How many living, breathing human beings really read Techdirt? The truth — the most basic, rarely-spoken truth — is that we have no earthly idea. With very few exceptions, no media property big or small, new or old, online or off, can truly tell you how big its audience is. They may have never thought about it that way — after all, we all get as close as we can to what we think is a reasonably accurate estimation, though we have no way of confirming that — but all these numbers are actually good for (maybe) is relative comparisons. What does it really mean when someone says "a million people" saw something? Or ten or a hundred million? I don't know, and neither do you. (Netflix might, but we'll get to that later.)

Where should we start? How about this: internet traffic is half-fake and everyone's known it for years, but there's no incentive to actually acknowledge it. The situation is technically improving: 2015 was hailed (quietly, among people who aren't in charge of selling advertising) as a banner year because humans took back the majority with a stunning 51.5% share of online traffic, so hurray for that I guess. All the analytics suites, the ad networks and the tracking pixels can try as they might to filter the rest out, and there's plenty of advice on the endless Sisyphean task of helping them do so, but considering at least half of all that bot traffic comes from bots that fall into the "malicious" or at least "unauthorized" category, and thus have every incentive to subvert the mostly-voluntary systems that are our first line of defence against bots... Well, good luck. We already know that Alexa rankings are garbage, but what does this say about even the internal numbers that sites use to sell ad space? Could they even be off by a factor of 10? I don't know, and neither do you. Hell, we don't even know how accurate the 51.5% figure is — it could be way off... in either direction.

Okay, so what about TV ratings? Well, there's a reason they've been made fun of on the shows themselves for as long as our culture has been able to handle "meta" jokes without getting a headache. Nielsen ratings in their classic form are built on monitoring such a tiny sample of households that the whole country's viewing profile can probably be swayed because someone forgot to turn off the TV before going on vacation. They sucked before DVRs and digital distribution began transforming the single household television into a quaint anachronism, and now it's just chaos. Nielsen was slow to catch up with DVRs, and now the TV industry juggles scattered measurements including three or seven days of viewing beyond live air, and constantly complains that the ratings are off — specifically, that they're too low. And they might be right, in the sense that they are too low by comparison to the garbage ratings from the pre-digital age that everyone eventually embraced as a standard for relative rankings. How big are these audiences really, in terms of real living breathing human beings? I don't know, and neither do you.

YouTube view counts? Subject to all the same fake internet traffic problems, plus the fact that there's an opaque system for supposedly ignoring too-short incomplete views according to the genre and nature of the video, but good luck finding out how accurate that is. Channel operators know their length-of-view statistics, but you don't see them bandying them about much. Plus, how often have you heard public view counts casually referred to as the number of "people" who watched something, even though (especially when it comes to short-and-cute viral animal hits and their ilk) the bulk of them probably come from obsessive re-watching? Yeah.

So what about Facebook stats? Everything from impressions to simultaneous live video viewers is padded out by the most transient of idly-scrolling-through-the-newsfeed interactions. Twitter followings and tweet stats? Dig into the bowels of any list of followers, or any trending link, and see how much of it is mindless bots. Print readerships? Don't even get me started. Did you know it's common practice for newspapers to calculate their readership by applying a multiplier to their actual circulation, to account for an imaginary surplus of "readers per copy"? Yes, that soggy "local" paper that's been sitting out in the rain on your porch for two days, and that only exists to give them an excuse to deliver flyers to your door, is not only being counted — it's probably being counted five times. So are all the free/cheap copies that big national papers give to hotels. Oh, and when these companies distribute multiple publications in different channels — with newspapers, magazines and paywalled websites all being given away with each other as free cross-subscriptions, in order to pad out all three subscriber numbers — they add them all up and then try to determine the actual number of individual people they are reaching. How? By applying an opaque "deduplication" formula. I once pressed a newspaper's stats person about what this formula could possibly entail, but details were not forthcoming — because I suspect they just knock off 20% and call it a day, despite the fact that the magazine is distributed inside the newspaper whose audience they are supposedly "deduplicating" it from, and half the website subscriptions were free add-ons with print delivery. That's awfully generous when the truth is they don't know, and neither do I, and neither do you.

So who does know how big of an audience they really have? Well, maybe Netflix, Amazon and other digital subscription services. Their paywalls insulate them from the bulk of random bot traffic, and their proprietary ecosystems give them the ability to closely monitor all activity. Netflix, of course, is famously secretive about viewer numbers and insists on the inaccuracy of those who claim to have worked them out. The most common assumption is that they do this to avoid giving content creators too much leverage, and because the data can be seen as a valuable commodity — but I propose another reason: Netflix's likely-more-accurate statistics, if made public, would have zero context in the topsy-turvy world of nonsense TV ratings. They would probably look exceptionally low, giving the legacy bosses who would like nothing more than to downplay the importance of digital distribution (and there are as many of those as there are record execs who can't spell mp3) a chance to project whatever narrative they wanted onto the numbers.

So why does any of this matter? Because advertising is a multibillion dollar industry, and whenever an industry is worth that much, you have to ask: is that because there are billions of dollars of worthwhile transactions happening, or because every bloodsucker in a ten-industry radius wanted in on the action? So, so much of the advertising industry is pure waste. How much exactly is as impossible to determine as the audience sizes themselves. This is hardly a new idea (in fact it's a century-old quote) but it's probably more true now than ever, despite the fact that in theory technology could have delivered us from uncertainty.

Finally, what can be done about this? There's no simple answer, and maybe no answer at all. Here at Techdirt, we've been working to come up with good advertising solutions by focusing almost entirely on what we know our community likes and might be interested in (as in, our real community of people who talk in our comments and we can say, with confidence, exist) and paying less attention to raw numbers — both a luxury and a necessity for a smaller publication, depending on how you look at it. That's not always easy though, as we face an advertising industry ruled by metrics, where there are often ten spreadsheet-wielding interns between us and someone who might actually care about our creativity. In our experiments with more traditional algorithmic display advertising to monetize the raw traffic numbers we do have, we keep running up against what appears to be a universal truth: the bulk of the global internet ad ecosystem runs on trash. Gigantic prestigious online media brands can sell display campaigns straight to the same people who buy Superbowl ads — everyone else receives a hundred pitches a week from new ad networks that claim to deliver great, relevant content but in fact litter your site with ads for fad diets and ambulance-chasers (at best). And this lowest-common-denominator filler appears to be the only reliably successful form of internet advertising! At least, it never goes away when the good stuff does, and the proud quality networks eventually embrace their roles as crap-peddlers. "Good" internet advertising is a rickety ship navigating an endless roiling ocean of spam, clickbait and outright fraud — but it couldn't float at all without it.

I realize I've painted a grim picture, but these are (more or less) the facts. I'm surely wrong in some of my guesses, but like everything discussed here, nobody knows how wrong or in which direction. We'll never even really know how many people read this — we'll just have a vague estimate that can be compared to other posts on Techdirt. But for now that's the reality, so maybe more people should stop worrying about the supposed size of their audience, and focus on making the content they want to make.

Every so often, we hear a story about actions taken by someone who is just so upset about someone else doing something that it seems to border on obsessive. For example, when we hear about copyright holders who spend all their time sending DMCA takedowns -- while whining about how they're unable to produce new content and aren't making any money from sending all those takedowns. The obvious response is: maybe stop sending all those takedowns and focus on something that's actually productive, like creating new works and building a fan base willing to support you.

Recently, the Planet Money podcast had an episode with a similar story but in a different realm -- but it was just as stupid and wasteful. It was about this entrepreneurial couple who had created a cat toy product, which was becoming fairly successful through selling it on Amazon. And yet, they were completely freaked out by arbitrageurs. These weren't pirates or counterfeiters. Rather, they discovered that people were posting their cat toy to eBay (for a lot more money), and if someone bought, they'd just order it from Amazon, and have it ship directly to the buyer. I've heard of people having this happen to them -- where they'd order from one place and receive a shipment from Amazon instead (sometimes with the actual invoice price included...).

This is all perfectly legal. There's no law against reselling products. It's just arbitrage. But the couple, Fred and Natasha Ruckel, freaked out about this and spent a ton of time every day sending cease-and-desist letters to these eBay sellers.

First thing in the morning, check for arbitrageurs. Last thing at night, check for arbitrageurs, send out any cease and desists before or after. It was taking up an inordinate amount of time, and it was super stressful.

Ruckel does make a few valid points: the eBay arbitrageurs provide a less satisfying experience -- their sales pages don't look great and Ruckel wishes to have a better experience for the customers to boost brand loyalty. On top of that, the even more valid concern is that when people order via eBay for $60 and receive a box from Amazon showing the price was $40... they get pissed off. And often they return the product, and that leads to restocking fees that Ruckel has to pay -- plus just general hassle. That part is a valid concern, but from all indications this was still making them money.

And if it was really taking up so much time to send out these cease and desist letters -- and it was "super stressful" why not just drop it altogether? Why bother? Just focus on selling your products. Or, hell, just put your own product up on eBay. To be fair, while this is not mentioned in the podcast, in an article in Entrepreneur Magazine about this same story, it does note that he tried, briefly, to put the product up on eBay too, but whines that people still copied him:

This summer, Ruckel tried a new approach: He put his own product on eBay and titled it “All other eBay sellers are fake.” A few weeks later, he stumbled upon an eBay listing with a familiar title. “All other eBay sellers are fake,” it said. It wasn’t his, of course.

Someone had copied that, too.

But, uh, so what? Assuming that he posted them to eBay with the same price as his Amazon sales, then there shouldn't be a problem. All the arbitrageurs should be driven out of business, since his would be priced lower than the arbitrageurs. So who cares if they claim to be the legit provider, when people would likely flock to the cheapest one anyway? Nothing in this story makes sense.

Especially this last part. Ruckel apparently got so frustrated with the "stress" of dealing with arbitrageurs, that he yanked his stuff off of Amazon entirely... and saw his sales drop drastically.

We pulled out of the whole Prime shipping thing in May. And at that point, we were over 60,000 a month in sales. And in a blink, 60,000 went down to 25,000.

Planet Money asks them if it was worth it -- and they said that it was. Because "integrity."

F RUCKEL: Integrity is important to us.

N RUCKEL: And the stress factor...

F RUCKEL: And the stress...

N RUCKEL: ...Was completely removed.

F RUCKEL: So we removed all the stress.

Yeah, and you also removed more than half your business. Again, this reminds me of the person who claimed they were "wasting" half of their royalties sending DMCA takedown notices that weren't effective. Why do that? Why kill your sales just because someone else figured out a way to resell your product better than you have?

There's some weird psychology going on here. It reminds me of the classic economics class game, whereby two students (Student A and Student B) are selected by the professor, and Student A is given $10 and told to share some of it with Student B -- but if Student B rejects Student A's offer, then no one gets any money. Under such conditions, even if Student A offers Student B just $1 (keeping $9), Student B should take it. Both of them are better off than getting nothing. And yet, time and time again, Student B rejects offers that are seen as "too small." Basically, they feel insulted, cheated or ripped off -- even though that's ridiculous. It's a weird attempt to insert a "fairness standard" where it doesn't make any sense, and where "punishing" Student A is more "valuable" to Student B than the small payout.

It feels like something similar must be happening here. People like the Ruckels would prefer to punish others, making their own product harder to find and more difficult to buy, than to allow anyone else to possibly benefit from it. I get that it happens, but it still confuses me to no end why anyone could possibly think it's a good result.

So, the CFAA strikes again, and this time right in the heart of a Silicon Valley political fight. If you live in or around the Silicon Valley tech industry, you probably know who Ro Khanna is. He's often been described as the "candidate for Congress that Silicon Valley prefers." It feels like he's been running for Congress against incumbent Rep. Mike Honda forever, but it's really just in the past two elections. Here's a big Bloomberg profile of him from 2013 when he first challenged Honda, losing narrowly to him in the 2014 election, despite having support from many Silicon Valley tech industry stars. This year, he's running again, and in the primary, Khanna narrowly beat Honda, suggesting good things in the general election in November (the top two candidates in the open primary move on to the general election, regardless of party).

Khanna is known for his pro-internet views, while Honda has a reputation for not really understanding or caring very much about the internet.

And now... Honda has sued Khanna under one of the most hated laws on the internet, the CFAA (Computer Fraud & Abuse Act). As we've discussed for many years, the CFAA was supposed to be an "anti-hacking law" that was created by politicians who were (literally, no joke) scared by the fictional movie War Games into writing an anti-hacking law in the 1980s. The law has many, many, many problems, but the biggest one, which comes up again and again in cases, is that it has a vague standard of "unauthorized access" or "exceeding authorized access."

Not surprisingly, that's the issue in this case as well. In short, Brian Parvizshahi was (until Thursday night) Khanna's campaign manager. Way back in 2012, Parvizshahi had briefly (as in, for just a few weeks) worked at Arum Group, an organization that helped Mike Honda with fundraising. After he left Arum Group, apparently no one at the company thought to turn off his access to the Dropbox where they stored all their info about donors. Now, to most people, you'd think that the issue here would be Arum Group's bad policies. But, under the CFAA some can argue that continuing to access that file is a form of "unauthorized access."

And that's the central claim here in the lawsuit. Honda claims that Parvizshahi continued to access that Dropbox folder that he was given access to four years ago and which Arum Group never shut down -- and thus he, and the whole Khanna campaign -- violated the CFAA. You can see the full filing here.

Now, we can say that Parvizshahi continually accessing this info -- especially after starting to work for Khanna -- was really, really dumb. Especially since his actions were clearly viewable in Dropbox -- including cases where he supposedly "edited" the files. From the lawsuit, here's just one of many, many images: It is worth noting, though, that some of the screenshots merely show Parvizshahi "adding" the document to his desktop, which might have happened automatically if he was syncing his Dropbox account to his computer, which is the way many people set things up.

One other sketchy thing here is that someone sent a copy of Honda's donor list to San Jose Inside magazine in late 2015 -- and apparently the file they got matched a file in the Dropbox folder that Parvizshahi had accessed.

So while it may have been dumb for him to do so, the real fault here would seem to lie with Arum Group for (1) giving Parvizshahi access on what appears to be his personal Dropbox account, rather than adding a professional account that it controlled and (2) failing to revoke his access after Parvizshahi left, and not even noticing it for years. That seems to be the really negligent move here.

But, with the way courts have been interpreting the CFAA, it does seem entirely possible (if ridiculous) that a California court could interpret this to be a CFAA violation for Parvizshahi at the very least. If that also applies to Khanna, that would seem doubly ridiculous. Either way, as far as I can tell, while Khanna has taken a position on a number of issues related to tech policy, I don't see anything about the CFAA. Perhaps this particular episode will change that.

More information is surfacing on the source of the NSA's hacking tools discovered and published by the Shadow Brokers. Just as Ed Snowden pointed out shortly after the tools first appeared online, the problem with sticking a stash of hacking tools on equipment you don't own is that others can access the tools, too… especially if an operative doesn't follow through on the more mundane aspects of good opsec.

Here's where it gets interesting: the NSA is not made of magic. Our rivals do the same thing to us -- and occasionally succeed. Knowing this, NSA's hackers (TAO) are told not to leave their hack tools ("binaries") on the server after an op. But people get lazy.

Reuters has exclusive (but anonymous) interviews with personnel involved in the investigation which indicates other, more exculpatory theories are likely wrong.

Various explanations have been floated by officials in Washington as to how the tools were stolen. Some feared it was the work of a leaker similar to former agency contractor Edward Snowden, while others suspected the Russians might have hacked into NSA headquarters in Fort Meade, Maryland.

But officials heading the FBI-led investigation now discount both of those scenarios, the people said in separate interviews.

NSA officials have told investigators that an employee or contractor made the mistake about three years ago during an operation that used the tools, the people said.

And what a mistake it was. Tools purchased or developed by the NSA's Tailored Access Operations (TAO) are now -- at least partially -- in the public domain. The other aspect of this unprecedented "mistake" being confirmed is the fact that the NSA couldn't care less about collateral damage.

That person acknowledged the error shortly afterward, they said. But the NSA did not inform the companies of the danger when it first discovered the exposure of the tools, the sources said.

Three years of unpatched holes, one of them a zero day that affects a great deal of Cisco's networking equipment. Not only was TAO's operation security compromised, but so were any number of affected products offered by US tech companies.

However, investigators are still looking into the possibility that the tools were left behind deliberately by a disgruntled TAO operative. This theory looks far better on the NSA than another theory also being examined: that multiple operatives screwed up in small ways, compounding each other's mistakes and (eventually) leading to a public showing of valuable surveillance tools.

As for the official, on-the-record comment… no comment. The FBI and Director of National Intelligence declined to provide Reuters with a statement.

The NSA has long refused to acknowledge the inherent dangers of hoarding exploits and deploying them with little to no oversight. It's unclear whether this incident will change this behavior or make it a more-forthcoming partner in the Liability Equities Process. What is has proven is that the NSA makes mistakes like any other agency -- whether the tools were left behind accidentally or deliberately. It's just that when the NSA screws up, it exposes its willingness to harm American tech companies to further its own intelligence needs.

This week, Hillary Clinton more or less told Silicon Valley to, once again, "nerd harder!" to find ways to stop terrorists from radicalizing people online. Norahc won first place for insightful with some fair play turnabout:

Perhaps if in her role as Secretary of State, she had "diplomat harder" we might have found a way to prevent the radicalization of people. Then again, that would entail people like her (including the other candidate) having to do real work instead of demanding other people work harder.

Our second place comment also comes in response to that post, and this one racked up so many votes that it also took first place on the funny side (it's been a while since we had a double winner!) Machin Sin took a closer look at the notion of blocking radicalizing speech:

Under this logic all speech coming from either Hillary or Trump should instantly be blocked. For that matter they should both just be locked up.

I can't think of anything that could cause more radicalization than the steady stream of stupidity that flows from those two. Some of the bombers are probably just happy knowing that by blowing themselves up they wont have to listen to any more news clips about those two bozos.

For editor's choice on the insightful side, we start out with a comment from Dave Cortright responding to the parade of false statements used by the intelligence community to smear Edward Snowden:

Ad Hominem, AD HOMINEM, AD FUCKING HOMINEM!

Look, it's great that Snowden turned out to be a nearly impeccable character that his opponents have to resort to lies and serious distortions to discredit him. But even if the guy were a drug addict with a penchant for young boys, THAT DOES NOT IN ANY WAY CHANGE THE *FACTS* OF THE MATTER AT HAND.

This whole report is just a pathetic attempt at redirection, focusing on the messenger rather than the message. And more to the point (which Greenwald astutely pointed out in his piece), Snowden was not the one who made this information public. If anyone should be scrutinized by the government it is the JOURNALISTS and their institutions who analyzed the information he provided and independently determined it to be newsworthy.

Fuck the oxymorons on the House Intelligence Committee. I hope the next leak FUBARs each and every one of their personal and professional lives commensurate with the bullshit our government has put all of the previous intelligence whistleblowers combined.

Next, we've got a small but important anonymous observation about HP disabling third-party ink cartridges with a firmware update:

There is a serious and long-term unintended consequence that MS, HP, et al are not considering here: they are teaching users that *installing security updates is bad.*

Over on the funny side, we've already had our first place winner above, so we head straight to second place where That One Guy noticed a fun detail in our story about the downfall of game studio Digital Homicide:

You just can't make this stuff up

"Games like Wyatt Derp, Temper Tantrum, and The Slaughtering Grounds (the first game Sterling reviewed)"

There is just something so very fitting for a company like that to make a game and call it 'Temper Tantrum', given their typical responses to criticism. What next, a game called 'Vexatious Bully'? Or how about 'Victim Complex'?

For editor's choice, we start out on the bizarre story of Macedonia's copyright licensing collective actually banning Macedonian music from the air in protest of having to face competition. One comment stood out as especially appropriate:

Do they also claim ownership of the word Pyrrhic

(I don't know if this was the intention of the commenter, but I found it amusing since Macedonia is in fact only about a hundred miles from the historical region of Epirus, home of King Pyrrhus himself. So... maybe!)

Finally, for the sake of symmetry, we've got another response to HP's ink cartridge debacle. Roger Strong cut short those with plans of doing their own re-inking:

HOME RIBBON RE-INKING IS KILLING THE PRINTER INDUSTRY!

(I'm not sure how well that one would work on a t-shirt, but you never know...)

That's all for this week, folks!

Five Years Ago

This week in 2011, the Pirate Party scored another big victory when it took 9% of the vote and a bunch of seats in parliament in Berlin. Their influence was badly needed across Europe, what with Italy proposing a one-strike law to ban people from the internet based on a single accusation of infringement (prompting questions about whether that was even legal in Europe), and the EU Commissioner straight-up asking big entertainment companies to step up their lobbying for more draconian copyright law.

Also this week in 2011: the now-tiresomely-ubiquitous "Keep Calm And Carry On" poster was at the height of its popularity, and the trademark battles were heating up.

Ten Years Ago

This week in 2006, HP was still grappling with the massive spying scandal that hit it last week. First, more details came out that exposed even more elaborate spying and made the company look even worse, although it still wasn't clear whether or not California law actually made any of the activities illegal. Chairperson Patricia Dunn's pleas of ignorance began to fall apart when more documents suggested she was closely involved, and by the end of the week she resigned from the company only to be replaced by CEO Mark Hurd. But... additional leaked memos implicated him in the scandal too.

Fifteen Years Ago

This week in 2001, Techdirt (and the world) was still reeling from the events of September 11th. The FBI was already moving to expand its wiretapping abilities, companies with poor taste were already moving to capitalize on the tragedy, scammers with even fewer morals were doing the same in their own way and, of course, the conspiracy theories were already flowing. Publishers of violent video games were delaying their launches, and after every store sold out of American flags it turned out they were pretty hard to find online in 2001.

Seventy Years Ago

The Cannes Film Festival is one of the oldest and most prestigious institutions in the world of film, and generally seen as a bastion of movie artistry and creativity in a Hollywood-dominated world. The first ever festival was supposed to happen in 1939, until a pesky global conflict got in the way — but the dream survived the war, and the long-delayed Cannes Film Festival debuted on September 20th, 1946.

Support Techdirt and get Takedown gear! Last chance this year! »

Of all the T-shirts and other gear available in our super-early holiday sale, the popular Takedown design has the longest history: it was one of the first T-shirts we produced years ago as part of an early "reason to buy" project, it was later revamped with an improved graphical design for our Insider Shop, and then this year it was revamped once again with a slightly modified look for our sales via Teespring.

And now it's your last chance to get one in 2016! The current run ends on Monday, October 3rd -- and after that we won't be taking reservations and can't promise when it will return, but it won't be until next year at the earliest.

So don't miss out and order yours today! Plus, consider picking it up now for the holidays and getting an early start on your gift-buying list -- the reason we're holding this sale so early is to give lots and lots of time before Christmas for Teespring's sometimes-slow fulfillment. And don't forget to check out the other gear in our super-early holiday sale.

So, yesterday, we noted that the Senate at least seemed to come (at least somewhat) to its senses in choosing not to include the ridiculous and dangerous proposal from Ted Cruz (and supported by Donald Trump) to block the transition of the IANA functions of internet governance away from the Commerce Department. I won't go into (once again) why this is important and not a problem, or even why Cruz's objections to it are so backwards that his plan will actually make it more likely that the "bad" result he keeps warning about will actually come to pass. You can reread the older articles on that.

However, with Democrats complaining about the Senate's Continuing Resolution and a vote on it being pushed off, the debate over the possibility of blocking the transition is still going on. Hell, Ted Cruz even pointed to Donald Trump's support of his plan as a reason to finally endorse Trump:

Internet freedom. Clinton supports Obama’s plan to hand over control of the Internet to an international community of stakeholders, including Russia, China, and Iran. Just this week, Trump came out strongly against that plan, and in support of free speech online.

Except, none of that is true. First, the plan does not hand over control to Russia, China and Iran -- and keeping IANA under the Commerce Dept. makes it A LOT MORE LIKELY that that coalition of countries is able to grab control of the IANA functions from ICANN and the US. But, uh, even more importantly, claiming that Trump is in favor of "free speech online" is laughable. This is the candidate who has repeatedly talked about "opening up our libel laws" to go after speech he doesn't like, has threatened to sue many publications for protected speech, and has flat out declared that we should turn off parts of the internet and anyone who responded with "freedom of speech" was "foolish." But, that's still not the craziest argument I've heard recently concerning the transition. The award there goes to Theresa Payton, who was a top IT staffer at the White House under George W. Bush and now runs a "cybersecurity" firm. She wrote a bizarre opinion piece in The Hill that, frankly, calls into question whether she understands what ICANN even does. She tries to argue that the transition will somehow make it easier for Russia to hack our election... because [reasons].

Changing who controls the Internet Corporation for Assigned Names and Numbers (ICANN) so close to our presidential election will jeopardize the results of how you vote on Nov. 8 unless Congress stops this changeover. When the calendar hits Sept. 30, a mere 6 weeks before our election, the United States cannot be assured that if any web site is hacked, the responsible party will be held accountable. We cannot be sure if a web site is a valid. We cannot be sure if one country is being favored over another. These are all the things ICANN is responsible for and has worked perfectly since the Internet was created. Why change it now and so close to the election? Why does that matter to you as a voter?

Take a look at recent cyber activity as it relates to the election. The Democratic National Convention was breached comprising the entire party’s strategy, donor base, and indeed, national convention. Everything the DNC had done to prepare for a moment four years in the making (if not longer) was undermined by a hacker who had been in their system for some time but waited for the optimal moment to spring it on the DNC – opening day of the convention. The FBI and other U.S. agencies, as the headlines blare, suspect Russia is responsible for the hack. Recently, Vladimir Putin went so far as to say, "Does it matter who broke in? Surely what's important is the content of what was released to the public.”

Except, uh, ICANN has nothing to do with figuring out who hacks who. Nor is it the party that's figuring out if one country "is being favored over another" or if a "website is valid." That's not ICANN's job, and has nothing to do whatsoever with the IANA transition -- which will leave the internet working exactly as it has before. Honestly, this opinion piece does nothing to call the transition into question, but does a tremendous job in calling Theresa Payton's knowledge of technology and cybersecurity into question.

ICANN does more than just assign and/or approve your website’s domain. ICANN has its own Security and Stability Advisory Committee, which “engages in ongoing threat assessment and risk analysis of the Internet naming and address allocation services to assess where the principal threats to stability and security lie, and advises the ICANN community accordingly.” They are equivalent to your security guard at the bank. Why change the security guard now when voter data is more vulnerable – and prized - than ever?

If ICANN changes hands, so do the security measures taken to protect the rightful owner of your web site. If a site was hijacked today – not an uncommon crime in the cyber world - to reassert yourself as the rightful owner, you would go through law enforcement channels, your domain provider, and yes, ICANN.

First of all, the "transition" in question isn't about transitioning all of ICANN. Just its IANA functions, which only have a symbolic connection to the US government. Second, Payton seems to not understand what ICANN does, what the ICANN SSAC does, or how internet security works. They are not the equivalent of the "security guard at the bank." You'd think the CEO and founder of a "cybersecurity" company would know that. And, after the IANA transition takes place, ICANN itself doesn't "change hands" nor does it change what the SSAC does, which isn't anything even remotely close to what Payton seems to think it does.

Don't trust me? How about Stephen Crocker, who heads ICANN's Board of Directors -- and also helped create the damn internet. You know how much of the internet was designed through "RFCs" -- "Requests for Comments" -- well, Crocker invented the RFC and wrote the very first one. I think he knows what he's talking about. And he and the head of ICANN's SSAC, Patrik Fallstrom, have responded to Payton with a nicer version of "you have no idea what you're talking about."

The SSAC is not a “security guard” for the Internet. The SSAC has no enforcement power, and the value of its advice is based on the strength of the facts underlying such advice.

The Security and Stability Advisory Committee advises the ICANN community and Board on matters relating to the security and integrity of the Internet's naming and address allocation systems. Our recent work include advisories on a wide range of topics such as internationalized domain names, protecting domain name owners and operators, best practices for domain name registrars, analysis on the changing nature of IPv4 address semantics, and advice on matters pertaining to the correct and reliable operation of the root name system and other issues (see https://ssac.icann.org/ for more details). The SSAC neither operates as a security guard for the Internet, nor does it aspire to.

The IANA transition has no practical effect on the work and activities of the SSAC. Nor does the transition have any effect on the security and stability of website owners worldwide. The risk of compromise of a website owner does not increase as a result of the IANA transition, since ICANN and IANA do not control either the ownership of websites or the content on websites. Leading technical experts, industry associations, and civil society groups agree that allowing the IANA contract to expire is the best possible way to protect and promote the continued integrity of the Internet.

There is simply no relationship between ICANN and the current U.S. election process. Assertions of this sort are misleading and irresponsible. On the other hand, attempt to connect ICANN to the U.S. political process play directly into the hands of the enemies of an open Internet who would like to see ICANN and other Internet bodies put under the control of the United Nations or, worse yet, broken up into separate, government-controlled networks that do not interoperate smoothly around the world.

So, yeah. It seems that as we get closer to the transition, and since this issue has become "political," we're seeing stupider and ever more clueless attacks -- but they seem to only serve to make the people behind them look worse and worse. This shouldn't be a partisan issue. It shouldn't be a political issue. It shouldn't be an issue. Severing the minor link connection between IANA and the Commerce Department changes nothing practical in how the internet is governed, but takes a big weapon away from Russia and China in their quest to take control over those functions.

We were just talking about Bahnhof, the Swedish ISP with a reputation for protecting its customers privacy, and its script-flipping battle with a copyright troll called Spridningskollen. At issue is that Bahnhof has for some time operated a website, Spridningskollen.org, and has applied for a trademark registration for it more recently. The copyright troll is new in town, so to speak, and Bahnhoff is relying on common law trademark rights while its application goes through the process, but that isn't keeping the ISP from continuing to give Spridningskollen a taste of its own medicine.

In a move laced with irony, Bahnhof has sent Spridningskollen a settlement letter on the basis of its trademark infringement.

Previously they accused Spridningskollen of trademark infringement and this week they followed up this threat with a more concrete warning. Giving the “trolls” a taste of their own medicine, Bahnhof sent them an invoice for the exact amount they also ask from accused pirates, to settle the alleged trademark infringement.

“You’re infringing our trademark ‘Spridningskollen.’ Bahnhof filed for the trademark on 2016-08-31, with the launch of the website Spridningskollen.org,” the settlement invoice reads.

Now, Spridningskollen will almost certainly not take Bahnhof up on its offer, but that isn't really the point. The point is that a copyright troll that wraps itself in the flag of anti-piracy, but which actually simply looks to bully settlement money out of the public, couldn't be bothered to come up with a name for itself that wasn't already in use and has now been served with the exact sort of settlement letter it itself wants to send to others. It's response to the letter is going to look bad either way. Bowing to its demands will be a public acknowledgement that the "anti-piracy" group violated another group's intellectual property. Not a good look. Fighting back against the letter, as it surely will, casts doubt on the legitimacy of its own threat-settlement letters and provides the public with a role-model example for what to do if they receive such a settlement notice.

It's a checkmate move, in other words. That Bahnhoff is asking for the exact amount that Spridningskollen plans to ask for in its own letters simply layers on a bit of snark to all of this. Which makes Bahnhoff an early favorite for the ISP doing the most to protect its customers from copyright bullies while entertaining the rest of us.

In which the government argues that avowedly suspicionless behavior is reasonable suspicion.

Carlos Velazquez was pulled over by Officer Ken Scott, a "traffic investigator" patrolling the Ft. Bragg military base in North Carolina. Scott observed Velasquez make a right-hand turn at a stop sign, then reverse course when he encountered a gate preventing traffic from entering the Ft. Bragg Special Operations Compound. The stop resulted in the search of the vehicle and, eventually, the discovery of illegal drugs.

Velazquez moved to suppress the evidence, arguing that the stop was suspicionless. The government disagreed, but Scott's own testimony indicates it was a suspicionless stop. Scott claimed the stop was justified because he believed Velazquez was "intoxicated or lost." That last part Scott himself ignored, even during his testimony as the government's sole witness. The actions Scott viewed as "suspicious" during his justification of the traffic stop were also actions Scott had witnessed numerous times while patrolling the area around the military base.

Lamont Road ends at an intersection with Manchester Road. At the time of this incident, if a driver turned right from Lamont onto Manchester, he would encounter a closed gate with a "Do Not Enter" sign. Id. at 1:09:20-1:09:30. If a driver turned left from Lamont onto Manchester, the road would take him towards various training areas and, ultimately, the town of Southern Pines. Id. at 1:10:20-1:10:29.

Officer Scott described this area as wooded with no lighting with minimal, if any, phone and radio signals. Id. at 1:10:39-1:10:49. Officer Scott also stated that there are no individuals in that area at night. Id. at 1:11:16-1:11:22. Officer Scott also testified that he has often assisted individuals who were lost in the area, including those following GPS. Id. at 1:12:17-1:12:36. Officer Scott stated that he had often received calls of lost individuals utilizing GPS where the GPS would take them off the main road. Id.; id. at 1:17:01-1:17:15. He also stated that there are no phone signals and radios often do not operate in this remote area. Id. at 1:10:50-1:10:55.

Officer Scott did not provide any details on how many suspicionless stops he has performed after viewing behavior he admittedly finds unsuspicious. There's also nothing in the decision that indicates Scott observed anything about Velazquez's behavior during the stop that would have added to his suspicions. Instead, as the court points out, everything Velazquez did was entirely normal, given what Officer Scott had observed during previous patrols.

Here, the evidence demonstrates that Velasquez was driving on a public road shortly after midnight on a Saturday morning. When he reached an intersection, he stopped completely and proceeded to make a right turn. After encountering a fence informing him he was not allowed to proceed further, Velasquez turned his vehicle around and proceeded down a public, albeit remote, road. At no time did Officer Scott observe any erratic driving, traffic violations, or other conduct that indicated Velasquez was intoxicated. There is no indication that there were concerns that Velasquez posed a threat to the physical security of the base or personnel or that he was seeking unauthorized access to the Special Operations Compound. Officer Scott's decision to pull Velasquez over appears to have been based entirely on his presence on a public road at night and his right turn at the intersection of Lamont and Manchester Roads. Given that Officer Scott was aware that individuals frequently became lost in this area and that GPS systems would often cause individuals to make wrong turns, these facts are insufficient to establish that Officer Scott's stop of Velazquez's vehicle was supported by reasonable suspicion of criminal conduct.

No one likes to lose a drug bust, but offering up an argument that basically amounts to "the lack of suspicious behavior made me suspicious" is even worse than the government's routine insistence that driving from state to state on paved highways is suspicious because criminals often travel from state to state on paved highways.

While officers are generally free to make up their own traffic laws to initiate suspicionless stops, the officer here apparently failed to come up with anything better than "possibly [and suspiciously] lost" after interacting with Velazquez. The officer lucked into a drug bust, but "fortuitous discovery" isn't a recognized Fourth Amendment exception (or, at least, it shouldn't be one -- see also: "good faith").

There are few activities that separate citizens from their Fourth Amendment rights faster than driving but, at least in this decision, the rights didn't evaporate quite as quickly as Officer Scott may have hoped. Away goes the evidence. With that dismissed during oral arguments, the government decided there was nothing left to prosecute, so the charges have been dropped as well.

When Dirty Harry acolytes bitch about "technicalities" putting drug dealers back on the streets, these are the sorts of things they're often unknowingly referring to: law enforcement's inability to stay within the confines of the law and the Constitution.