Capitalist Lion Tamer’s Techdirt Profile


About Capitalist Lion TamerTechdirt Insider

List of blogs started with enthusiasm, which now mostly lie dormant:

[reserved for future use]

[recently retired]

[various side projects]

Posted on Techdirt - 23 April 2018 @ 6:26am

Lawmakers Ask FBI Why It Isn't Getting Busy Cracking Its Stockpile Of Seized Smartphones

from the nerd-harder,-g-men dept

Ever since the FBI began its "going dark" crusade, crucial questions have gone unanswered. Considering the budget and technical expertise the FBI has access to, why was it so necessary to get Apple to crack an iPhone's encryption for the Bureau? Turns out it wasn't. The FBI did have a solution, but the head of the division charged with cracking open the San Bernardino shooter's phone didn't want a technical solution. He wanted a courtroom solution.

The report that outed the FBI's general disinterest in using outside contractors to crack encrypted devices is now being used against the FBI. Ten (bipartisan) legislators have signed a letter demanding answers from the agency about its anti-encryption efforts. The "going dark" narrative continues to be pushed by director Christopher Wray, despite recent reports showing at least two vendors have tools that can crack any encrypted iPhones. The tools are also much cheaper than the ~$1 million the FBI spent to open the shooter's phone, which raises questions about the agency's fiscal responsibilities to taxpayers.

The letter [PDF] highlights portions of the Inspector General's report indicating the agency was less than motivated to find an outside solution while engaged in a legal battle with Apple. It also points to the thousands of devices the FBI says it can't access, despite the ready availability of vendor tools designed to do what the FBI continues to claim is impossible.

These are the questions the legislators want answered -- questions we've been asking for months:

Have you consulted with relevant third-party vendors to understand what tools are available to help the FBI access device content?

Do you agree that there are solutions available to help unlock or nearly every device on the market? If not, why are these solutions, particularly the ones discussed above, insufficient?

Why can't the FBI unlock the 7,800 devices? Have you attempted to use tools developed by third-parties to unlock these devices?

Of these locked phones, how many are equipped with biometrics or how many have data available through a cloud service, which would provide additional means to access data or unlock phones?

For each device that you have not used a third-party tool to unlock, what is the rationale for not doing so?

These are all reasonable questions. But the FBI has been anything but reasonable when it comes to device encryption. Its director continues to insist -- despite zero tech expert support -- that safe and secure encryption backdoors are possible and that it's willing to sacrifice the public's security for "public safety." The FBI's disingenuous actions show it can't be trusted to handle the encryption debate honestly. Hopefully, this letter will reset the "conversation" by giving stakeholders insight into the fight the FBI appears to be throwing in hopes of being bailed out by legislators or federal judges.

Read More | 18 Comments | Leave a Comment..

Posted on Techdirt - 20 April 2018 @ 10:43am

Glass-Tongued Copyright Troll Thinks Google, Popehat, and Boing Boing Are Engaged In 'Black Hat Seo'

from the what-a-maroon dept

After taking a hiatus from issuing bogus DMCA takedowns against this site, self-proclaimed poet "Shaun Shane" is back at it. The harassment of anyone who dares to publish a certain poem of Shane's -- the one about tongues made of glass -- is a (possibly) Texas-based cottage industry. The harassment continues to this day, but not much of it is directed at Google. Most of Shane's "work" is done over at Twitter, where tweets are greeted with takedown requests.

Presumably, this had led to an immeasurable increase in books sales for Shane. I mean, an unauthorized tweet = 1 lost sale, if I'm not mistaken. Whatever the case is, Shane is back to abusing the DMCA process for something that neither looks like fun nor for profit. Shane has issued several bogus takedown requests over the past couple of months.

Some are normal takedown requests targeting any place that has reproduced his poem. These are fine, but only by comparison. In other requests, targeting TorrentFreak, Boing Boing, Popehat, and Techdirt, some very interesting theories are being advanced. (But not respected. No one is being delisted for the imaginary crimes against IP that Shane has pitched to Google.)

This notice argues contributory infringement, claiming the posting of the poem in full somehow "encourages criminal infringement." That's as sane as the notices get. From there, all bets are off.

This one, targeting a Techdirt URL, attempts to fashion a defamation claim out of thin air (and all without once using the word "defamation").

The reported Url violates Title 28 U.S. Code § 4101 by making the false statement that I do not know the Director John Waters . I have know and been with friends with him since 1984. I was formal film student of his from 1985-86. I acted in the film "Reckless Eyeballs" directed by him. To prove these facts I will provide you with the phone number and email John Waters so you may verify these facts from him directly.

"Reckless Eyeballs" is mentioned on John Waters' Wikipedia page. But there are no links supporting it and it has "this film featured the poet Shaun Shane as the lead" appended to it for no apparent reason. Oh, wait. There's a very apparent reason. The IP address that added the edit traces back to Pearland, Texas, one of "Shaun Shane's" stomping grounds. So, make of that what you will. (And chances are you will make "Shaun Shane did not appear in a John Waters short" of it.)

Another notice, sent April 15, attempts to fashion a conspiracy theory out of Google juice.

I am the Author Shaun Shane, someone is using Bots to artificially raise the reported Url's ranking in Google search results beyond what Google's search algorithm has naturally assigned it and are engaging in "black Seo".

Apparently Shane realized there's no such thing as "black Seo" as the DMCA notices sent the following day attempt to amend that error.

I am the Author Shaun Shane. Someone is using Bots for the reported Url to artificially raise it's rank in Google search results and beyond what Googles search algorithm would naturally assign it and is engaging in Black Hat Seo.

This is better but still stupid. At least we have "Black Hat Seo" instead of "black Seo" to work with, but there's nothing artificial about these search engine rankings. The sites targeted by these notices are all high-ranking sites: Boing Boing, Popehat, Techdirt and… um… I guess, Twitter. (A Popehat tweet is also targeted.)

Welcome back, Shaun. The world is a little duller without you around. We await your newest conspiracy theory about SEO black magic and defamation that dare not speak its name. Meanwhile, we've been given another "anomaly" to file away with the hundreds of others in the annals of DMCA abuse.

31 Comments | Leave a Comment..

Posted on Techdirt - 20 April 2018 @ 6:21am

Texas Revenge Porn Laws Loses Battle With First Amendment

from the do-it-right-or-you-might-as-well-not-do-it-at-all dept

Texas attorney Mark Bennett -- instrumental in getting an unconstitutional "peeping tom" law tossed in 2014 -- has scored another win for the First Amendment by getting an unconstitutional revenge porn law tossed. It's not that anyone (except revenge porn purveyors) wants to see revenge porn go unchecked. It's that there's plenty of laws on the books already to address the problem and those written to target revenge porn tend to do collateral damage to the Constitution.

Mark Bennett began this fight back in 2015, right after the law went into effect. As Scott Greenfield reports, Bennett has secured a win in the 12th District Court of Appeals, reversing the lower court's finding the law was First Amendment-compliant.

As has been argued from the day Mary Anne Franks began her efforts to create a criminal revenge porn statute, it clearly implicated the First Amendment’s prohibition against laws infringing on free expression, to which she merely screamed her denials and did her best to deflect by creating a fantasy interpretation of the First Amendment. The court made swift work of it.

In the instant case, Section 21.16(b) proscribes the disclosure of certain visual material, including any film, photograph, or videotape in various formats. Because the photographs and visual recordings are inherently expressive and the First Amendment applies to the distribution of such expressive media in the same way it applies to their creation, we conclude that the right to freedom of speech is implicated in this case.

As the court notes, the restriction on revenge porn is content-based. Content-based restrictions require greater scrutiny to adhere to the Constitution and Texas' law cannot hold up to this level of scrutiny. From the decision [PDF]:

In the instant case, the State conceded at oral argument that Section 21.16(b) properly is subject to strict scrutiny analysis. We agree. Here, Section 21.16(b)(1) does not penalize all intentional disclosure of visual material depicting another person. See TEX. PENAL CODE ANN. § 21.16(b)(1). Rather, Section 21.16(b)(1) penalizes only a subset of disclosed images, those which depict another person with the person’s intimate parts exposed or engaged in sexual conduct. See id. § 21.16(a)(1), (3), (b)(1). Therefore, we conclude that Section 21.16(b)(1) discriminates on the basis of content.

The state tried to claim revenge porn is always obscene material. As the court points out, the state cannot make this determination on its own. It needs the court's help and, further than that, courts need a jury's help to determine whether or not disputed content is actually obscene.

Then it points out the obvious flaw in this argument -- one the state should have caught before arguing a new, unconstitutional law was needed to regulate obscenity.

Here, Section 21.16 does not include language that would permit a trier of fact to determine that the visual material disclosed is obscene. Moreover, if, as the State argues, any visual material disclosed under Section 21.16(b) is obscene, the statute is wholly redundant in light of Texas’s obscenity statutes.

Having dispensed with the state's attempts to salvage a redundant law, the court gives it this send off -- a light kick to ass of legislators and the state's legal counsel: DO BETTER.

At the very least, Section 21.16(b)(2) could be narrowed by requiring that the disclosing person have knowledge of the circumstances giving rise to the depicted person’s privacy expectation. But because Section 21.16(b) does not use the least restrictive means of achieving what we have assumed to be the compelling government interest of preventing the intolerable invasion of a substantial privacy interest, it is an invalid content-based restriction in violation of the First Amendment.

Once again, it's not that revenge porn should be ignored. It's that it's almost impossible to craft a law targeting revenge porn without doing damage to the First Amendment. As multiple prosecutions have shown, revenge porn purveyors tend to break plenty of existing laws. Prosecutors and regulators have had little problem shutting down sites using laws not specifically created to target revenge porn. The problem is most legislators like to appear to be doing something about societal issues, but often have little interest in ensuring their proposed statutes are Constitutionally-sound before pushing them across governors' desks. As the court points out here, a little care taken during the crafting process would have gone a long way towards keeping this law alive.

Read More | 21 Comments | Leave a Comment..

Posted on Techdirt - 19 April 2018 @ 1:30pm

The War On Whistleblowers Claims Another Casualty

from the stop-telling-people-how-the-government-is-fucking-with-them dept

Another whistleblower will be going to jail. Thanks to the application of the Espionage Act, former FBI special agent Terry Albury wasn't able to defend his leaking of FBI internal documents to journalists (most likely The Intercept) by claiming he leaked to expose noxious FBI tactics and behavior. Defenses predicated on public interest aren't allowed in Espionage Act trials, meaning Albury's decision to plead guilty is there to limit the number of years he'll spend incarcerated, rather than an indication his leaks were meant to harm the government.

Albury's attorneys released this statement to the Columbia Journalism Review shortly after his court hearing.

Terry Albury is a good and honorable man. His conduct in this case was an act of conscience. It was driven by his belief that there was no viable alternative to remedy the abuses he sought to address. He recognizes that what he did was unlawful and accepts full responsibility for his conduct, which he has demonstrated by reaching an agreement with the government to plead guilty.

Albury's statement while entering his plea pointed to internal FBI problems that personally affected him. These apparently pushed him towards leaking documents, as the issues described likely made use of proper channels impossible. When the problem is systemic racism, there's little hope an African-American agent is going to find anything more than vindictive behavior and recrimination by staying within the walls of the Bureau.

In his plea, Mr. Albury acknowledged that the facts outlined by the government were accurate and that he had acted with the knowledge that he was breaking the law. His lawyers, JaneAnne Murray and Joshua Dratel, said in a statement that he viewed his disclosures as “an act of conscience” in the face of racism at the F.B.I.

“It has long been a critique of the F.B.I. that it consists of and reflects a predominantly white male culture, which, as a result, has often treated minority communities with suspicion and disrespect,” the statement said. It added that Mr. Albury — who was the only African-American field agent in the Minneapolis office — had decided to act after he was assigned to the bureau’s counterterrorism team and “was required firsthand to implement F.B.I. investigation directives that profiled and intimidated minority communities in Minnesota and other locations.”

The leaks cited here are only part of the set of documents given to journalists. They detailed the FBI's internal rules for finding and developing informants. Agents are given a lot of latitude to pursue people they want to turn into informants. The lack of controls or oversight led to plenty of profiling by the agency, resulting in the targeting of marginalized groups disproportionately. This process allowed FBI agents to leverage anything and everything against targets to turn them into confidential informants. This included the threat of deportation or blocked visa applications if the target was a foreign citizen in the United States. As the article at The Intercept notes, the FBI would routinely deport informants whenever they ceased being useful.

But there's more to the leaks than pursuing Muslims or black teens or whoever the FBI felt would be most-easily leveraged or likely to have criminal contacts. The leaked documents also contained info about the FBI's surveillance of journalists -- all part of the Obama Administration's war on leakers.

In 2015, after several scandals involving the surveillance of reporters from the Associated Press and Fox News during the Obama administration, former Attorney General Eric Holder announced an update to the Justice Department’s “media guidelines,” which implemented strict rules for when the government is allowed to use subpoenas, court orders, or warrants to spy on reporters’ communications. However, the guidelines conspicuously exempted NSLs from the rules, meaning the FBI or Justice Department could use NSLs to circumvent the strict media guidelines and spy on reporters without any court oversight.

This may look like a crackdown on FBI spying, but in reality, it allowed the FBI to misuse NSLs to obtain records pertaining to journalists' contacts, presumably in hopes of sniffing out leakers and whistleblowers. The only check against abuse is internal: an agent deploying an NSL targeting a journalist must obtain permission from the FBI General Counsel or a supervisor in the national security division. Considering both the GC and NatSec brass would be just as interested in finding and exposing whistleblowers and leakers, obtaining permission for an NSL is likely laughably easy.

What Terry Albury exposed was the FBI's abuse of internal rules to target certain demographics and surveil journalists. This was classic whistleblowing but it's being treated as classic espionage, despite the absence of malicious motive or the direct delivery of documents to an enemy foreign power. But that's the way this law rolls. And as long as it can be used to punish whistleblowers, it will never be changed.

23 Comments | Leave a Comment..

Posted on Techdirt - 19 April 2018 @ 10:44am

Unsealed Warrant Shows FBI Investigated Michael Hayden For Leaking Info To Journalists

from the who-watches-the-watchers-watching-the-watcher-watcher? dept

Kevin Poulsen of The Daily Beast has obtained a warrant application showing even the most ardent of surveillance state defenders aren't immune from the all-seeing eyes they feel are ever so essential to keeping this nation safe. It appears none other than former NSA and CIA boss Michael Hayden was subjected to the government's magnifying glass for allegedly leaking sensitive information to reporters.

The FBI sought a search warrant for the email account of former CIA and NSA chief Gen. Michael Hayden in 2012, according to a newly unsealed court filing. The warrant application was part of a broader Obama-era investigation into a leak of classified information to the press. Another official later pleaded guilty in connection to the disclosure.

The targeting of Hayden’s AOL email account drives home just how aggressively the Obama administration pursued leaks, in this case following a relatively thin lead all the way to the private email account of a retired four-star general. Hayden served as director of the National Security Agency from 1999 to 2005, and later led the CIA until his retirement in 2009.

And it is a very thin lead. All that's included in the warrant affidavit [PDF] is the fact that Hayden engaged in email conversations with two unnamed reporters a total of 30 times in 18 months. Given his position, it's surprising it didn't happen more often. Officials are always contacted by reporters when writing about subjects/programs/etc. they oversee. In the affidavit, the special agent notes many of these contacts were to "confirm quotes" to be used in published articles and books.

The inquiry here apparently centered on news of the Stuxnet virus and the US's involvement in the cyberattack. The only quote about Stuxnet attributed to Hayden was fairly innocuous, stating only that this was the first time a cyberattack had been used to "effect physical destruction."

As Poulsen points out, this investigation lead to a dead end, at least as far as its pursuit of Hayden as a leaker.

The FBI found no evidence that Hayden did anything wrong. But using similar tactics, the FBI eventually tracked the story to retired Marine Gen. James Cartwright. In 2016 Cartwright acknowledged he was a source for the article and pleaded guilty to a single count of lying to the FBI. Cartwright’s prosecution was widely criticized by freedom-of-the-press groups and government insiders, and Obama pardoned Cartwright shortly before leaving office.

What this dead-ended investigation does show is how aggressively our government pursues leakers and whistleblowers. NSLs, warrants, and anything else the government might find useful are being deployed to sniff out journalists' sources. The government may hesitate to place a journalist under direct surveillance, but it has no problem achieving the same ends by deploying these backdoor searches. Working its way backwards from government employees, the government can sweep up communications that would raise serious First Amendment issues if approached head-on. And it obviously has no qualms about grabbing the personal communications of team players who've fully bought into the system.

Read More | 6 Comments | Leave a Comment..

Posted on Free Speech - 19 April 2018 @ 3:33am

Following Questionable Election, Honduran Government Debuts New Censorship Law

from the securing-the-cyber-so-future-generations-can-waste-away-in-prison dept

The masterplan for censorship: follow up a highly-questionable election with a "cybersecurity" law granting the government power to shut down critics and dissenting views. That's what's happening in Honduras, following the reinstallation of Juan Orlando Hernandez as president following an election "filled with irregularities."

The new law mandates the policing of "hate speech," as defined by a government that would love to see its critics deprived of an online platform. Whatever the government declares to be hateful must be taken down within 24 hours. Failure triggers fines and third-party platforms will be held responsible for content created by users.

While the new law does not directly target the social media platforms, activists say: "In its current state, it requires any service or website that includes user-generated content to process complaints and remove “hate speech” or discriminatory content within 24 hours."

"Should online intermediaries fail to do so, their services could be fined or blocked. The latest draft of the bill also creates a national cybersecurity committee to receive reports and relay them to websites and companies, and to develop policy strategies on issues ranging from cybercrime to hate speech and fake news," Javier Pallero, Digital Rights activist focusing on the Latin American region explained, according to Access Now.

The threat of $50,000 fines and an impossible timeframe will likely result in proactive policing of content, resulting in removal of posts not covered by the law. Whatever social media companies don't remove ahead of requests will be removed shortly after receiving demands from the Honduran government. Between the two, it's unlikely much dissenting speech will survive. This will be especially effective against local providers and small companies without the legal manpower to fend off Honduran censorship attempts.

The so-called "cybersecurity" law won't make anyone but the government more secure. Anti-government activists have been routinely targeted by the Honduran government, some of which have been jailed indefinitely in violation of Honduran due process laws. Others have experienced more direct physical attacks and/or undergone torture in an attempt to deter them from future criticism. This law does nothing more than attempt to turn social media companies into compliant partners of Honduran government abuse.

The few dissenting voices in Honduras have been amplified by social media platforms. This is what the law aims to take away. In addition to vague guidelines on hate speech, the government is also seeking to punish those who support opposition forces or express sympathy for victims of incarceration, torture, or government-ordained murder.

The law which would severely hamper the media's work includes Article 335-B, under which journalists can be sentenced to eight years in prison for "defending, justifying, or glorifying" terrorism.

The proposed law has been heavily criticized by international human rights organizations, like the Inter-American Commission on Human Rights (IACHR) which has warned the bill could be used to "sanction the work of human rights defenders."

Murder isn't an exaggeration. Since Hernandez's reelection, 35 protesters have been killed by government forces and more than 1,000 have been detained. In addition, nighttime raids of alleged anti-government protesters by police forces have become routine, despite the country's laws limiting warrant service to daylight hours.

Any law regulating speech should be examined closely to determine the motivating factor. In some cases, it's more benign -- a misguided attempt to solve a problem that can't be solved through censorship. In other cases, the legislative wording may be benign, but the malicious intent all too apparent. That's the case here and in several other countries, where terms like "cybersecurity," "terrorism," and "hate speech" have been thrown around as a smokescreen for targeted oppression of government critics.

12 Comments | Leave a Comment..

Posted on Techdirt - 18 April 2018 @ 3:41pm

There Are Several Good Reasons To End Entertainment Industry Subsidies, But Blasphemy Isn't One Of Them

from the free-speech-doesn't-work-that-way dept

There are a lot of arguments to be made against subsidizing movie/TV studios. The best argument is this: the payouts to visiting studios rarely pay off for local taxpayers. Politicians love the side benefits -- rubbing elbows with producers, actors, and other studio personnel -- but there's nothing to be gained financially by paying a studio to film in your town. In one case, a city was promised 3,600 additional jobs. In reality, only 200 jobs materialized, all but 14 of those temporary construction work.

Then there's the argument against using public funding to prop up an out-of-town industry. If there are extra tax dollars around, they're better spent locally, where they'll do the most good. Subsidizing businesses is always problematic. It skews incentives and allows governments to play favorites using the public's money.

But the worst argument someone can make against subsidies is this one: subsidies should be content-based. Two members of the clergy and a state politician are bent out of shape because a subsidized TV series shoot resulted in the depiction of a historical figure in compromising positions.

The AMC series "Preacher" has portrayed Christ in a graphic sex scene that combines blasphemy with pornography.

The August 21 episode titled, "Dirty Little Secret," showed an actor playing the role of Jesus having sex with a married woman in an extended, graphic scene with explicit vocals. The director used shadows and silhouettes to soften the two figures as they engaged in various sexual positions, but these cinematic techniques did not disguise the pornography.

We have laws governing porn which are mostly hands-off, provided producers follow several regulations. We certainly don't have blasphemy laws, thanks to a separation of church and state. But never mind the legal details. This small collective of pearl-clutchers wants legislators to pull funding solely because the imagery in this episode may have offended some members of one religion.

We respectfully request that the Administration, and the Office of Louisiana Economic Development, reject all efforts by AMC to obtain tax credits for the series "Preacher" and the episode which blasphemed Christ. We call upon the Administration and the Louisiana Office of Economic Development to flatly reject this request for a $16.2 million tax refund check.

The op-ed notes the state of Louisiana has a law prohibiting the use of public money to fund pornography. That's all well and good, but just because the writers call the images that offended them porn doesn't make them porn. To buttress this argument with talk of blasphemy only adds to the problem, ensuring that any state legislators attempting to follow through on this dubious suggestion will engage in multiple constitutional violations.

That's not all. The authors of the op-ed -- which include state senator John Milkovich -- claim their views are universal, something that's more factually-incorrect than everything leading up to it.

Thus, the larger truth is that there is never a good time to reward production companies that trash our Louisiana values, mock our beliefs– and dishonor Christ.

The state should definitely reject the request for a $16.2 million subsidy by AMC. If AMC is so keen on shooting scenes in Louisiana (or any other state), it should pay its own way. But it shouldn't do it for any of the reasons suggested here. It should end the subsidy program completely, rather than risk looking like it's making content-based decisions about what type of speech it's willing to fund.

64 Comments | Leave a Comment..

Posted on Techdirt - 18 April 2018 @ 3:23am

Inverting The Expected Order Of Things, German Court Orders Facebook To Reinstate 'Offensive' Content

from the just-keeping-things-unpredictably-dystopian dept

Germany's ridiculous hate speech law continues to wreak havoc in the stupidest ways possible. Giving social media companies 24 hours to remove poorly-defined "offensive" content has resulted in proactive removals targeting anything marginally questionable. Official complaints aren't much better. Government demands for removal have been no less idiotic than proactive deletions by Facebook and Twitter.

It's a bad law. The only way bad laws can be followed is badly. Facebook is dealing with something new, thanks to its adherence to its own content policies. It's an argument over deleted content, but the push/pull tension has been reversed.

A Berlin court has ordered Facebook not to block a user and not to delete a comment made by that user, even though it breached the social network's community standards.

This order follows a legal complaint by Facebook user "Gabor B." The court will still allow Facebook to argue in its defense, but it wants the content reinstated while this is sorted out. Facebook, following its internal content rules, decided Gabor B's insults weren't the sort of content it was willing to host.

"The Germans are becoming ever more stupid," Gabor B's comment, posted in January, read. "No wonder, since they are every day littered with fake news from the left-wing Systemmedien about 'skilled workers', declining unemployment rates or Trump."

Systemmedien can be inelegantly translated as 'system media'. The phrase carries echoes of the term Systempresse, or 'system press', that was used by the Nazis before they came to power.

Gabor B had his post deleted and his account suspended. He took his complaint to the German court which now wants Facebook to violate its own policies to restore Gabor B to his rightful position of truth-to-power-speaker or whatever. This isn't what's expected from the German government, which has spent much of its time trying to find new ways to limit free expression by Germans.

But there is internal consistency, even if it's not readily apparent. The German government feels its laws trump Facebook's policies. This applies even when Facebook's content policies are more restrictive than German law. That's why it demands takedowns of posts violating its speech laws (but not Facebook policy) and demands the restoration of posts violating Facebook policies (but not German law). Unfortunately, applying German speech laws consistently is almost as terrible as applying them inconsistently. In both cases, Facebook moderation policies no longer matter.

The only way out of this mess is to handle this with logic. If a German Facebook user has violated a German law, the German government can go after the user, not the platform hosting the content. Instead, the law holds Facebook responsible for users' posts -- to the tune of €50m a violation. The law prompts overzealous deletion and the courts seem willing to punish Facebook for trying to remain in compliance. Facebook's more stringent moderation standards are a natural response to multiple governments with different free speech ideals all pushing their own agendas. Punish the wrongdoers, not the intermediaries, and you won't have these problems.

37 Comments | Leave a Comment..

Posted on Techdirt - 17 April 2018 @ 9:35am

19-Year-Old Canadian Facing Criminal Charges For Downloading Publicly-Accessible Documents

from the making-citizens-pay-for-the-government's-sins dept

A 19-year-old Canadian is being criminally-charged for accessing a website. The Nova Scotian government's Freedom of Information portal (FOIPOP) served up documents it shouldn't have and now prosecutors are thinking about adding charges on top of the ten-year sentence the teen could already be facing. (via

Journalists first spotted the problem April 5th, when the FOI portal was taken offline. The Internal Services Minister, Patricia Arab, refused to provide details about the portal's sudden unavailability. It wasn't until the following week that the press was given more information and those affected notified.

Even once the government learned of the breach, it waited until Wednesday to begin notifying affected people. Arab said they held off notifying people was because police suggested it would help them in their investigation.

Seems logical, except…

But [Halifax Police Superintendent Jim] Perrin told reporters police did not make that request. He could not say if advising people would have compromised the investigation. The province's protocols for a privacy breach state it is supposed to inform people as soon as possible, unless otherwise instructed by law enforcement.

The suspect obtained 7,000 documents from the Freedom of Information portal. Apparently around 250 of those contained unredacted personal information. Here's how the government portrayed the supposed hacking:

Government officials said someone got in by "exploiting a vulnerability in the system." The person wrote a script allowing them to alter the website's URL, which then granted access to the personal information.

Internal Services found more than 7,000 PDF documents had been downloaded by a "non-authorized user" in early March. They filed a complaint with police on Saturday.

A script made it easier, but a script wasn't required. The URLs for FOI documents are incremental. As software engineer Evan D'Entremont points out, anyone could have done what the supposed "hacker" did.

The way the documents are stored is simple. They’re available at a specific URL, which David Fraser, a Halifax-based privacy lawyer, was happy to provide:

Document number 1235 is stored at

Guess where document 1236 is stored? This is not a new problem. In fact, it was recognized over a decade ago as one of the top ten issues affecting web application security. All [the "hacker'] had to do is add.

All this "hacker" did was automate the retrieval of published documents from the government's FOI portal. That's it. This wasn't an attempt to access personal info. That problem lies with the government, which did not properly secure documents it hadn't redacted yet. As D'Etremont points out, plenty of other government websites use the same software for document access. (Searching "inurl:attachmentRSN"will bring up a handful of government websites, including Nova Scotia's temporarily disabled FOI portal).

But other sites have taken care to wall off publicly-available documents from others they're not prepared to make public by using a PublicPortal subfolder. Nova Scotia's site apparently did not, hence the teen's ability to access unredacted documents. This isn't evidence of fraudulent access or malicious hacking. This is evidence of government carelessness.

The question remains, was the access fraudulent?

Remember what I said about the other installations being called “PublicPortal”? And how 6750 of the 7000 records were public anyways, and how this system is literally designed for facilitating “access to information?” Looking at it further, there are no authentication mechanisms, no password protection, no access restrictions. It’s very clear that the software is intended to serve as a public repository of documents.

It’s also very clear that there at least 250 documents improperly stored there by the province. Documents that the province had a responsibility to protect, and failed.

This wasn't a criminal act. This was simply efficient harvesting of publicly-available documents. If some documents weren't supposed to be publicly-available, the blame lies with the government for failing to secure them. The fact that the government decided to get police involved gives this the ugly appearance of scapegoating. This is an embarrassed government body trying to turn its mistake into the malicious works of teen hacker.

It would be very surprising to see these charges stick. The URLs -- and the documents they held -- were publicly-accessible. But if they do stick -- and the Halifax PD has stated it may add more charges -- it will be due to the Nova Scotia government's unwillingness to take responsibility for its own carelessness.

34 Comments | Leave a Comment..

Posted on Techdirt - 17 April 2018 @ 3:23am

UK High Court Hands Win To Claimant In Right To Be Forgotten Case

from the on-the-other-hand,-claimant-2-[hereinafter-JERKFACE]-gets-nothing dept

The UK High Court has handed down a win (and a loss) in the Right to be Forgotten column. Two plaintiffs seeking delisting of information about their past criminal exploits had their cases considered by the court. Only one of them is walking away with a court order for delisting. The other one will apparently have to live with his past.

The claimant who lost, referred to only as NT1 for legal reasons, was convicted of conspiracy to account falsely in the late 1990s; the claimant who won, known as NT2, was convicted more than 10 years ago of conspiracy to intercept communications. NT1 was jailed for four years, while NT2 was jailed for six months.

Granting an appeal in the case of NT1, the judge added: "It is quite likely that there will be more claims of this kind, and the fact that NT2 has succeeded is likely to reinforce that."

Google disputed both of these claims when they were filed, prompting the legal challenges. While the court admits there's a public interest in both cases, only one of the two claimants apparently deserves to have his history wiped clean. NT2 was more of a model citizen and convicted on lesser charges, so that's where the line is being (vaguely) drawn in enforcing the European Union's Right To Be Forgotten. The summary [PDF] of the decision quickly details the merits of NT2's case.

The crime and punishment information has become out of date, irrelevant and of no sufficient legitimate interest to users of Google Search to justify its continued availability, so that an appropriate delisting order should be made. The conviction was always going to become spent, and it did so in March 2014, though it would have done so in July of that year anyway. NT2 has frankly acknowledged his guilt, and expressed genuine remorse. There is no evidence of any risk of repetition. His current business activities are in a field quite different from that in which he was operating at the time. His past offending is of little if any relevance to anybody’s assessment of his suitability to engage in relevant business activity now, or in the future. There is no real need for anybody to be warned about that activity.

In comparison, NT1 has apparently learned nothing from his brush with the justice system, and headed right back into the professional field where he committed his original crimes.

NT1 did not enjoy any reasonable expectation of privacy in respect of the information at the time of his prosecution, conviction and sentence. My conclusion is that he is not entitled to have it delisted now. It has not been shown to be inaccurate in any material way. It relates to his business life, not his personal life. It is sensitive information, and he has identified some legitimate grounds for delisting it. But he has failed to produce any compelling evidence in support of those grounds. Much of the harm complained of is business-related, and some of it pre-dates the time when he can legitimately complain of Google’s processing of the information. His Article 8 private life rights are now engaged, but do not attract any great weight. The information originally appeared in the context of crime and court reporting in the national media, which was a natural and foreseeable result of the claimant’s own criminal behaviour.

NT1's sentence has also been served, but the court -- while nodding its head toward fresh starts after repaying debts to society -- determines NT1 only paid his debt begrudgingly and benefited from an interim law change that saw him released ahead of schedule.

The information is historic, and the domestic law of rehabilitation is engaged. But that is only so at the margins. The sentence on this claimant was of such a length that at the time he had no reasonable expectation that his conviction would ever be spent. The law has changed, but if the sentence had been any longer, the conviction would still not be spent. It would have been longer but for personal mitigation that has no bearing on culpability. His business career since leaving prison made the information relevant in the past to the assessment of his honesty by members of the public. The information retains sufficient relevance today. He has not accepted his guilt, has misled the public and this Court, and shows no remorse over any of these matters. He remains in business, and the information serves the purpose of minimising the risk that he will continue to mislead, as he has in the past.

It's a bit of an inconsistent decision, but probably about as much as can be expected from a European ruling that says certain people can erase their pasts while others are doomed to repeatedly be disappointed with their vanity search results. At least this ruling shows challenged requests are being examined on a case-by-case basis weighing as much relevant information as possible. This is what Google is attempting to do as well, even though it has less outside info to work with and more than a half-million requests per year to work through. That Google appears to be operating in good faith despite its obvious opposition to the new "right" likely explains the court's refusal to award damages to the prevailing party.

The recently-established right is still problematic and prone to abuse. But this decision shows the courts aren't viewing search engines as towering, villainous money machines hellbent on ruining lives through algorithmic indexing. Instead, this court appears to be willing to engage all sides of the issue when addressing claimants' complaints about troublesome search results.

Read More | 11 Comments | Leave a Comment..

Posted on Techdirt - 16 April 2018 @ 11:56am

At-Home Dental Appliance Company Sues Website For Having Opinions About Its Products

from the feeling-ways-about-stuff,-huh?-I'm-calling-my-lawyer! dept

An at-home dental appliance company has a problem with the website Lifehacker. It's the sort of problem it thinks can only be solved by filing a baseless defamation suit. SmileDirectClub -- maker of DIY teeth-straightening equipment -- is taking the site to court for an article originally titled "You Could Fuck Up Your Mouth With SmileDirectClub." The title has since been changed to suggest any "at-home orthodontics" could fuck up your mouth, but the wording of the article remains unchanged.

The gist of the article is that straightening teeth requires direct oversight by qualified professionals -- something that seems unlikely to happen with at-home orthodontics. The author of post -- citing dental professionals and a few online forums -- notes that without proper, direct care, in-home dental appliances actually can cause worse alignment or result in the loss of teeth.

I’m halfway through an unusually long two-year program of Invisalign, the most popular brand of aligner. (The company behind Invisalign also makes SmileDirectClub’s aligners.) Every ten weeks I see my orthodontist for a checkup, new aligners, and advice. On a recent visit, I admitted that I’d started leaving my aligners out for longer periods (at parties or picnics), and was making up for it by leaving them in an extra day each.

My orthodontist gently explained that while my aligners are still pushing my teeth into place, my teeth want to shift back, and they’ll take every opportunity to do so. In effect, I’ve been very slowly wiggling my teeth. And wiggling teeth makes them fall out.

I no longer leave my aligners out for long periods.

So, given the average human's desire to take shortcuts or do whatever's most comfortable, rather than what's most necessary, at-home dental work, although cheaper, could cause serious problems down the road. Hence the need for professional care, rather than made-to-order appliances and online checkups based on photos of your mouth.

SmileDirectClub is pissed off. Never litigate angry. It only makes your arguments stupider. The complaint [PDF] opens with claims of things that never happened before devolving into general complaints about internet business models and website lineage. (h/t First Amendment warrior/lawyer Daniel Horwitz)

On April 6, 2018, Gizmodo through its weblog called Lifehacker, which is located at, published an article written by Douglas entitled “You Could Fuck Up Your Mouth With SmileDirectClub” (the “Untruthful Article”).

Through this outrageous, misleading and vulgar title, Gizmodo intended to lure the 24 million readers of Lifehacker to an article filled with unsubstantiated false statements and innuendo that attacks Plaintiff’s products and services.

Although Douglas readily admits in the Untruthful Article that he never used or even tried Plaintiff’s products and services, he proceeds with a hatchet job based upon a comparison to a failed company that is not comparable for purposes of his statements; citation to a message board that does not support his statements; and conclusions that Plaintiff’s products and services are “bad” and “cheap.”

Actually, the article doesn't make either of those claims. It merely suggests using an at-home version will possibly result in tooth problems.

Obviously that’s because I’m lucky enough to afford the more expensive option. If you can’t, it can be very hard to hear that your only available option is a bad one. And maybe you’ll end up just fine with the cheap version—by all appearances, thousands of people have. But if you go remote, please be careful. Research as much as you can, and follow the instructions carefully. Don’t wiggle your teeth until they fall out.

Even with the original title, the article is not defamatory. The key word in the headline is "could." On top of that, the assertions made are supported by statements from dental professionals and users of these at-home products. The headline change shifts the focus from SmileDirectClub, but does not change anything about the assertions and opinions that compose the body of the post.

From that terrible start, the lawsuit goes off the rails. Apparently, SmileDirectClub believes "clickbait" and "part of the Gawker network" are pretty much all that's needed to successfully state defamation claims.

Even when confronted with the falsity of their article and admitting that one of the citations does not support the statements in the article, Defendants refuse to remove the Untruthful Article.

They refuse to do so because it is how they make their money.

Douglas and Gizmodo made such statements and used the outrageous “You Could Fuck Up Your Mouth With SmileDirectClub” title to bait consumers into viewing the article so that they could obtain revenues from banner advertising.

This continues a pattern over a decade of defamatory shock-style “journalism” by Gawker Media and its progeny (such as Lifehacker), whose weblogs were bought out of bankruptcy and now are held by Gizmodo.

Douglas, as a former reporter for Gawker, also has ties to the now defunct Gawker Media.

Defendants willfully, intentionally, and maliciously created a false story to drive “clicks.”

There's more later in the lawsuit, where -- for no apparent reason -- SmileDirectClub decides to regale the court with tales of Gawker's fall from grace at the hand of Peter Thiel-backed lawyers who had every intention of destroying the company, rather than simply seeking to have a grievance redressed.

SmileDirectClub also apparently believes -- incorrectly -- that statements of opinion must come with a disclaimer clearly designating them as opinions.

The Untruthful Article does not contain a disclaimer that it constitutes opinion only or that the statements therein do not reflect the views of Gizmodo or Lifehacker.

And it deliberately misreads the paragraph quoted above to portray it as an unsubstantiated statement of fact.

Finally, Douglas makes the unsubstantiated statement that, if one cannot afford a traditional orthodontist, SmileDirectClub is a “bad” option.

He further refers to SmileDirectClub’s products as “cheap” in connection with his allegation that the products are “bad.”

Douglas’s conclusion is not based on any factual evidence and is unsupportable.

It's his opinion about at-home products based on his personal experience and the not-unreasonable assumption that many people won't take the best care of their own teeth if the only person overseeing them is a Skyped-in dental professional viewing a tooth-filled selfie. And it's followed by statements the lawsuit chooses to omit, which says many people have had success straightening their teeth using in-home products like those offered by SmileDirect.

The other supposed damning evidence presented by SmileDirect is the site's attempt to fix the problems noted by the company.

On April 8, 2018, counsel for Plaintiff emailed a letter to Gizmodo, Lifehacker, Douglas, and Kirsch in which Plaintiff demanded that Gizmodo and Douglas immediately remove the Untruthful Article. A true and correct copy of the April 8, 2018, letter is attached hereto as Exhibit 6.

On April 9, 2018, counsel for Plaintiff caused the letter to be hand delivered upon Gizmodo. Gizmodo acknowledged receipt as shown in the email from Gizmodo’s General Counsel. A true and correct copy of the email is attached hereto as Exhibit 7.

On April 10, 2018, counsel for Plaintiff received an email from Gizmodo in response to Plaintiff’s April 8, 2018 email and April 9, 2018 letter. A true and correct copy of the response email is attached hereto as Exhibit 8.

Gizmodo asserts in its email that “Mr. Douglas meant to link to an additional discussion forum about aligners, and he will update the article to do so.”

Thus, Gizmodo admits that the Untruthful Article’s link to is misleading but refuses to take the Untruthful Article down.

Gizmodo doesn't actually admit what SmileDirect says it admits. And even if the link was misleading, another link was provided and the post's title changed. None of this needed to be done. The article wasn't defamatory to begin with, even if the title was somewhat of a cheap shot in its original form.

Then it's time for more of this padding, which does little more than suggest SmileDirect's legal representation thinks courts run on emotion, rather than legal interpretations of existing laws.

Lifehacker, through its villainous lineage and Gawker Media parentage, continues the bad conduct of Gawker Media.

At best, Lifehacker’s Untruthful Article shows a reckless indifference for the truth, which is consistent with Gizmodo’s pattern of conduct going back to its origins with Gawker Media.

To sum up: "Gawker was once sued successfully for defamation. I rest my case." Perhaps the plaintiff believes the court has some v. Gawker judgment boilerplate laying around just in case any of its now-bastardized children have roused the rabble again.

Speaking of competent representation, it appears SmileDirect is hoping Gizmodo, et al will be held libel for slandering without proper disclaimers or whatever.

If you can't see or read the picture, the heading/subheading reads:



Finally, the lawsuit ends with a plea for the article to be removed and anyone associated with the site from ever reposting it in any form. You know, a little prior restraint to go along with everything else that's wrong this lawsuit. SmileDirect wants this to happen before the judge even receives a response from Gizmodo or weighs the merits of the dental company's arguments.

It's a stupid lawsuit but it's still going to be a legitimate pain in the ass. Tennessee has a relatively worthless anti-SLAPP law and courts there have allowed incredibly dubious defamation lawsuits to proceed past motions to dismiss. This could be an easy win for Gizmodo or a protracted battle that gives the plaintiff's arguments far too much credit. Either way, it's something a good anti-SLAPP law would keep this from being a boon for legal representation and a drag on protected speech.

Read More | 15 Comments | Leave a Comment..

Posted on Techdirt - 16 April 2018 @ 9:33am

Report Says Former FBI Official Andrew McCabe Lied About Self-Serving Leaks To Journalists

from the unfortunately-for-Trump,-both-Comey-and-McCabe-can't-both-be-lying dept

The Inspector General of the FBI has released a report detailing the incidents leading up to FBI Deputy Director Andrew McCabe's firing. Whether or not these were the reasons the White House chose to can him isn't confirmed, but the report [PDF] does show there was plenty of justification for his termination.

According to the report, McCabe violated FBI policy multiple times during the investigation process with dishonest or misleading answers while under oath. On top of that, his unauthorized disclosure of the status of a Clinton Foundation investigation to a Wall Street Journal reporter violated department policy on media relations.

The leaks appear to have been McCabe's damage control efforts. The Wall Street Journal had already published an article detailing McCabe's involvement in his wife's unsuccessful 2015 state senate campaign. During this run, McCabe's wife received $675,000 from a political action committee run by the state's governor (Terry McAuliffe) who had "long-standing ties to Bill and Hillary Clinton."

Given Clinton was one of the candidates in the 2016 presidential race, suggestions were made that McCabe should recuse himself from the investigation. The FBI's official statement said McCabe's supervision of the investigation did not begin until after his wife's senate campaign was over. But the WSJ article painted a different picture: McCabe's office provided personnel and resources to the Clinton Foundation investigation while his wife was still campaigning (and receiving money from a PAC tied to a Clinton buddy).

With another article two days away, the WSJ reached the FBI for comment on McCabe's involvement. At that point, McCabe apparently took a hands-on approach. The info the WSJ had contradicted McCabe's own narrative about recusing himself from the investigation. Instead, the journalist had sources stating McCabe had tried to kill the Clinton Foundation investigation.

According to Special Counsel’s contemporaneous notes of the call and testimony to the OIG, she and AD/OPA learned during the first call that Barrett had sources who were adamant that McCabe gave a purported order to “stand down” on the CF Investigation before the 2016 presidential election, implying that McCabe wanted to shut down the investigation for improper reasons.

McCabe -- engaging in several texts and phone calls with FBI media intermediaries -- provided the WSJ with a different narrative. The OIG report quotes the WSJ article:

According to a person familiar with the probes, on Aug. 12, a senior Justice Department official called Mr. McCabe to voice his displeasure at finding that New York FBI agents were still openly pursuing the Clinton Foundation probe during the election season. Mr. McCabe said agents still had the authority to pursue the issue as long as they didn’t use overt methods requiring Justice Department approvals.

The Justice Department official was “very pissed off,” according to one person close to McCabe, and pressed him to explain why the FBI was still chasing a matter the department considered dormant. . . .

“Are you telling me that I need to shut down a validly predicated investigation?” Mr. McCabe asked, according to people familiar with the conversation. After a pause, the official replied “Of course not,” these people said.

Following this spin attempt, McCabe then began ringing up field offices and "admonishing them for leaks." These would be the same leaks McCabe provided to the WSJ. While officials in New York and DC remember these calls from McCabe, McCabe apparently does not.

From that point on, the report details several divergences between McCabe's sworn statements and those of others, like then-FBI director James Comey. McCabe, however, could not present a clear timeline of this authorization when questioned by FBI investigators. And so it goes for several pages, with McCabe's testimony being disputed by everyone else involved. Not only does Comey not recall there being any leak authorization, but that McCabe himself presented the leak to Comey as unauthorized.

I have a strong impression he conveyed to me “it wasn’t me boss.” And I don’t think that was by saying those words, I think it was most likely by saying “I don’t know how this shit gets in the media or why would people talk about this kind of thing,” words that I would fairly take as “I, Andy, didn’t do it.” And I actually didn’t suspect Andy, after conversations with [my chief of staff], my worry was, was his aide [Special Counsel] doing it.

McCabe's Chief of Staff also had no idea McCabe was behind the leak. In fact, the COS felt the leak did more harm than good, benefitting McCabe at the expense of the FBI and DOJ.

I just can't imagine that the Deputy would have authorized the leak. It just doesn't seem to serve, I mean, I guess it serves, it serves the purpose of the Deputy by saying, hey look, do you want us to shut this thing down? I guess it serves Andy in that way, but it really, it really highlights a dysfunction between the FBI and the, and DOJ. And to that end, it doesn't really serve the greater good.

The denials of wrongdoing by McCabe are rebutted thoroughly by the OIG report. Some are as simple as noting clear discrepancies between McCabe's testimony and that of others involved. Some are even worse, showing someone running a fine-tuned surveillance apparatus somehow thought his own communications would escape the attention of investigators.

[W]with regard to McCabe’s claim that he did not know where Special Counsel was or what she was doing during the relevant time period, FBI records show that McCabe was in frequent telephone and text communication with Special Counsel during that time period and had several communications with her regarding her calls with [WSJ journalist Devlin] Barrett, including a 51 minute call after her first call with Barrett and a 23 minute call after her final call with Barrett. McCabe’s own text messages reflect that McCabe was keenly interested to learn about the results of Special Counsel’s calls with Barrett. We therefore found that McCabe’s claimed ignorance regarding Special Counsel’s activities on those days was demonstrably false.

Unfortunately, there's a portion of the populace that feels anyone the Trump Administration fires is a martyr to the Resistance cause. And they're putting their money where their bias is. McCabe's legal defense crowdfunding effort raised more than $500,000, showing there are plenty of Americans willing to hand additional money to a well-paid public servant who committed career suicide by apparently covering up his involvement in a self-serving leak.

McCabe's legal team has issued a response [PDF] to the OIG report which takes issue with a few of its conclusions. About the only rebuttal with merit is related to the leak. As his legal team points out, McCabe was authorized to selectively leak information to journalists, much like many high-ranking government officials. The rest of it is little more than semi-plausible explanations as to why there might be an incredible amount of inconsistencies in McCabe's sworn testimony.

There are reasons to be concerned about how the firing was handled. McCabe was basically 24 hours away from qualifying for a pension, so the decision to fire him rather than let him resign looks more vindictive than judicious. And while McCabe's leak may have given some people the impression FBI investigations weren't subject to personal political leanings, it appears to have been pushed out to clear McCabe of any Clinton-related suspicions, rather than serve the greater purpose of protecting the reputation of the FBI or DOJ.

Read More | 24 Comments | Leave a Comment..

Posted on Techdirt - 16 April 2018 @ 6:23am

There Is No Going Dark: Another Vendor Selling Tool That Cracks All iPhones

from the FBI's-dystopian-fiction-develops-another-plot-hole dept

The FBI continues to push its "going dark" theory. It's not interested in the truth. It would rather have a legislative mandate or a string of favorable court decisions than utilize options vendors have made available. These are the candles the FBI will forgo to publicly curse the darkness. A recent Inspector General's report made it crystal clear: those charged with finding a way to crack open the San Bernardino shooter's cell phone slow-walked their search in hopes of ending up with a judicial mandate forcing Apple to crack its own encryption.

The complaints about the darkness continue, even as vendors like Cellebrite have shown they can crack any iPhone given enough money and time. There are solutions out there, but the FBI doesn't want them. Cellebrite isn't the only company with an iPhone crack for sale. As Joseph Cox reports for Motherboard, another device has surfaced that can brute force its way past iPhone lock screens. The FBI may continue its disingenuous push for weakened encryption, but law enforcement agencies around the nation are more than willing to pay for a solution that doesn't involve Congressional reps or federal judges.

Grayshift has been shopping its iPhone cracking technology to police forces. The firm, which includes an ex-Apple security engineer on its staff, provided demonstrations to potential customers, according to one email.

"I attended your demo presentation recently held at the Montgomery County Police Headquarters and was pleased by your product's potential," an Assistant Commander from the Technical Investigations Section at the Maryland State Police wrote in an email to Grayshift in March.

The GrayKey itself is a small, 4x4 inches box with two lightning cables for connecting iPhones, according to photographs published by cybersecurity firm Malwarebytes. The device comes in two versions: a $15,000 one which requires online connectivity and allows 300 unlocks (or $50 per phone), and and an offline, $30,000 version which can crack as many iPhones as the customer wants. Marketing material seen byForbes says GrayKey can unlock devices running iterations of Apple's latest mobile operating system iOS 11, including on the iPhone X, Apple's most recent phone.

According to documents obtained by Motherboard, multiple state and local law enforcement agencies have purchased Grayshift's device. The documents also show many agencies expressing an interest in picking up a GrayKey, including some at the federal level, like the DEA and, oddly enough, the FBI. The FBI doesn't appear to have acquired one yet, but if that's the case, it's lagging behind local PDs with less funding and tech expertise. It's also trailing the State Department, which has already acquired at least one of the devices.

The device comes in two flavors: an online version with a fixed number of unlocks or an offline version that retails for twice as much ($30,000) but can be used as often as the purchaser wants (or until Apple fixes the vulnerability, whichever comes first). The brute force method deployed takes anywhere from 2 hours to several days, depending on passcode complexity.

"Going dark" is a convenient lie. The FBI has been deliberately misconstruing reality for a couple of years now, beginning with then-director James Comey's coining of the phrase. Even while Comey was peddling his "going dark" theory to security researchers, Congressional reps, and federal judges, the FBI was rarely having trouble accessing device contents. In 2016, the FBI admitted it could access the contents of passcode-protected devices 87% of the time. Somehow, despite only incremental changes in encryption offerings, the small number of locked devices has grown from ~880 to over 7,000 in two years. This suggests FBI officials are more interested in generating a "going dark" narrative than actually deploying available tech to access contents of seized devices.

The existence of another device capable of cracking iPhone encryption should be good news for the FBI. Other law enforcement agencies apparently view this as a plus. The downside for those not employed by the government is that there's a vulnerability in iPhones Apple hasn't fixed yet. And, given the intense secrecy surrounding vendors of exploits, we have no idea how many governments have purchased iPhone-cracking devices. It's unlikely Hacking Team is the only exploit vendor selling to authoritarian governments and UN-blacklisted countries. It's just the only one to have been caught doing it. An exploit is an exploit and it will be used by the good and the bad.

Not that relegating it to "good" law enforcement agencies is necessarily a huge improvement. Authoritarian regimes may use tools like this to go after critics and stifle dissent, but let's not forget the FBI has a long history of doing exactly the same thing under the guise of protecting public safety. And, at this point, the FBI isn't being honest about its weapons stockpiles during this Crypto Cold War. Sure, it needs to retain some sort of tactical advantage -- whether it's pursuing bad guys or legislation -- but it should never be granted full credibility when it talks about thousands of unlocked phones, the coming darkness, and how much security we should be forced to give up in the name of public safety.

35 Comments | Leave a Comment..

Posted on Techdirt - 16 April 2018 @ 3:23am

Singaporean Government Creates Fake News To Push Fake News Legislation

from the home-team-refs dept

The government of Singapore is working its way towards regulating "fake news." This is already a problem, as no government that has tackled this issue has been able to define what "fake news" is, other than news the government doesn't like. A government granting itself the power to unilaterally remove competing narratives is something that never goes out of style, and those picking up the "fake news" torch from the Twitter feed of the leader of the free world tend to be of the authoritarian variety.

The government's "Select Committee on Deliberate Online Falsehoods" sought input from citizens on the proposed legislation. Then it recast that input by memorializing it in a way that downplayed, if not excised completely, any input that didn't align with the government's views.

Freelance journalist Kirsten Han stated her opinion on several matters during the committee's hearing, only to find out the government's prepared summary of the session portrayed her dissenting opinions as roughly concurring with the committee's views.

I generally argued that there should be no new legislation that would police or censor content, such as legislation that might allow the government to issue takedown orders, as Singapore already has plenty of legislation that can deal with online falsehoods or content that incite social disharmony or exert undue influence on elections. I also argued for the introduction of a Freedom of Information Act in Singapore — one of the recommendations I made in my written submission.

I was horrified to see my views so drastically misrepresented within the Summary of Evidence.

Yes, the committee on fake news created fake news. The summary of the committee hearing -- which will presumably be used to inform legislators about potential issues with a fake news law -- is a misrepresentation of what actually happened during the hearings. Here's one example from Han's post, which should be read in its entirety to gain a full appreciation of the committee's editorializing of meeting minutes. (The committee's phrasing is in italics, with Han's response in bold.)

i. 92% of Singaporeans, at face value, supported more effective laws, including to remove falsehoods. Ms Han did not support the need for more effective legislation as there were existing powers and she accepted that she may be out of step with the majority of the population.

I was asked about the REACH survey a few times during the session. Firstly, I questioned the survey, and said that I did not accept the survey’s results at face value. This was also reflected in Ms Bertha Henson’s blog post on the session.

While I do accept that perhaps I might be “out of step” with the majority, I am once again registering for the record that I question the survey and its results.

Another point of discussion was rewritten by the committee to make it appear as though Han had admitted some of her other writing was possibly "fake news."

vi. On her article in relation to the Public Order and Safety (Special Powers) Act, she agreed that it could be interpreted as being incomplete or misleading.

I did not agree that my article could be interpreted as being incomplete or misleading. I stand by my article. I accepted that Mr Tong had a different opinion, as is his right, and advocated engagement and discussion over conflicting interpretations.

Rather than leave this open to interpretation or allow the committee to turn it into an our-word-against-hers "victory," Han has also uploaded clips of her responses to the committee's questions to YouTube (these are included in her Medium post), where anyone can compare the camera's record of the hearing with the committee's rose-tinted recollections.

Speech regulation predicated on vague terminology is always a vehicle for government censorship. The committee overplayed its hand here, though, offering up pre-censorship censorship of the official record in hopes of showing no one was all that opposed to letting the Singaporean government control what's said about it.

30 Comments | Leave a Comment..

Posted on Techdirt - 11 April 2018 @ 8:05pm

Canadian Government Leaning Towards A Right To Be Forgotten It Can Enforce Anywhere In The World

from the I-for-one-welcome-our-new-Canadian-overlords dept

It looks as though the "Right to Be Forgotten" will be crossing the Atlantic and setting up shop just north of the United States. The Canadian Privacy Commissioner has already stated existing Canadian privacy laws allow for this, but there's been no statutory adoption of the Commissioner's theory.

The idea that Canadians should join their European counterparts in being able to selectively erase personal information continues to be pushed by the Privacy Commissioner. Speaking at a recent conference in Toronto, Privacy Commissioner Daniel Therrien reiterated his belief Canadians should be offered this dubious "right."

Therrien said he continues to support the concept of “the right to be forgotten” — which has been adopted in other jurisdictions through the European Union’s General Data Protection Regulation.

“[I]nformation about individuals is much easier to find with the internet, thanks to search engines and other functions. The information that is found will often be taken out of context. It is easily replicable and is very difficult to delete,” said Therrien.

“All to say that information that went to reputation before the internet, that may be information known to a small circle of people, with the internet, is now potentially known to many, many people. Out of context, that information may be inaccurate and, moreover, may create real consequences for people. Reputation matters.”

Reputation does matter. That's the problem with the RTBF. While there are legitimate uses, there are also plenty of people willing to abuse it to obtain an unearned reputation. Fortunately, this abuse is routinely called out by press outlets hit with RTBF requests to delete unfavorable coverage or criticism.

The Privacy Commissioner's pitch continues and the Canadian Parliament seems amenable to the idea. The committee handling privacy, information access, and ethics has issued a report nudging the Canadian government towards the adoption of the Right to Be Forgotten. But its conclusions are somewhat contrary to the Privacy Commissioner's assertions. The committee likes the idea but points out these protections are not built into Canada's existing privacy laws.

The Committee’s first finding in this regard was that when online reputational damage occurs in the context of personal relationships rather than commercial transactions, PIPEDA does not apply (since the latter only applies to the collection, use and disclosure of personal information in a commercial context).   Moreover, the Committee noted that the Criminal Code treats a number of related offences, such as regards the publication of intimate images without consent. Accordingly, the Committee clarified that the scope of their analysis was limited to the protection of privacy and online reputation in the context of commercial transactions.

With this, the committee appears to believe it can amend PIPEDA to include a "right to be forgotten," but one more expansive than the European model. According to this, it would appear to cover things like revenge porn.

As regards the right to erasure, the Committee noted that PIPEDA does not expressly contain such a right, although the principles of “consent”, “limited retention” and “accuracy” may be applied in some instances to give effect to a limited right of erasure in certain circumstances.

For example, according to Principle 4.3.8 of Schedule 1 to PIPEDA, an individual has the right to withdraw consent to the collection, use and disclosure of his/her personal information. If this is then combined with the limited retention principle, pursuant to which an organization may only retain personal information for so long as it is necessary for the fulfilment of the purposes for which it was collected, then (in some circumstances) an individual may successfully argue that, upon withdrawal of their consent, the organisation that holds their information should destroy it.


In this context, several of the Committee witnesses argued that PIPEDA should be amended to create a more comprehensive right of erasure (to address situations of cyberbullying or revenge porn, for example) that would be similar in scope to the right of erasure found in the GDPR.

It's not that revenge porn and cyberbullying should be ignored. It's more of a question whether amending the law will fix the problem without a lot of collateral damage. Fortunately, some of the committee members have expressed this exact concern, noting the potential PIPEDA amendments would likely adversely affect Canadian freedom of expression.

Unfortunately, there's a larger problem that's not discussed in the report: the recent Equustek decision. In this lawsuit, Canada's top court declared delisting orders issued in Canada were valid worldwide. Google challenged this decision in the US (Equustek did not make an appearance), obtaining a judgment finding the Canadian decision could not be applied extraterritorially. The committee believes the ruling could be read as covering personal information, not just trade secrets (which were central to the Equustek case). It also appears to indicate that any delisting requests can be enforced worldwide, no matter where the recipient of the order resides.

Further, the committee apparently believes the tech companies that will be delisting info aren't properly equipped to evaluate the public's interest in removal/non-removal when handling requests. This suggests the Canadian government may take a more hands-on approach if it decides to create a Right to Be Forgotten. Fortunately, some of the committee comments suggest they fear over-compliance rather than under-compliance, which may mean the Canadian government's involvement may actually include policing requests for abuse of the law.

Even with these cautionary comments, the concern remains that Canada will create its own version of RTBF, but with the added nasty side effect of the nation's highest court declaring orders issued in Canada must be executed by companies located in other countries. The committee's report [PDF] spends no time discussing this unfortunate ruling or its adverse effects if the world's tech companies are subjected to extraterritorial delisting orders. But that's what will happen if PIPEDA is amended: Canada will be giving its citizens the opportunity to engage in worldwide censorship.

48 Comments | Leave a Comment..

Posted on Techdirt - 11 April 2018 @ 3:37pm

Goodyear Asks Judge To Help It Bury Document Showing It Covered Up Tire Problems Related To 98 Injuries Or Deaths

from the walking-around-on-bullet-riddled-feet dept

The Jalopnik expose on tire problems Goodyear buried for 20 years -- resulting in nearly 100 injuries or deaths -- has led to a really novel request from Goodyear's counsel. In essence, Goodyear approached the court (via a late evening conference call) and asked it to sternly request Jalopnik not publish damning documents mistakenly unsealed by the court's clerk.

Here's Jalopnik's Ryan Felton, who covered the Goodyear cover-up and obtained the documents from the Arizona court:

Last week, I asked Goodyear Tire & Rubber Co. to comment on claims made in a lengthy letter that says the company knew for more than 20 years about failures on a tire linked to hundreds of crashes that have left at least 98 people either injured or killed. I obtained the letter, along with more than 200 pages of exhibits to the letter, from a court in Arizona following a judge’s earlier decision that led the court’s clerk to briefly unseal the records. Goodyear never responded to me. Instead, unbeknownst to us at Jalopnik, the company asked the Arizona judge to call me directly and intone that I should, in the words of Goodyear’s attorney, “do the right thing” and not publish those documents.

The transcript [PDF] of the conversation between Judge Hannah and lawyers from both sides is a fascinating read. Goodyear's counsel desperately wanted to believe there were no First Amendment implications in ringing up a writer, who obtained documents without subterfuge, to ask him not to publish them.

And there's good reason Goodyear doesn't want them published. It contains NHTSA (National Highway and Traffic Safety Administration) data linking certain Goodyear tires to hundreds of motor vehicle accidents. The NHTSA has said the info in the letter is not confidential. Goodyear disagreed, filing a motion to keep the document under seal. No decision has been made on this yet, but apparently a court clerk misunderstood the judge's instructions and briefly unsealed the document. According to Goodyear's lawyer Foster Robberson, this makes the judge reaching out to correct a clerk's error constitutionally-kosher.

So I don't think this is a First Amendment issue. I don't think we are asking you at this stage to do an injunction. Frankly, I wouldn't expect you to do an injunction without some legal support, but we are asking you to do something, which courts do do on occasion, and I've given you an example of that, which is to basically admonish or instruct someone involved in the process about what's going on and I've even had courts ask people to cooperate before. I don't think asking this reporter to cooperate is the same thing as entering an injunction.

Sure, it's not the same thing as an injunction. But it has the same intended effect. Either way, it's an attempt to talk a judge into prior restraint, all supported by nothing more than the assertion Goodyear would be "prejudiced" by the document's release by a non-party. That seems unlikely. The parties to the lawsuit have already seen the document. So has the judge. Nothing prejudicial can happen in this court at this point since the documents have already been filed. The court of public opinion may be swayed against Goodyear, but that's not where the decision that legally matters will be handed down.

Goodyear's counsel went even further, claiming that lawfully obtaining documents from a court clerk (as the result of an error not discovered until after the documents were handed over) is "wholly illegitimate." Judge Hannah, fortunately, disagreed with every single one of Goodyear's assertions.

Well, alright, Mr. Robberson.

Seems to me that if your view is that there are gonna be consequences for this reporter, if he publishes this information, that's your job to convey that to him, not mine.

The motion ... the request ... Goodyear's request is denied. There are two reasons.

First, it is not an appropriate role for this court to appoint itself as the spokesperson or conveyor of information for the court system concerning this person's proper response or what the person should do as a result of an Order that this court has issued.

The court has not been asked to issue a formal Order and it's the request is that the court call the individual and advise him of what the Order says. And that would not be a proper course of action for the court in any event. I would also note that I do not represent the court or the court system. If somebody in the court system made a mistake, that's regrettable. If that affects rights, then I suppose somebody might have to decide at some point how to address that, but it will not ... it is not appropriate to attempt to redress it to attempt to stop it by the court making a phone call.

Secondly, based on the case that the court discussed on the record, State Ex Rel Thomas versus Grant, it is my legal holding and my ruling that the reporter is not bound by the protective order that underlays the sealing order.

He then goes on to address Goodyear's portrayal of Jalopnik's acquisition of the documents as "illegitimate."

There's no information before me that he was untruthful with anybody, that he stole the information, anything of that nature.

If Goodyear was hoping to keep this information from the general public, it could not have handled the situation any worse. This sort of clearly unconstitutional request almost always backfires. People not following the saga of Goodyear's apparent cover-up of RV tire issues would have never seen the NHTSA letter [PDF] detailing the company's attempt to keep selling defective tires even though they were responsible for dozens of deaths. Now, the damning letter will receive mainstream attention, reaching far beyond the readership of an auto-focused blog.

Read More | 17 Comments | Leave a Comment..

Posted on Techdirt - 11 April 2018 @ 1:36pm

FTC Suddenly Remembers 'Warranty Void If Removed' Stickers Are Illegal, Sends Out Stern Letters To Manufacturers

from the shuts-enforcement-alarm-off-and-goes-back-to-sleep dept

The law has been around for more than 40 years, but the FTC only seems interested in enforcing it every so often. The tags slapped on electronic devices warning you that removing them will void your warranty? Complete horseshit. And illegal horseshit on top of that.

The 1975 Magnusson-Moss Warranty Act said manufacturers can't automatically void warranties just because owners have opened up their devices, performed their own repairs, or taken them to third parties for service. Nonetheless, the practice of sticking these little lies on electronics continues because the US government has yet to show an ongoing interest in protecting consumers from companies preying on consumer ignorance.

Matthew Gault at Motherboard notes the FTC has made its periodic appearance in defense of consumers, raising its head above the parapet to wordslap a few unnamed manufacturers for their continued violation of this classic mid-70s legislation.

The Federal Trade Commission put six companies on notice today, telling them in a warning letter that their warranty practices violate federal law. If you buy a car with a warranty, take it a repair shop to fix it, then have to return the car to the manufacturer, the car company isn’t legally allowed to deny the return because you took your car to another shop. The same is true of any consumer device that costs more than $15, though many manufacturers want you to think otherwise.

Companies such as Sony and Microsoft pepper the edges of their game consoles with warning labels telling customers that breaking the seal voids the warranty. That’s illegal.

Will this have any effect on the illegal practices deployed by these companies the FTC has decided to protect from public ridicule by withholding their names? It seems unlikely. Forty-plus years of half-hearted, occasional enforcement isn't much of a deterrent. The little illegal stickers generate a steady flow of customers to manufacturers and dealers for repairs and ample opportunity to deny warranty coverage for flawed products.

As the law stands now, it's easy to avoid even without using void-if-removed stickers. Apple's warranty policy -- like that of several other device manufacturers -- follows the letter of the law while avoiding its spirit entirely. The company tells consumers that repairing devices on their own or seeking the assistance of non-Apple techs may result in a voided warranty. No specifics are offered as to what non-Apple services won't void the warranty so most customers play it safe and go directly to the manufacturer for service.

As Gault points out, the law has only been used once in court proceedings since its inception. The FTC doesn't tend to make much noise about ongoing violations, but has at least made an effort to inform consumers that every product that retails for more than $5 is covered by the statute. Still, the law is easy enough to dodge using nothing more than the word "may," so it's done almost nothing to prevent manufacturers from locking consumers into disadvantageous relationships and denying them the opportunity to treat purchased items like they actually own them.

27 Comments | Leave a Comment..

Posted on Techdirt - 11 April 2018 @ 9:32am

Malibu Media Picks Fight With Wrong Defendant, Now Facing Abuse Of Process Allegations


Malibu Media continues to burn judicial bridges. This is due to its habit of juggling hundreds of lit torches at any given time. Sooner or later, a few are going to get dropped. The prolific copyright troll continues to issue speculative invoices at the rate of dozens a month. Federal judges all around the country are sitting on backlogs of Malibu Media filings. But one thing remains certain: pushback by defendants tends to result in judicial examination of MM's courtroom tactics. And that's the last thing this serial litigant wants.

When cases are actually examined on their merits, judges have been less than impressed. Some have noticed Malibu Media has little interest in actually serving defendants. Some have refused to let the troll dismiss cases the instant it experiences a little judicial friction. And, in Northern California, a judge has all but banned Malibu Media cases from his courtroom.

Here comes more bad news for Malibu Media. As Sophisticated Jane Doe reports, MM looked ready to cut-and-run on another settlement attempt gone haywire. Instead of making off with some money or its assertions unquestioned, the defendant countersued, alleging abuse of process by the troll. The judge handling the case isn't sold on the copyright infringement counterclaim but isn't going to let MM dismiss the case and bypass possible consequences for its process abuses. The judge also explains why he won't do this with a short rundown of Malibu's trolling tactic. From the order [PDF]:

The Court notes Plaintiff’s penchant for litigation, which includes its filing of more than 100 cases in this district, more than 200 cases in the Southern District of Ohio, and hundreds more across the country. See Ricupero, 705 F. App’x at 403. While Defendant’s [copyright] counterclaim is redundant, the Court finds that his concern of Plaintiff filing suit in the future without a determination on the merits is very real. The Court, therefore, hereby notices the parties that it will not accept a voluntary dismissal of the instant case unless it is with the consent of both parties.

This prevents Malibu Media from dismissing its lawsuit because things aren't going the way it thought they would. I'm sure Malibu isn't thrilled with this turn of events, because it allows the defendant to move forward with his abuse allegations.

Defendant alleges that Plaintiff “made knowing misrepresentations in its Amended Complaint,” that it pleaded copyright infringement “despite knowing that an IP address alone is insufficient to identify an infringer,” and that it “intentionally failed to disclose and concealed pertinent and material information regarding [P]laintiff’s knowledge of the falsity of certain claims[.]” See Answer at 12–13. Defendant specifically alleges that Plaintiff instituted the action “without any genuine intent to proceed,” and that it “used the completed service to publicly shame [Defendant].”

And here it is broken down even further -- pretty much a concise summation of every copyright trolling operation ever.

Assuming that these allegations are true, as the Court must at this stage, Defendant has adequately pleaded a cause of action for abuse of process. The first element, the ulterior motive, is clear: Plaintiff seeks to extort a settlement payment. The second element, the coercive act after the issuance of process, is satisfied by the alleged knowing misrepresentations Plaintiff made in its Amended Complaint.

This is only part of the list of counterclaims [PDF] made by the defendant -- claims that will now be examined by a judge which will likely require Malibu to turn over information it would rather keep secret about its extensive trolling operation.

Plaintiff willfully abused, misused and/or misapplied the process for an end other than that which it was designed to accomplish.

Plaintiff intentionally failed to disclose and concealed pertinent and material information regarding plaintiff’s knowledge of the falsity of certain claims and the ulterior or illegitimate purpose for which the Complaints were employed.

Specifically, plaintiff failed to disclose and concealed pertinent and material information that includes but is not limited to the following:

a. Plaintiff instituted the original action without any genuine intent to proceed against defendant herein, but rather as a vehicle to obtain discovery of the identity and contact information of defendant and others;

b. Plaintiff knows it has no basis for naming defendant/counterclaimant as the infringer, yet continues to assert the claims against him;

c. Plaintiff assert its claims in order to influence the conduct of defendant in ways that are not related to the merits of its claims;

d. Plaintiff used the completed service to publicly shame defendant/counterclaimant; and

e. Plaintiff intends the current action to hang as a sword over defendant’s head, to extort unwarranted payments to settle claims not supportable as a matter of law.

I would love to see a copy of Malibu's risk/reward analysis. Every lawsuit filed carries with it the chance its malfeasance will be exposed. There are a lot of variables Malibu can't control but it still must see enough profit to offset the risks raised by filing lawsuits by the fistful. But it won't remain that way forever. Trying to convert IP addresses into paychecks is a terrible con and Malibu is no artist.

Read More | 59 Comments | Leave a Comment..

Posted on Techdirt - 10 April 2018 @ 8:13pm

More Drug Lab Misconduct Results In Massachusetts Court Tossing Nearly 12,000 Convictions

from the one-drug-habit;-exponential-damage dept

If everything keeps falling apart in Massachusetts, there won't be a drug conviction left in the state. The eventual fallout from the 2012 conviction of drug lab technician Annie Dookhan was the reversal of nearly 21,000 drug convictions. Dookhan was an efficient drug lab worker -- so efficient she often never performed the tests she was required to. The state moved much slower, dragging its feet notifying those possibly affected by Dookhan's lab misconduct until a judge told it to stop screwing around. There still could be more reversed convictions on the way as the state continues to make its way through a 40,000-case backlog.

Those numbers alone are breathtaking. But there are even more conviction dismissals on the way. Another drug lab technician convicted for stealing samples to feed her own drug habit has tainted thousands of additional drug prosecutions. A judicial order related to her questionable drug tests is erasing a whole bunch of prosecutorial wins.

The Committee for Public Counsel Services (CPCS) and the ACLU (American Civil Liberties Union) of Massachusetts said Thursday an estimated 11,162 convictions in 7,690 cases tainted by former state drug lab chemist Sonja Farak were ordered for dismissal by Supreme Judicial Court Associate Justice Frank Gaziano.

Farak apparently used whatever drugs she came across during her decade-plus with the Amherst, MA drug lab. This lab was inspected in 2012 by state police, shortly after the Boston lab was shut down following the discovery of Annie Dookhan's misconduct. This apparently cursory inspection turned up nothing, and the police who can smell drugs the moment they pull over a car apparently couldn't tell Farak had smoked crack just prior to her interview with state police inspectors. Her misconduct wasn't discovered until 2013 -- nearly eight years after Farak began using drug lab drugs regularly.

By 2010, Farak was snorting, smoking and swallowing not only the lab “standards” but also the police-submitted evidence, frequently siphoning from the powder cocaine. In one case in 2012, where police in Chicopee, Mass., had seized a kilo of cocaine, Farak “took approximately 100 grams from the same and used it to manufacture base cocaine” — crack — “at the Amherst Lab.” She also began seeking treatment for her addictions, the report states, creating another source of records about her drug use. Soon she began stealing from her co-workers’ samples as well, and manipulating the computer databases so that wasn’t noticed. Finally, a colleague looking for some of Farak’s lab samples found they had been tampered with, and she happened to get caught in January 2013.

Once this was uncovered, the state attorney general's office released a regrettable statement claiming Farak's eight years of drug use wouldn't "undermine any cases. Three years later, a full report showed Farak's abuse of her position affected nearly 8,000 cases. It also uncovered a complete lack of standards in the Amherst lab. According to the AG report [PDF], lab security was almost nonexistent. The running of "blanks" through testing equipment (to clear residue from previous drug tests) was supposed to happen after every test to avoid tainting new tests with previously-tested substances. In reality, this only happened "every 5 to 10" tests and was wholly at the tester's discretion.

The exposure of additional drug lab misconduct is more than concerning. It's terrifying. Based on results from labs subject to minimal standards, security precautions, and state oversight, people were being incarcerated. Drug sentences are notoriously harsh. Stealing from people is treated as a less severe violation than selling someone drugs they want to purchase. So is rape, assault, and a number of other crimes where no consensual transaction takes place. And yet, the evidence in these cases -- the ones capable of delivering 25-year-minimums and life sentence-equivalents -- is treated carelessly by the labs testing substances and the government overseeing them.

Read More | 45 Comments | Leave a Comment..

Posted on Techdirt - 10 April 2018 @ 9:32am

Court Shuts Down Yet Another Lawsuit Against Social Media Companies Over Terrorist Attacks

from the 1-(800)-L-FIRM dept

Another Excolo Law/1-800-LAW-FIRM lawsuit against social media companies alleging terrorism support has been shown the door by a federal judge. The survivors of Pulse Nightclub shooting sued Twitter, Google, and Facebook for supposedly being at least somewhat responsible for the horrible act carried out by the shooter. The law firms attempted to dodge dismissal under Section 230 by fashioning this as a material support for terrorism complaint. Unsurprisingly, the judge -- without ever having to address the dodged Section 230 issue -- didn't find any of the plaintiffs' arguments persuasive.

The elements needed to satisfy various anti-terrorism laws simply aren't present in the complaint, and no matter how far the judge is willing to stretch the arguments, they can't be forced to cover these missing pieces. From the decision [PDF]:

Accepting for the moment that Mateen’s shooting spree satisfied parts A and B of the “international terrorism” definition, the amended complaint falls short of plausibly suggesting it fits within part C. It appears to be undisputed that the Pulse Night Club attack was carried out by a single shooter — Omar Mateen — and that both Mateen and his victims were, at the time of the attack, all located and resident in Orlando, Florida, within the United States. The plaintiffs have not pointed to any “means by which [the shooting] was accomplished” that involved acts crossing any national border; nor do they point to any persons outside the United States whom the shooting was “intended to intimidate or coerce”; and they have not pointed to any international “locale in which [the] perpetrator[] operate[d] or [sought] asylum.” The only allegations of the complaint even hinting at some trans-national connection are those concerning Mateen’s viewing of videos and Internet content that the plaintiffs contend were posted by agents of ISIS. But the complaint fails to assert any facts plausibly suggesting that the substance of those videos and other messages, or the posting of them, had anything at all directly to do with the shooting, other than that the principles espoused in them motivated Mateen to carry out the dreadful act.

Even if the shooter's influences were based in foreign countries, a purely-domestic act of terrorism cannot be considered international terrorism for the purposes of this lawsuit. Furthermore, the attempt to link the shooting directly to ISIS cannot be made without evidence, and despite the length of the complaint, the plaintiffs provide none.

There are no pleaded facts that tend to show that Mateen carried out this act under ISIS’s express direction. To be sure, even ISIS never claimed that it had any contact with Mateen or instructed him to shoot up the Pulse Night Club. And the heaps of relatively concrete facts that the amended complaint does offer — despite the immense emotional gravity of the violent and tragic global events to which they allude — do not bridge the gap between ISIS’s violent screeds and Mateen’s shooting spree. In their attempts to span the separate streams of events described in the pleadings, the plaintiffs have shown little beyond mere happenstance and possibility.

Just as futile are the claims the mere existence of ISIS-operated social media accounts somehow equate to material support for terrorism by the service providers.

There are no facts that suggest that the defendants “encouraged” Mateen to commit his crimes. Likewise, the plaintiffs do not allege that the defendants provided him with any assistance, such as instructions on how to build a bomb or obtain an assault rifle. Certainly, no one suggests that any of the defendants’ representatives were present at the scene, that they had any “relationship” with Mateen, or that they were of a mind to see this horrible event take place.

It all boils down to this: just because someone saw something on the internet that motivated them to commit an act of violence does not make the violent act the internet's fault. The blame for the act rests on the shoulders of the person who committed it, not the service providers whose services were used by terrorists to spread their message. Even if it's true social media companies could do better tracking down and removing terrorist accounts and their content, it still doesn't make them culpable for the Pulse Nightclub shooter's heinous act.

In this case, the allegations that Mateen viewed some literature and videos produced by ISIS is not sufficient to sustain any inference that either the defendants, or ISIS, or any individual or entity directly associated with ISIS, had any discernible direct involvement in the Orlando attack. Instead, the complaint suggests, at most, that the defendants merely were aware of a generalized risk that persons associated with or sympathetic to ISIS’s cause could, at some point, derive some benefit from their services, and that, at some point (by all accounts only after the attack) ISIS became aware of and expressed its approval of the attack. Those tenuous connections do not suffice to sustain the required inference of proximate cause.

With that, the case is dismissed with prejudice. The Section 230 immunity question -- raised by the defendants in their motion to dismiss -- is never addressed. But then, it really doesn't need to be. While it would be nice to have more affirmations of Section 230 immunity written into case law, the baseless anti-terrorism law allegations are more than enough to see this lawsuit join others by the same law firms in the dustbin of legal history.

Not that another loss has had any effect on Excolo Law and 1-800-LAW-FIRM. As Eric Goldman reports, the questionable business model of ringing up loss after loss is still somehow generating sustainable income.

Will that stop 1-800-LAWFIRM from filing more lawsuits? Of course not; they filed another one yesterday despite this ruling. I admire the lawyers’ doggedness even as I question their substantive and procedural expertise.

So far, not a single one of these lawsuits has survived a motion to dismiss. But it won't stop people from trying. Targets like Facebook and Twitter are too big to ignore, even if the accusations have almost zero chance of resulting in a victory for the plaintiffs and their representatives.

Read More | 12 Comments | Leave a Comment..

More posts from Capitalist Lion Tamer >>