek not your counsel, nor your arms. Crouch down and lick the hand that feeds you; and may posterity forget that ye were our countrymen.

Samuel Adams

FeedBurner Subscribe





feed image
Advertisement


ShadowMonkey




Popular

Of Interest

Latest

New Links

1. Justice for None
    Category:Blogs and Other Web Pubs
2. Open CRS
    Category:Miscellaneous
3. Unorthodoxy.net
    Category:Blogs and Other Web Pubs
4. Chronicles of Dissent
    Category:Blogs and Other Web Pubs
5. National Constitution Center
    Category:Organizations
Electronic Frontier Foundation's Action Alerts E-mail
Sunday, 02 July 2006

ShadowMonkey is proud to support the activities of the Electronic Frontier Foundation (EFF) by including the organization's Action Alerts, through which you can contact your representatives on impending legislation that will have a direct effect on your civil liberties online.

Viacom's Statement on YouTube User Data Controversy

Viacom released the following statement today in response to the YouTube user data controversy (first reported on this blog):

"It is unfortunate that we have been compelled to go to court to protect Viacom's rights and the rights of the artists who work with and depend on us. YouTube and Google have put us in this position by continuing to defend their illegal and irresponsible conduct and profiting from copyright infringement, when they could be implementing the safe and legal user generated content experience they promise.

The Court's recent decision has triggered concern about what information will be disclosed and how it will be used. Viacom has not asked for and will not be obtaining any personally identifiable information of any user. Any information that we or our outside advisors obtain -- which will not include personally identifiable information -- will be used exclusively for the purpose of proving our case against You Tube and Google, will be handled subject to a court protective order and in a highly confidential manner.

In addition, the New York Times reported that:

Google and Viacom said they had had discussions about ways to ensure the data is further protected to assure anonymity.

“We are disappointed the court granted Viacom’s overreaching demand for viewing history,” Catherine Lacavera, Google’s senior litigation counsel, said in a statement. “We are asking Viacom to respect users’ privacy and allow us to anonymize the logs before producing them under the court’s order.”

Michael Fricklas, Viacom’s general counsel said: “We are investigating techniques, including anonymization, to enhance the security of information that will be produced.”

Mr. Fricklas added that Viacom would not have direct access to the information Google produces, and that its use would be strictly limited. Viacom would not, for example, be able to chase down users who illegally posted clips from “The Colbert Report” on YouTube.

“The information that is produced by Google is going to be limited to outside advisers who can use it solely for the purpose of enforcing our rights against YouTube and Google,” Mr. Fricklas said. “I can unequivocally state that we will not use any of this information to enforce rights against end users.”

It is encouraging to see that both Viacom and Google are responding to the important privacy interest raised by the court's order. We plan to continue discussions with the parties on ways to protect the privacy of the YouTube users and ensure that their rights under the Video Privacy Protection Act are given effect.

Court Rejects Attempt to Expand the DMCA

Yesterday, a district court dismissed several claims in the case Coupons, Inc. v. Stottlemire, in which we had, in March, filed an amicus brief. Coupons offers online coupons that consumers can access and print using software provided by Coupons. The software tries to limit the number of times a user can print each coupon. Coupons claims that John Stottlemire created a tool that modifies the Coupons software, allowing users to print more coupons.

The claims we were most interested were Coupons's "anti-circumvention" claims under the Digital Millennium Copyright Act (DMCA). Coupons claimed that Stottlemire's tool circumvents technological measures that limit use of its coupons (a "rights-control" claim), but also tried to allege that the tool circumvents measures that limit access to those coupons (an "access-control" claim). The problem is that the tool doesn't have anything to do with access - anyone can access the coupons whether they use the original software or the modified software.

This isn't just an academic issue. While the DMCA prohibits the distribution of tools that circumvent rights or access controls, it prohibits actual circumvention (e.g., through use of such tools) only in the case of access controls. This is because controlling use of copyrighted material is already addressed by copyright law, and addressing it again in the DMCA would upset the careful balance between the rights of copyright owners and those of the public. As the court properly understood, maintaining a clear distinction between access-control claims and rights-control claims "leaves room for individual fair uses, adaptations for the blind, library research, and the other statutory exceptions to copyright." Because the court agreed that Coupons's DMCA claims "blur the carefully constructed distinction between 'access controls' and 'rights controls,'" the court dismissed the access-control claim. (The court is giving Coupons a chance to try to amend its access-control claim to see if it can save it, but it seems unlikely to us that Coupons can do that.)

At the hearing, EFF's positions were ably argued by Hari O'Connell and Domenic Ippolito, law student members of the Samuelson Law, Technology and Policy Clinic at the Berkeley School of Law.

minilinks for 2008-07-02

  • Is the Gov't Tracking Us Through Our Cellphones? Lawsuit Seeks Answers
    A lawsuit brought by EFF and the ACLU seeks to force release of documents on cellphone tracking.
  • RIAA requests internet filtering in international treaty
    The ACTA treaty is too secret for the public to see, but the RIAA has been able to make suggestions -- including gutting "safe harbor" provisions that protect ISPs.
  • US and Europe near agreement on private data
    Law enforcement agencies are looking for common ground to increase the sharing of private data across the Atlantic.
  • MPAA helps land criminal conviction in P2P case
    A Homeland Security raid on EliteTorrents eventually led the first jury conviction for P2P piracy.
  • Warning to copyright enforcers: 3 strikes and you're out
    EFF Fellow Cory Doctorow has a modest proposal to punish serial abusers of copyright law.

    • Cartoon: The Return of Snuggly, the Security Bear

    A few months back, SF Gate cartoonist Mark Fiore introduced his character Snuggly, the Security Bear, with a brilliant take on telecom immunity. Now, Snuggly is back, and he has a few words to say about "compromise."

    What The New NSA Spying Decision Means for the Immunity Debate

    As we reported yesterday, Chief Judge Vaughn Walker of the Northern District of California has just issued a key ruling in Al Haramain v. Bush, one of the cases challenging the NSA's warrantless wiretapping program. Judge Walker is also overseeing the consolidated litigation against the telecoms. With the Senate poised to vote on the FISA Amendments Act and immunity this Tuesday, this decision is particularly timely, as it demolishes key arguments made by proponents of telecom immunity:

    Myth: The telecoms can't defend themselves in court because of the government's assertion of the state secrets privilege.
    Fact: The Al Haramain decision makes clear that the state secrets privilege will not prevent the telecoms from defending themselves, because FISA's evidentiary procedures preempt the privilege. See Opinion at p. 2 ("FISA preempts the state secrets privilege in connection with electronic surveillance for intelligence purposes.")

    Myth: It's not fair to punish the telecoms for relying in good faith on the president's authorization to conduct the surveillance, even though it violated FISA.
    Fact: In an extended discussion, the Al Haramain decision makes clear — or rather, shows how clear it already was — that the President's commander-in-chief powers do not give him the authority to ignore FISA. See Opinion at pp. 10-14, 23 ("[With FISA,] Congress appears clearly to have intended to — and did — establish the exclusive means for foreign intelligence surveillance activities to be conducted. Whatever power the executive may otherwise have had in this regard, FISA limits the power of the executive branch to conduct such activities....")

    Myth: Getting new language in the FAA asserting that FISA is the exclusive means by which the President can conduct domestic surveillance is a fair trade for gutting FISA's long-standing protections and giving the telecoms immunity.
    Fact: Again, the Al Haramain decision makes clear that FISA was already the exclusive means by which the President may authorize electronic surveillance. See Opinion at p. 13 ("[FISA's language] and its legislative history left no doubt that Congress intended to displace entirely the various warrantless wiretapping and surveillance programs undertaken by the executive branch and to leave no room for the president to undertake warrantless surveillance in the domestic sphere in the future.")

    Myth: The cases against the telecoms were never going to go anywhere anyway, because of state secrets.
    Fact: In discussing what level of evidence a plaintiff needs to demonstrate that they were "aggrieved" by electronic surveillance, and thereby avoid the state secrets issue by taking advantage of FISA's security procedures, Judge Walker specifically refers to the evidence put forward in the cases against the telecoms. See Opinion at p. 51 ("Plaintiff amici [i.e. EFF and others] hint at the proper showing when they refer to “independent evidence disclosing that plaintiffs have been surveilled” and a “rich lode of disclosure to support their claims” in various of the cases [against the telecoms].")

    Myth: Letting the cases continue risks the disclosure to the public of information that would harm national security.
    Fact: The Al Haramain decision makes clear that the telecom litigation would proceed under FISA's long-standing, never-breached security procedures, with classified evidence being considered by the court securely behind closed doors. See Opinion at pp. 18-19 (describing FISA security procedures, which preempt state secrets, as "Congress' specific and detailed prescription for how courts should handle claims by the government that the disclosure of material relating to or derived from electronic surveillance would harm national security....")

    Myth: Anyone harmed by the surveillance program should just sue the government; why bother suing the telecoms?
    Fact: Judge Walker's dismissal of Al Haramain's FISA claim, see Opinion at p. 56, following on the dismissal of the ACLU's case challenging the president's program in the Sixth Circuit, shows how cases against the government face their own challenges, and are no replacement for the telecom cases which remain the best bet for getting a ruling on the legality of the surveillance.

    Myth: The telecoms have a "common law" defense for responding to the government's illegal requests.
    Fact: As the Al Haramain decision explains, FISA's comprehensive regulation of electronic surveillance preempts the common law when it comes to such surveillance. See Opinion at pp. 16, 20 ("Congress through FISA established a comprehensive, detailed program to regulate foreign intelligence surveillance in the domestic context.... [Congress] inten[ded] that FISA should displace federal common law rules...with regard to matters within FISA's purview.")

    Judge Walker's decision makes clear that Congress is about to pass telecom immunity based on arguments that are just plain wrong. Congress should take the time to look at the facts, rather than be fooled by the myths. It should not to rush to judgment next week. If you haven't already, phone your Senators now and urge them to vote against ending debate on the FISA bill, vote for the amendments to the bill that would strip or weaken the immunity provisions, and vote against final passage of the bill.

    Legal Filesharing on Campus?

    As EFF has been saying for years, the best way forward in the wars over illegal filesharing is the creation of a Voluntary Collective Licensing system. It sounds simple enough: Music fans would pay a small fee each month in exchange for a blanket license to share and download whatever they like. Collecting societies would collect the money and divvy it up between rights-holders based on which files are shared the most.

    But how would such a system get started? One way to get a system like this up and running would be to start up in a university setting. As the RIAA well knows, students are already sharing files with increasing regularity over university P2P networks -- and increasingly getting sued for it. And, since universities are already charging fees to their students, it would theoretically be possible for universities to add a voluntary option to charge for such a service.

    Recent UC Berkeley School of Information graduates Matt Earp and Andrew McDiarmid have produced an excellent masters thesis on how such a university-based VCL system might work. Their report, Investigating Voluntary Collective Licensing for Music File-Sharing at UC Berkeley, starts with the following questions:

    Would such a system be attractive to students?
    Is it technically achievable?
    Is it in Berkeley's best interest?
    How might the industry respond?

    Earp and McDiarmid conducted interviews and surveys with students, UC administrators, music informatics firms, and music professionals with experience in digital music licensing. Not surprisingly, they found strong support in the UC community for VCL, with administrators expressing frustration at their difficult balancing act between adhering to copyright law and maintaining student privacy (a statement echoed by UCLA Director of IT Strategic Policy Kent Wada in his Educause paper "Get me out of the Middle"). They also found that 65% of students surveyed said they were willing to pay into a VCL system.

    Interviews with music industry insiders were less promising. Earp and McDiarmid found music industry executives "wedded to the physical model" of selling plastic CDs and reluctant to give up control of digital content in favor of alternative compensation schemes. But they also found some reason for hope, noting that Warner Music has recently hired digital music guru Jim Griffin to investigate licensing options for the company.

    Voluntary Collective Licensing will happen sooner or later. Hopefully universities will take advantage of their unique position to become part of a solution that gets artists paid while protecting their students from the constant threat of strong-arm tactics from an out-of-touch music industry empire.

    Senator Hatch and Tinfoil Hats

    Apparently no longer even bothering with coherent or rational arguments, supporters of the flawed surveillance bill have now resorted to namecalling. Here's Senator Orrin Hatch's argument in last Thursday's Senate debate. (h/t ThinkProgress)


    "How many times have we heard claims that the Protect America Act would permit the government to spy on innocent American families overseas, on their vacations? Or innocent American soldiers overseas serving their country? Or innocent American students who are simply studying abroad?

    Painting this type of picture only feeds the delusions of those who wear tinfoil hats around their house and think that Nine-Eleven was an inside job.

    That's a strong statement. Who exactly is Senator Hatch referring to?

    Here's USA Today in May of 2005:

    "National Security Agency has been secretly collecting the phone call records of tens of millions of Americans, using data provided by AT&T, Verizon and BellSouth... For the customers of these companies, it means that the government has detailed records of calls they made — across town or across the country — to family members, co-workers, business contacts and others."

    Here's The New York Times' Pulitzer-winning coverage in December of 2005:

    "As part of the program approved by President Bush for domestic surveillance without warrants, the N.S.A. has gained the cooperation of American telecommunications companies to obtain backdoor access to streams of domestic and international communications, the officials said."

    And here's The Wall Street Journal in March of this year:

    "According to current and former intelligence officials, the spy agency now monitors huge volumes of records of domestic emails and Internet searches ... The haul can include records of phone calls, email headers and destinations, data on financial transactions and records of Internet browsing."

    It's a simple fact: AT&T and other telcos illegally sent millions of Americans' private domestic communications to the NSA for at least five years. Senator Hatch and other telco allies continue to make nonsensical accusations like this because they know arguing their case with actual evidence and substance is a lost cause.

    If you haven't already, call your Senators now and tell them to oppose telco immunity and the new surveillance bill.

    Breaking News: Court Holds That FISA Preempts State Secret Privilege

    New NSA Spying Decision Undermines Arguments for Telecom Immunity

    Today, Chief Judge Vaughn Walker of the Northern District of California, issued an opinion in Al Haramain v. Bush, one of the cases challenging the NSA warrantless wiretapping program. The Court found that the Foreign Intelligence Surveillance Act (FISA) preempted the state secret privilege. This important decision is particularly timely, as it undermines key arguments for telecom immunity on the eve of the Senate vote on a FISA bill, set for next week.

    The Court's Holding

    The Al Haramain case alleges that the Bush Administration illegally targeted the leaders of an Islamic charity and their lawyers for warrantless surveillance by the NSA. Their claims are based on a secret document that was accidentally disclosed to the plaintiffs by the government that the plaintiffs allege demonstrates they were subjected to warrantless wiretapping (the contents of the document are tightly sealed as a state secret).

    In today's decision, Judge Walker dismissed the Al Haramain case for the time being, but gave the plaintiffs leave to amend their complaint to assert more facts. This was the government's second attempt to dismiss the Al-Haramain case. The first motion to dismiss reached the Ninth Circuit Court of Appeals, which returned the case to Judge Walker's court to consider whether FISA preempted the government's claim to secrecy.

    The good news is that the Court held that "FISA preempts the state secrets privilege in connection with electronic surveillance for intelligence purposes and would appear to displace the state secrets privilege for purposes of plaintiffs’ claims." The Court rejected the expansive view of executive power promoted by the government, holding that the President's authorities under Article II of the Constitution do not give him the power to overrule FISA.

    The bad news is that "FISA nonetheless does not appear to provide plaintiffs a viable remedy unless they can show that they are 'aggrieved persons' within the meaning of FISA." The Court ultimately found that Al Haramain had not provided a sufficient showing that they were "aggrieved," but gave permission to re-file the complaint with more information.

    Decision Undermines Telecom Immunity Arguments

    While the case only directly addressed the Al Haramain case, Judge Walker did mention the cases against the telecommunications giants who participated in the illegal surveillance program:

    Plaintiff amici [i.e. EFF and others] hint at the proper showing when they refer to “independent evidence disclosing that plaintiffs have been surveilled” and a “rich lode of disclosure to support their claims” in various of the [NSA spying] cases.

    Accordingly, so long as the telecom plaintiffs have unclassified evidence tending to establish that they were surveilled--which exists, for example, in Hepting v. AT&T, via AT&T documents provided by whistleblower Mark Klein--FISA's procedures kick into effect and the Bush Administration cannot unilaterally get rid of the telecom cases pursuant to the state secret privilege.

    Moreover, this ruling would allow the telecoms to present their defenses. A major talking point for telecom apologists is that the the telcos were unfairly prevented from mounting a defense by the state secret privilege. By holding that FISA's existing evidence security procedures preempt the state secrets privilege, the decision belies telecom immunity proponents' claims that the litigation was unfair because the privilege prevented the telecoms from defending themselves. It also refutes claims that the lawsuits against the telecoms weren't going to go anywhere anyway.

    Yet, even as the prospects for accountability from the telecoms grow brighter with this decision, Congress is poised to prevent the courts from doing their job by unjustifiably granting immunity to these companies that violated the rights of millions.

    Call your Senators today, and ask them to vote against retroactive immunity for law breaking telecommunications companies.

    Court Ruling Will Expose Viewing Habits of YouTube Users

    Yesterday, in the Viacom v. Google litigation, the federal court for the Southern District of New York ordered Google to produce to Viacom (over Google's objections):

    all data from the Logging database concerning each time a YouTube video has been viewed on the YouTube website or through embedding on a third-party website

    The court’s order grants Viacom's request and erroneously ignores the protections of the federal Video Privacy Protection Act (VPPA), and threatens to expose deeply private information about what videos are watched by YouTube users. The VPPA passed after a newspaper disclosed Supreme Court nominee Robert Bork's video rental records. As Congress recognized, your selection of videos to watch is deeply personal and deserves the strongest protection.

    The Logging database contains:

    for each instance a video is watched, the unique “login ID” of the user who watched it, the time when the user started to watch the video, the internet protocol address other devices connected to the internet use to identify the user’s computer (“IP address”), and the identifier for the video.

    Google correctly argued that “the data should not be disclosed because of the users’ privacy concerns,” citing the VPPA, 18 U.S.C. § 2710. However, the Court dismissed this argument with no analysis, stating “defendants cite no authority barring them from disclosing such information in civil discovery proceedings, and their privacy concerns are speculative.”

    In a footnote, the Court references the VPPA, noting that the federal law “prohibits video tape service providers from disclosing information on the specific video materials subscribers request or obtain.” It is possible that the reference to "video tapes" in the VPPA was confusing. However, the Act is not limited to the technology available at the time of its enactment.

    To the contrary, the act refers to “prerecorded video cassette tapes or similar audio visual materials.” A YouTube video may not be a videotape, but certainly qualifies as audio visual material. Thus, YouTube is a “video tape service provider” under the act, because it is “engaged in the business [of] delivery of … audio visual materials.” The VPPA protects “personally identifiable information,” which is defined to include “information which identifies a person as having requested or obtained specific video materials or services.” This is exactly what is in the Logging database.

    Accordingly, pursuant to this federal law, the Court may not order the production of “personally identifiable information”:

    in a civil proceeding [except] upon a showing of compelling need for the information that cannot be accommodated by any other means, if—

    (i) the consumer is given reasonable notice, by the person seeking the disclosure, of the court proceeding relevant to the issuance of the court order; and
    (ii) the consumer is afforded the opportunity to appear and contest the claim of the person seeking the disclosure.

    Today’s court order made no finding that Viacom could not be accommodated by any other means, nor were the YouTube users provided with notice and an opportunity to contest the claim.

    Instead, the Court focused on some statements made by Google on its blog:

    We . . . are strong supporters of the idea that data protection laws should apply to any data that could identify you. The reality is though that in most cases, an IP address without additional information cannot.

    The Court also stated that Google did “not refute that the ‘login ID is an anonymous pseudonym that users create for themselves when they sign up with YouTube’ which without more ‘cannot identify specific individuals.’”

    As an initial matter, this is factually insufficient. If any single one of the YouTube users in the Logging database picked a Login ID that does identify that user (i.e. if my YouTube login was kurtopsahl), then the Logging database' information about viewing habits is protected by the VPPA, even if others pick anonymous pseudonyms.

    Furthermore, even Google’s IP address statement only asserts that “in most cases” the IP address is not identifiable, certainly not in all cases. Putting aside whether a Google Public Policy blog's statement on an unrelated topic can waive the privacy rights of YouTube users, the statement means that at least some YouTube users are identifiable, and must be protected by the VPPA.

    In any event, the court ordered production of not just IP addresses, but also all the associated information in the Logging database. Whatever might be said about 'an IP address without additional information,' the the AOL search history leak fiasco shows that the material viewed by a user alone can be sufficient to identify the user, even with neither a login nor an IP address.

    The Court's erroneous ruling is a set-back to privacy rights, and will allow Viacom to see what you are watching on YouTube. We urge Viacom to back off this overbroad request and Google to take all steps necessary to challenge this order and protect the rights of its users.

    European Lawmaker Sues U.S. Agencies to Obtain Travel-Related and Other Personal Information

    Washington, D.C. - The Electronic Frontier Foundation (EFF) filed suit on behalf of a member of the European Parliament today, demanding that the U.S. government release records about her "risk assessment" score and other information gathered about her during her international travels. The lawsuit comes just days after the disclosure that the U.S. and the European Union may soon finalize an agreement authorizing the transatlantic exchange of large amounts of personal data.

    Sophia In 't Veld represents the Netherlands in the European Parliament and serves on the Committee on Civil Liberties, Justice, and Home Affairs. She has been actively engaged in developing policies concerning the exchange of travelers' data between the U.S. and the European Union (EU).

    During the ongoing and contentious debates between the U.S. and the EU over travelers' records and the privacy rights of EU citizens, the U.S. government has repeatedly claimed that any person can obtain her records through a Freedom of Information Act (FOIA) request. To test those assurances, In 't Veld filed FOIA requests with the Homeland Security, Justice, and State Departments, asking for any information about her that is included in the various U.S. programs and systems used to track international travelers. However, the agencies have failed to comply with the requests as required by federal law.

    "The question of redress is the sticking point in the current discussions about data exchanges between the United States and the EU," said In 't Veld. "That dispute underscores the importance of this case; it shows that gaining access to personal data held by U.S. agencies is very difficult, if not impossible."

    Among other records, In 't Veld specifically requested data about herself that is included in the Automated Targeting System (ATS) -- a Department of Homeland Security project that creates and assigns "risk assessment" scores to travelers as they enter and leave the U.S. Once the assessment is made, there is no way to challenge it, and the government will retain the information for many years -- as well as make it available to federal, state, local, and foreign agencies in addition to contractors, grantees, consultants, and others.

    "Ms. In 't Veld's experience shows the inaccuracy of U.S. assurances that EU citizens can gain easy access to personal information held in agency databases," said EFF Senior Counsel David Sobel. "The truth is that it is virtually impossible for any individuals --even U.S. citizens -- to access information about themselves that is collected and maintained by American security agencies. It's important that EU officials and citizens understand the reality of the situation before moving forward with a sweeping agreement on the exchange of sensitive personal data."

    This FOIA lawsuit is part of EFF's ongoing work to protect travelers from privacy-invasive programs at the U.S. border. EFF has also filed suit against DHS for denying access to public records on the questioning and searches of travelers at U.S. borders and called on Congress to investigate the random, suspicionless searches of laptops and electronic devices.

    For the full complaint:
    http://www.eff.org/files/int_veld_complaint.pdf

    For more on the U.S./EU data sharing agreement:
    http://www.nytimes.com/2008/06/28/washington/28privacy.html

    For more on travel screening:
    http://www.eff.org/issues/travel-screening

    For more on FOIA:
    http://www.eff.org/issues/foia

    Contacts:

    David Sobel
    Senior Counsel
    Electronic Frontier Foundation
    This e-mail address is being protected from spam bots, you need JavaScript enabled to view it

    Marcia Hofmann
    Staff Attorney
    Electronic Frontier Foundation
    This e-mail address is being protected from spam bots, you need JavaScript enabled to view it

    Rebecca Jeschke
    Media Coordinator
    Electronic Frontier Foundation
    This e-mail address is being protected from spam bots, you need JavaScript enabled to view it



Did you enjoy this article? Please bookmark it onto:
Digg!Reddit!Del.icio.us!Newsvine!Blinklist!Furl!Blogmarks!Yahoo!





Comments
Add NewSearch
Write comment
Name:
Title:
UBBCode:
[b] [i] [u] [url] [quote] [code] [img] 
 
Security Image
Enter code:

Powered by JoomlaCommentCopyright (C) 2006 Frantisek Hliva. All rights reserved.Homepage: http://cavo.co.nr/
 
< Prev   Next >
[ Back ]