Techdirt Lite.
(Click here for full version)

DailyDirt: Geoengineering Could Have Its Own Unintended Consequences (Green Tech)

by Michael Ho

from the urls-we-dig-up dept on Tuesday, December 1st, 2015 @ 5:00PM
If you haven't noticed, there's a climate change conference going on that could have an impact on global commerce and... possibly the global climate, if you believe we puny humans can actually change the climate. Even if you don't think climate change is a real problem, it shouldn't hurt to explore more energy technologies or environmental remediation techniques, right? (Well, unless we get ourselves into a Snowpiercer situation.) After you've finished checking out those links, check out this holiday gift guide for some awesome deals at the Techdirt deals store.
1 Comment

Appeals Court Says Secret Drone Memos Can Stay Secret (Legal Issues)

by Tim Cushing

from the for-the-good-of-the-uninformed-nation dept on Tuesday, December 1st, 2015 @ 3:36PM

The Second Circuit Court of Appeals has ruled that certain legal memos justifying the government's drone strikes can remain secret. The long-running FOIA lawsuit involving the New York Times and the ACLU has been covered previously here. At the center of this FOIA lawsuit are more than 100 legal opinions from the DOJ's Office of Legal Counsel (OLC) that provide the legal argument for the extrajudicial killing of suspected terrorists.

A few of these documents have made their way into the public's hands, thanks to the two plaintiffs, aided in no small part by government officials citing the memos in other documents and commenting publicly about the drone strike program.

But there are still a few memos being held back. The "most transparent administration" has been very active in ensuring the Freedom of Information Act doesn't live up to its stated ideals. Nine of these memos have been officially buried by the Appeals Court, which apparently believes the government when it says the legal guidance memos it uses to justify its drone strike program are nothing more than "discussions" with lawyers that are exempted from disclosure. Brett Max Kaufman at Just Security points out the flaws in the court's rationale.

In an OLC memorandum published, ironically or not, the same day (July 16, 2010) and over the same signature (David Barron’s) as the targeted killing memorandum released at the Second Circuit’s behest last year, the OLC explains that its “central function” is to provide “controlling legal advice to Executive Branch officials.” And not even two weeks ago, the acting head of the OLC told the public that even informally drafted legal advice emanating from his office is “binding by custom and practice in the executive branch,” that “[i]t’s the official view of the office, and that “[p]eople are supposed to and do follow it.”
Both sides of this "discussion" (OLC, Obama administration) continue to claim there's nothing binding in these memos when fighting to keep them secret, but both treat the secret documents as binding. The court, however, has resolved these contradictory statements in favor of the government.

On top of that -- via reasoning almost completely hampered by the court's inability to disclose almost anything about the disputed documents or the government's ex parte submissions and in camera discussions -- the court has chosen to allow one of the most controversial memos to remain in the government's possession.
[T]he Second Circuit’s new opinion endorses the continued official secrecy over any discussion of a document that has supplied a purported legal basis for the targeted killing program since almost immediately after the September 11 attacks. The document — a September 17, 2001 “Memorandum of Notification” — is not much of a secret. The government publicly identified it in litigation with the ACLU eight years ago; the Senate Intelligence Committee cited it numerous times in its recent torture report; and the press frequently makes reference to it. Not only that, but the Central Intelligence Agency’s former top lawyer, John Rizzo, freely discussed it in his recent memoir.

According to Rizzo, the September 17 MON is “the most comprehensive, most ambitious, most aggressive, and most risky” legal authorization of the last decade and a half — which is saying something.
This memo apparently contains the OLC's justification for the extrajudicial killing of targets "outside of recognized battlefields." According to Kaufman, the memo also likely contains the DOJ's "workaround" to bypass the restrictions on "assassinations" contained in Executive Order 12333. If so, these justifications would very much be of public interest, while simultaneously being something the administration (this one or the last one) would have no interest whatsoever in making public.

The Freedom of Information Act wasn't passed with the intention of making the government only as transparent as it wants to be. It was a forced change. The government didn't voluntarily decide to grant the public access to its inner workings. Siding with the administration by buying into its "discussions with counsel" arguments subverts the spirit of the law by using the letter of the law against the public.

Read More

Toy Maker Vtech Hacked, Revealing Kids' Selfies, Chat Logs, & Even Voice Recordings (Privacy)

by Karl Bode

from the because-we-can dept on Tuesday, December 1st, 2015 @ 2:03PM
As companies race to embrace the inanely-named "internet of things" (IOT), security and privacy are usually a very distant afterthought. That's been made painfully apparent by "smart" refrigerators that expose your Gmail credentials, "smart" TVs that transmit your living room conversations unencrypted, or "smart" tea kettles that compromise your Wi-Fi network security. In all these examples the story remains the same: everybody's so excited to connect everything and anything to the internet, few companies can be bothered to do so intelligently and correctly.

And with the mad rush to bring this kind of aggressive myopia to toys, the lack of security is now impacting kids as well. Late last week a hacker revealed that he (or she) had hacked into the servers of Hong-Kong-based toy company Vtech, exposing the data collected by the company's "Kid Connect" service (which lets parents use smartphones to talk to kids using toy tablets and other devices). Once inside, the hacker obtained the names, email addresses, passwords, and home addresses of 4,833,678 parents, and the first names, genders and birthdays of more than 200,000 kids.

What's more, the hack revealed that Vtech was storing kid selfies, voice recordings, and even entire chat logs between parents and their kids. In short, Vtech was gathering and saving pretty much anything these devices could get their hands on. VTech didn't respond to questions regarding why it needed to store all this data. And that's likely because, like most IOT gear makers, it didn't much think about it. It was so enamored with the gee whizery of gobbling up all manner of user data for later use, it couldn't much be bothered to ensure fundamental security best practices.

As Mark Nunnikhoven at Trend Micro remarked shortly after the hack was revealed, the lure of IOT has many companies collecting far more data than they could ever even conceivably need -- just because they can:
"This opens the organizations up to unnecessary risk. If the words "might", "possible", or "potential" are used in an argument supporting the collection of data, you're about to violate the principle of least data. You should only collect and store data for well understood use. Data should be evaluated for it's overall value to the organization and—just as importantly—the risk it can pose to the organization. Unless the cost to acquire the data in the future is so ridiculously high that it's infeasible, you should always opt to collect and store the data when you have a concrete use for it."
That's common sense, but the excitement surrounding IOT has made it clear that common sense doesn't enter into it. At least not in the design and implementation phase. Only once they're caught not giving a damn about security or privacy are these over-enthusiastic companies suddenly model citizens. Vtech is of course no exception, since issuing a press release stating it has shuttered many of the websites hoovering up this data. The company also reiterates how it's "committed to protecting our customer information and privacy":
"We are committed to protecting our customer information and their privacy, to ensure against any such incidents in the future. Our Privacy Statement can be found on our website here. The investigation continues as we look at additional ways to strengthen the security of all on-line services provided by VTech. We will provide further updates as appropriate in the future."
But if companies were so breathlessly committed to privacy, they wouldn't rush products to market and leave fundamental security standards as a distant afterthought in the first place. And with everything from your smart toaster to your kids' Barbie doll now gobbling up an ocean of household data, it's going to be an increasingly ugly lesson to learn.

Techdirt Podcast Episode 52: The EU Has Set Privacy & Free Speech On A Collision Course (Free Speech)

by Leigh Beadon

from the conflicting-values dept on Tuesday, December 1st, 2015 @ 12:45PM

Privacy and free speech aren't fundamentally opposed, but they do have a tendency to come into conflict — and recent developments in Europe surrounding the right to be forgotten have brought this conflict into focus. This week, we're joined by Daphne Keller of Stanford's Center For Internet And Society to discuss the collision between these two important principles.

Follow the Techdirt Podcast on Soundcloud, subscribe via iTunes, or grab the RSS feed. You can also keep up with all the latest episodes right here on Techdirt.


Our Response To The Latest Ridiculous Legal Threat Against Us: Milorad Trkulja Can Go Pound Sand (Free Speech)

by Mike Masnick

from the damn-it-feels-good-to-be-a... dept on Tuesday, December 1st, 2015 @ 11:33AM
As we've noted, we regularly get legal threats, some of which are more serious than others. Sometimes we ignore them entirely, and sometimes we feel the need to respond. Depending on the situation, sometimes we respond privately. Sometimes we respond publicly. The more ridiculous the threat, the more likely we are to respond publicly -- and I think the latest holds up as one of the most ridiculous legal threats we've seen. It comes from Milorad Trkulja, who is also known as Michael Trkulja, and who lives in Australia. Trkulja made some news a few years back when he (somewhat surprisingly) successfully sued both Yahoo and Google for hundreds of thousands of dollars, because when people did image searches on a variety of phrases related to things like "Australian criminal underworld mafia" sometimes a picture of Trkulja would show up. Apparently, Trkulja was actually shot in the back a decade ago by an unknown gunman. And somehow, for whatever reasons, certain websites included pictures of him along with enough keywords that the search algorithms at both Google and Yahoo would return his photo in such searches. We wrote about his victory over Google back in November of 2012, pointing out how ridiculous it was that an Australian court said you could sue search engines because image search happens to pop up your image along with actual gangsters.

Anyway, after we wrote about the case, as happens on Techdirt, people commented on the story, including one anonymous comment from someone who, in a totally offhand way, claimed that "Trkulja's a gangster, too." The actual content of the comment, as you can see was actually to clarify some of the misconceptions -- including who "Tony Mokbel" is (a well-known Australian gangster) and responding to the author of the post, Tim Geigner's (admittedly weak) sarcastic joke that Australians fight with machetes, rather than guns.

Now, it appears that Trkulja just found out about this comment (more on how in a moment) and has sent off a fairly massive 54-page document to both myself and to Google with a series of increasingly hilarious demands -- including that we respond by 4pm today (he does not designate in what time zone -- not that it matters). The letter is, well, you kinda have to read it. It is full of misspellings, along with typographical and grammatical errors of all kinds. For someone who claims to have consulted a lawyer before sending the letter, you'd think he'd consult someone who could proofread his letter as well. No such luck, apparently.

It starts out by claiming that it's "Not for publication" but that's totally meaningless. You send it to us, we can absolutely publish it. Free speech means something here in the US.
It then includes a recitation of some "facts" about certain Australian organized crime individuals, followed immediately by this:
I'm not an expert on Australian law, but I'm pretty sure that's totally false. I believe that he's either referring to his own earlier case, or (more likely!) the dreadful recent decision in a South Australia court, concerning one "Janice Duffy." Duffy, as we've discussed, sued Google after she became quite upset that a Ripoff Report post mocking her was a high result on her name (what is often left out of this discussion was that Duffy went to Ripoff Report first and posted fake posts to attack a psychic website where she felt she had been connected to a psychic who provided her with false information, and the supposedly "defamatory" content on the site was someone referring to Duffy as a "psychic stalker"). The ruling in that case did not say that Google is automatically liable for any defamatory content online, but rather, in this specific instance, Google could be found as the "publisher" of some defamatory content, based on the way that Google chose to display that content. I disagree strongly with the decision as is, but even if we accept it at face value, it does not say what Trkulja is claiming.

Oh yes, speaking of Duffy, it felt... odd... to receive a legal threat from Australia so soon after discussing the Duffy decision -- especially given that Duffy had not only just yelled at us online, but had also been going off on some bizarre rants and outright threats against some individuals who expressed an opinion suggesting that the ruling in favor of Duffy was troubling.

So, it didn't come as a huge surprise that Trkulja then admits he only found out about our post and the comments... thanks to Duffy, who is apparently a "family friend" of his.
If you can't read that, it notes that the "matter in paragraph 14" (which is the comment I mentioned above) "come to my attention when my family friend Dr Duffy from South Australia send me link that you have been defaming me as from 2012."

From there, he notes:
I complains is an article authored by you and posted to the "Techdirt" website situate at ("the website")....
Well, I'm really not quite sure what to do with that information, because almost everything in it is wrong, but we'll get there. From there, he mentions that he spoke to an Australian defamation lawyer, and suddenly shifts oddly from the first person to the third person -- possibly copying what someone told him, though it's not at all clear from the text of the letter. The key point: he claims that comment is defamatory and that Techdirt is liable for it. This is wrong on a variety of levels -- but we'll get there as well.

Then, we get to the "demands." It starts with a demand for Google. They are apparently supposed to delist Techdirt entirely because of a single comment that Trkulja falsely believes is defamatory. Also, it could be read as to be asking Google to block me personally from Google's website. Or something. Also, he wants Google to block some other websites. No reason or explanation is given.
Then there are demands for me that include identifying the anonymous "subscriber," delete the comment, the post and anything ever mentioning Trkulja. Oh, and I should fork over a bunch of money:
These demands are then repeated again on the next page in slightly different language. And numbered instead of lettered. No idea why. Then there's a demand that we respond by December 1st, 2012. Yes, 2012. I'll assume that's a typo.

Then there are a ton of screenshots that I assume are "exhibits" of some sort. They include my Twitter page for no clear reason. And also the Techdirt profile of the author of the original article, Tim Geigner, and, for reasons unknown, Tim's Amazon author page. He also refers to Tim as "Darknight aka Timothy Geigner" while I think most of our regulars recognize that Tim is better known as "Dark Helmet" in our comments....

Okay, so that's the situation. Now, the response: we're not going to do any of the demanded things. For a whole variety of reasons. Let's go through just a few, because this post is getting too long already and if I had to respond to all of the ways this letter is wrong, none of you would still be reading.
  1. First up, not that it really matters, but the statute of limitations is one year in Australia, as it mostly is in the US as well. Under some circumstances, it can apparently be extended to three years, but (oops) that comment was published on November 13, 2012. The statute of limitations is up. Sorry.
  2. The comment isn't defamatory. The reference claiming you're a "gangster" is totally innocuous. It's a trivial throw away comment on a blog post that no one would notice. Trivial comments are not defamation in Australia (or the US for that matter).
  3. The other lines that you seem to complain about are opinions not statements of fact. The reference to the "gun" was a response to Geigner's joke in the post about machetes, not to anything involving you. Opinions are not defamation. Things unrelated to you are not defamation of you.
  4. Also, we're a US company with no presence in Australia, so your threats are pretty pointless.
  5. Even if you could convince an Australian court with some sort of wacky legal argument, we're totally protected from such judgment thanks to the SPEECH Act.
  6. Free speech, dude.
  7. We have no "subscriber" named Anonymous Coward. That's the designation given to anyone who comments without logging in.
  8. We didn't publish the comment. An anonymous user did. We're not liable for it. If you have any legitimate complaint at all (and you don't), it's with an anonymous user who posted a trivial comment three years ago, rather than us or Google.
  9. Even if none of the above is true: what the fuck? NO ONE is finding a comment buried deep below a blog post about your legal victory and suddenly saying "oh, well that proves that Trkulja was a gangster."
  10. Wait, what's so terrible about being called a "gangster" anyway? To many people it's a compliment or something to brag about.
That's enough of a response. There are tons of other possible responses, but in short: we're not doing a damn thing in response to this ridiculous threat. You have no case whatsoever and complaining about this is ridiculous. It may be time to find a hobby or something, Mr. Trkulja, because poorly written and ridiculous legal threats to foreign entities aren't doing you any good.

Read More

Older Stories >>