Yet Another Anti-Patent Troll Bill Introduced In Congress

from the maybe-something-will-get-through dept

We were just talking about the third attempt by someone in Congress to deal with some aspect of patent trolling, and already we have a fourth bill. Senator John Cornyn has introduced the Patent Abuse Reduction Act, which has a variety of provisions that would make life slightly more difficult for trolls. Some of what's in the bill has been seen in those other bills, like fee shifting (such that trolls need to pay fees if they lose a case) and identifying who is really behind the lawsuit. As the EFF notes, there's plenty to like about the bill, but like all of the other bills so far, it still seems somewhat narrowly focused, rather than taking on larger problems, like the granting of bad patents by the USPTO. Still, it's good to see that Congress seems serious about dealing with patent trolls, and is actually bringing out bills to deal with the issue. Now let's see if something comprehensive might actually get enough momentum to become law.

Read More | 3 Comments | Leave a Comment..

Adam Savage On Why Copyright And Trademark Holders Need To Get Over Their Obsession With 'Control'

from the it's-not-about-control dept

Reader aster points us to a tested.com video in which Adam Savage talks about copyright issues. I've seen Savage mention on Twitter in the past that he's a closet copyright geek who is very interested in copyright policy, and the conversation is definitely interesting, focusing on the high profile cease and desist letter that Fox sent over Jayne hats. The frustrating thing to me, in watching this, is that the conversation jumps back and forth between copyright and trademark without clarification. In fact, they're almost entirely talking about trademark, while saying they're talking about copyright. Frustratingly, they suggest that you have to enforce copyright to keep it, which is simply not true. What they mean is that for trademark -- not copyright -- you have to make some effort to prevent confusion or your mark becoming generic if you want to keep that mark (though this has nothing to do with copyright). You can see the segment below, though the main discussion starts up around the 7:30 mark:

Still, Savage does make some really good points about fair use and the over-obsession some companies have with "control" even if it's not in their best interest. On the point of "control," he notes:

There's this construct within large corporations, which is 'we control our brand!' And the moment anyone does anything unauthorized with it, we need to shut that down. Because brand control is paramount.

To counter this, he uses the example of Lucasfilm which has generally been supportive of fan-art and fan creations, saying that they really only get involved when significant profits are being made. Of course, that's not entirely true. We've seen a few cases where Lucasfilm and its lawyers go a little overboard with threats, but the general point makes sense.

To me the lesson is that you can't ever leave the interpretation of fair use to the corporations.

Oddly, the host of the show says that it's too late for that, though that's completely wrong, too. Companies don't get to define fair use. It's still in the law and determined by courts. It may not be clear enough, but it's certainly not determined by the copyright (or trademark) holders. The host also (again, oddly) claims that fair use is mostly based on a court case from 1982 (which one?!?) and that people fear to test it. While it is true that there is some fear over bringing fair use to the courts (it's expensive and still arbitrary), there have been an awful lot of fair use cases that have gone through the courts in recent years including some key victories in recent cases that have stood strongly in favor of fair use.

But then Savage makes the key point: which is that companies need to realize that fans doing stuff in support of their brand can be a really good thing:

The other thing is to make a qualifiable assessment of what the best business practices for them are. In so many corporations you end up with this battle between the PR department -- who really does understand how to reach out to the fans and put everyone under a nice umbrella -- and the legal department which wants nothing to do with them... and is somehow anti-the fans.... So wake up legal departments. We know that you guys work hard and are smart people. But you need to understand a little bit more about this before you send these nastygrams.

He also compares the whole thing to the Streisand Effect, and suggests that he's going to go on Etsy to buy an "illegal" Jayne hat.

17 Comments | Leave a Comment..

Partisanship Over Spying On Journalists Is Stupid: Spying On Journalists Is Bad, Period

from the stupid-partisans dept

I've said many times before that I'm not a member of any political party, nor a fan of partisanship in general, and that means most political parties are a ridiculous concept to me, because they're more focused on "beating the other guy" than doing what's right. This often becomes quite clear when power shifts from one party to the other, and people who used to complain about too much power in the executive suddenly want more power for "their guy" or vice versa. The latest example of this on display can be seen in the partisan response to the DOJ spying on AP reporters.

On the Republican side, politicians are reasonably up in arms about this, but they seem to ignore that when "their guy" was in the Oval Office, they were very much in favor of having the DOJ sift through reporters' emails. On the Democratic side, you have groups like Media Matters, ridiculously destroying its own credibility by coming out with talking points about how the DOJ did the right thing in spying on reporters. Basically, it's all about "defend your guy / attack the other guy" no matter what the situation is. This obviously isn't true across the board -- there certainly have been some party members "crossing lines" to express horror at this kind of surveillance.

Frankly, this kind of partisanship is part of why so few people trust Congress. It seems like a pretty clear case of what's good and right, and spying on journalists' communications is generally considered not right. A principled stance would be to oppose that, no matter which party is in power. When positions are staked out clearly based on partisanship, the public loses whatever little trust it has that the government has its best interests in mind.

22 Comments | Leave a Comment..

Filmmaker Behind The Pirate Bay Documentary Says Bogus DMCA Takedowns Take Away His Free Speech

from the indeed dept

We just wrote about how major Hollywood studios had included links to the freely available, Creative Commons-licensed documentary, TPB AFK, in a bunch of bogus DMCA notices to Google, meaning that perfectly legitimate links were likely being removed. The director of that film, Simon Klose, has now responded with an open letter in the form of a video, where he notes that this is a clear violation of his free speech.

He points out that there are basically two possibilities. First, that these studios are purposely trying to censor a film about The Pirate Bay, which highlights the civil liberties questions raised by the studios legal pursuit of the founders of the site, and second, that their technology for finding infringing content absolutely sucks. He points out that neither of these situations is a good one. The first one sounds crazy, but, as he notes, not quite as crazy as some of the things that were revealed in the film, such as Warner Bros. hiring the lead investigator in the case while the investigation was still ongoing. But even if it was an accident, that doesn't change the fact that his legitimate content was being blocked from Google, and he considers it a free speech issue.

82 Comments | Leave a Comment..

Vermont Declares War On Patent Trolls; Passes New Law And Sues Notorious Patent Troll

from the wow dept

I've always liked the state of Vermont -- but mainly because it was a nice place to visit. But, now the state appears to be declaring war on patent trolls. A new anti-patent trolling law has been quietly enacted, H.299, which targets patent trolls. Or, as it says "bad faith assertions of patent infringement." It does this by amending the state's consumer protection laws, to give tools to judges to recognize when patent litigation is done in bad faith (i.e., for trolling, rather than legitimate reasons). Eric Goldman summarizes the law this way:

Vermont’s law (H.299, to be codified at 9 V.S.A. § 4195-4199) is entitled “Bad Faith Assertions of Patent Infringements.” However, it doesn’t define “bad faith patent assertion.” Instead, it enumerates factors to help judges distinguish legitimate from illegitimate patent assertions. Factors that suggest a bad faith patent assertion include not identifying the patent(s)-at-issue, the patent owner, and exactly how the recipient’s behavior violates the patent; demanding too quick a response or too much money; and making deceptive or meritless assertions. Factors that suggest a legitimate patent assertion include commercializing the patented invention; being either the original inventor (i.e., not having bought the patent for assertion purposes) or an educational institution; and having successfully enforced the patent in court.

The law would allow those threatened by trolls to sue back and seek damages, even if no lawsuit has been filed. In other words, it helps those who are being shaken down and don't want to settle. That's a nice feature, but there are some reasons to be skeptical. It also allows the state Attorney General to go after patent trolls. While the law may scare of some patent trolls, I think Eric Goldman is right that a state-based solution is neither a good idea for this, nor is it probably legal. Patent law is a federal law, and federal preemption likely means that state laws that impact patents aren't allowed. This tries to hide it as a consumer protection law, which is an interesting strategy, but I could easily see this law being tossed out.

Of course, even before the law was officially on the books, it looks like Vermont's Attorney General has already sued a patent troll under existing consumer protection laws (raising questions as to why the new law is necessary). In this case, the troll is one we've written about a few times. Remember the series of rotating shell companies that had claimed that businesses who had a networked scanner need to pay $1,000 per employee? Yeah, that one.

The Vermont Attorney General claims that many of the statements made in the threat letters sent out by the rotating set of shell companies include "deceptive statements" and "deceptive practices" that violate consumer protection laws:

Defendant engaged in unfair trade practices in commerce in violation of the Vermont Consumer Protection Act, 9 V.S.A. § 2453(a) including:

a. Stating that litigation would be brought against the recipients, when Defendant was neither prepared nor likely to bring litigation;
b. Using legal counsel to imply that Defendant had performed a sufficient pre-suit investigation, including investigation into the target business and their potentially infringing activities, that would be required to justify filing a lawsuit;
c. Targeting small businesses that were unlikely to have the resources to fight patent-litigation, or even to pay patent counsel;
d. Sending letters that threatened patent-infringement litigation with no independent evidence that the recipients were infringing its patents;
e. Shifting the entire burden of the pre-suit investigation onto the small businesses that received the letters;
f. Propounding burdensome information demands on any business that claimed not to infringe the patents; and
g. Using shell corporations in order to hide the true owners of the patents, avoid liability, and encourage quick settlements.

Defendants engaged in deceptive trade practices in commerce in violation of the Vermont Consumer Protection Act, 9 V.S.A. §2453(a), by making deceptive statements in the threatening letters which would likely lead consumers to believe the following:

a. Defendant would sue the target business if they did not respond within two weeks;
b. Defendant would sue the target business if they did not pay money;
c. Defendant had a reasonable basis for identifying the target businesses as infringing its patents;
d. Subsidiary Shell LLCs were exclusive licencees able to enforce the patents;
e. Target companies were within the sending Shell LLC's alleged area of exclusivity;
f. Defendant's licensing program had received a positive response from the business community;
g. Many or most businesses were interested in promptly purchasing a license from Defendant;
h. Based on prior licensing agreements, the fair price of a license was between $900 and $1200 per employee;
i. Target businesses were receiving a third letter, which refers to two prior letters, when in many cases recipients had received no prior letters.

The lawsuit also claims that lawyer Jay Mac Rust is really the person who owns the patents via the company MPHJ. As you may recall, last month we wrote about Mac Rust after Joe Mullin at Ars Technica interviewed him in connection with the case. At the time, Mac Rust claimed that he was just one lawyer working for the owner of the patent, but who handled the "irate" recipients. So it's interesting to see the claim that he's really the guy behind MPHJ. As we've noted, there's long been an assumption that the use of shell companies is often done to hide the fact that it's the patent lawyers themselves who own the patents being used.

The use of consumer protection law in response to patents is an interesting strategy. I'm skeptical as to how well it will actually work in court, but there's no denying that many of the claims made in threat letters are, in fact, untrue and could be deemed deceptive (this kind of thing might work against copyright trolls as well). No matter what, this is going to be a key case to follow.

Read More | 7 Comments | Leave a Comment..

Prenda Lawyer Says Georgia Court Should Ignore Judge Wright's Order Because... Look! Hackers!

from the great-moments-in-lawyering dept

Remember Jacques Nazaire? He's the local counsel for Prenda in a case in Georgia who was trying desperately to get the judge there to ignore Judge Wright's order in California, which lays out how Prenda's lawsuits are highly questionable, and likely against the law. He was so desperate that he said the judge should ignore the ruling in California because California recognizes gay marriage, among other differences, despite that having nothing to do with anything related to the actual case (which covers federal copyright laws, rather than state laws, and which was filed in the case to provide additional background, rather than as any sort of binding ruling).

Well, it appears that Nazaire seems to believe that if he just keeps telling the court crazier and crazier things, perhaps it will ignore Judge Wright's ruling. The latest filing tries, once again, to give the judge in Georgia a reason to ignore Judge Wright's ruling, but again it doesn't make much sense. The filing is rambling and somewhat wacky, seemingly trying to argue that, even though Prenda and AF Holdings are implicated in both cases, they're completely and totally unrelated. He also seems to argue that these filings are just designed to rack up higher billing fees. Note, for example, the slightly paranoid use of capital letters:

That motion was NOT written by the undersigned; nevertheless the defense has filed it in THIS docket apparently for two reasons. 1) to bill for the same and 2) to give THIS Court the impression that either the undersigned or a friend of his drafted and filed the same.

But where it gets really wacky is when Nazaire just starts tossing in totally random claims about hackers:

Why would the defendant in this case file a copy of a motion (ECF No. 31, Defendant’s Exhibit B) from the California case and into THIS docket when that motion has nothing to do with this case?

The undersigned does not know the answer to that question. However, it must be noted that defendants (not the one herein) in these types of cases, typically employ various crafty and intimidating schemes against prosecutors and plaintiff’s attorneys. A newspaper article mentioning other types of intimidation is attached hereto as Plaintiff’s Exhibit A.

What is Exhibit A, you ask? Why it's a random story about hackers claiming to be a part of Anonymous hacking into Paypal. What does that have to do with anything? The answer is nothing.

Here's what I find most incredible about Nazaire's line of reasoning. It is basically "please ignore this other case where the same companies that I'm working for have been called out for fraud on the court, because that's totally unrelated, even though they're the same companies" while at the same time saying "we can't trust anything the defense says because, hackers! And, as proof, here's a random totally unrelated story about hackers."

He goes on to suggest that these hackers are after him, because some moron sent him a stupid email.

Furthermore the undersigned has been personally harassed by these types of defendants (not the defendant in this instant case nor the individuals listed in Exhibit A) because of THIS case alone. (Please see Plaintiff’s Exhibit B attached hereto).

Exhibit B is a silly email from someone using the email address "evilpiratemonkey@gmail.com" saying:

You are about it get justifiably screwed by the justice system.

It's nice to see.

You aren't very smart, are you?

Of course, this is a stupid email by whoever sent it, but it's hard to see how that's necessarily "harassment," nor does it show that the person who sent that email is one of "these types of defendants." It's just a stupid email from someone mocking Nazaire (the email address should have been a giveaway on that front).

Either way, if I'm the judge in this case, each of these filings only makes me more interested in whatever must be in Judge Wright's order...

Read More | 39 Comments | Leave a Comment..

Man Butt Dials 911 While Discussing Murder Plot

from the those-phones-are-getting-smarter-all-the-time dept

We've had plenty of stories of dumb criminals being caught in surprising ways thanks to new technology. Particularly common are the criminals who confess via the internet. However, this next one is a new one: a Florida man named Scott Simon just happened to butt dial 911 at the very moment he was discussing plans to kill someone -- plans he followed through on moments later. It did not take long for the police to put two and two together and arrest Simon -- though, they're still looking for others who were with him. Of all the possible places that the phone could have accidentally dialed, it seems rather convenient that 911 was what it ended up on. Those "smartphones" really can be smart sometimes.

21 Comments | Leave a Comment..

Kim Dotcom Threatens To Sue Google, Facebook And Twitter Over 2-Factor Authentication Patent If They Don't Help Him

from the hmmm dept

So, a lot of people are talking about Kim Dotcom's latest gambit, which was to point out that he holds a patent (US 6,078,908 and apparently others in 12 other countries as well) that covers the basics of two-factor authentication, with a priority date of April of 1997. While interesting, he goes on to point out that he's never sued over the patent because "I believe in sharing knowledge and ideas for the good of society."

But... he says he may sue them now. Specifically, he's asking them to help fund his defense, in exchange for not getting sued for the patent. He points out that his actual funds are still frozen by the DOJ and (more importantly) that his case actually matters a great deal to Google, Facebook and Twitter, because the eventual ruling will likely set a precedent that may impact them -- especially around the DMCA. That's actually a pretty good reason for the tech industry to think about participating in the case even if they don't like Dotcom at all and don't want to be associated with him. Bad cases make dangerous caselaw, so having a good defense would be useful.

That said, the threat of suing over a patent if they don't fund his defense seems like a potentially poorly thought out strategic move that could backfire. Remember, Dotcom has been hit with racketeering claims, and I would think that anything that implies "give me money or I'll sue" isn't the best move for someone already facing racketeering charges.

165 Comments | Leave a Comment..

Amazon Wants To Sell Fan Fiction With It, Originator And FanFic Author All Sharing Profits

from the interesting-move dept

Here's an interesting one. Amazon is getting some buzz today for launching Kindle Worlds, a setup by which authors of fan fiction can effectively profit from their works without fear of legal repercussions. Obviously, there's a ton of fan fiction out there, and while most copyright holders don't mind it (with a few notable exceptions) as long as nothing is being sold, Amazon seems to be trying to take it to the next level. They're basically licensing the copyrights from certain popular works (at this point, mostly TV shows, it appears), such that fans can write their own fanfic, have it sold via Amazon (of course) and the profits get split up. For works over 10,000 words, the fanfic author gets a 35% cut. For shorter works, it's 20%.

There may be some concerns about this. The "ownership" of the new work belongs to Amazon, as you're basically signing a publishing agreement with Amazon, who then controls the work. Given the situation, that might not be that much of an issue for most fanfiction authors, but some may be concerned (for example, imagine if this had happened with 50 Shades of Grey, which originated as Twilight fanfic, before becoming a monstrosity of its own). Also, there's no guarantee that Amazon will agree to sell the work, but it claims it will publish "as many as possible." It basically sounds like they reserve the right to reject ridiculously bad works.

In some ways, though in very different circumstances, this reminds me of some of the cooler aspects of YouTube's ContentID program, in that it sets up a way for people to reasonably monetize what might be considered infringement under the law, but which most people realize isn't what copyright law should be destroying. Once again, if you just make it so that innovation can occur, people quite frequently figure out business models that build on what maximalists consider "piracy" if they give it time and let the business models shake out.

54 Comments | Leave a Comment..

Cool New Platform For Supporting Artists: Patreon, From Jack Conte

from the nicely-done dept

I'm obviously a big fan of crowdfunding platforms like Kickstarter, but I've always argued that it's just one of many models that content creators can use to succeed today. In fact, for a long time, I've felt that the biggest thing that was missing from Kickstarter was any sort of ongoing payment system. It's entirely project based, and thus it's not the best tool for ongoing revenue. For many years I've been interested in ideas for more ongoing revenue streams, and even proposed the idea of "subscribing" to a band's output nearly a decade ago. So it's good to see that some folks are exploring some of these ideas in much more detail.

I met Jack Conte a few years ago, after having written about him and his band Pomplamoose a few times. I'd always been impressed by Pomplamoose's ability to really connect with their fans and to build a way to support themselves via that strong connection. But in my brief interactions with Jack, it quickly became clear that he thinks deeply about different ideas for revenue models, and so it's little surprise that he's now built what seems like a pretty cool platform for ongoing support for content creators. It's basically a platform, like Kickstarter, but rather than backing a project, you back the production of certain types of regular content. So, for example, you could promise that you'll pay $5 every time Jack releases a new video (and you can put limits on how much you pay, so he doesn't get away with suddenly releasing 1,000 videos at once). It's called Patreon, and it's got a nice, simple video explaining how it works:

I'm sure some will argue that this is just a "paywall," but it's actually the opposite of that. People aren't paying you to get access to the content. The content will be available elsewhere (often for free). They're paying to support your continued production (i.e., supporting future production, rather than paying to access past productions) and they can get extra benefits (added value) as supporters, such as Google Hangouts with the creators. Some of this is quite like a few of the popular subscription options in our Techdirt Insider Shop, though rather than monthly, the amounts are triggered per creation (I'm not sure that would work for a blog like ours that produces a bunch of content every day, but I could see how it would be quite cool for less frequent types of creative endeavors).

Either way, I'm glad to see some new platforms popping up like this. For a little while, it had been getting kind of annoying to see just how many Kickstarter clones were popping up (including a new one from Donald Trump?!?). You never know, of course, if Patreon will catch on, but conceptually the model makes a lot of sense for many types of content creators. In some ways, it seems like a better model for connecting with "true fans" than something like a Kickstarter. While Kickstarter has the appeal of "this is a big event, join us!" it would be nice to see some more ongoing, sustainable model platforms become popular as well.

19 Comments | Leave a Comment..

Modest Proposal: Going Piracy Neutral

from the this-post-is-a-test-of-your-sense-of-humor dept

Here's an amusing one out of the UK. Nick Henderson has created something of a Swiftian "modest proposal" for people who feel guilty about infringement. Modeled after the idea of carbon offsets to become "carbon neutral," he suggests a process for becoming "piracy neutral," which is that if you happen to infringe by downloading an unauthorized song, you should freely release a track of your own composition into the world without restrictions.

Henderson truly is trying to give back to the world, because he recorded some basic stems that he's put together and is offering up as the "piracy neutral fun pack", such that you can remix them yourself to create your own new music in an effort to become "piracy neutral."

And, because people who angrily write comments on this site rarely read to the end of the post, I'll just point out that this is a joke, not anything even remotely serious. Laughter is good.

36 Comments | Leave a Comment..

New Bill Would Stop Patent Trolls From Hiding Behind Shell Companies

from the about-time dept

We've talked in the past about how patent trolling operations love to use shell companies to hide who actually owns the patents. Intellectual Ventures has thousands of shells, but it's even worse in many cases when it's smaller trolls, where no one has any idea who's actually behind the trolling. You may remember a few years back, when Reddit, Digg, Fark, Slashdot and others were sued over a bogus patent held by a shell company called "Gooseberry Natural Resources LLC," and we wondered if the collective communities behind those sites might be able to figure out who actually owned the patent in question. But even those hive minds failed to turn up much of use.

Thankfully, Rep. Ted Deutch has introduced a bill that would require a true disclosure of the owners of patents that are being used in litigation. Specifically, the bill would require a much clearer accounting of who "any real party in interest" would be concerning any patent. Failure to do so would mean that it would limit the ability of those patent owners to collect on any damages. Specifically, patent owners can only collect on damages that occur after the true owners of the patent are disclosed. This would help a tremendous amount, since so much in the patent troll world today is done in incredibly shady ways. It is believed that a very large number of patent trolling operations are actually run by patent lawyers themselves, who saw how lucrative it was, but who don't want to be publicly identified with their trolling. Forcing the actual owners to identify themselves would be a big help in making sure that people actually understand what's happening with patent trolling.

It's interesting to see Congress suddenly interested in patent reform again, even if in a piecemeal fashion. After spending nearly a decade fighting over a "comprehensive" patent reform bill that became the America Invents Act (a watered-down, mostly useless, bill) we kept hearing people say that patent reform was "done" in Congress. But in the past few months, three key bills have been introduced, each targeting the patent trolling problem. There was Rep. DeFazio's SHIELD Act, which would make it easier to shift fees and make trolls responsible for the costs of bogus lawsuits. Then, a few weeks ago, there was Senator Schumer's bill to make it easier to get tech patents reviewed relatively quickly by the USPTO to see if we can throw out more bad patents. And now this bill, called the End Anonymous Patents Act, from Rep. Deutch.

So far, none of the bills has received much momentum, but it's good to see that more and more people in Congress are realizing that the patent system is incredibly broken, and that trolls are a big part of that.

Read More | 27 Comments | Leave a Comment..

Eric Schmidt Still A Fan Of Figuring Out A Way To Erase The Past

from the seems-more-likely-to-become-more-accepting dept

Back in 2010, we wrote about Google's Eric Schmidt suggesting that in the future kids might change their names as they reach adulthood in order to disconnect their present-selves from their youthful indiscretions that were recorded permanently online. That seemed a bit silly to us at the time, but Schmidt is still focused on this basic concept apparently. His latest is the desire for some sort of delete button for the internet, again as a way to cover up some youthful indiscretions:

"In America, there's a sense of fairness that's culturally true for all of us," Schmidt said. "The lack of a delete button on the Internet is a significant issue. There is a time when erasure is a right thing."

Of course, this makes me wonder, what the hell did Eric Schmidt do as a kid that was so bad?

Yes, yes, we erase the criminal records of youthful offenders when they come of age, but I think this is something different. Trying to delete factual information from the internet is a quixotic task, unlikely to yield much that's beneficial.

Perhaps instead of trying to delete the past, society as a whole will become a lot more accepting of the fact that kids do stupid things when they're young. And many of them learn valuable lessons from those stupid things and they grow up to be better people. Plenty of folks have funny tales of their youthful indiscretions and, while these stories may be more difficult to embellish for effect if the details are all sitting on YouTube, does it really make more sense to try to delete that history or just to recognize that kids grow up and things they did as teenagers do not reflect how they're likely to act as adults?

23 Comments | Leave a Comment..

Chinese Hacks Of Google Database Of Surveillance Targets Highlight How Dumb Technology Backdoors Are

from the how-can-people-still-not-see-this dept

We've argued for quite some time that law enforcement's desire to require backdoors for wiretapping in all electronic communications is really dumb, because it won't just be law enforcement using it (and, when they use it, it won't just be for legitimate purposes). As soon as you have that backdoor in place, you've pretty much guaranteed that it becomes something of a target. And the news that broke earlier this week about how Chinese hackers who broke into Google servers a few years ago were targeting their database of which accounts had been flagged for national security surveillance makes this point that much clearer. The people doing this kind of hacking aren't dumb: they know that there are weaknesses where they can probe. A few weeks back, a Microsoft exec had actually revealed that their own analysis of similar attacks on Microsoft's servers from China showed the same basic target and discussed the serious implications.

"What we found was the attackers were actually looking for the accounts that we had lawful wiretap orders on," Aucsmith says. "So if you think about this, this is brilliant counter-intelligence. You have two choices: If you want to find out if your agents, if you will, have been discovered, you can try to break into the FBI to find out that way. Presumably that's difficult. Or you can break into the people that the courts have served paper on and see if you can find it that way. That's essentially what we think they were trolling for, at least in our case."

The more openings and the more data that is shared, the more openings and opportunities there are for people who you don't want to see that data to have access to it. That should be a major concern. Just before all of this was revealed, we had written about a new report how such backdoors basically destroy any competent attempt at cybersecurity. Julian Sanchez highlights how those who think this isn't a problem are almost certainly confused about how computer security works.

Defenders of the FBI proposal tend to pooh-pooh security concerns raised about requirisng such backdoors: Our brilliant American programmers, they assert, will find ways to enable wiretapping without creating new vulnerabilities. But if a company like Google, with its massive financial resources and a stable of some of the smartest coders anywhere, can be victimized in this way, how realistic is it to expect thousands of Internet startups to achieve better security?

Creating more access to information that should be secret might help law enforcement, at the expense of our civil liberties, but it's also going to help those with nefarious intent quite a bit. And that should be a serious concern.

20 Comments | Leave a Comment..

Reporters Find Exposed Personal Data Via Google, Threatened With CFAA Charges

from the sounds-familiar dept

In a story that sounds mighty similar to the Andrew "weev" Aurenheimer situation, two reporters from the Scripps News service have been told that they may be hit with Computer Fraud and Abuse Act (CFAA) charges after a Google search they did turned up personal data on 170,000 customers that two telcos left exposed. At issue are low-income customers of YourTel and TerraCom, who provide service for the FCC's Lifeline, a phone service for people who are enrolled in state or federal assistance programs. Apparently, the real issue was a company called Vcare, which the two telcos outsourced certain services to. The Scripps reporters noted that they did nothing more than a Google search:

The unprotected TerraCom and YourTel records came to light through the simplest of tools: a reporter’s Google search of TerraCom.

The records include 44,000 application or certification forms and 127,000 supporting documents or “proof” files, such as scans or photos of food-stamp cards, driver’s licenses, tax records, U.S. and foreign passports, pay stubs and parole letters. Taken together, the records expose residents of at least 26 states.

The application records, drawn from 18 of those states and generally dated from last September through November, list potential customers’ names, signatures, birth dates, home addresses and partial or full Social Security numbers. The proof files, from last September through April, include residents of at least eight remaining states.

Of course, rather than be thankful to the reporters for letting them know about a huge security lapse, or be apologetic for revealing all sorts of key data on their customers, they decided to sue.

However, Vcare and the two telecom companies assert that the reporters "hacked" their way into the data using "automated" methods to access the data. And what was this malicious hacking tool that penetrated the security of Vcare's servers? In a letter sent to Scripps News by Jonathan D. Lee, counsel for both of the cell carriers, Lee said that Vcare's research had shown that the reporters were "using the 'Wget' program to search for and download the Companies' confidential data." GNU Wget is a free and open source tool used for batch downloads over HTTP and FTP. Lee claimed Vcare's investigation found the files were bulk-downloaded via two Scripps IP addresses.

I'm not sure how anyone could claim that the mere use of Wget constitutes a form of hacking, even under the extremely loose interpretations of the CFAA. However, as mentioned, the story does have similarities to the weev case -- except this time we're talking about reporters for a well known news service, rather than someone with a reputation as an internet troll. Hopefully, if the telcos do decide to actually file a lawsuit, it gets laughed out of court.

57 Comments | Leave a Comment..

New York Times Tells Startup It Can't Even Mention The NY Times

from the fire-your-lawyers dept

Another day, another story of a ridiculously overaggressive legal move by a big company. This time it's the NY Times, which turned its bogus nastygramming skills on a startup called Scroll Kit. Scroll Kit is a three person startup that tries to make a system to create more compelling publishing of stories easier. There's been a big push to make digital media more digitally native, and there have been a few cool examples of it in action, but it still tends to take a lot of development time -- something that Scroll Kit is looking to make easier. Neat. Of course, if you follow the media space, you'd know that last year, the NY Times put out a story called Snow Fall that was very well designed. I didn't think it was miraculous, but definitely a step up, and showed a better way to tell a story online. The old media guard has been spazzing out over Snow Fall as if it was the greatest thing ever, which is silly -- and even the NYT itself is taking that one example way too seriously in turning "snow fall" into a verb inside its newsroom -- as in, "we need to 'snow fall' that story."

Okay. Whatever. The guys at Scroll Kit agreed that Snow Fall is a nice example, and they knew that it took the NY Times many months to design it. So, in a compelling example of their own product, they showed how Scroll Kit could be used to recreate Snow Fall's design elements in about an hour, and put up a video showing that. This is called "good marketing." But, to the NY Times, they claimed it was copyright infringement, sending the following email to Scroll Kit founder Cody Brown:

First of all, there's a tremendously strong fair use argument here. Nothing in what Scroll Kit did with the video competed with the Snow Fall story in any way shape or form. The video was just a demonstration of its product and how you could use it to create a Snow Fall like experience. Still, the folks at Scroll Kit decided that fighting the NY Times wasn't worth the trouble, so they took down the video and sent off an email to the lawyer saying they had complied. But, apparently that wasn't enough for Deborah Beshaw-Farrell of the NY Times' legal department, as she sent off another letter, still complaining: The first letter was bad, but this one is downright ridiculous. Switching the video to private should certainly be enough. But, the claim that they need to remove any reference to the NY Times from the website, including a factual description of reality is completely bogus. It's just the NY Times acting as a legal bully. Brown publicly asked the NY Times to reconsider, noting that if it believes so strongly that things like Snow Fall are the future of news, it's pretty ridiculous for them to try to intimidate and shut down a startup looking to make that process easier.

In response to Brown's request for more info, he received a third email, from a different lawyer at the NY Times, Richard Samson, with a statement that is even more ridiculous:

Dear Mr. Brown: We are offended by the fact that you are promoting your tool, as a way to quickly replicate copyright-protected content owned by The New York Times Company. It also seems strange to me that you would defend your right to boast about how quickly you were able to commit copyright infringement:

The NYT spent hundreds of hours hand-coding “Snow Fall” We made a replica in an hour.

If you wouldn’t mind using another publication to advertise your infringement tool, we’d appreciate it.

Sincerely,
Richard Samson

Again, this is completely bogus on many levels. The tool is not "an infringement tool," it's a creative tool for creating this type of thing. Anyone with any even rudimentary knowledge of design and development know that it's fairly standard for people to create tools based on creating things that others have created in the past. In fact, lots of websites copy elements and style from other websites. Even the NY Times tends to be a fairly derivative site design-wise. Second: being "offended" is no legal basis for making a threat. Brown was not boasting about "committing copyright infringement," but about using a tool to be able to do a similar design. It had nothing to do with infringement, and everything to do with making the design process easier.

The NY Times is being absolutely ridiculous here.

Once again, however, we see what happens when companies focus on legal strategies rather than supporting innovation. Sure, Scroll Kit could make it easier for competitors to the NY Times to create compelling stories, but it also might help the NY Times drive its own efforts forward. Perhaps, rather than spend many months of its own designers' time, it could use something like Scroll Kit to make it easier for their staff to design such compelling stories. Instead, they focus on stifling it with highly questionable legal threats. You know how you can tell when a company is really in trouble? When it focuses on legal attacks on others, rather than driving its own innovation.

79 Comments | Leave a Comment..

Prenda Gets Some Tiny Bit Of Good News, As It May Get Out Of Two Critical Cases

from the walking-the-tight-rope dept

It's been a busy day for Prenda news, with some trouble in Minnesota and central California. However, it may have some slightly better news in two other key cases where judges had suddenly taken a deeper interest in what exactly was going on with Prenda. First up, the Sunlust case in Florida, which was actually the first case where a judge suggested Prenda was engaged in "fraud on the court" during an Abbott & Costello-worthy hearing. That case has continued to move forward with efforts to put sanctions on the key Prenda players. The lawyer, Graham Syfert, for the defendant, Tuan Nguyen, surprised some people by dropping Brett Gibbs from the target list, after he more or less threw his bosses at Prenda under the bus. However, Syfert has surprised a few folks by filing a motion to withdraw all pending motions. Basically, they're saying "drop the case and don't seek sanctions." That has left a lot of people scratching their heads, but suggests strongly that a settlement of sorts has been reached.

Perhaps the legal experts here can fill in the specifics about this one. I believe that the judge could continue to seek sanctions from Team Prenda if she feels it's appropriate, or if something improper happened, but it seems a lot less likely that this will happen now that Nguyen/Syfert have effectively bowed out of the case. Considering how deeply interested in the specifics the judge in this case had been, this is unfortunate. Yes, we already have Judge Wright's ruling on a similar matter in California, but having other courts come to the same conclusion seems like it would be useful.

Then we have the other Prenda case in Northern California, where the judge had become curious as to who exactly had signed a form on behalf of "Salt Marsh," ordering the original document to be produced. Last week, Paul Duffy claimed ignorance and tried to throw Brett Gibbs under the bus (again). Meanwhile, former Prenda paralegal/claimed boss of AF Holdings/Ingenuity 13, Mark Lutz, suggested that he had signed "on behalf of Salt Marsh" but no longer had the original. The judge could have dug deeper on that, but apparently has decided to let it go, saying that the question about Salt Marsh was "substantially complied with" and is ending the case.

Because AF's counsel has now substantially complied with the Court's order, the Court sees no basis to continue deferring a final judgment.

That means that particular case will also be closed. So, assuming the Florida case is similarly closed, that will leave the Judge Wright ruling in Central California as the only main battleground concerning the overall nature of Prenda's antics over the past few years.

Read More | 18 Comments | Leave a Comment..

Ridiculous Timing: Obama Administration Responds To Spying On AP By Pushing Journalist Shield Law That Wouldn't Matter

from the oh-come-off-it dept

There was one odd side note in all of the attention last week to the DOJ spying on the AP under questionable circumstances. Right after being confronted about it, the Obama administration released some talking points about how they support a reintroduction of a reporter's shield law. There have been various attempts to pass a special shield law for journalists for a few years now, though in the past it's been blocked each time. Also, we've been fairly skeptical about the whole process, because different politicians always seek to carve out key parties, whether it's bloggers or Wikileaks. Frankly, it's always seemed to us that a shield law should protect acts of journalism. That is, it should apply to specific situations, rather than specific people.

In the past, the Obama administration has claimed to support such a shield law, but with serious limitations, such as not having that law apply when the administration decides (by itself) that it's a matter that involves "significant" harm to national security. Given that Eric Holder has already argued that this case involved such a situation (even if the evidence suggests otherwise), it seems likely that any such shield law for journalists wouldn't have mattered in the AP case. There may have been some procedural differences, but the end result would have likely been pretty much the same.

But, really, using this story as a nail to hang their support for a shield law seems pretty ridiculous. "Oh, yeah, you caught us spying on reporters -- here's a bill that we want that wouldn't have stopped that, but if you're really concerned about a pretend level of privacy for journalists and their sources, it's something, sorta."

35 Comments | Leave a Comment..

Bad Day For Prenda Continues: Judge Rejects Stay, Adds $1k Per Day For Each Day They Don't Pay Up

from the couldn't-happen-to-a-nicer-bunch-of-people dept

Prenda's not having a very good day (or month, for that matter). We noted yesterday that Paul Hansmeier had asked the appeals court to put a stay on the attorney's fees awarded by Judge Otis Wright in California. The court rejected the request, partly on procedural grounds, noting that you have to put in the request at the district court first, not jumping the gun and going straight to the appeals court. Soon after that, the lawyer representing many of Team Prenda, Heather Rosing, filed for a stay in the district court, claiming that Prenda was "deprived of due process."

Judge Wright made quick work of this, noting the filing irregularity, and the pattern of seeking "eleventh-hour pleas for relief," and then rejected the request, and added a $1,000 per day penalty for every day that they fail to put up a bond in the amount owed. Oh yeah, also he asks them to explain to the court why they didn't pay up as ordered. Might as well include the full text here:

Prenda Law, Inc., through its attorneys at Klinedinst PC, filed a notice of appeal to the Ninth Circuit. (ECF No. 157.) Oddly, to this notice of appeal, Prenda attached an ex parte application seeking a stay of enforcement of the Court’s May 6, 2013 Order Issuing Sanctions. (ECF No. 157-1.) Not only was this application improperly filed; but once again, Prenda resorted to an eleventh-hour plea for relief.

Even assuming this application was properly filed, the Court finds no basis to grant Prenda’s request. Under the Court’s order, Prenda, along with John Steele, Paul Hansmeier, Paul Duffy, Brett Gibbs, AF Holdings LLC, and Ingenuity 13 LLC, were required to pay by May 20, 2013, an attorney’s-fee award of $81,319.72. By filing this application, it appears no such payment was made.

Instead, an emergency motion was filed with the Ninth Circuit to stay enforcement of the order. That motion was promptly denied. (ECF No. 150.) Prenda now seeks to remedy a problem of their own making. By refusing to pay, or at least refusing to post a supersedeas bond, Prenda (and the other parties) cannot establish that it “is without fault in creating the crisis that requires ex parte relief, or that the crisis occurred as a result of excusable neglect.” Mission Power Eng’g Co. v. Cont’l Casualty Co., 883 F. Supp. 488, 492 (C.D. Cal. 1995). Prenda’s application is therefore DENIED.

Further, Steele, Hansmeier, Duffy, Gibbs, AF Holdings, Ingenuity 13, and Prenda are hereby ORDERED TO SHOW CAUSE why they have contravened the Court’s order to pay the attorney’s-fee award. The Court hereby imposes a penalty of $1,000 per day, per person or entity,1 until this attorney’s-fee award is paid or a bond for the same amount is posted. This penalty shall be paid to the Clerk of Court on the same day the attorney’s-fee award is paid or the bond is posted. This penalty must be paid unless it is evident that the award was paid or the bond was posted on or before May 20, 2013. Failure to comply will result in additional sanctions.

Upon motion and posting of a supersedeas bond, the Court will stay execution of the attorney’s-fee award. Fed. R. Civ. P. 62(d).

Finally, as a housekeeping matter, the Court requests Brett Gibbs to file requests for withdrawal of attorney in this and the related cases. Brett Gibbs appears to have withdrawn from these cases. (OSC Hr’g Tr. 87:1–8, Mar. 11, 2013 (“I am no longer employed by Prenda or any other corporation or LLC that is involved in these cases.”).) Given the circumstances and the relationship between Gibbs and his clients, the Court will approve his requests for withdrawal.

IT IS SO ORDERED.

And so it is. Perhaps, rather than spending so much time talking to the press, John Steele should have been counting his pennies to pay up.

Read More | 56 Comments | Leave a Comment..

Angry Judge Tells Prenda To Stop Falsifying Alan Cooper's Signature; Calls It Fraud

from the another-failure dept

Looks like Prenda continues to have problems in court. In the lawsuit in Minnesota that Alan Cooper brought against Prenda and John Steele for fraudulent use of his name, it appears that Judge Ann Alton made fairly quick work of getting the whole thing off of her docket. Someone going by the twitter handle "J.P. Baggins" was in attendance, and says that the judge ordered Prenda to stop using Alan Cooper's name and brought the case to a close. There won't be any damages awarded, but it seems clear that the judge was not at all happy with Prenda. She referred to Paul Hansmeier, appearing for Prenda Law, as acting in a way that is "not appropriate for an attorney" while also claiming that what they had done was "fraud, pure and simple." She also told him that she believed him "to be in violation of a whole lot of rules" and she'll be reporting him to the lawyer's board (just one more to pile on, I guess).

Another person in the courtroom, Matthew Sparby noted that the judge was a bit confused at the beginning, apparently misreading Judge Otis Wright's infamous order to also implicate Cooper as well, and while that was eventually cleared up by Cooper's lawyer, Paul Godfread, Sparby thinks that may be why no damages were awarded.

She apparently also closed by telling Hansmeier to "never EVER send" fraudulent letters "EVER again" and noted that she was "offended this case is here" before abruptly ending the whole thing. Seems like another bad day for Prenda.

59 Comments | Leave a Comment..