I guess I shouldn’t be shocked, but the trademark and publicity rights dispute between Disney and K&K Promotions, the company that manages the rights for the late stuntman Evel Knievel, was still ongoing until recently. If you’re not aware of what I’m talking about, the movie Toy Story 4 included a character named Duke Caboom, a toy motorcycle stuntman that certainly had some characteristics that were an homage to Knievel. Not just Knievel, though, and that’s the important bit. Instead, the character had its own backstory, name, and imagery, all of which borrowed from several stuntmen from that era.
But K&K decided that it was all Knievel and sued over trademark and publicity rights. That case ended with a dismissal, correctly assessing that the movie was a creative work, therefore applying the Rogers test, in which deference is given to the creative work protected by the First Amendment. Since the court assessed that the character was a compilation of period references to stuntmen, again with his own backstory, name, and likeness, there was no trademark or publicity rights concern.
But K&K apparently appealed the decision for reasons that are entirely beyond me. The U.S. Appeals Court has now affirmed that ruling, finding for Disney yet again.
A U.S. appeals court on Monday upheld a ruling that the daredevil character Duke Caboom from Disney’s “Toy Story 4” did not unlawfully copy Evel Knievel’s persona. The 1st Amendment protects Disney’s work from a lawsuit brought by the owner of the late Knievel’s intellectual property, the 9th U.S. Circuit Court of Appeals said.
I’ll embed the ruling below, but it’s basically a full affirmation of what the lower court ruled. The trademark claim is not a thing because of the character’s creative element to the overall creative work, the public wouldn’t somehow think that Knievel or K&K were endorsing the movie, and all of this irrelevant anyway because Caboom is a fictional character.
“Even if the character may be generically reminiscent of Knievel to some extent, the district court properly concluded that it is not a literal depiction, and instead shares general features basic to stuntmen,” the panel said in a jointly written opinion.
One would hope this would be the end of all this. The fight is over, Knievel is dead, and Disney can write stories about fictional stunt people all it wants.
As we noted in our article about Musk’s criticism of Twitter’s lawsuit challenging India’s blatantly censorial Information Technology Rules, 2021, Musk has repeatedly claimed that his view of free speech is to follow whatever laws a country passes regarding speech. But… that’s not supportive of free speech at all. The greatest threat to free speech is always the government so letting governments define free speech is not being supportive of free speech — its giving the power to the censors themselves.
Speaking of which, Musk seems to have no problem cozying up with censors. Last week a bunch of publications were a bit taken aback to find out that Musk had written a column for China Cyberspace, a monthly magazine run by the Cyberspace Administration of China — also known as the chief internet censorship agency in China. An English translation of the article shows that it’s not about speech, but a kind of advertising pitch for all the various companies Musk runs. I mean, it’s all a giant ad… from the man who claims to hate advertising.
I want to do everything we can to maximize the use of technology to help achieve a better future for humanity. To that end, any area that contributes to a sustainable future is worthy of our investment. Whether it’s Tesla, Neuralink, or SpaceX, these companies were all founded with the ultimate goal of enhancing the future of human life and creating as much practical value for the world as possible—Tesla to accelerate the world’s transition to sustainable energy, Neuralink for medical rehabilitation, SpaceX for making interstellar connections possible.
This all seems notable given that over the last year, China passed a series of increasingly draconian censorship laws that have taken the crackdown on speech to even higher levels than in the past. And it looks like even more draconian (and dystopian) new censorship ideas are being pushed — including requiring websites to pre-censor all comments.
Now, you can argue that since he’s not talking about speech here there’s no issue. Indeed, Musk’s fawning fanbase doesn’t even bother to mention who he’s writing for here as they excitedly promoted the new essay and calling it an “honor” that China’s regulator allowed Musk to publish his article.
But it is legitimizing perhaps the world’s largest censor. And that seems like an odd thing to do if you’re a “free speech absolutist.”
And… thus, it seems that the principle of “free speech” is the first one that gets tossed out the window if it means helping Tesla (and with it, Musk) make more money.
‘Biden’s Gestapo’? Trump Raid Hurts Voter Trust in FBI
And says this in the body of the post:
A new national telephone and online survey by Rasmussen Reports finds that 44% of Likely U.S. voters say the FBI raid on Trump’s Florida home made them trust the FBI less, compared to 29% who say it made them trust the bureau more. Twenty-three percent (23%) say the Trump raid did not make much difference in their trust of the FBI.
But it really did nothing of the sort. The poll data actually show nothing more than the amplification of echoes in chambers built specifically for the purpose of amplifying echoes.
The data say completely unsurprising things, like the fact that people prone to be pissed off about the FBI’s raid of Trump’s home are now angry at the FBI. The largest percentage of poll respondents who have a very unfavorable impression of the FBI following the raid are white, male Republicans above the age of 40 — more than double any other demographic.
And that trend holds, again unsurprisingly, when Rasmussen asked specifically about the Mar-a-Lago raid:
Non-unexpectedly, the same sort of responses were given to Rasmussen’s much more loaded question: “There is a group of ‘politicized thugs at the top of the FBI who are using the FBI… as Joe Biden’s personal Gestapo.”
One would think a national pollster might avoid directly quoting long-time political operative/Trump pardon recipient Roger Stone while conducting a poll, but here we are. Rasmussen does not note how many times poll respondents uttered the phrase “Let’s go, Brandon!” during these interactions.
This poll doesn’t show anything anyone could have assumed following the search of Trump’s house. Democrats trust the FBI just a bit more than they already did. Republicans got even angrier at an agency they really haven’t cared for since then-FBI Director James Comey rebuffed Trump’s demands for total fealty. And Comey was the one who won over Trump fans — at least momentarily — by publicly reopening the FBI’s investigation into Hillary Clinton’s private email server just days before the 2016 election.
But those whose love and hate of the FBI are closely tied to their political allegiances are dupes falling victim to short cons. The long con is the agency itself, which may not be the amoral entity it was under J. Edgar Hoover, but still has a long way to go before anyone should consider it inherently trustworthy.
Both CNN and the Washington Post are running stories today about Peiter Zatko, better known as Mudge, filing whistleblower reports on Twitter’s security practices, including a few shocking claims. Twitter is denying many of the claims and, frankly, at this point it’s difficult to tell who’s correct. However, I will note that Mudge is widely respected in security circles, and much of his initial claim to fame was about finding security vulnerabilities — and part of the reason Jack Dorsey brought him in to Twitter was this history of doing whatever necessary to fix security holes. That said, Twitter is insisting that Mudge didn’t understand how its systems worked, and is misrepresenting things. Of course, there’s also the Elon Musk aspect of this that complicates matters as well.
Mudge only worked at Twitter for a little over a year — hired by Jack Dorsey in late 2020. Dorsey stepped down a year later, at which point Parag Agrawal took over. In January of this year, Agrawal abruptly fired Mudge, which raised many eyebrows in the security community (though the team still includes some top security folks).
First, though, you can read the (redacted) whistleblower reports he filed, starting with the main one, a third-party report commissioned by Mudge to assess how the company deals with misinformation, and, a final report prepared by Mudge for the board after he was fired, trying to outline all the security problems he saw at Twitter.
Plenty of attention is going to get paid to Mudge effectively trying to take Elon Musk’s side in the “bot or not” debate, but reading through the his whistleblowing document, it actually appears to confirm Twitter’s underlying claims, and undermine Musk’s (even as Mudge claims otherwise). That topic is complicated enough that I will be doing a separate follow up post to address just that, and therefore won’t address it further in this post.
Let’s do a lighting round on some of the other issues raised in the report, some of which may require deeper follow up later, as more details become clear.
Did Twitter violate its FTC consent decree? As you’re probably aware, by now basically every big internet company has a consent decree with the FTC following some sort of egregious security breach from a while back, promising to do better. It’s likely that nearly all big tech companies are somehow violating their consent decree, in part because security is fucking hard and some of the elements of the consent decree are probably close to impossible to comply with. But still… it’s not great.
In Facebook’s case, you’ll recall, the giant $5 billion fine in 2019 was really about violating its earlier consent decree. The press mostly claimed it was about Cambridge Analytica, but if you read the actual details, that was only a sideshow, and the fine was really for violating the earlier consent decree.
And that was in 2019, before the current FTC got a lot more aggressive towards internet companies. To me, this is the real biggest issue, even though it will probably get the least amount of media coverage. Already, earlier this year, the FTC hit Twitter with a $150 million fine for using its two-factor identify info for marketing (something that Facebook also got dinged for in 2019). This was a really bad security practice and its good that the FTC hit the company for it, but Mudge is now alleging that Twitter violated the consent decree in other ways.
The FTC is almost certainly going to investigate further now, and if it can show that Twitter violated the consent decree even more (which would not surprise me at all), the company could be on the hook for a decently large fine (conceivably even one that might cancel out any breakup fee that Musk might be forced to pay — assuming he is forced to pay such a fine).
For its part, Twitter strenuously denies this portion of Mudge’s claims, and says he doesn’t understand their responsibilities under the decree. That’s… quite possible? But, at this point, it’s unclear who’s right. I’m pretty sure we’ll find out eventually though — especially if Mudge is correct.
Twitter’s messy security infrastructure: Throughout the whistleblowing report, Mudge highlights many, many problems with Twitter’s infrastructure, and some of the security and uptime risk it created. Much of what Mudge reports on this is… quite believable — especially for anyone who has followed Twitter over the years. It’s also, frankly, not all that different than many internet companies that experienced rapid scaling in the last decade and a half. Outside of the biggest tech companies (Google, Meta/Facebook, Amazon, and Apple — each of which I guarantee has their own security issues, though often of a different nature, and each of which has a much more developed security process), I would guess most of what’s in Mudge’s report rings true at basically every other decently large internet company.
That’s not an excuse, and one hopes that whistleblowing like this gets more of these companies to recognize that they need better processes and security in place. And the claim that Twitter doesn’t log what engineers had access to what data is… kinda frightening. That seems like a basic thing that an organization of that size should have control over:
It was at this point when he learned that it was impossible to protect the production environment. All engineers had access. There was no logging of who went into the environment or what they did. When Mudge asked what could be done to protect the integrity and stability of the service from a rogue or disgruntled engineer during this heightened period of risk he learned it was basically nothing. There were no logs, nobody knew where data lived or whether it was critical, and all engineers had some form of critical access to the production environment.
Yikes? I mean, that kind of logging feels like a pretty basic thing.
That said, some former Twitter engineers who worked with Mudge seem to be calling into question some of these claims. For example, Mudge’s report claims that there were server vulnerabilities, with many of the machines in Twitter’s data center having non-complaint kernels or operating systems and that many were unable to support encryption of the stored data (“encryption at rest”). However, a former Twitter engineer, Ian Brown, who worked on these issues claims that Mudge was actually the one who deprioritized updating these very things.
Brown also claims that Mudge wanted him to send kernel and OS reports to “a rando buddy of his in Texas” and that Brown thought it was “an obvious phishing attempt.” I’ve seen multiple other engineers (some former Twitter engineers, some elsewhere) suggesting that it’s kind of weird for Mudge to be calling out the stuff he was apparently hired to fix, as in some ways it could be read to be an admission that he was unable to do the job he was hired to do.
Again, though, Mudge has quite the reputation, and is well respected among tons of people I know and trust. And, many of these revelations do seem like serious problems within Twitter. The bigger issue is whether or not any of them create any kind of legal issues, and that seems a lot less clear.
Serious claims of foreign intelligence threats: You may recall that, back in 2019, the DOJ charged two former Twitter employees with spying for the Saudi Arabian government. Just a couple weeks ago a jury convicted one of those employees of fraud, conspiracy, obstruction and foreign agent charges. In his whistleblower report, Mudge claims that this is still happening at Twitter, and that the poor security engineering means that it’s easy for government spies to get access to all sorts of data it shouldn’t.
The details of these claims, though, are a bit more difficult to work out. Mudge notes that the US government did recently (right before he was fired) notify the company that “one or more particular company employees were working on behalf of another particular foreign intelligence agency.” That, alone seems frightening.
It certainly does seem that, following the situation with Saudi Arabia, Twitter should have done much more to avoid that kind of thing happening again. Mudge certainly suggests that little was actually done to prevent this kind of thing from happening again.
That said, the details he provides are… not entirely convincing. The one that is getting the most attention is the claim that Twitter has an agent of the Indian government on payroll. Here’s what the report says:
The Indian government forced Twitter to hire specific individual(s) who were government agents, who (because of Twitter’s basic architectural flaws) would have access to vast amounts of Twitter sensitive data. Twitter’s transparency reports purported to quantify the number of government data requests from the Indian government, but the company did not in fact disclose that it was believed by the executive team that the Indian government had succeeded in placing agents on the company payroll. By knowingly permitting an Indian government agent direct unsupervised access to the company’s systems and user data, Twitter executives violated the company’s articulated commitments to its users.
So, that seems really bad. And it would be useful if there were a lot more details. The hiring of a specific individual sounds like part of the implementation of India’s Information Technology Rules, 2021. These rules are terrible and dangerous, as we’ve discussed over the past couple of years. Many of the rules appeared to have been written with Twitter in mind, after the company refused to take down content critical of the government. In response, the government initially threatened to jail Twitter employees. Perhaps realizing that this might lead the company to remove all employees from India, part of the IT Rules were that social media companies of a certain size operating in India had to appoint local people, in India, to take on certain roles:
Appoint a Chief Compliance Officer who shall be responsible for ensuring compliance with the Act and Rules. Such a person should be a resident in India.
Appoint a Nodal Contact Person for 24×7 coordination with law enforcement agencies. Such a person shall be a resident in India.
Appoint a Resident Grievance Officer who shall perform the functions mentioned under Grievance Redressal Mechanism. Such a person shall be a resident in India.
Most people read this as forcing Twitter to hire sacrificial lambs that the government could jail if it was unhappy with whatever the company was doing. And any such potential employee would almost certainly recognize that as well, likely limiting their interest in taking the job.
As such, perhaps it was inevitable that anyone would would take those jobs would somehow be connected to the government itself.
That doesn’t excuse that if it’s actually the case. But all of it does put Twitter in an incredibly awkward position if it wants to remain in business in India, one of the company’s largest markets (and also one where a local upstart competitor, which is almost a direct clone of Twitter, has been making headway). Now, in theory, Twitter could just hire that person and not give them access to anything, but that would likely create other problems as well, including having to explain why there’s a Chief Compliance Officer with no access to data to make sure compliance is happening.
That said, remember that Twitter recently sued the Indian government over some of these rules, challenging their constitutionality. Also, Elon Musk has made it an issue in his legal dispute with Twitter, worrying not about the laws or anything similar to what Mudge raised, but rather how Twitter pushing back on India might endanger one of Twitter’s key markets.
All that is to say, this shit is complicated. Obviously, Twitter should not be allowing government agents access to its data. There’s no excuse for that. In an ideal world, Twitter would note that the new regulations make it untenable to exist in India and pull out entirely. But, of course, doing so would crash the company’s stock and take away a decent source of revenue, challenging Twitter’s ongoing financial viability.
The other country concerns raised by Mudge seem less directly serious, and basically detail the very fraught current global environment in which various countries are leaning very hard on every big internet company to do things for them, and every company is facing real challenges in trying to navigate how to stay operating in those countries without violating privacy rights or fundamental values. Mudge talks about China, Russia, and Nigeria, but all of them appear to be around internal discussions about how to balance different issues and where the harm is much more speculative than real (in fact, with regards to Russia, Mudge admits that Twitter chose not to agree to Russia’s censorship and surveillance demands). On Nigeria, the only complaint was that, when the country blocked Twitter, government officials claimed they were negotiating with Twitter execs, which apparently wasn’t true. I’m not sure how that much matters. Just a couple weeks ago, by the way, a court ruled that the Nigerian ban on Twitter was unlawful.
Once again, there is context involved in all of this and Mudge’s report highlights some very clear problems, but also just how fraught and difficult many of these decisions are. And part of it sounds like Mudge wanted the company to take certain stands, and other execs came down differently on the tradeoffs. Personally, I probably agree with where Mudge comes down, and think that Twitter needs to take a hard line on many of these issues and not give in. But I also recognize that it’s not me who has fiduciary duties to shareholders and other constituents as well.
Fraud: This section is heavily redacted, so it’s difficult to tell what’s going on. Mudge appears to accuse Parag Agrawal of presenting misleading information to the Board regarding the company’s security. However, with all the redactions it is difficult to look at the details and determine how credible they are.
Again, though, if this proves accurate, that could be a lot of trouble for Twitter (and Agrawal directly).
Mudge more or less claims that he was fired for calling out the inaccuracies that were presented to the board, though again most of the details are redacted.
All in all, the whistleblowing report appears to have some pretty clear and quite credible claims of very poor security practices within the company. That isn’t necessarily a huge surprise. Though if it turns out that those security practices amount to a failure to comply with the FTC’s consent decree, the company is in for a world of hurt and probably a pretty massive fine. Especially if it comes out that the company misled the FTC about that.
There are other parts of the report that seem somewhat less interesting, and are presented without context or in a one-sided (and potentially misleading) way. That said, I’d still say that the report is pretty damning overall and it’s probably not a very good day inside Twitter, especially as they’re still fighting Elon Musk. And… I’ll close this post here, but stay tuned for a follow up post focused just on the bot/spam stuff and how it impacts the legal fight with Musk (as a preview, again, I think Mudge’s claims here, while framed in a manner to look like they support Musk, actually do the opposite).
The Florida Politics site has a report on what appears to a be truly despicable individual running for the Florida state house with horrifically dangerous ideas — who has now been banned from Twitter. The article notes that he’s still on Instagram and Facebook, though it looks like the same message that got him banned from Twitter has been taken down from both Instagram and Facebook (plenty of other, equally incendiary, messages remain, however). Here’s the message that got candidate Luis Miguelus banned:
If you can’t see that, it says:
“Under my plan, all Floridians will have permission to shoot FBI, IRS, ATF and all other feds ON SIGHT! Let freedom ring!” – Luis Miguel, Republican for Florida House
His other messages may not be quite as directly threatening, but they seem equally unhinged. He has one saying “the time to stand back and stand by is over…” And he appears to demand that Ron DeSantis ignore a federal court declaring the Stop WOKE Act unconstitutional:
He says that Bill Gates is a traitor who needs to be arrested for the crime of… working on a bill to lower inflation, build better infrastructure, and protect people from the impact of climate change?
He also claims he will kick all federal agents out of Florida (and in one message appears to imply that he will push for Florida to secede from the United States). He also wrote an article praising DeSantis’ quest for authoritarian power, and talks about how he wants Trump to “unleash a Dark MAGA storm” to punish the libs.
Honestly, his views look so silly and so disconnected from reality, I’d almost think it was satire or someone parodying your everyday GOP candidate. But apparently it’s real.
And that brings us around to the point of this post. The other DeSantis bill that has been ruled as an unconstitutional infringement of 1st Amendment rights, the social media content moderation bill, Twitter would not have been able to kick him off for advocating killing federal agents, and Facebook and Instagram could not have pressured him to remove those posts with similar language.
As you may recall, that bill had a specific clause banning websites from moderating political candidates:
A social media platform may not willfully deplatform a candidate for office who is known by the social media platform to be a candidate, beginning on the date of qualification and ending on the date of the election or the date the candidate ceases to be a candidate.
In other words, under that law, none of the social media platforms could claim that literally advocating murdering federal agents was against their terms of service, and would be required to host that speech.
Thankfully, the law has been blocked (though we’re still waiting to see if Florida appeals).
Anyway, thanks to candidate Miguel for giving what I’m sure will be a very useful exhibit in the filings from folks trying to explain to the Supreme Court the problems of Florida’s law.
The Duex Max + Mini Mouse Bundle is the perfect companion for your laptop. The Duex Max features landscape mode, portrait mode, presentation mode, eye care mode, and kickstand mode. You can easily pair your Duex Max with any laptop or device, including a Nintendo Switch and select Android phones, via USB-C or USB-A connection. The Mini Mouse offers wireless connectivity and comfort, as well as Bluetooth 5.0 for smooth movement and gaming capabilities. Both are easy to use, lightweight, and durable. The bundle is on sale for $360.99.
Note: The Techdirt Deals Store is powered and curated by StackCommerce. A portion of all sales from Techdirt Deals helps support Techdirt. The products featured do not reflect endorsements by our editorial team.
On August 23rd, 1997, I sent out this emailed newsletter — which was then called Up-To-Date — to various business school colleagues. That was exactly 25 years ago, and that began dragging me down the path of what became Techdirt early the following year (when I realized it might be nice to have a website to post the copies of the newsletter on, rather than just sending them out over email).
A lot has changed since then, but… a lot really hasn’t.
Even just looking back at that first newsletter there are some fun snippets. I was joking about an effort by some universities to try to reinvent the internet (I referred to it as “Internet 3” — somewhat mocking another effort, called Internet2, which somehow apparently still exists). We also wrote about Experian (freshly renamed from TRW, but still with a huge legacy of doing terrible stuff) had enabled people to check their credit info online, only to discover security problems.
Some things just never change.
I also talked about how Snap!, the now-long-forgotten “portal” by CNET (which kinda still exists, though is really just a part of CBS’s web properties), was destined for failure. Of course, today Snap means Snapchat, the social media site.
Anyway, over the next few weeks, I’m going to try to look back at a few more of those original newsletters. We’ll also have a few other anniversary related things going on — culminating in a fun, interactive live (virtual) event on September 9th (details to come soon). That event will be open to anyone subscribed to one of the current ongoing (monthly or yearly) Techdirt Insider packages (Crystal Ball, Watercooler, or Behind the Curtain — or the equivalent levels via our Patreon). If you’d like to attend and are not a subscriber, now would be a good time to join.
It’s kind of wild to think that, in some way or another, I’ve been doing this for 25 years. When I wrote that first newsletter, I wasn’t even sure there would ever be a second, let alone 25 years worth of content which now includes almost 80,000 total posts (~51,000 of which are mine). And, I don’t plan on slowing down much either. There are still lots of things to talk about, and the things I’m talking about these days seem a lot more important and relevant to a lot more people than joking about random internet things two and a half decades ago…
As always, though, none of this happens without the community here and — especially since we’ve removed ads from the site — the people who directly support Techdirt and help keep it running. So, a huge thank you goes out to everyone just reading this, and doubly so to those who have supported us one way or another over the years. We literally could not have done it without you.
The writing has been on the wall for a while, but streaming TV has finally surpassed traditional cable in terms of overall viewership numbers for the first time ever. According to viewership tracking firm Nielsen (who once upon a time called the cord cutting revolution “purely fiction“) streaming saw a 34.8 percent overall viewership in July compared to 34.4 percent for “cable”:
The shift has been an easy prediction for at least a decade, but it’s finally here. After decades of being over-charged for giant bundles of expensive channels they don’t watch, consumers have understandably flocked to streaming alternatives that offer greater freedom of choice for generally less money (despite the stories whining about how expensive streaming is if you subscribe to every service in existence).
The end result: July saw the highest rate of streaming content consumption on record:
In addition to claiming the largest viewership share during the month, audiences watched an average of 190.9 billion minutes of streamed content per week—easily surpassing the 169.9 billion minutes that audiences watched during the pandemic lockdown period back in April 2020. Excluding the week of Dec. 27, 2021, the five weeks of July 2022 represent the highest-volume streaming weeks on record, according to Nielsen measurement.
Data suggests that the nation’s biggest cable TV providers lost nearly two million paying subscribers in the second quarter alone.
Again, I’m old enough to remember when Nielsen spent a decade pretending this shift wasn’t actually happening, despite very obvious evidence that it was. Then we watched as Nielsen belatedly realized that as a video viewership tracking firm they might just want to stop telling cable TV executives (also in longstanding denial) what they wanted to hear and actually start tracking streaming viewership as well.
The trick now as the streaming industry consolidates is to avoid embracing the greed and hubris that made traditional cable TV so open to disruption in the first place.
