By this point, the half-baked security in most internet of things devices has become a bit of a running joke, leading to amusing Twitter accounts like Internet of Shit that highlight the sordid depth of this particular apathy rabbit hole. And while refrigerators leaking your gmail credentials and tea kettles that expose your home networks are entertaining in their own way, it's easy to lose sight of the fact that the same half-assed security in the IOT space also exists on most home routers, your car, your pacemaker, and countless other essential devices and services your life may depend on.

The lack of security in the medical front is particularly alarming. The latest case in point: security researchers have discovered eight vulnerabilities in a syringe infusion pump used by hospitals to help administer medication to patients intravenously. The flaws in the Medifusion 4000 infusion pump, manufactured by UK medical multinational Smiths Group, were discovered by security researcher Scott Gayou. The device is utilized to deliver medications, blood, antibiotics and other fluids to critical care patients, patients undergoing surgery (anesthesia) -- and newborn babies.

The flaws were severe enough to warrant a new warning from the Department of Homeland Security, which issued an advisory that, like similar past advisories, rather downplays the fact these flaws could be utilized by a skilled hacker to kill somebody covertly:

"Successful exploitation of these vulnerabilities may allow a remote attacker to gain unauthorized access and impact the intended operation of the pump. Despite the segmented design, it may be possible for an attacker to compromise the communications module and the therapeutic module of the pump. Impact to individual organizations depends on many factors that are unique to each organization. ICS-CERT recommends that organizations evaluate the impact of these vulnerabilities based on their operational environment and specific clinical usage."

Both the FDA and DHS have ramped up the attention they're giving such vulnerabilities, recently having issued similar first ever warnings about flaws in pacemakers by St. Jude Medical, which can be similarly abused to kill patients. And while this is all wonderful news if you're a wetworker operating in an environment where such flaws take years to discover much less fix, it's decidedly less fun for the companies being criticized for half-assed security measures. In most cases, the companies impacted make it their top priority to downplay the risks involved, as the Smiths Group did in its statement on the vulnerabilities:

The possibility of this exploit taking place in a clinical setting is highly unlikely, as it requires a complex and an unlikely series of conditions.

Except six of the vulnerabilities in question simply involve the use of hard-coded credentials, the same problem that has plagued the home router market for years. For its part, Smiths says it's working hard to implement a fix for the flaws -- that might be released in January 2018. In the interim Smiths is urging hospitals to assess the risk, change the default login credentials, and disconnect these devices from the network where necessary. But considering the low quality of IT support in most hospitals (a major reason for a massive spike in hospital ransomware attacks) -- there's certainly no guarantee of any of these mitigation measures actually happening.

Earlier this spring, a jewelry company CEO earned himself a federal indictment for his bespoke reputation management efforts. Realizing it was extremely difficult to erase negative reviews from the net, National Sapphire Company boss Michael Arnstein took one such reviewer to court. He was awarded an injunction after the defendant no-showed, resulting in the delisting of 54 URLs.

But the negative reviews kept coming. Rather than hire a lawyer and bring more defamation suits, Arnstein opted for the initially less-costly option: mocking up delisting orders and forging a judge's signature. This apparently worked well enough Arnstein felt comfortable sharing his fraudulent tactics with others. This swaggering, inculpatory statement was included in the federal complaint.

"No bullshit: if I could do it all over again I would have found another court order injunction for removal of links (probably something that can be found online pretty easily) made changes in photoshop to show the links that I wanted removed and then sent to 'removals@google.com' as a pdf — showing the court order docket number, the judges [sic] signature — but with the new links put in," Arnstein wrote in a July 2014 email, according to his criminal complaint. "Google isn't checking this stuff; that's the bottom line b/c I spent $30,000 fuckin thousand dollars and nearly 2 fuckin years to do what legit could have been done for about 6 hours of searching and photoshop by a guy for $200., all in ONE DAY".

The DOJ -- aided greatly by Arnstein generating plenty of evidence against himself -- pulled the trigger on a federal indictment. And, thanks to several other cases of rep management firms defrauding courts, Google is indeed "checking this stuff," limiting the effectiveness of impersonating judges and/or sliding bogus paperwork past them.

Arnstein has now pled guilty to a conspiracy charge, the DOJ reports.

ARNSTEIN, 40, of Kailua, Hawaii, pled guilty to one count of conspiracy to forge a judicial signature, which carries a maximum sentence of five years in prison. The maximum potential sentence is prescribed by Congress and is provided here for informational purposes only, as any sentencing of the defendant will be determined by the judge.

And one more bit of schadenfreude:

Acting Manhattan U.S. Attorney Joon H. Kim said: "As he admitted today, Michael Arnstein exploited the authority of the federal judiciary in a blatantly criminal scheme. By forging court orders and the signature of a U.S. District Judge, Arnstein was able to effectively erase websites critical of Arnstein's business from its search results. Now Arnstein awaits sentencing in the same court he impersonated."

Some sympathy is warranted for those hoping to battle negative reviews. Even illegitimate negative reviews can be close to impossible to remove from the web. But if the system seems unfair, it has to be. Making it easier to remove bogus reviews would just make it easier for companies/individuals who've earned every acidic word in their negative reviews to scrub the web of bad things.

The internet may be a well-oiled hate machine, but it's also a handy source of reference for customers who want to emerge unscathed from interactions with providers of goods and services. Easy delistings would turn the web into a cheery place where every company appears to exceed expectations, even as they screw their customers over.

Gritted-teeth lip service to freedom of information laws continues in the public sector. If stonewalling and/or outrageous fee demands aren't enough to dissuade requesters from seeking documents, more and more government agencies are deploying Plan C.

Government bodies are increasingly turning the tables on citizens who seek public records that might be embarrassing or legally sensitive. Instead of granting or denying their requests, a growing number of school districts, municipalities and state agencies have filed lawsuits against people making the requests — taxpayers, government watchdogs and journalists who must then pursue the records in court at their own expense.

The lawsuits generally ask judges to rule that the records being sought do not have to be divulged. They name the requesters as defendants but do not seek damage awards.

All well and good no damages are being sought, but what happens to the requesters-turned-defendants? The records they originally sought might have been had for little to nothing, in terms of out-of-pocket expenses. But now, thanks to the actions of government agencies, they're obliged to rack up expenses fighting the lawsuit, or otherwise cede the battle to the government and never get their hands on the requested records.

Those deploying this tactic say there's nothing wrong with proactive lawsuits against records requesters. According to these entities, the courts can make the best determination whether requested records are eligible for release.

But they're wrong.

Records requesters have the option to sue when records are denied and the court can make the determination then. This leaves the power in the hands of the people, who can choose whether or not they want to make the time/money investment of filing a public records lawsuit. If they succeed, the government can be forced to pay their legal fees.

Skipping this step puts the burden solely on the requesters. They have to front their own legal costs and, because the government is the moving party, they have zero chance of recouping legal fees even if the court finds in favor of the records requesters.

If nothing else, the tactic greatly increases the delay between the request and the delivery of records. In newsworthy cases, the preemptive lawsuit option can least put some time and distance between government misconduct and records revealing the misdeeds. It's nothing more than a low-risk cheap shot that that makes a mockery of public records laws.

Fortunately, the AP reports, changes are being made to public records laws to prevent the government from engaging in these transparency-thwarting efforts.

In Michigan, the state House voted 108-0 earlier this year in favor of a bill that would make it illegal for agencies to sue public records requesters. The proposal came in response to a county’s lawsuit against a local newspaper that had sought the personnel files of two employees running for sheriff. A judge dismissed the lawsuit, saying the county had to approve or deny the request.

The documents, ultimately released days before the election, showed that one of the candidates had been disciplined for carrying on an affair while on-duty in 2011. That candidate lost.

But there are only a couple of exceptions to the rule. And the bill in Michigan has yet to be signed into law. For the most part, the government only risks some reputational damage when suing records requesters. Most don't have much to spare, but are more than willing to part with it if it means keeping the public in the dark.

Turkish president Recep Erdogan is at it again. Not content to merely be viewed as a megalomaniacal, ring-coveting authoritarian, Erdogan is using his time in mixed company to assure the world he's angling for the title of "tyrant."

Erdogan's long history of abusing laws to shut critics up has been covered extensively here. He's gone from a comical but dangerous politician to the leading abuser of his own constituents in record time. When not attempting to push foreign countries to play by his censorship rules, Erdogan is locking up dissidents and journalists at an alarming rate.

Of course, they're not journalists… at least not when Erdogan's telling the story. While speaking at the Bloomberg Global Business Forum in New York City, the Turkish president had this to say about the journalists in his country's jails.

You have been misled, Erdogan told Bloomberg News editor-in-chief John Micklethwait, who interviewed him on stage. "The ones who have been sentenced, who have been imprisoned, are not journalists. Most of them are terrorists."

Define "terrorist." In the wrong hands/minds, the word "terrorist" could be used to describe anyone threatening to the party in power, even if nothing more dangerous than words or thoughts have been deployed. I have no doubt Erdogan believes journalists are terrorists, even if they've never done anything more than criticize him and his policies.

But Erdogan at least went into a little more detail about this claim. He explained the vast amount of terrorism participated in by the terrornalists he's tossed in his jails.

"Many have been involved in burglaries and some have been caught red handed as they were trying to empty ATM machines."

Odd. That sounds more like normal criminal activity. It does not sound like terrorism. I realize terrorists need to fund their activities, but this doesn't sound like terrorist acts. This sounds like bog standard theft.

So, these journalists Erdogan calls "terrorists" (because of their alleged burglaries) remain in jail. There's at least 150 still imprisoned, according to the Quartz article. But that's not the limit of Erdogan's abuse of the press. Erdogan shut down hundreds of media outlets in an initial assault on the press, following it up with mass arrests. A few thousand journalist were swept up by Erdogan's post-coup-attempt purge, most of whom ended up with no place to work and no press credentials to use.

After this, Erdogan went on to make many more counterfactual statements, including claiming he doesn't take proactive steps to stifle criticism and spinning the beatings handed out by his bodyguards during his visit to the White House as an all-out assault by crazed anti-Turkey Americans while US law enforcement officers stood idly by.

These are all hallmarks of a sociopathic authoritarian -- the type of person who always believes they're right even when the rest of the world agrees they're wrong. His sweeping away of facts with provably untrue statements shows he really doesn't care if anyone believes him, but will still do everything in his power to make sure those that don't believe can't be heard.

As more documents are released -- whether due to FOIA lawsuits or the Intelligence Community's begrudging attempts at transparency -- more evidence continues to pile up indicating the NSA has always abused/misused its collection programs.

A report written for Demand Progress by foremost NSA wonk Marcy Wheeler compiles a 12-year run of NSA overcollection and underreporting. These findings are summarized (lol) in a couple-thousand-word piece Wheeler wrote for Motherboard. Either route you take, you'll see the NSA has been given a long leash by its overseers. The end result of this mostly hands-off approach speaks for itself. From the Demand Progress white paper [PDF]:

For almost 12 years, both under Section 702 and other programs before it, NSA was always engaging in or retaining some kind of electronic surveillance the FISC would go on to deem unauthorized, and NSA would only fix the problem when threatened with criminal sanctions.

The FISA Court may often appear to be a rubber stamp, but it's often constrained by a lack of information. The NSA goes to court facing no adversaries, so the assertions it makes about lawful collection and careful use of surveillance powers are rarely challenged. When they are, it's only because the problem has become too big for the NSA to ignore and, generally, too big to hide from the court.

When the FISA Court finally has enough info to take on improper surveillance, years of unconstitutional collection have already occurred. Section 702 powers have never not been abused by the NSA, as the court belatedly noticed in 2011.

After reviewing the government's plan for MCTs [multiple communication transactions], Judge John Bates explained that “[u]nder the totality of the circumstances, then, the Court is unable to find that the government’s proposed application of NSA’s targeting and minimization procedures to MCTs is consistent with the requirements of the Fourth Amendment.”

That came three years after these powers had been granted with the 2008 FISA Amendments Act. Judge Bates' decision did almost nothing to push the NSA towards more constitutional collection efforts.

The government failed to keep those promises, and for over five more years, the government conducted queries on upstream collection in violation of procedures Judge Bates approved in response to the 2011 disclosures. After the new violations were revealed in late 2016, FISC Judge Rosemary Collyer called those queries “a very serious Fourth Amendment issue,” and she later scolded the government for “the extent of non-compliance with ‘important safeguards for interests protected by the Fourth Amendment.

The FISA Court's rulings made it clear the NSA had been overcollecting in one form or another since 2004. Despite this, the NSA took its time purging the unlawful collections from its databases. In addition to these violations, the FISA Court has found five years of repeated violations in the NSA's bulk internet metadata program, along with unconstitutional phone record collection efforts that swept up domestic records it was never supposed to have, thanks to flaws in the NSA's de-tasking procedures. That overcollection apparently spanned five years, from 2008-2013.

The recently retired "about" collection was another problematic collection, almost guaranteed to net purely domestic communications with its keyword searches and lack of targeting. The shutdown was likely spurred by the FISA Court's refusal to approve the NSA's 2015 Section 702 requests. It may also have been a mercy killing meant to prevent oversight members like Ron Wyden from ever obtaining an answer on domestic communications swept up by the program.

But that shutdown doesn't prevent "upstream" collection of communications travelling along internet backbones in foreign countries, far beyond the reach of Section 702's limitations. Upstream collections will continue to snag domestic communications and the NSA seemingly has no way (or little interest) in preventing analysts from accessing these.

The report is a harrowing read that makes it explicitly clear the NSA's oversight is mostly nonexistent. It relies heavily on self-reporting by the NSA, which tends to guarantee surveillance violations will only be brought to the court's attention after years of misuse by the agency. The same goes for its Congressional oversight, which has zero power to compel more timely -- and complete -- reporting.

Beyond its surveillance issues, the NSA is also involved in other Constitutional violations.

When Congress passed the FISA Amendments Act in 2008, it required the government to follow the same notice provisions as used under traditional FISA. If prosecutors want to use “any information obtained or derived from” Section 702 in a trial, they must tell the defendant. Yet when the government pointed to attacks prevented using Section 702 in the wake of the Edward Snowden leaks, defendants in those cases had not received the required notice. For example, the defendant in the most celebrated case involving an attack thwarted using Section 702, Najibullah Zazi, did not receive notice until July 2015, over five years after he pled guilty.

The government only started giving such notices after it emerged that Solicitor General Don Verrilli falsely informed the Supreme Court that such defendants get notice, when in fact DOJ had a policy that ensured no defendant received notice of Section 702 surveillance for nearly five years.

Going hand-in-hand with these violations are the FBI's access to privileged communications -- harvested by the NSA -- despite having policies in place meant to prevent this very behavior.

Another persistent violation involves FBI’s failure to abide by its own minimization procedures requiring that the communications for targets who have been federally indicted be reviewed and, if pertaining to the charged matter, sequestered. This means that agents may have access to attorney-client communications collected using Section 702 at the same time the government is criminally prosecuting the target of the surveillance.

To think things are better now is to ignore how the NSA has acted over the past decade-plus. The National Intelligence Director is playing nice with (limited) transparency, but underlying flaws in the NSA's collection and minimization procedures are likely still causing multiple violations. Thanks to the secretive nature of its work and its rather lax oversight, violations happening today likely won't be revealed for years to come. And this report only covers what's known about the NSA's Section 702 collections. There are other authorities we know almost nothing about, like Executive Order 12333, which may allow the NSA to continue its Fourth Amendment violations but without having to fear after-the-fact reprisal from the FISA court.

Whether you're a developer, blogger, graphic designer, or anything in between, chances are a lot of your workday is spent flipping between tabs and digging through folders to find specific things you need for a project. It's high time you get organized. Freeter Pro is the personal productivity app that lets you gather everything you need in one easy-to-use interface. Quickly and directly access analytics, open Task Manager, fire off a line of code—whatever your project needs, Freeter makes it easy to find it and implement it. It's on sale for $9.99 and good for use on any computer and operating systems where you are the primary user.

Note: The Techdirt Deals Store is powered and curated by StackCommerce. A portion of all sales from Techdirt Deals helps support Techdirt. The products featured do not reflect endorsements by our editorial team.

One of Backpage's most vocal critics in law enforcement has been Cook County Sheriff, Thomas Dart. As you may recall, this has been a nearly decade-long obsession with Sheriff Dart, in which he has been slapped down many, many times by courts. In 2009 he sued Craigslist for hosting adult ads, only to get slapped down pretty hard by a court explaining to him that you can't blame an online service for how its users use it. Once the ads on Craigslist moved to Backpage, Dart had a new target, which he regularly complained about in the press. In 2015, knowing he couldn't sue Backpage directly, he instead (successfully) strongarmed all the payment companies that worked with Backpage into cutting off service.

In response, Backpage sued Dart and very quickly won. The district court quickly pointed out that this seemed like a pretty clear First Amendment violation, with a government official using the law to attack non-criminal actions, creating classic prior restraint. The appeals court agreed with a masterful ruling by Judge Posner, about how this appeared to be a clear abuse of power by Sheriff Dart to bankrupt a company he disliked, but over whom he held no jurisdiction.

The case was then sent back to the lower court on a few points, and the two sides have been flinging paper back and forth for a while -- mostly to no avail. There had been little to no action in the case for many months... until last week Sheriff Dart suddenly sprung up to ask the court to reopen the process so he can issue subpoenas to Backpage, to dig more into what he insists must be criminal activity.

He's basing this on media reports related to a separate investigation into Backpage, which at the very least do raise some questions about whether Backpage is truly involved in the creation of its ads (which would take away its CDA 230 protections). Dart claims this proves that Backpage was lying to the court about how much of a hand it had in crafting ads on its site.

This July, THE WASHINGTON POST and NBC NEWS each published explosive articles reporting that Backpage is actively recruiting prostitutes and even creating ads for them to post on its website. Copies of these articles are attached as Exhibits A and B, respectively. While “Backpage has always claimed it doesn’t control sex-related ads, [n]ew documents show otherwise.” Exhibit A. Backpage has been “aggressively soliciting and creating sex-related ads.”...

The articles explain that the discovery of incriminating documents showing Backpage’ s solicitation and ad creation came about accidentally following the seizure of computers from one of Backpage’s Philippine agents in an unrelated civil lawsuit, but the fact that the revelations were accidental does not take away from their explosive character. The seized documents, if authentic and the reporting about them correct, prove that the essential premise of the original and amended complaints—that Backpage does not provide any of the content of the ads soliciting prostitution—is not well grounded in fact. Backpage has been lying to this Court...

[....]

Defendant now seeks leave to obtain through subpoena the very documents discussed in the two news articles—documents which, if authentic, corroborate the Red Beauty Sting and prove that Backpage has encouraged and participated in illegal activities, including the creation of advertisements that would destroy its Communications Decency Act defense that it is merely a web platform posting the advertisements of others.

Indeed, if it comes out that Backpage was actively involved in the creation of the content, it does not get CDA 230 protections. Under the Roommates.com standard, you can lose 230 protections if you "develop" the comment -- which means "materially contributing to its alleged unlawfulness." I have no idea if Backpage actually goes that far, but if it does, then its 230 protections go out the window and it's in a lot of trouble.

But here's the important point: for all the hubbub over the supposed "need" to break CDA 230 with SESTA in order to go after Backpage for this activity, Sheriff Dart's motion shows that there's no reason for SESTA. If Backpage truly did what those media reports are claiming, then CDA 230 won't apply and Backpage is hosed.

This is something that gets completely lost in all of the talk about CDA 230, where people (falsely) think that it completely takes away any liability for criminal activity. It does not. It just makes sure that the liability is actually on the parties engaged in the criminal activity. If it's the end users, CDA 230 does nothing for them. And if it's the platforms themselves, then CDA 230 also doesn't protect them from their own activities. The fact that Sheriff Dart is arguing that he can now go after Backpage again, and that the CDA 230 protections are gone, is a good reminder that we don't need SESTA to go after Backpage if it really violated the law.

So far this week, we've explained why SESTA is such a bad bill and how it will create a massive chilling effect that could impact nearly every online service. And while the Senate hearing on the bill wasn't as bad as we feared it would be, it certainly had its problematic moments -- such as when the bill's co-author, Senator Richard Blumenthal, argued that companies that couldn't afford to moderate/filter everything should be prosecuted. However, in the days since the hearing, I've had a few thoughts about aspects of the debate that are, to say the very least, troubling.

"Do Something Now!": While it was good to see many Senators at least pay lip service to the idea that the bill needed changes to not have massive unintended consequences for the entire internet, it was troubling the way they approached this process. Prior to the hearing, Emma Llanso wrote up a list of four important questions Senators should ask during the hearing -- and none of them were asked. The key questions were fairly fundamental ones: what actual gap is there in the law and will this fix it? It was disturbing that no one seemed to discuss that at all.

After all, under CDA 230 today, nothing stops federal law enforcement from going after Backpage (other than if the DOJ doesn't think Backpage broke the law). CDA 230 does not cover federal government law enforcement. Similarly, CDA 230 does not cover content "developed" by a company itself. So, if as many people claim, Backpage develops illegal content itself, it's still liable. Finally, just a few years ago, Congress passed the SAVE Act, with the exact same stated intent: to carve a hole in CDA 230 to go after Backpage by making it a federal crime to advertise sex trafficking. That law hasn't been used -- and none of the Senators seem to be asking why.

Instead, there's very much the traditional politician's syllogism of "we must do something, this is something, we will do it." A few times during the hearing, Senators demanded from the two opponents to SESTA that they provide better language if they're concerned about this language. Notice the problem here: they were admitting that this language is problematic, but seemed to have no interest in understanding why or how to fix it -- instead, demanding that others give them new language, with the implicit threat that if they don't, this language will stay because this is "something."

That may be all too common, but it seems like a dreadful way to make policy.

The knowledge standard is a mess: This is important, and got some discussion during the hearing, but not nearly enough. The "knowledge" standard in the bill is a complete and total mess. The supporters of the bill brushed it off as no big deal, often by misstating what the bill actually says. California Attorney General Xavier Becerra focused solely on the criminal standards for knowledge, saying he needed to prove "beyond a reasonable doubt" that there was intent, while NCMEC's Yiota Souras insisted the knowledge standard was very narrowly tailored.

Both of them are wrong -- in somewhat staggering and dangerous ways. Again, the actual text of the bill says the following:

The term ‘participation in a venture’ means knowing conduct by an individual or entity, by any means, that assists, supports, or facilitates a violation [of sex trafficking laws.]

This is problematic on multiple levels. First "knowing conduct" by itself is vague and not clearly defined. As Professor Eric Goldman suggested during the hearing, knowing conduct could just mean that a platform knows it's doing something, but has no idea of the outcome. For example, if we knowingly allow users to post comments on our site -- and someone uses that to post sex trafficking ads -- even though we didn't know they were posting sex trafficking ads, our conduct in enabling comments was "knowing." If that sounds like a crazy scenario to you, fair enough -- but shouldn't the law state that much more clearly? Make it clear that the knowledge is not just of its own conduct, but that the conduct is specifically targeted at breaking the law.

The second problem with the knowledge standard is the claim that you can violate the law if your "knowing conduct" "by any means"... "assists, supports or facilitates a violation" of sex trafficking laws. As we explained earlier, assists, supports or facilitates is super broad. It's possible to read this to mean that hosting a website where someone sets up a blog to advertise sex trafficking makes you automatically liable -- even if you knew nothing of the actual content. After all, you did "knowing conduct" (hosting a website) and that website was used to "assist, support or facilitate" a violation of sex trafficking laws. We would not read the law this way, but as the language is currently written, it could very well be read that way.

And that means it will be read that way by someone. We've seen tons of civil lawsuits filed against deep-pocketed companies (and not so deep-pocketed companies) on a much more flimsy basis. If you don't think a bunch of lawyers won't be searching for such cases to bring, you haven't paid much attention.

And these lawsuits can be very costly and time-consuming. Remember the Viacom v. YouTube case? That was an intermediary liability case that was almost entirely focused on the question of whether YouTube had the requisite knowledge to be liable (sound familiar?). And it went on for more than seven years before it was finally settled, rather than having a court issue a final ruling. With such a weak knowledge standard (even weaker than the DMCA's that was fought over in the Viacom case), you can bet there will be long and costly lawsuits over just what the hell Congress meant by "knowledge."

It's fairly stunning and concerning that those pushing for the bill insist there's no problem with the knowledge language. It's as if they have no idea of the fairly recent litigation history over this very issue.

A lack of enforcement isn't fixed by blaming intermediaries: As mentioned, nothing in CDA 230 stops the Justice Department from going after intermediaries if they break the law. When this was (barely) brought up during the hearing, one response was that the DOJ is either overwhelmed or isn't doing its job -- and by opening up prosecutions to state law enforcement, it would allow more of these kinds of cases to be brought. And while that may be true, that seems like a really weird way to solve the problem. If the true problem is a lack of willingness or resources by the DOJ to take on these cases, then why isn't the discussion and legislation directly targeting that problem? Why isn't there a discussion of allocating more resources, or finding out why the DOJ isn't bringing these cases, and offering legislation or resources to solve whatever may be blocking action.

Instead, it seems like a very strange approach to say the answer to a lack of will or resource is... to make more companies liable.

A profound misunderstanding of CDA 230. This one bothers me quite a bit. If we're talking about amending CDA 230, at least get the facts on CDA 230 right. Unfortunately, many Senators and some of the witnesses did not. There's this incorrect belief that CDA 230 leaves no recourse for victims of sex trafficking. That is not even remotely true. The actual perpetrators of sex trafficking are still very much in violation of the law. And, again, if platforms actually develop illegal content themselves, then CDA 230 protections don't apply.

Finally, so many of the Senators and commentators act as though because of CDA 230, no company does anything to moderate their platforms. This is laughable. Basic public pressure has lead most platforms to moderate their platforms thoroughly -- and that's one of the features of CDA 230, in that it says that any effort to moderate/filter your platform to remove content you don't want to see (even if legal) does not attach any liability. SESTA changes that standard (even as its authors claim it doesn't). Because of the "knowledge" standard, moderating content may now be seen as evidence of "knowing conduct." So this effectively wipes out one of the most important tools that platforms have used to stop their platforms from being used for sex trafficking -- and no one seems to want to acknowledge that.

Unless the supporters of this bill are willing to face up to these basic facts and problems with the bill, their headlong rush into "doing something" seems likely to cause a lot more harm than good.

One of the biggest reasons for soaring cable rates is the bloated and soaring cost of sports programming. Similarly, one of the biggest causes for the unprecedented rise in cord cutting (ditching cable and going with a streaming alternative) is the cost of sports programming. Surveys have shown that 56% of ESPN viewers would dump the channel just to save the $8 per month it costs each subscriber. Once streaming alternatives emerged for the sports-bloated traditional cable bundles that let them do just that, users began flooding to the exits at a historic rate.

The reality is millions upon millions of customers don't give a shit about sports, yet are forced to pay $120 or more per month for cable bundles filled with content they don't watch, and didn't want. And when some cable companies initially tried to offer "skinny bundles" without ESPN or other sports networks, they were sued by ESPN for trying to give consumers what they wanted. And while that has slowly started to change with the rise of live TV streaming alternatives, for traditional cable providers something in this cycle of dysfunction needs to change. Quickly.

Case in point: Axios points to Magna's latest Media Sports Report that highlights how cable companies are now paying significantly more money for sports programming than they make off advertising during the games. For example, cable operators now pay the NBA $2.6 billion annually in licensing fees, but "only" make $1.3 billion from the ads run during sports events. The associated graphic highlights how it's the same for most leagues:

Of course cable companies make up for the difference by not only imposing endless cable TV rate hikes, but via the bevy of misleading fees they've long used to jack up the advertised rate of service post sale. But their ability to do this has been dramatically compromised by the mass exodus of users fleeing traditional cable. And the problem is notably worse for broadcast networks:

This (sic) economics are especially problematic for broadcast networks that carry live sports games, because they don't have access to subscription revenues to subsidize the high cost of programming, like cable networks do. Broadcasters rely on ratings, driven by viewership — which is getting increasingly older and aging out of the coveted 25-54 marketing demographic, as well as retransmission fees.

As a result, more sports distribution rights have migrated to cable networks — think TNT and TBS carrying the NBA and MLB, respectively. But there are problems there, too. Cable channels are losing subscribers to digital streaming options at the fastest rate ever. It's worth noting that both cable and broadcast networks make a substantial amount of money from retransmission fees (charging cable and satellite providers to carry their content), but collectively it's still not enough to completely offset the rate of increases to programming costs.

The report proceeds to state the obvious by proclaiming that analysts "don't see the ever-increasing gap between ad revenues and rights fees as sustainable in the long term," something cable subscribers could have told them years ago. Wall Street analysts have similarly been discussing how retransmission fee hikes and the soaring cost of programming simply isn't sustainable for the better part of the last decade, not that it appears to have changed the landscape -- or the executive quest to milk the traditional cable TV cash cow to death -- in any meaningful fashion.

This will likely most harm small cable TV operators, who have said they may just stop selling cable TV as margins get tighter. Don't feel too badly for larger cable providers like Comcast, however. As their TV margins get squeezed, they are simply using their monopoly over broadband to jack up the cost of broadband via unnecessary and confusing caps or overage fees. The end result: cable companies get their pound of flesh one way or the other, as users are punished for fleeing the cable and broadcast sectors' walled gardens and the seemingly endless TV rate hikes therein.

Last year we discussed a dispute between Roberto Escobar, brother of the infamous drug kingpin Pablo Escobar and the Medellin cartel's accountant, and Netflix over the latter's hit show Narcos. It was a strange dispute for any number of reasons, ranging from Roberto Escobar's demand for one billion dollars and the rights to alter content in future episodes to the fact that Escobar's demands didn't lay any actual claim to any intellectual property in dispute, all the way up to the fact that Narcos doesn't actually portray Roberto Escobar at all. Much like the silly dispute between Activision and Manuel Noriega over publicity rights, it was pretty much assumed that this nonsense would be done away with more quickly than a federal informant working on the inside of the cartel.

Sadly, however, this still appears to be a thing, and it's getting quite strange. For starters, Escobar's legal team claims that a capitulation of sorts by the show might be in the works. It all starts as you'd expect, with the legal team for Narcos detailing via a letter how silly Escobar's claims are, as well as how plainly false the applications Escobar subsequently made for trademarks on terms and titles from the show were.

Narcos Productions, LLC (NPL) — the company behind the series and its popular video game spinoff Narcos: Cartel Wars — contend that without NPL's "knowledge or consent, on Aug. 20, 2016, Escobar filed use-based applications to register the marks NARCOS and CARTEL WARS with the [U.S. Patent and Trademark Office] covering a range of goods and services." Those services include everything from "downloadable ring tones" and "sunglasses, decorative magnets" to "temporary tattoos, bookmarks and sheet music," according to the trademark application documents included with the letter. The letter calls the claims "fraudulent."

"For example," writes NPL attorney Jill M. Pietrini, "Escobar claims that it has used NARCOS in connection with things like 'operating a website' and 'game services provided online from a computer network' since Jan. 31, 1986. However, the internet had not been developed for widespread consumer use in 1986, nor was the capability to provide audiovisual works nor game services available at that time."

So basically the lawyers for the show are demonstrating how flimsy Escobar's attempts to setup a legal way to extort the show are. Trademark law is quite clear on the rights it affords to those who are the first to use a trademark in commerce and ought to act as a shield to these attempts. Despite that, emails obtained by THR from Escobar's legal team to Escobar himself seem to indicate that Narcos is considering just paying Escobar to go away anyway.

In a subsequent email correspondence obtained by THR and dated Sept. 1, an attorney for Escobar Inc. at Century City-based Browne George Ross LLP informs his client that he and Pietrini had a productive conversation about the claim.

"I floated the idea of paying you for an assignment or license or release related to your pre-exisiting rights in the trademarks in certain categories," Wesley writes. "She seemed to see the logic of exploring those discussions. She is going to speak with her client and get back to me."

While there is no clear commitment to a licensing deal there, the entertainment industry is notorious for paying people like this to go away, so it's not entirely out of the question. Given the clear legal framework here, however, as well as the personalities involved on the other side, it strikes me as fairly ludicrous that the show's producers would want any part of paying a former member of the cartel for no clear legal reason. Escobar's lawyers are making a lot of noise about how if Escobar chooses not to settle for whatever Narcos might be willing to pay him, then they "own the trademarks", which certainly is not remotely true here in the United States.

Adding to how strange all of this is would be the fact that a location scout for the show, Carlos Munoz Portal, was murdered in Mexico in recent weeks while scouting locations for Narcos' fourth season. While the facts surrounding Portal's death remain unknown at the time of this writing, Escobar has been rather cryptic on the topic.

Speaking Monday to The Hollywood Reporter, Escobar's 71-year-old surviving brother, Roberto De Jesus Escobar Gaviria, suggested the show's producers are not cut out for filming in such cartel-infested locales as Mexico and Colombia, adding that they would benefit from the hiring of "hitmen ... as security."

As for whether or not anyone at Escobar Inc., including Gaviria, currently has any knowledge regarding what happened to slain location scout Portal, Gustafsson would only offer, "No comment on that. But Escobar Inc. cooperates with all law enforcement."

It's as likely as not that Escobar is merely playing coy on this topic to add some gravitas to his threats and demands to Narcos and Netflix, but the comments are chill-inducing considering the source. Regardless, the merits of the trademark claims at hand remain fairly clear. Talks of Narcos capitulating or not, it's difficult to imagine a $1 Billion payday for Escobar coming anytime soon.