This week, we launched our latest line of Techdirt Gear in our Teespring store. It uses Twitter's free Twemoji icon set, licensed under CC-BY 4.0, to bring you an emoji-fied version of the First Amendment to the US Constitution. Some people might just see random symbols, but others will see some very important words. Indeed, it serves as a litmus test for how well people know their civil rights! The First Emojiment is available on t-shirts, hoodies, mugs and stickers — get yours today!
And for the true pro, we also recently launched our Free Speech Pro-Tip gear to help correct a particularly pernicious myth about the First Amendment:
Fifty years ago – in September 1968 – the legendary rock band Led Zeppelin first performed together, kicking off a Scandinavian tour billed as the New Yardbirds.
The new, better name would come later that fall, while drummer John Bonham’s death in 1980 effectively ended their decade-defining reign. But to this day, the band retains the same iconic status it held back in the 1970s: It ranks as one of the best-selling music acts of all time and continues to shape the sounds of new and emerging groups young enough to be the band members’ grandchildren.
Yet, even after all this time – when every note, riff and growl of Zeppelin’s nine-album catalog has been pored over by fans, cover artists and musicologists – a dark paradox still lurks at the heart of its mystique. How can a band so slavishly derivative – and sometimes downright plagiaristic – be simultaneously considered so innovative and influential?
How, in other words, did it get to have its custard pie and eat it, too?
For anyone who quests after the holy grail of creative success, Led Zeppelin has achieved something mythical in stature: a place in the musical firmament, on its own terms, outside of the rules and without compromise.
When Led Zeppelin debuted its eponymous first album in 1969, there’s no question that it sounded new and exciting. My father, a baby boomer and dedicated Beatles fan, remembers his chagrin that year when his middle school math students threw over the Fab Four for Zeppelin, seemingly overnight. Even the stodgy New York Times, which decried the band’s “plastic sexual superficiality,” felt compelled, in the same article, to acknowledge its “enormously successful … electronically intense blending” of musical styles.
Yet, from the very beginning, the band was also dogged with accusations of musical pilfering, plagiarism and copyright infringement – often justifiably.
The band’s first album, “Led Zeppelin,” contained several songs that drew from earlier compositions, arrangements and recordings, sometimes with attribution and often without. It included two Willie Dixon songs, and the band credited both to the influential Chicago blues composer. But it didn’t credit Anne Bredon when it covered her song “Babe I’m Gonna Leave You.”
The hit “Dazed and Confused,” also from that first album, was originally attributed to Zeppelin guitarist Jimmy Page. However in 2010, songwriter Jake Holmes filed a lawsuit claiming that he’d written and recorded it in 1967. After the lawsuit was settled out of court, the song is now credited in the liner notes of re-releases as “inspired by” Holmes.
‘Dazed and Confused’ by Jake Holmes.
The band’s second album, “Led Zeppelin II,” picked up where the first left off. Following a series of lawsuits, the band agreed to list Dixon as a previously uncredited author on two of the tracks, including its first hit single, “Whole Lotta Love.” An additional lawsuit established that blues legend Chester “Howlin’ Wolf” Burnett was a previously uncredited author on another track called “The Lemon Song.”
Musical copyright infringement is notoriously challenging to establish in court, hence the settlements. But there’s no question the band engaged in what musicologists typically call “borrowing.” Any blues fan, for instance, would have recognized the lyrics of Dixon’s “You Need Love” – as recorded by Muddy Waters – on a first listen of “Whole Lotta Love.”
Dipping into the commons or appropriation?
Should the band be condemned for taking other people’s songs and fusing them into its own style?
Or should this actually be a point of celebration?
The answer is a matter of perspective. In Zeppelin’s defense, the band is hardly alone in the practice. The 1960s folk music revival movement, which was central to the careers of Baez, Holmes, Bredon, Dixon and Burnett, was rooted in an ethic that typically treated musical material as a “commons” – a wellspring of shared culture from which all may draw, and to which all may contribute.
Most performers in the era routinely covered “authorless” traditional and blues songs, and the movement’s shining star, Bob Dylan, used lyrical and musical pastiche as a badge of pride and display of erudition – “Look how many old songs I can cram into this new song!” – rather than as a guilty, secret crutch to hold up his own compositions.
Why shouldn’t Zeppelin be able to do the same?
On the other hand, it’s hard to ignore the racial dynamics inherent in Led Zeppelin’s borrowing. Willie Dixon and Howlin’ Wolf were African-Americans, members of a subjugated minority who were – especially back then – excluded from reaping their fair share of the enormous profits they generated for music labels, publishers and other artists.
Like their English countrymen Eric Clapton and The Rolling Stones, Zeppelin’s attitude toward black culture seems eerily reminiscent of Lord Elgin’s approach to the marble statues of the Parthenon and Queen Victoria’s policy on the Koh-i-Noor diamond: Take what you can and don’t ask permission; if you get caught, apologize without ceding ownership.
Led Zeppelin was also accused of lifting from white artists such as Bredon and the band Spirit, the aggrieved party in a recent lawsuit over the rights to Zeppelin’s signature song “Stairway to Heaven.” Even in these cases, the power dynamics were iffy.
Bredon and Spirit are lesser-known composers with lower profiles and shallower pockets. Neither has benefited from the glow of Zeppelin’s glory, which has only grown over the decades despite the accusations and lawsuits leveled against them.
A matter of motives
So how did the band pull it off, when so many of its contemporaries have been forgotten or diminished? How did it find and keep the holy grail? What makes Led Zeppelin so special?
I could speculate about its cultural status as an avatar of trans-Atlantic, post-hippie self-indulgence and “me generation” rebellion. I could wax poetic about its musical fusion of pre-Baroque and non-Western harmonies with blues rhythms and Celtic timbres. I could even accuse it, as many have over the years, of cutting a deal with the devil.
Instead, I’ll simply relate a personal anecdote from almost 20 years ago. I actually met frontman Robert Plant. I was waiting in line at a lower Manhattan bodega around 2 a.m. and suddenly realized Plant was waiting in front of me. A classic Chuck Berry song was playing on the overhead speakers. Plant turned to look at me and mused, “I wonder what he’s up to now?” We chatted about Berry for a few moments, then paid and went our separate ways.
Brief and banal though it was, I think this little interlude – more than the reams of music scholarship and journalism I’ve read and written – might hold the key to solving the paradox.
Maybe Led Zeppelin is worthy because, like Sir Galahad, the knight who finally gets the holy grail, its members’ hearts were pure.
During our brief exchange, it was clear Plant didn’t want to be adulated – he didn’t need his ego stroked by a fawning fan. Furthermore, he and his bandmates were never even in it for the money. In fact, for decades, Zeppelin refused to license its songs for television commercials. In Plant’s own words, “I only wanted to have some fun.”
Maybe the band retained its fame because it lived, loved and embodied rock and roll so absolutely and totally – to the degree that Plant would start a conversation with a total stranger in the middle of the night just to chat about one of his heroes.
This love, this purity of focus, comes out in its music, and for this, we can forgive Led Zeppelin’s many trespasses.
I'll forgive the average reader here if they cannot recall the post we did nearly a year and a half ago about a trademark dispute between Worldwide Entertainment Group Inc. of Florida and Adria MM Productions Ltd. of Croatia. It's by far my favorite trademark story ever. It has all the hallmarks of a typical trademark bullying story that we would cover: from a fairly generic term ("Ultra") in a really broad industry (music festivals) being licensed for use overseas in Europe by Worldwide to Adria, only to have the former ratchet up its licensing fee and control demands over the trademark it had on the term "Ultra." Pretty standard fare, even when we get to the part where Worldwide sends Adria notice that it is in breach of the licensing agreement and demanding the stoppage of all use of the term "Ultra."
But where this all turned into my favorite trademark story ever was when Adria MM sued Worldwide, stating this:
AMM says that at that time it discovered that Ultra didn’t have any rights over proprietary marks in Europe, specifically in Croatia.
Yes, according to Adria, Worldwide didn't actually have registered trademarks for "Ultra" in Europe at all, making the licensing arrangement it first signed and then tried to use as a weapon against Adria a brilliant piece of bluffery. What should be fairly clear, however, is that the entire basis of the licensing contract was built upon a lie. With that clearly in mind, Adria moved to have this all decided in the summary judgement phase.
Five days after the filing the lawsuit, both companies filed to register the trademark “within 34 minutes of each other,” as quoted in the court ruling, with Adria filing in Croatia and Worldwide with the European Union. Both companies protested the filing of the other, and after filing legal actions in the state of Florida, both requested summary judgment in their favor.
And both were denied that summary judgment. In the order, the court relies on the notion that there are material facts in dispute regarding the validity of the original licensing agreement. Summary judgment is only supposed to be granted when material facts are not in dispute and the parties simply want a ruling based on those facts. What makes this odd, however, is that the order's background section appears to accept as fact that the Worldwide did not hold any valid trademarks under the "Ultra" terms in the EU or Croatia specifically for the entire term of the original contract. The only fact that appears to not be in question is whether that agreement is valid anyway. Which... how? If it was entered into under false pretenses, it's unclear exactly how that agreement could be valid.
Regardless, it appears this will go to a jury trial where, if common sense prevails, it seems unlikely things will go well for Worldwide Entertainment Group.
from the you-can't-fix-stupid-but-you-can-at-least-deny-it-immunity dept
Some things most of us keep in our vehicles is considered by at least one police officer to be tools of the drug trade. Literal tools. Of the literal drug trade. I guess. The bad news is even more of us keep these items at home. We're drowning in contraband, it appears. Those of us with attached garages should just brace ourselves for early morning no-knock raids.
This decision [PDF] by the Sixth Circuit Appeals Court starts as so many qualified immunity cases do: with a pretextual stop.
On May 22, 2014, Harris, along with her mother, father and older sister, went out for dinner at TGI Friday’s. On the way home, their minivan was stopped by City of Erlanger police officers because of an obstructed license plate. The officers then conducted an investigation of Harris’s mother, who was the driver. Her mother was arrested for obstructing a license plate, driving with no registration plates, driving with a suspended license, and possession of a forged instrument.
The footnote attached to "forged instrument" notes there's nothing on the record showing Brittany Harris' mother was ever actually charged by prosecutors with these alleged crimes. All that's on record is the booking. Brittany, who was seventeen at the time, is the one bringing the suit. That's because as things developed during this stop, she was subjected to an invasive search.
Brittany asked to go to the restroom after she and her family had spent more than an hour being detained by six squad cars full of officers. She was accompanied by Officer Kimberly Klare, who did this before allowing Brittany to enter the restroom.
The parties agree that at this point, Klare secured Harris’s hands behind her back. What happened next is disputed, but, as noted, for purposes of this summary judgment appeal, we must accept Harris’s version of events. She claims that, as part of a pat down, Klare placed her hands under Harris’s brassiere and pinched the girl’s breasts, causing bruising. According to Harris, Klare told her that she searched her the way she did because a previous suspect at that location had “stuffed needles in her bra” and because “[y]ou have that look,” “[y]ou have the look of a junkie whore.” But Klare found no drugs, drug paraphernalia, weapon, or other contraband on Harris.
That's some fine community policing by Klare, who called someone a "junkie whore" but found nothing to corroborate her expert assessment of Harris' character. Now, you may be asking, why was a drug dog brought onto the scene when the only charges had to do with license plates and driver's licenses? Well, that's where it gets absolutely insane.
During the investigation, officers also noticed that Harris’s father had “equipment for his work” in the vehicle, including “tools, like screwdrivers and wrenches,” some of which were “sitting out” and some of which were “in containers.” Based on the presence of these tools in conjunction with the violations listed above, the officers began to suspect that Harris’s mother was engaged in drug activity.
No treats for the dog, though.
They sent for a drug dog, but it found no drugs.
I'm sorry. That's only the mostly-completely insane part of this. Here's the batshit insanity: the lower court granted Officer Klare qualified immunity.
The district court agreed with Klare. It held that the officers had probable cause to stop the minivan because of the obscured license plate and that the presence of Harris’s father’s tools and equipment in the car, in conjunction with her mother’s alleged misfeasance, created a reasonable suspicion of drug activity…
The appeals court says the lower court is oh so very wrong on both counts. It also has zero respect for any officer making these claims. As for the driving offenses "supporting" the drug dealer theory, the appeals court has this to say:
We have serious doubts as to whether the officers reasonably suspected the Harris family of manufacturing or transporting contraband. Klare provides no reason to suppose that Harris’s mother’s alleged traffic violations made it more likely that drug activity was afoot—if anything, one would expect a drug-trafficking family to avoid fastidiously such violations for fear of discovery.
If you don't want extra police attention, you keep your driving stuff in order. That's why police so often claim clean vehicles and drivers with no records are also tools of the drug trade -- because drug dealers don't want to give officers any reason to perform a pretextual stop. This claim goes the other direction, ensuring drivers are damned either way, and turning a nation of non-criminal drivers into erstwhile drug dealers.
As to the presence of tools everyone owns somehow being indicative of drug dealing, the appeals court finds this argument equally ridiculous.
Nor does Klare explain how the possession of worker’s tools, which is not itself “inherently illegal or even suspicious,” could have provided the officers with a reason to suspect drug activity. See United States v. Warfield, 727 F. App’x 182, 188–89 (6th Cir. 2018) (holding that the possession of eight cartons of cigarettes was not suggestive of the possession of untaxed cigarettes). The record contains no reason to believe that screwdrivers and wrenches—or any of the other tools in the vehicle—are particularly indicative of drug manufacture or transportation.
The rest of the opinion deals with the nature of the search performed on Harris. The court finds there's a factual dispute over the timing of the search, which Harris argues came after the drug dog arrived and found no drugs. If Officer Klare was aware of this, she no longer had probable cause to perform a search of Harris before she entered the restroom.
There was also no consent given for the search, further distancing it from Constitutionality. The appeals court notes a number of coercive elements that might have pressured Harris into subjecting herself to a search. The record shows nothing indicating she ever consented, but the presence of six police officers and a drug dog -- along with a need to use the restroom as the traffic stop extended into its second hour -- were coercive enough to eliminate the officer's claim about Harris' supposed consent. (All Harris did -- after being cuffed -- was come towards Officer Klare when she was asked to, at which point the search occurred.)
Officer Klare's qualified immunity -- handed to her by an amazingly helpful lower court -- is stripped. This doesn't mean she'll end up losing the lawsuit, but it does mean she'll have to face a jury trial over her alleged Constitutional violations.
The case in its entirety is a brutal reminder that officers -- if so inclined -- can declare anything kept in a vehicle to be indicative of criminal activity. This just adds tools to a long list that already includes air fresheners, trash, a lack of trash, cigarettes in the ashtray, too much luggage, too little luggage, a departure point or destination where people could conceivably be purchasing/selling drugs, etc. If a cop wants to search a vehicle, they'll find a reason to. And that leaves citizens with the option of living life with violated rights or hiring a lawyer to spend the next several years seeking redress.
Following the decision earlier this week of the EU Parliament to vote for the destruction of the open web by putting in place some pretty awful copyright proposals, people began highlighting more and more problems with the bill. Most of the focus before the vote had been on two particular articles, Article 11 and Article 13. But there are many other problems in the Directive as well -- it was just getting to be overwhelming to get into the weeds on all of them. One area of concern was in Article 12, which included a special new form of copyright for sporting events. Specifically, with no debate or discussion the legal affairs committee of the EU Parliament added in text saying that sporting event organizers would gain absolute control over recording, sharing and presenting any film clips -- even those that would otherwise be deemed legal in other copyright contexts. And yes, the law implies that if you're at a sports event, you can't even film anything from your own seat as that is reserved solely to the event organizers.
Incredibly, after the vote approving the directive, reporter Emanuel Karisten of the Swedish publication Breakit, asked Voss about this and Voss gave a fairly astounding answer, stating that "this was kind of a mistake" and that "no one had been aware of this." Later he states that he didn't know it was in there and he'll have to fix it:
Voss: This was kind of mistake I think by the JURI committee. Someone amended this. No one had been aware of this.
Reporter: But it was passed...
... discussion by someone with Voss saying that it's really about gambling/betting operations before Voss jumps back in ...
Voss: I didn’t know that this was in the proposal so far, so of course I have to deal with it now.... I do not consider that the commission and council will have this inside the proposal.
Later he says "because of the time and pressure" they concentrated on other areas of the bill. Which... does not seem like a good excuse.
You can listen to the exchange here:
Meanwhile, MEP Julia Reda is calling bullshit on the claim that Voss was "unaware" that this was in the proposal, noting not only that she had written about the issue prior to the vote, but that she had raised it directly with Voss and his colleagues:
It’s not true that nobody noticed it was in the proposal. Not only did I write about it before the vote, I also raised it in the last negotiation meeting before the vote, so did @lidiageringer. It was proposed by group colleagues of @AxelVossMdEP and he voted for it. Twice.
There are a few possibilities here, none of which make Voss look any good. He either voted for an amendment he hadn't read and/or didn't understand, or he's lying to this reporter. It also suggests that rather than taking the concerns of critics like Reda seriously, Voss just tuned them out and happily voted away for such horrible proposals.
We've raised questions before about Voss's views on all of this, as he seems almost hysterically uninformed about how actual copyright policy works, even as he drives forward such a horrible policy. This seems to be yet more evidence that a few special interests made it clear to Voss what they wanted to do, and he just agreed to do that, no matter what concerns anyone else had.
from the the-first-amendment-would-like-a-word dept
The White House may be preparing an executive order for the President, pushing for investigations of "bias" at social media companies. It is not definite, but someone has leaked us a draft two page executive order. We're not releasing the draft because, despite it coming directly from someone in the White House, others have insisted it's not an accurate document, even as the approach to some extent mirrors the announced plans of the DOJ to investigate bias. Another reason we're not releasing the document itself is that we're quite aware of reports saying that there are attempts to find "leakers" in the White House, and one common method of doing so is to put small indicators in documents. We cannot guarantee that this document is not such a document and thus will be reporting on the basic concept of what's in this draft, without revealing the full document.
But, to be clear, if this document is accurate, it would almost certainly lead to a huge First Amendment fight, which it seems likely the companies would win.
Obviously the issue of social media and supposed political bias has been a big topic in DC lately -- including with the President -- despite the near total lack of actual evidence to support these claims. Yes, there is evidence of people being kicked off these platforms... but there is no evidence that the reasons have anything to do with political bias (people of all political stripes have been removed from these platforms). And, yes, there is also evidence that employees at many internet companies may lean one way politically, but that too is overstated and says nothing about how the platforms actually work.
Recently, we noted that the DOJ and various state Attorneys General were talking about using antitrust law against social media companies over bias, and explained in fairly great detail why that would almost certainly run afoul of the First Amendment and a whole long list of Supreme Court cases detailing how the government cannot compel speech of this nature.
And that's where this executive order, as leaked, would almost certainly run into huge First Amendment issues. It tries to hide these behind antitrust claims, saying that it's about ensuring competition and preventing the exercise of market power that "harms consumers, including through the exercise of bias." The Executive Order itself doesn't hide the intent, as "bias in online platforms" is specifically in the title. Basically, the order would task the White House with "investigating" social media platforms for bias and then seek to use antitrust actions (or pass it off to the DOJ or FTC) to punish companies that show loosely defined "bias." The document takes as default that any kind of "bias" on major internet platforms should be taken as anti-competitive (which seems incredibly questionable) and then also requires that various agencies give the President a report on how to "address" social media bias.
I have trouble seeing how this could possibly be constitutional under the First Amendment, as it is, quite explicitly, the government trying to regulate speech, and clearly does not fall into any of the exceptions to the First Amendment. It's possible this executive order will never actually become anything -- perhaps someone in the White House will prevent it from moving forward (it's also clear that the draft I've seen is not complete, as there are still notes about what's being worked on). But the fact that this is even being considered is certainly notable.
I asked Ken White, well known around here as a former Assistant US Attorney and current First Amendment lawyer what he thought of the draft and he noted that the document seemed so weakly put together that he had a hard time believing it was something anyone was seriously considering, though, he noted "with this administration it's very difficult to tell." He also noted that it appeared to be "more posturing than substance" and designed to "preach to the choir" rather than anything serious. As for the substance, he noted that while it asserts that "bias" is a violation of antitrust law, that's not at all accurate:
That’s a distortion and exaggeration. Nothing in the document elaborates or supports it. To the extent antitrust is concerned with bias it’s not the "kick the Nazis off the platform" kind. It's more like a concern about, for instance, Google altering search results to prefer products and services it owns.
Indeed, the general point of antitrust is to deal with when a dominant player is abusing its position to favor its own offerings, not on how it handles general moderation duties. So, while I wouldn't put it past this administration to mock up this kind of executive order as an exercise in thinking through what it can "do" about the exaggerated and misleading claims of "political bias" in search results, I have a hard time believing the administration would bother pushing forward with this idea, and if it actually did get that far that it would have any luck in convincing anyone (who matters) that this was constitutional. That said, if the point is just, as Ken suggested, preaching to the choir, I also wouldn't put it past this administration to push out this executive order just to rile up Trump's most ardent supporters, who continue to scream to the heavens about political bias in search results, despite a near total lack of evidence to support such claims.
The Essential MATLAB and Simulink Certification Training Bundle has 5 courses designed to demystify machine learning and to help you create stunning data models. There's a basics course to get you started. Then you'll learn how to use MATLAB to create classification and clustering algorithms, and how to supplement the capabilities of Excel by having access to thousands of customized mathematical and advanced analysis functions, flexible visualization tools, and the ability to automate your analysis workflows. Using Simulink and MATLAB, you will learn how to simulate a Tesla Model S P85 and design your very own cruise control system. The bundle is on sale for $35.
Note: The Techdirt Deals Store is powered and curated by StackCommerce. A portion of all sales from Techdirt Deals helps support Techdirt. The products featured do not reflect endorsements by our editorial team.
from the what-the-hell-is-going-on-in-brussels? dept
The EU really seems quite hellbent on absolutely destroying the open internet. Just as the EU Parliament was voting to approve the EU Copyright Directive, requiring that much of the internet be licensed and curated, rather than open for anyone, the EU Commission decided to move forward with an awful idea that it had first proposed earlier this year: that social media companies must disappear "terrorist content' within one hour.
Back when this was proposed, we pointed out how this was holding companies to an absolutely impossible standard... and it appears that the EU really just doesn't give a fuck, because they're super excited about putting this into practice:
The European Commission proposed new rules on Wednesday that would require internet platforms to remove illegal terror content within an hour of it being flagged by national authorities. Firms could be fined up to 4% of global annual revenue if they repeatedly fail to comply.
Got that? 4% of global revenue. As the article notes, that means if Google fucks up a single download, it could owe $4.4 billion to the EU. Facebook could owe $1.6 billion.
"You wouldn't get away with handing out fliers inciting terrorism on the streets of our cities — and it shouldn't be possible to do it on the internet, either," EU security commissioner Julian King said in a statement.
First of all, leaving aside the (very important!) broad free speech concerns around what counts as "terrorist" content, as opposed to just dissenting content, the statement by Julian King is idiotic. If you want to use that analogy, what the Commission is proposing here is the equivalent of if someone was handing out fliers inciting terrorism on the streets of a city, that the city would then get to seize all the buildings on that street. That's almost exactly what this proposal is stating. If you want to go after people distributing terrorist content, go after the people distributing terrorist content. Don't go after the tools they use to post it. That makes no sense.
And, of course, we already know how this is going to lead to massive and widespread censorship. No company is going to want to risk a fine that massive, and with merely 1 hour to respond, no company will have the capability or context to carefully adjudicate the takedown demands to make sure they are proper and aboveboard. Obviously, they'll just start pulling down content incredibly quickly. Indeed, we've already seen what a mess this kind of rule can create. We've talked about the German law that gives sites 24 hours to takedown "hate speech," and how that's already leading to censorship of political speech and satire. Now switch that to just one hour, with even more drastic consequences.
It is literally insane that anyone could possibly think this is a good idea.
Activists are already pointing out that this proposal has simply ignored its obligation to review how such a law would impact human rights, because apparently if you just wave your hands in the air screaming "terrorists' the EU will toss basic human rights out the window.
At some point you have to wonder if the EU really just wants the internet shut off completely.
We've noted repeatedly that however bad Facebook has been on privacy (pretty clearly terrible), the broadband industry has traditionally been much, much worse. From AT&T's efforts to charge consumers more just to protect their privacy, to Verizon getting busted for covertly tracking users around the internet without telling them (or letting users opt out), this is not an industry that respects you or your privacy. That's before we even get to their cozy, often mindlessly-loyal relationship with intelligence and law enforcement.
As such, it's kind of amusing to note that these are the same companies now trying to position themselves as the gatekeepers of all of your private data online. As security expert Brian Krebs notes, AT&T, Verizon, T-Mobile and Sprint (the latter two of which will likely soon be one company) are cooking up something dubbed "Project Verify," which would let end users eschew traditional website passwords -- instead authenticating visitors by leveraging data elements unique to each customer’s phone and mobile subscriber account, including location, "customer reputation", and device hardware specs.
This video by the carriers offers a little more detail:
The problem, as Krebs is quick to note, is that giving more private data to companies with an utterly abysmal track record on privacy might not be a particularly bright idea:
"A key question about adoption of this fledgling initiative will be how much trust consumers place with the wireless companies, which have struggled mightily over the past several years to validate that their own customers are who they say they are."
As we've been noting, these are the same companies that have been struggling to prevent hackers from routinely stealing customer identities via SIM hijacking, which involves a hacker bribing an employee to port your phone number to a new device, then jacking your identity and making off with your private data (or making millions by selling your cryptocurrency or valuable accounts). These are also the same carriers that have routinely failed to do much about the SS7 exploit that's been in the wild for seemingly ever, allowing hackers to spy on an undetermined number of cellular customers for years.
These are also the same wireless carriers that were just caught up in a massive scandal involving their collection of sale of user location data, a multi-billion dollar venture that involves selling your daily motion habits to a cavalcade of different companies, many of which have shown a similarly-flimsy disregard for actually keeping that data safe. And these are the same companies that work tirelessly to scuttle any and every effort to actually shore up nationwide privacy standards, usually by lying to lawmakers and the public about what these plans would actually do.
For his part, Krebs thinks this is a hard pass:
"I am not likely to ever take the carriers up on this offer. In fact, I’ve been working hard of late to disconnect my digital life from these mobile providers. And I’m not about to volunteer more information than necessary beyond the bare minimum needed to have wireless service."
Other widely-respected security reporters were similarly unimpressed:
I don't wanna be a Debbie Downer but if you can't figure out how to stop SIM Swapping or securing your web servers I don't know if you should be trusted to become * the * digital identity manager for millions of people.
Again, the devil will be in the details. But at first glimpse, you'd be pretty foolish to trust companies with additional private data that have repeatedly proven to be routinely cavalier about the oceans of data they already collect. Time and time again wireless carriers have prioritized profits over the personal interest and welfare of consumers, and anybody expecting that to magically change ahead of Project Verify's launch haven't been paying attention.
More evidence of the NSA's abuse of its surveillance powers has surfaced, thanks to a FOIA lawsuit by the EFF. To date, the EFF has secured 73 FISC opinions as the result of this lawsuit and is still fighting for the release of six opinions the government has chosen to withhold entirely.
One of the opinions released to the EFF shows the NSA's frequent assertions about proper minimization, careful deployment of surveillance techniques, and supposedly robust oversight are mostly false. The NSA abuses its powers and withholds evidence of its abuses from the FISA court, undermining the system of checks and balances meant to keep the agency in line.
The opinion [PDF] embedded below is just one of several recently acquired by the EFF, but it still shows plenty of surveillance power abuse by the agency. Aaron Mackey of the EFF summarizes the contents of the order:
The opinion, the date of which is redacted, orders the deletion of materials the NSA collected without court authorization. The opinion recounts how after the court learned that the NSA had exceeded an earlier issued surveillance order—resulting in surveillance it was not authorized to conduct—the government argued that it had not actually engaged in unauthorized surveillance. Instead, the government argued that it had only violated “minimization procedures,” which are restrictions on the use of the material, not the collection of it.
Judge Hogan, who served on the FISC from 2009-16 and was its chief judge from 2014-16, expressed frustration both with the government’s argument and with its lack of candor, as the court believed officials had previously acknowledged that the surveillance was unauthorized. The opinion then describes how the surveillance failed to comply with several provisions of the Foreign Intelligence Surveillance Act (FISA) in collecting the intelligence.
Much of the opinion is redacted, leaving only sentence fragments for readers to parse. But even these fragments manage to produce a decent depiction of apparently long-running program abuses by the NSA. What the court called "unauthorized electronic surveillance," the government claimed was only a violation of minimization procedures. Even if the court was willing to cede this argument to the government (and it wasn't), the court goes on to point out that the NSA had done nothing to address this violation of minimization procedures.
The government has undertaken, but not completed, a process to identify and destroy [redacted], such that the effects of having acquired [redacted] have not been completely eradicated.
A little further on, the court makes it clear repairing minimization procedures does not excuse prior unauthorized collections, nor would it make similar collections legal in the future.
It has been understood from the inception of FISA that minimization procedures could include limitations on what communications may be acquired from surveillance directed at an otherwise authorized facility. When the government disregards such a limitation, thereby acquiring communications in excess of what the order authorizes, those acquisitions constitute unauthorized electronic surveillance…
And it appears the NSA again withheld info from the court, preventing it from doing its job properly.
[T]he Court was deprived of an adequate understanding of the facts known to NSA and, even if the government were correct that acquisition [redacted] was authorized, a clear and express record of that authorization is lacking.
This is only one of several FISA court documents discussing unauthorized collections. The stockpile of FOIAed documents indicates the government has rarely used its collections programs correctly. The history of the NSA's interactions with the FISA court is littered with references to over-collection and agency obfuscation. This is more of the same from an agency that claims to be precisely and thoroughly controlled by external and internal oversight. The FISA court documents don't align with the NSA's narrative. Instead, they show an agency willing to ignore the law and mislead the court to engage in surveillance its oversight has never authorized.
RSS
