Much like the giant ISPs he's clearly beholden to, Ajit Pai isn't particularly happy about California's efforts to pass meaningful net neutrality rules. The state's shiny new law recently passed the state assembly and senate, and is awaiting the signature of California Governor Jerry Brown. ISPs recently met with Brown in a last-minute bid to get him to veto the bill (a very real possibility) despite widespread, majority public support.

Pai last week took some time to whine about California's bill at the Maine Heritage Policy Center, a "free market" think tank supported by (shockingly) major ISPs. In his speech, Pai insisted that California's attempt to protect consumers is somehow both "extreme" and "illegal":

"Of course, those who demand greater government control of the Internet haven’t given up. Their latest tactic is pushing state governments to regulate the Internet. The most egregious example of this comes from California. Last month, the California state legislature passed a radical, anti-consumer Internet regulation bill that would impose restrictions even more burdensome than those adopted by the FCC in 2015."

We've been over this so many times it hardly warrants a response. But it should be clear that states only took the steps to pass state-level net neutrality laws after Pai made it repeatedly, aggressively clear that his agency could not care less about the welfare of consumers. Killing net neutrality, supporting the elimination of broadband privacy protections, gutting FCC consumer protection authority, thwarting efforts to improve cable box competition, and eroding broadband programs for the poor all highlight this fact. Didn't want states intervening? Don't be so aggressively hostile to consumers.

From here, Pai proceeds to again try to claim that what California is up to is somehow "illegal," which also (surprise) isn't true:

"The broader problem is that California’s micromanagement poses a risk to the rest of the country. After all, broadband is an interstate service; Internet traffic doesn’t recognize state lines. It follows that only the federal government can set regulatory policy in this area. For if individual states like California regulate the Internet, this will directly impact citizens in other states.

Among other reasons, this is why efforts like California’s are illegal."

At ISP behest, Pai included language in the FCC's net-neutrality-killing "restoring internet freedom" order that attempts to pre-empt (read: ban) states from protecting consumers in the wake of FCC apathy. And while Pai keeps trying to claim the FCC has this authority, the courts so far have not seen it that way. In part because when Pai decided to roll back ISP classification of common carriers under the Telecom Act, he also eliminated any potential rights the FCC had to tell states what to do.

That's a point California Senator Scott Weiner was quick to make in his own statement:

"SB 822 is necessary and legal because Chairman Pai abdicated his responsibility to ensure an open internet. Since the FCC says it no longer has any authority to protect an open internet, it’s also the case that the FCC lacks the legal power to preempt states from protecting their residents and economy. When Verizon was caught throttling the data connection of a wildfire fighting crew in California, Chairman Pai said nothing and did nothing. That silence says far more than his words today.

Like any good disinformation magician, Pai hopes that if he repeats these falsehoods often enough, they'll magically become true. But it's hard to tapdance around the fact that the vast, bipartisan majority of Americans hate their cable and phone companies and support these rules for good reason -- and by ignoring the will of the public and refusing to rein in monopoly providers with three decades of anti-competitive behavior under their belts, it's Pai that's the radical one.

The Sixth Circuit Appeals Court has taken a look at some of President Trump's campaign trail trash talk and decided urging fans to remove protesters wasn't incitement, even if the phrasing was a bit graceless. (h/t Elizabeth Joh)

The plaintiffs -- Kashiya Nwanguma, Molly Shah, and Henry Brosseau -- attended a Trump campaign rally for the express purpose of protesting it. There's nothing wrong with that. It's the sort of thing that happens all the time, even if Trump tends to draw more detractors than most. During his speech, Trump had his critics ejected, telling attendees to "get 'em out of here."

The plaintiffs, having been unceremoniously ejected (with some extra jostling from Trump supporters), sued, claiming Trump's "get 'em out of here" directly caused them harm and violated the state of Kentucky's riot incitement law.

The Appeals Court disagrees [PDF] with this assessment, using the plaintiffs' own statements to undo their assertions. But it's not happy with the lower court's decision to apply a less strict standard to Trump's wording to give the plaintiffs a better shot at hitting the mark with their state claims ("incitement to riot"). Applying the plausibility standard -- that Trump's "get 'em out of here" could have conceivably incited a riot -- makes no sense if the lower court wasn't willing to apply that same standard to words Trump said directly after that.

Focusing on the former statement, the district court held that it “implicitly” encouraged the use of violence. Id. at 727. Yet, even if “get ’em out of here,” standing alone, might be reasonably construed as implicitly encouraging unwanted physical touching, the charge here is “inciting to riot.” The notion that Trump’s direction to remove a handful of disruptive protesters from among hundreds or thousands in attendance could be deemed to implicitly incite a riot is simply not plausible—especially where any implication of incitement to riotous violence is explicitly negated by the accompanying words, “don’t hurt ’em.” If words have meaning, the admonition “don’t hurt ’em” cannot be reasonably construed as an urging to “hurt ’em.”

Even if the appeals court had decided Trump's words (but only some of them) didn't mean what they appeared to mean ("don't hurt 'em" = "hurt 'em"?), the president would still be able to walk away from this lawsuit intact. What Trump said during his campaign was not a threat nor any other speech standing outside the protections of the First Amendment.

Under the Brandenburg test, only speech that explicitly or implicitly encourages the imminent use of violence or lawless action is outside the protection of the First Amendment. This looks like a close analogue for the kind of speech required to make out the charge of inciting to riot under Kentucky law. It follows that if we were to hold that plaintiffs’ allegations do state a plausible incitement-to-riot claim under Kentucky law, the claim might be expected to fall outside the protection of the First Amendment under the Brandenburg test. What comes with the constitutional standard, however, is an illustrative body of case law. And what this case law makes clear is that, even if plaintiffs’ allegations could be deemed to make out a plausible claim for incitement to riot under Kentucky law, the First Amendment would not permit prosecution of the claim.

As the court notes, what Trump said may have been taken by attendees as an invitation to inflict violence. Trump may even have hoped some would act on these urges even with the tossed-off addition of "don't hurt 'em." But what he said was Constitutionally protected, no matter how unsavory or subjectively threatening the expelled protesters might have felt his statements were. For the court to step in and declare these words illegal would be a step too far.

[A]s a nation, we have chosen to protect unrefined, disagreeable, and even hurtful speech to ensure that we do not stifle public debate. The First Amendment demands governmental tolerance of speech, in the name of freedom…

The court isn't there to second-guess the speaker's intent. It's there to weigh the Constitutionality of the statements. "Get 'em out of here" isn't capable of directly inciting violence. The government has steered clear of punishing far worse speech in far more volatile situations. The court says it's not willing to cross that line, especially not when the perceived incitement was immediately negated by the next words out of Trump's mouth.

Earlier this year, we wrote about what seemed to be a fairly serious breach of security at the world's largest biometric database, India's Aadhaar. The Indian edition of Huffington Post now reports on what looks like an even more grave problem:

The authenticity of the data stored in India's controversial Aadhaar identity database, which contains the biometrics and personal information of over 1 billion Indians, has been compromised by a software patch that disables critical security features of the software used to enrol new Aadhaar users, a three month-long investigation by HuffPost India reveals.

According to the article, the patch can be bought for just Rs 2,500 (around $35). The easy-to-install software removes three critical security features of Aadhaar:

The patch lets a user bypass critical security features such as biometric authentication of enrolment operators to generate unauthorised Aadhaar numbers.

The patch disables the enrolment software's in-built GPS security feature (used to identify the physical location of every enrolment centre), which means anyone anywhere in the world -- say, Beijing, Karachi or Kabul -- can use the software to enrol users.

The patch reduces the sensitivity of the enrolment software's iris-recognition system, making it easier to spoof the software with a photograph of a registered operator, rather than requiring the operator to be present in person.

As the Huffington Post article explains, creating a patch that is able to circumvent the main security features in this way was possible thanks to design choices made early on in the project. The unprecedented scale of the Aadhaar enrollment process -- so far around 1.2 billion people have been given an Aadhaar number and added to the database -- meant that a large number of private agencies and village-level computer kiosks were used for registration. Since connectivity was often poor, the main software was installed on local computers, rather than being run in the cloud. The patch can be used by anyone with local access to the computer system, and simply involves replacing a folder of Java libraries with versions lacking the security checks.

The Unique Identification Authority of India (UIDAI), the government body responsible for the Aadhaar project, has responded to the Huffington Post article, but in a rather odd way: as a Donald Trump-like stream of tweets. The Huffington Post points out: "[the UIDAI] has simply stated that its systems are completely secure without any supporting evidence." One of the Aadhaar tweets is as follows:

It is because of this stringent and robust system that as on date more that 50,000 operators have been blacklisted, UIDAI added.

The need to throw 50,000 operators off the system hardly inspires confidence in its overall security. What makes things worse is that the Indian government seems determined to make Aadhaar indispensable for Indian citizens who want to deal with it in any way, and to encourage business to do the same. Given the continuing questions about Aadhaar's overall security and integrity, that seems unwise, to say the least.

Follow me @glynmoody on Twitter or identi.ca, and +glynmoody on Google+

For some time, Swedish ISP Bahnhof has been sounding the alarm over copyright trolling practices in its home country. While cynics will note that Bahnhof has absolutely made its refusal to hand over customer data a central part of its marketing messaging, the ISP has also made a point to publicly track copyright trolling court cases, threat letters, and pretty much everything else related to copyright trolling in Sweden. And, frankly, it's due pretty much solely to Bahnhof's tracking efforts that we now know just how insanely worse copyright trolling in Sweden has gotten in just the last year or so.

According to Swedish Internet provider Bahnhof, which keeps track of these cases on a dedicated website, records are being broken this year.

“Thousands of Swedes have received threatening letters from law firms which accuse them of illegal downloading. They are asked to pay a sum of money, ranging from a couple of thousand Swedish Kronors up to several thousand, to avoid being brought to justice,” Bahnhof Communicator Carolina Lindahl notes. “During 2018 the extortion business has increased dramatically. The numbers have already exceeded last year’s figures even though four months still remain.”

The over 35,000 individuals targeted totals more than the number of targets in the last two years combined. It also totals more than all of the filesharing cases in the United States and Canada combined. And, in case the point isn't sinking in just yet, that's insane. And, again, while Bahnhof today is using all of this data in its messaging to the public as to why they should be Bahnhof customers, the company's long-term goal is actually to get the government involved to clarify the law and disallow this business practice.

“It’s time to reverse the trend before another 100, 1000 or 10,000 individuals have to join the growing group of victims. The practice of sending extortion letters to internet users solely based on IP-addresses does not meet any requirements of legal certainty and must be stopped,” Bahnhof’s Communicator stresses.

“We want to see a reform of copyright law aimed at promoting artistic creation instead of the commercial interests of the copyright industry.”

It remains to be seen just how high the victim count must go before the Swedish government indeed does its job.

So this is somewhat unexpected, but Rep. Doug Collins has introduced HR 6714, a bill to make federal court records free to the public.

H.R. 6714, the Electronic Court Records Reform Act, would guarantee free public access to federal court records through the Public Access to Court Electronic Records (PACER) system, which currently charges the public a fee to access documents. The bill would also require updates to the PACER system, including adding a function to enable all users to search its catalog of court documents easily. Currently, litigants are handicapped because they cannot conduct research through the system.

The bill would further support legal professionals and the general public by consolidating the Case Management/Electronic Case Files (CM/ECF) system. The CM/ECF system was designed to increase efficiency for all stakeholders within the judicial system, but it is compartmentalized among different courts. This makes locating records and filing documents difficult and inefficient. The Electronic Court Records Reform Act would unify these disconnected systems under the Administrative Office of the U.S. Courts in order to ensure uniform access to all federal litigants.

This would be... amazing. We've spent years highlighting the massive problems with PACER, the federal court system that charges insane amounts for basically everything you do, just to access public records, and which functions very much like it was designed around 1995. There are a few court cases arguing that PACER fees are illegal and a recent ruling in one of those cases agreed. As we noted at the time, that was hardly the final word on the matter. A bill like the ones Collins introduced would be an amazing leap forward in giving public access to court documents.

Unfortunately, it's unclear if the bill has any support beyond Collins, but this is the kind of thing you would hope that Congress could get behind.

Three years after its inception, a prosecution involving possibly unlawful FISA-authorized surveillance, hints of parallel construction, and a very rare DOJ notification of Section 702 evidence has reached a (temporary) dead end. The defendants challenged the evidence on multiple grounds -- many of which weren't possible before the Snowden leaks exposed the breadth and depth of the NSA's domestic surveillance.

The federal judge presiding over the case -- which involved material support for terrorism charges -- has declared there's nothing wrong with anything the NSA or FISA Court did, so long as the surveillance was authorized and possibly had something to do with national security. (via FourthAmendment.com)

First, the defendants -- all accused of providing material support to Al Qaeda (remember them?) -- asserted the constitutionality of the NSA's upstream collections should be revisited in light of the Snowden leaks. The court [PDF] says these more-recent exposures are no reason to upset the precedential apple cart.

Controlling precedent decides this issue. In 2005, the Sixth Circuit rejected a Fourth Amendment challenge to FISA's procedures. The court explained in Damrah that the defendant's Fourth Amendment challenge lacked merit, as "FISA has uniformly been held to be consistent with the Fourth Amendment." Damrah has not been overturned or altered in light of the public disclosures regarding PRISM and upstream collections. And consequently, Damrah forecloses Defendants' constitutional challenge.

So, to add this all up: leaked documents from 2013 onward, exposing routinely-abused programs that massively expanded following the 2008 FISA Amendments Act, mean nothing when stacked up against a 2005 case predating the NSA's admissions of surveillance abuse and the exposure of the FBI's backdoor searches of domestic communications.

Furthermore, the court declares -- based on documents provided by the government directly to the court, but not to the defendants (in ex parte hearings) -- the FISA-authorized surveillance was on the up-and-up because the government provided documents declaring the FISA-authorized surveillance was on the up-and-up.

The court is sympathetic to those on the other side of the deck it helped stack, but only barely.

I recognize the challenge faced by a defendant in making a substantial preliminary showing that a FISA application contains a false statement when the defendant does not have access to the application. But the threshold burden exists nonetheless. [...] And here, Defendants have failed to satisfy that burden.

Oddly, the court then decides, after pulling from a 2005 decision and ignoring every FISA-related development since then, that previous domestic surveillance violations by the FBI have no bearing on this case.

The Government's errors from more than a decade ago [referring to a 2004 IG report about post-9/11 surveillance] do not amount to a substantial preliminary showing that an application for FISA collection relevant to this case contains a false statement which was knowingly or recklessly made and necessary to the finding of probable case.

Yes, this is true. These are not comparable things. But with the defendants unable to review the FISA applications, they're left with the judge's take as guided by government submissions -- submissions the defendants are also unable to review or even argue.

As for the Fourth Amendment challenge to Section 702 surveillance generally, the court says there's really no Fourth Amendment issues as this does not apply to "aliens in foreign territory." The court goes even further, though, suggesting the collection of communications outside of the country does not even require a warrant, even if it "inadvertently" sweeps up Americans' communications during the process.

Since the court has also unilaterally decided it can -- unaided by anyone but the government -- decipher the government's FISA-related submissions, there are no due process violations even if the defendants are prevented from viewing, analyzing, or rebutting the claims made by the government during these ex parte sessions. In the end, there's nothing left for the defendants to do but appeal, which will certainly happen what with the court dismissing out of hand the evidence provided by multiple leaked documents and documents officially released by the Director of National Intelligence. To buy the government's claims of above-board surveillance in secret court sessions and declare those NATSEC Kosher seems like a very close-minded move that grants the government more deference than documents the government released publicly itself shows it has earned.

Last week we, like many others, wrote about the story of Anders G da Silva, who had complained on Twitter about how Apple had disappeared three movies he had purchased, and its customer service seemed to do little more than offer him some rental credits. There was lots of discussion about the ridiculousness -- and potential deceptive practices -- of offering a "buy" button if you couldn't actually back up the "purchase" promise.

Some more details are coming out about the situation with da Silva, and some are arguing that everyone got the original story wrong and it was incorrect to blame Apple here. However, looking over the details, what actually happened may be slightly different, but it's still totally messed up. Apple didn't just stop offering the films. What happened was that da Silva moved from Australia to Canada, and apparently then wished to redownload the movies he had purchased. It was that region change that evidently caused the problem. Because copyright holders get ridiculously overprotective of regional licenses, Apple can only offer some content in some regions -- and it warns you that if you move you may not be able to re-download films that you "purchased" in another region (even though it promises you can hang onto anything you've already downloaded).

And, here the situation is slightly more confusing because Apple actually does offer the same three movies -- Cars, Cars 2 and The Grand Budapest Hotel -- in both Australia and Canada, but apparently they may not be the identical "versions" of the film, as they may be slightly altered depending on the region.

And while this may be marginally better than completely removing his "purchased" films, it's still absolutely ridiculous. The CNET article linked above is sympathetic to the idea that Apple has to go to extreme lengths such as these to prevent "region hopping," and says that da Silva is just an "edge case" that "fell into a licensing crack." But, again, that's nonsense. This is digital content that he "purchased" using a "buy" button. It shouldn't matter where he is at some later date. He should still get access to those original files. That's what a purchase means. The fact that this might possibly in some cases mean that (OH MY GOSH!) someone in Canada can access a movie released in Australia when they're actually in Canada, well, uh, that seems like an "edge case" that a movie studio and Apple should deal with, rather than screwing over legitimate purchasers.

But, alas, we're left with yet another example of the insanity driven by excessive copyright, in which copyright holders get so overly focused on the notion of "control" that they feel the need to control absolutely everything -- including making sure that no wayward Canadians might (GASP!) purchase and download a movie meant for Australians. It's this overwhelming, obsessive desire to "control" each and every use that messes with so many people's lives -- including da Silva's -- and makes sure that the public has almost no respect at all for copyright. Give up a little control, and let the edge cases go, and maybe people wouldn't be so quick to condemn copyright for removing their own rights so frequently.

The Ultimate MCSA Certification Training Bundle is a 3 part series to help you get MCSA Certified and ready to work with Microsoft Windows Server 2016. You'll learn concepts, terminology, and technology related to the MCSA Certification through real-world scenarios, and how to design, deploy, configure and support Windows Server 2016 in most organizations. The third course covers the installation and configuration of Active Directory Domain Services (AD DS). The bundle is on sale for $39.

Note: The Techdirt Deals Store is powered and curated by StackCommerce. A portion of all sales from Techdirt Deals helps support Techdirt. The products featured do not reflect endorsements by our editorial team.

More bad news is surfacing from Google's Chinese government-ordained search engine. The project, known as "Dragonfly," has proven unpopular with some Google employees and many, many Google critics. The Intercept obtained leaked documents from a unhappy Google employee back in early August. More information has surfaced, thanks to additional documents leaked to the site. Whatever surveillance/censorship concerns Dragonfly posed are far more pronounced in the wake of these new leaks.

Sources familiar with the project said that prototypes of the search engine linked the search app on a user’s Android smartphone with their phone number. This means individual people’s searches could be easily tracked – and any user seeking out information banned by the government could potentially be at risk of interrogation or detention if security agencies were to obtain the search records from Google.

Google's Chinese search engine also contains a blacklist of terms like "human rights," "student protest," and "Nobel Prize," showing the government has a deep interest in using the custom-built search engine to deter and punish dissent. None of this is surprising, other than Google's willingness to participate in government censorship. Google does pretty much the same thing with Android phones here in the US, where everything in the ecosystem is tied to the originating phone. There are ways to prevent that, but most phone users won't take those steps. In China, however, the phones are also registered with the government, removing the third-party hop needed to tie internet activity to a person.

Even Google's seeming embrace of censorship and dissent deterrence may not be as surprising as it should be, as any number of social media platforms have made considerable concessions to authoritarian governments in recent years, rather than face losing market share in these countries.

The more details come out, the worse Google looks. As Ryan Gallagher reports, Google would also be complicit in replacing facts with the Chinese government's approved narrative.

Sources familiar with Dragonfly said the search platform also appeared to have been tailored to replace weather and air pollution data with information provided directly by an unnamed source in Beijing. The Chinese government has a record of manipulating details about pollution in the country’s cities. One Google source said the company had built a system, integrated as part of Dragonfly, that was “essentially hardcoded to force their [Chinese-provided] data.”

Companies make bad decisions when faced with doing the right thing or doing the most profitable thing. Google premised its existence on not being evil. Pulling out of China lived up to that ideal. This does not. Concessions will always be made, but if these leaked documents are accurate, what Google is doing in China is far more than making small compromises to provide Chinese citizens with platforms not entirely controlled by their government. For all intents and purposes, Dragonfly is the government's toy, built on tech underpinnings and expertise Google has apparently offered willingly.

The longer Google refuses to discuss this publicly, the worse it looks. Its continued silence will make it very difficult to fend off complaints it skews search results for political reasons or placate US government agencies demands for data or broken encryption.

Back in July, New York State took the historically-unprecedented step of voting to kick Charter Communications (aka Spectrum) out of New York State. Regulators say the company misled them about why the company repeatedly failed to adhere to merger conditions affixed to the company's $86 billion acquisition of Time Warner Cable and Bright House Networks, going so far as to falsify (according to the NY PUC) the number of homes the company expanded service to. The state has also sued the company for failing to deliver advertised broadband speeds, for its shoddy service, and for its terrible customer support.

But the threat to kick Charter out of the state appears largely to have been a negotiation tactic, as the two sides are now purportedly making progress and engaging in "productive dialogue" as they attempt to hash out their differences. That's at least according to a Charter filing with the state PUC requesting a deadline extension obtained by Ars Technica:

"Good cause exists to further extend this deadline. Charter and the Department have been involved over the past few weeks in productive dialogue regarding the Revocation Order as well as the July Compliance Order and the related special proceeding initiated by the Commission in the [state] Supreme Court pursuant to the July Compliance Order. As part of that dialogue, Charter has been assembling additional information regarding broadband deployment efforts in New York for the Department's and the Commission's review. A further extension would allow additional time for discussions between Charter and the Department before the initiation by Charter of additional Commission or court proceedings."

The state PUC seems to agree, noting in its own order granting a deadline extension (pdf) that Charter has made a few good faith efforts of late, including ceasing running ads misleadingly stating the company expanded broadband to areas it may not have actually wired. While most telecom experts I've spoken to believe this is likely to result in some kind of settlement, this is still a fight that's going to be important to watch moving forward.

For one, Charter has attempted to use the FCC's "pre-emption" language embedded in its net neutrality repeal to try and claim that states have no authority to police ISPs in the wake of obvious federal apathy on consumer issues by the Trump administration and Ajit Pai FCC.

ISPs have lobbied hard (and quite successfully) to not only gut federal (FTC and FCC) oversight of their businesses, but have also been working hard to cripple state oversight. That's a troubling trend for an industry that already faces limited accountability due to the lack of competition in most of their markets, especially given that Charter and Comcast now enjoy a pretty stark monopoly over faster broadband speeds. That monopoly manifests itself in all manner of obvious ways, including soaring prices, unnecessary usage caps, net neutrality violations, and historically-terrible customer service.

So far those efforts haven't gone well for ISPs, with a court shooting down Charter's claim that the FCC's net neutrality repeal means states can't step in to fill the void. But with more than half the states in the nation now pursuing their own net neutrality rules, and other states trying to pass privacy rules in the wake of dismantling of FCC protections last year in Congress, this is a fight that's going to be playing out repeatedly in the months and years to come as states try to fill the vacuum left by a federal government that (unless you're in deep denial) pretty clearly doesn't care much about telecom consumer protection.

And while some states (New York, California, Washington) clearly still think consumer protection is important given the perils of monopoly power, there's countless states that are going to mirror the federal belief that telecom Utopia is accomplished, magically, by letting giant monopolies like Comcast, Charter and AT&T run amok. That's going to be especially problematic for users in states like Tennessee and West Virginia, where letting these historically-unpopular companies rip off taxpayers and over-charge captive customers is seen as a god-given right.