Five Years Ago

This week in 2012, while Amazon was realizing it had little choice but to get in on the patent portfolio buying game, Google was launching a prior art finder to help stop bad patents — though some worried it might be used by trolls to find targets. Meanwhile, Google also made the controversial decision to start filtering searches based on DMCA notices received by the site, but of course even this wasn't enough to satisfy the RIAA and MPAA.

Also this week in 2012, we launched the Techdirt Insider Shop!

Ten Years Ago

This week in 2007, the proliferation of DVRs and digital video made us ask if the concept of a "TV channel" still made any sense. Of course, the digital video side was still struggling, with all the official offerings pretty much sucking in the eyes of consumers, and with Google Video shutting down and eliminating videos people thought they had bought, and the P2P networks continuing to strive to go legit under the weight of lawsuits,and Universal Music thinking it can still release CDs in different countries at different times (okay that last one is music not video, but still). Given how amazingly well the copyright regime was going for the entertainment industries, is it any wonder the Senate was looking to impose the same thing on the fashion industry?

Fifteen Years Ago

This week in 2002, we saw one reporter fired for having a blog and another fired after a congressman got mad about an email. Not great.

And now, a brief world tour: South Korea was facing the same tensions over music sharing as the US; Europe was implementing its own version of the DMCA; Indian telecoms were trying to get instant messaging banned; Norway was struggling to find a judge who was tech-savvy enough to try the creator of DeCSS software; and in a story that is rather appropriate given current events, Russia charged an FBI agent with hacking.

At heart, a prison is a place where freedom is taken away, and inmates are constrained in what they can do. Does that mean a prison has to consist of a special building with bars and prison guards? How about turning the home of a convicted criminal into a kind of virtual prison, where they are limited in their actions? That's what Dan Hunter, dean of Swinburne University's Law School in Melbourne, suggests, reported here by Australian Broadcast News:

Called the Technological Incarceration Project, the idea is to make not so much an internet of things as an internet of incarceration.

Professor Hunter's team is researching an advanced form of home detention, using artificial intelligence, machine-learning algorithms and lightweight electronic sensors to monitor convicted offenders on a 24-hour basis.

The idea is to go beyond today's electronic tagging systems, which provide a relatively crude and sometimes circumventable form of surveillance, to one that is pervasive, intelligent -- and shockingly painful:

Under his team's proposal, offenders would be fitted with an electronic bracelet or anklet capable of delivering an incapacitating shock if an algorithm detects that a new crime or violation is about to be committed.

That assessment would be made by a combination of biometric factors, such as voice recognition and facial analysis.

Leaving aside the obvious and important issue of how reliable the algorithms would be in judging when a violation was about to take place, there are a couple of other aspects of this approach worth noting. One is that it shifts the costs of incarceration from the state to the offender, who ends up paying for his or her upkeep in the virtual prison. That would obviously appeal to those who are concerned about the mounting cost to taxpayers of running expensive prisons. The virtual prison would also allow offenders to remain with their family, and thus offers the hope that they might be re-integrated into society more easily than when isolated in an unnatural prison setting. Irrespective of any possible financial benefits, that has to be a good reason to explore the option further.

Follow me @glynmoody on Twitter or identi.ca, and +glynmoody on Google+

For many years now, we've talked about Andy Kessler's concept of political entrepreneurs vs. market entrepreneurs. In Kessler's telling, market entrepreneurs are the kind of entrepreneurs that people usually think about -- the ones creating startups and high growth companies and the like. While not everyone appreciates it, those entrepreneurs tend to provide a lot more to the world than they take away. They may get filthy rich in the process, but they tend to make the world a better place by creating lots of value. The "political entrepreneurs," on the other hand, are those who basically look to abuse the system to create monopoly rents and to limit competition. Those entrepreneurs may also get filthy rich, but they tend to do it by limiting value and locking it up so that only they can get it. Obviously, one of those is a lot better for society than the other.

Of course, this idea certainly didn't originate with Kessler, either. Just recently, we had James Allworth on our podcast where we talked about this issue in response to an excellent article he'd recently written about how prioritizing profit over democracy was actually damaging American entrepreneurship. In that article, he referred back to the work of William Baumol, who wrote a paper back in 1990, entitled: Entrepreneurship: Productive, Unproductive, and Destructive. As you can see, that one divides entrepreneurship into three categories. Productive loosely maps to "market entrepreneurs" in Kessler's world, while "Unproductive" loosely translates to "political entrepreneurs" as well. Baumol also includes destructive entrepreneurs, who are actively making the world worse -- and getting rich off of people's misery (think drug dealers, and such).

But part of the point of Allworth's article is that it feels like too many people are just focusing on "profit" as the end goal, and thus either unwilling or unconcerned with determining if the entrepreneurship that drives the profit is "productive" or "unproductive." And, now the Economist has weighed in on this issue as well, noting that we're seeing more and more unproductive entrepreneurship in America, and that's a problem. The article focuses on the work of two economists, Robert Litan and Ian Hathaway, who are building on Baumol's concepts and are concerned about where things are heading. One interesting thing: they find that the issue can't be neatly put into the category of "too much regulation" or "too little regulation," but rather find that both of those situations can create the same rise in unproductive entrepreneurship:

What explains this shift? One factor appears to be the success of various professional groups in convincing the government to tailor regulation to their needs, for instance by lobbying for occupational licensing. Jason Furman, then the chair of the Council of Economic Advisors, observed in 2015 that the share of the American workforce covered by state licensing laws grew from less than 5% in the 1950s to 25% by 2008, arguing that this deterred new competition.

The proliferation of occupational licensing might be seen as harmful overregulation. Other sectors are plagued by the opposite. Jeffrey Zhang, an economist at the Federal Reserve, argues that banking deregulation in the 1990s led to rapid bank concentration alongside “sub-optimally higher levels of risk-taking”. As a result, the salaries of senior bank employees grew rapidly. Zhang concludes that the rent-seeking enabled by financial deregulation played a sizeable role in the growth of income inequality: bankers were able to skew the system in their favour, to the detriment of everybody else.

Indeed, we see this in areas that we cover as well. Certainly it seems like letting the big cable and telco companies run free for a decade decreased competition, lowered the quality of service (massively) and allowed those companies to create massive monopoly rents for themselves. But in many other industries, we've pointed out the problems with excessive occupational licensing. I know not everyone agrees, but we think the rise of car hailing services and home sharing like Airbnb has been quite revolutionary (even if companies like Uber may have been run by some awful people). Similarly, we've discussed repeatedly how excess regulations in the drone space have really held back what could be a huge area of innovation.

The Economist article suggests that the ability of industries to steer regulations in a way they want is a big part of the issue:

The success of such lobbying depends on the government’s susceptibility. This does not appear to be in short supply in America. James E. Bessen, an economist at Boston University,links high profits through regulatory advantages to political factors including lobbying and campaign spending. The work of other economists reinforces his observation. Jeffrey R. Brown and Jiekun Huang, two researchers writing for the National Bureau of Economic Research, use data> from White House visitor logs during the Obama administration to show that corporate executives’ meetings with White House staff were associated with a bump in their company stock price, more government contracts and positive regulatory decisions. Firms that had better access to the Obama White House also experienced a large drop in stock prices when the 2016 election result was announced.

In the tech world, this is unfortunate. It used to be that tech companies didn't need to have a presence in DC, because they could just innovate, rather than having to deal constantly with policy pressure. But, nowadays that's increasingly difficult -- and not necessarily because everyone else is lobbying -- but rather because the political landscape has become something of a shakedown game. As we've discussed in the past, while many outside of DC view lobbyists as making all of this happen, those involved suggest the roles are reversed here. Politicians -- desperate to raise campaign cash -- are often the ones reaching out to companies and basically threatening them with certain regulations if they don't decide to step up and donate.

So what's the end result here? That's... not clear. Unfortunately, it appears that crony capitalism is on the rise, and with it, more and more unproductive entrepreneurship. The real problem, as James and I discussed in our podcast, is that this is unsustainable, and most likely will mean growing productive entrepreneurship happening elsewhere (and we're already seeing some evidence of that today). There certainly doesn't seem to be any real concerted effort to move away from unproductive entrepreneurship in the US -- but perhaps by making more people aware of it, people will start to recognize how big a problem it truly is.

At some point, it seems clear that if Chris Vickery comes a-callin', you've screwed up when it comes to keeping the private information of customers/voters secure. Vickery works for Upguard, a cyber-security consulting firm that regularly seeks out insecure sites and works with their owners to secure them. Vickery's fingerprints have been on discoveries such as Verizon's exposure of the personal information of 6 million of its customers and a firm contracted by the GOP exposing the personal data of roughly every American voter everywhere.

And now Vickery and Upguard have found that a contractor managing the city of Chicago's voter rolls appears to have exposed more personal information on an AWS server.

The acknowledgment came days after a data security researcher alerted officials to the existence of the unsecured files. The researcher found the files while conducting a search of items uploaded to Amazon Web Services, a cloud system that allows users to rent storage space and share files with certain people or the general public. The files had been uploaded by Election Systems & Software, a contractor that helps maintain Chicago's electronic poll books.

Election Systems said in a statement that the files "did not include any ballot information or vote totals and were not in any way connected to Chicago's voting or tabulation systems." The company said it had "promptly secured" the files on Saturday evening and had launched "a full investigation, with the assistance of a third-party firm, to perform thorough forensic analyses of the AWS server."

So, a couple of things to note here. First, while it's true no voting information was exposed, a good deal of personal information certainly was. Names, addresses, last four digits of social security numbers; you know, all of the things one would need to wreak havoc on a person using their identifying information. Second, it appears that "promptly securing" the files mostly had to do with actually having a password needed to access them. There was no hacking required for Vickery to get to these files, because there was no password protecting them. Great.

Now, where I will give ES&S credit is that they are working with Upguard, rather than trying to vilify it, as we've seen done to so many other security researchers. That's a good thing. Still, Chicago officials are pretty pissed off.

"We were deeply troubled to learn of this incident, and very relieved to have it contained quickly," Chicago Election Board Chairwoman Marisel A. Hernandez said in a statement. "We have been in steady contact with ES&S to order and review the steps that must be taken, including the investigation of ES&S' AWS server. We will continue reviewing our contract, policies and practices with ES&S. We are taking steps to make certain this can never happen again."

Allen added that the board is considering how to notify and potentially offer remedies to those whose information was exposed.

"The expense for that is going to be borne by ES&S," Allen said. "This was a violation of the contract terms that explicitly lay out the requirement to safeguard the voters' data."

It's a wonder to this writer that the constant calls for things like e-voting machines continue when those in charge of securing voter data can't even do that right.

There's no issue of public interest that copyright law cannot make worse. So let me ruin your day by pointing out there's a copyright angle to the monument controversy: the Visual Artists Rights Act (VARA), a 1990 addition to the copyright statute that allows certain artists to control what happens to their art long after they've created it and no longer own it. Techdirt has written about it a few times, and it was thrust into the spotlight this year during the controversy over the Fearless Girl statue.

Now, VARA may not be specifically applicable to the current controversy. For instance, it's possible that at least some of the Confederacy monuments in question are too old to be subject to VARA's reach, or, if not, that all the i's were dotted on the paperwork necessary to avoid it. (It’s also possible that neither is the case — VARA may still apply, and artists behind some of the monuments might try to block their removal.) But it would be naïve to believe that we'll never ever have monument controversies again. The one thing VARA gets right is an acknowledgement of the power of public art to be reflective and provocative. But how things are reflective and provocative to a society can change over time as the society evolves. As we see now, figuring out how to handle these changes can be difficult, but at least people in the community can make the choice, hard though it may sometimes be, about what art they want in their midst. VARA, however, takes away that discretion by giving it to someone else who can trump it (so to speak).

Of course, as with any law, the details matter: what art was it, whose art was it, where was it, who paid for it, when was it created, who created it, and is whoever created it dead yet… all these questions matter in any situation dealing with the removal of a public art installation because they affect whether and how VARA actually applies. But to some extent the details don't matter. While in some respects VARA is currently relatively limited, we know from experience that limited monopolies in the copyright space rarely stay so limited. What matters is that we created a law that is expressly designed in its effect to undermine the ability of a community with art in its midst to decide whether it wants to continue to have that art in its midst, and thought that was a good idea. Given the power of art to be a vehicle of expression, even political expression or outright propaganda, allowing any law to etch that expression in stone (as it were) is something we should really rethink.

For years now, we've pointed out that ICE -- Immigration and Customs Enforcement -- has this weird habit of acting as the private police force of various big sporting leagues, almost always timed to big sporting events. Every year, right before the Super Bowl, for example, ICE seizes a bunch of websites. And ICE also goes way overboard in seizing physical merchandise, even if that's at least slightly closer to its mission. But it's been painfully obvious that ICE more or less sees itself as an arm of these sports leagues, rather than employees of the US government, and thus, the public. Last year, I filed some FOIA requests about ICE seizures leading up to the Super Bowl, but had them rejected on the basis that it was an ongoing investigation.

However, law professor Rebecca Tushnet is much more persistent than I am, and has been pursuing documents related to ICE seizures in the courts, and has had the court force ICE to hand over details -- including the not-at-all surprising, but still horrifying discovery that the NFL gives ICE guidance on what to seize, and it includes obvious parodies which are clearly not infringing, as they're protected by fair use. This is from the manual that the NFL provided ICE:

And, sure, perhaps it's true that NFL licensed merchandise won't favor one club over or another or make derogatory use of another's marks... but it's easy to argue that this is parody and thus not infringing. Just because it's not licensed, doesn't automatically make it infringing. But the NFL doesn't care. And I guess that's not surprising that the NFL doesn't care -- but it's astounding that ICE just agrees to follow the NFL's marching orders. Because unlike the NFL, ICE should actually follow what the law says, and not what a very wealthy sports league wants to happen.

As Tushnet points out in response to this:

So, what do we know? (1) Despite ICE's initial claims to me via its spokesperson and a lawyer, ICE relies only on industry guides to identify counterfeits, not on any independent sources. (2) Those industry guides identify what they don't like, not what is within the scope of counterfeit goods. (3) Most of what ICE seizes is truly counterfeit, but when it seizes parody merchandise, it implicates First Amendment interests in free speech.

Considering that this is ICE, who has a history of seizing blogs based on big industry claims, it seems quite clear that ICE couldn't care much less about the First Amendment interests of the public. Just the profits of big industry.

Learn how to create, effectively manage and deliver desired results by learning Project Managment skills. For $49.99, the Project Management Professional Training will help you learn the skills needed. It features over 35 hours of training approved by the Project Management Institute. At the end, you will have knocked out the 35 contact hours requirement and be ready to sit for the PMP and CAPM exams (not included in the deal) in order to gain your certification and set yourself apart in the job market.

Note: The Techdirt Deals Store is powered and curated by StackCommerce. A portion of all sales from Techdirt Deals helps support Techdirt. The products featured do not reflect endorsements by our editorial team.

How many innocents would you accept being caught up in an action designed to nab criminals? How many good people is it acceptable to throw into jail alongside the truly bad actors? Most people would agree that any action that penalizes the innocent in order to punish the guilty is a bad course, with only truly minimal amounts of collateral damage being acceptable. Now let's port that over to internet sites and ask how many innocent websites is it acceptable to block in order to block sites that are actually engaged in undesirable behavior?

Well, for the legal system in India, that question has often been answered in a cavalier manner, with regular court orders to block innocent websites being doled out to battle both terrorism and at the request of copyright holders to stop infringement. It's in the latter cases where things get really silly, with previous orders issued to block sites like GitHub and the Internet Archive. Well, it seems the Internet Archive endured this sort of thing again recently, as a court order at the request of two Bollywood film studios caught archive.org into its ISP blocking web.

Earlier this week (and again for no apparent reason), the world renowned Internet Archive was rendered inaccessible to millions of users in India. The platform, which is considered by many to be one of the Internet’s most valued resources, hosts more than 15 petabytes of data, a figure which grows on a daily basis. Yet despite numerous requests for information, none was forthcoming from authorities. Quoted by local news outlet Medianama, Chris Butler, Office Manager at the Internet Archive, said that their attempts to contact the Indian Department of Telecom (DoT) and the Ministry of Electronics and Information Technology (Meity) had proven fruitless.

Now, however, the mystery has been solved. The BBC says a local government agency provided a copy of a court order obtained by two Bollywood production companies who are attempting to slow down piracy of their films in India. Issued by a local judge, the sweeping order compels local ISPs to block access to 2,650 mainly file-sharing websites, including The Pirate Bay, RARBG, the revived KickassTorrents, and hundreds of other ‘usual suspects’. However, it also includes the URL for the Internet Archive, hence the problems with accessibility this week.

Let's be clear about what this sort of thing represents: the punishment of the innocent in favor of an easy and lazy attempt to block copyright infringement. That's not an overstatement. The continued use of court orders to block entire websites and the routine collateral damage are not exceptions, they are the rule. That they are allowed to continue to do this sort of damage even while the Indian government hand-waves away frantic requests for information from innocent site operators is as good a definition of whatever the opposite of justice is as I can think of.

Importantly, neither the court that issued the order or the two film companies requesting it, and ostensibly providing the list of sites to be blocked, are due any recompense for these actions. Perhaps most frustrating, the Internet Archive has clearly stated that not only does it have a method for copyright holders to request content takedowns, but it complied with those requests from these very same film studios.

“Is the Court aware of and did it consider the fact that the Internet Archive has a well-established and standard procedure for rights holders to submit take down requests and processes them expeditiously?” the platform said. “We find several instances of take down requests submitted for one of the plaintiffs, Red Chillies Entertainments, throughout the past year, each of which were processed and responded to promptly. After a preliminary review, we find no instance of our having been contacted by anyone at all about these films. Is there a specific claim that someone posted these films to archive.org? If so, we’d be eager to address it directly with the claimant.”

Now, archive.org was not the only innocent site blocked by this order. Weebly.com, along with at least one news site and the site for a French ISP also had their sites blocked. Still, this damage appears to be mostly met with indifferent shrugs by the Indian government and the film studios that issued this request.

So, for India, we have an answer to the question of how many innocent sites it's willing to harm to combat copyright infringement. That answer, by our litmus test, is "too many."

Louisiana has a bad law that needs to be taken off the books. (Well, it probably has several but this discussion will only deal with one.) Previous court decisions have ruled the law unconstitutional but somehow it lives on to be a vehicle of harassment by law enforcement, often at the encouragement of government officials.

This would be Louisiana's criminal defamation law. This was the law (ab)used by Sheriff Jerry Larpenter of Terrebonne Parish to shut down an online critic by raiding the blogger's home and seizing several electronic devices. The target of the supposed defamation was a board commissioner -- someone who wasn't actually covered by the law, which only provides for charges when the person allegedly defamed is not a public figure.

A federal appeals court recently stripped Sheriff Larpenter of his immunity for abusing this law. It stated the outcome bluntly in the first sentence of its opinion.

Some qualified immunity cases are hard. This case is not one of them.

The court points out both the Supreme Court of the United States and Louisiana's highest court have reached the same conclusion: the law cannot be applied to speech targeting public officials.

Concluding that "[i]t is for the [state] Legislature to correct [§§ 14:47-49's] constitutional infirmity"—namely, "its overbroad application" as identified in Garrison—the Louisiana Supreme Court held §§ 14:47-49 "to be unconstitutional insofar as they attempt to punish public expression and publication concerning public officials, public figures, and private individuals engaged in public affairs." Id. at 668; see also State v. Defley, 395 So.2d 759, 761 (La. 1981) (observing that § 14:47 "is unconstitutional insofar as it punishes public expression about public officials").

Since Snyder, the Louisiana legislature has not revisited §§ 14:47-49. The Louisiana Supreme Court's holding as to the reach of § 14:47 therefore remains the law of the land.

Not that anyone appears to have noticed. Sheriff Larpenter ignored two high court rulings to bring charges under the law in a way that specifically violated these court findings. But Larpenter isn't the only law enforcement official abusing the law. And far from the only government official in general.

The Fifth Circuit Court of Appeals has handled another case springing from the unconstitutional application of the state's criminal defamation law. While the findings aren't nearly as favorable to the appellant, the decision [PDF] does point out the law cannot legally be used the way it has been in this case.

Just like the Larpenter case, this one begins with offended public officials.

Sometime before April 16, 2012, the Livingston Daily Times published an opinion piece titled “Sue Happy Seven Councilmen,” which discussed complaints about the Livingston Parish Council’s misuse of public funds. A URL link to the piece was posted on a separate Facebook page maintained by the Livingston Daily Times. The Facebook post was open to public comment. Using a pseudonym, someone posted “critical comments” about three Council members—James R. Norred, Jr., Cynthia G. Wale, and Chance McGrew Parent (the “Council Defendants”). McLin alleges that the statements “merely constituted criticism of official conduct of public officials.”

Even if the comments were defamatory (something the court doesn't discuss), the correct response would be a civil suit, not criminal charges. But if the state legislature isn't actually going to repeal the shitty law, the following sort of things are going to keep happening.

On April 20, 2012, Parent filed a report with the Livingston Parish Sheriff’s Office (“LPSO”) alleging that the anonymous Facebook user had “posted a comment in regards to numerous elected counsel [sic] members.” In response, LPSO Detective Benjamin Thomas Ballard obtained subpoenas to Facebook and Charter Communications. The subpoena responses linked McLin’s home address to the Facebook account that posted the critical comments. Ballard obtained a search warrant for McLin’s home, and he and LPSO Detective Jack R. Alford, Jr. executed the search warrant on June 11, 2012. Ballard and Alford confiscated electronic devices and equipment, and a forensic analysis purportedly linked one of the confiscated computers to the anonymous Facebook user.

Anyone could have put a stop to this. But no one did, not even officers who -- as another federal court put it when dealing with this stupid statute -- are "presumed to know the law."

Upon receiving this information, Ballard, Alford, and other officers (together with Sheriff Jason Gerald Ard, the “Officer Defendants”), and the Council Defendants (together with the Officer Defendants, the “Defendants”) met on August 16, 2012, to discuss pursuing criminal charges against McLin. Some of the officers urged that criminal defamation charges under Louisiana’s criminal defamation statute—Louisiana Revised Statute § 14:47—were warranted. The Council Defendants asked to pursue the charges against McLin and “swore out criminal complaints” contending that they were each subjected to criminal defamation as a result of comments McLin allegedly posted to Facebook.

Thin skins and stupid laws are great for generating civil rights lawsuits. McLin turned himself in after finding out three arrest warrants had been sworn out. The district attorney dropped all charges four months later. McLin has a good case, one would think. According to the court, the lawsuit should be allowed to continue...

The factual allegations in McLin’s complaint sufficiently plead that the Defendants lacked probable cause to prosecute McLin for violating the Louisiana criminal defamation statute. McLin alleges that the anonymous Facebook comments—posted to a news story about Council members and the Council’s misuse of public funds—did not amount to criminal defamation but rather “merely constituted criticism of official conduct of public officials.” Speech criticizing the official conduct of public officials is protected by the First Amendment and does not constitute criminal defamation.

McLin further alleges that, upon linking the comments to him, and with knowledge that McLin’s comments were protected by the First Amendment, the Defendants met and conspired to create falsified affidavits for the purpose of obtaining arrest warrants on charges of criminal defamation. See Rykers v. Alford, 832 F.2d 895, 898 (5th Cir. 1987) (“[A]n officer charged with enforcing Louisiana law[] can be presumed to know that law.”). On these facts, which must be taken as true, we conclude that McLin’s complaint adequately alleges an unreasonable seizure because the Defendants could not have believed they had probable cause to arrest him.

Unfortunately, all the good news for McLin ends there. The court still grants immunity to the officers on the Fourth Amendment claims basically because McLin turned himself in rather than wait around to be arrested.

Here, we cannot say that every reasonable officer would understand that McLin was seized for purposes of the Fourth Amendment. To date, neither the Supreme Court nor the Fifth Circuit has decided that an officer’s acceptance of a voluntary surrender to an arrest warrant constitutes a Fourth Amendment seizure. And there is no a “robust consensus of persuasive authority”: only one circuit—the Eleventh—has found a seizure in these circumstances in a published opinion, and a majority of circuit courts have not yet weighed in. Although we now hold that McLin was seized, reasonable officers might not have understood that accepting McLin’s surrender to the arrest warrants, without imposing further pre-trial restrictions, constituted a seizure.

This decision contrasts sharply with the opinion released by Louisiana's district court. Both deal with the same law -- one twice ruled unconstitutional -- and yet no one abusing the law will suffer any ill effects. McLin did the cops a favor by showing up at their place with his hands ready for cuffing. And for that, he can't sue law enforcement officers who sought arrest warrants based on a law they should have known couldn't be used to bring charges against McLin.

Louisiana has enough rights violating going on at any given time. There's no reason legislators should allow this law to remain on the books any longer. The only thing it does is encourage people the law doesn't apply to (public figures) to work with compliant law enforcement agencies to shut down criticism.

So we've talked repeatedly about how the real "smart" choice in the era of "smart" internet of things devices is often -- dumber technology. Whether it's your smart refrigerator or TV leaking your gmail details or viewing data over unencrypted connections, your smart car opening the door to potentially fatal attack, or your smart doorbell creating new attack vectors into your WiFi network, more often than not you're quite frankly better off with the older, less sophisticated versions of these technologies if you want the smart path toward a more secure life.

The latest case in point: smart door lock vendor Lockstate managed to completely disable the smart door locks of an estimated 500 customers after a botched firmware update left customers unable to access their own properties:

A subset of smart locks made by Lockstate have been bricked after an update. The smart lock vendor is part of Airbnb’s Host Assist program, and integrates with the accommodation rental platform so, for instance, hosts can automatically generate and email one-time codes for their guests to use during check-in....Two models of Lockstate smart lock are apparently affected, one of which currently retails for $469.

Airbnb offers property owners a $50 discount code if they use Lockstate products as part of the Host Assist program — where said products are heralded as “revolutionary” and capable of withstanding “high usage”. Because the botched update made it impossible for these locks to subsequently connect to the internet for a new fix, the vendor is informing owners that their only recourse is to wait anywhere from a week to eighteen days for a physical replacement, inundating them with neither smart nor revolutionary added costs:

In the mass mailer email, which begins “Dear Lockstate customer” and summarizes its contents as an “update” pertaining to LockState 6i/6000i, affected customers are asked to wait as long as 18 days for a full replacement. Or up to a week if they choose to remove and send the back portion of the lock to the company for repair.

Feel smarter yet? Of course this isn't the first problem of this type. Internet of things brand darling Nest has, at several different points, botched their own firmware updates for supposedly smart thermostats, resulting in users either being cooked or chilled until they were able to remedy the problem. This is the kind of stuff internet of things evangelists still don't spend much time talking about when they're busy hyping and pitching the latest and greatest internet-connected widgets, built by a rotating crop of companies with a fleeting interest in actual security, functionality and privacy.

Granted bungled firmware updates are only one risk. A recent report took a look at sixteen different brands of Bluetooth-enabled smart locks, and found that at least twelve of the brands were notably susceptible to remote attacks. The flaws are fairly standard at this point, ranging from user data and passwords being transmitted in plain text, or a bungled use of encryption to transmit user data when encryption was used at all. Short version of the lesson: if you're trying to build a smart home either do your homework and consult a hacker to find the best quality devices available, or save both time and money and revert to the best available dumb alternative.