Capitalist Lion Tamer’s Techdirt Profile

capitalisliontamer

About Capitalist Lion TamerTechdirt Insider

List of blogs started with enthusiasm, which now mostly lie dormant:

[reserved for future use]
http://5k500k.wordpress.com

[recently retired]
http://capitalistliontamer.wordpress.com

[various side projects]
http://cliftonltanager.wordpress.com/
http://bl0wbybl0w.wordpress.com/
http://thepenismadeoutofspam.wordpress.com/



Posted on Techdirt - 24 June 2016 @ 7:39pm

Proprietary Algorithms Are Being Used To Enhance Criminal Sentences And Preventing Defendants From Challenging Them

from the like-the-Coke-formula,-but-for-years-of-someone's-life dept

When law enforcement agencies want to know what people are up to, they no longer have to send officers out to walk a beat. It can all be done in-house, using as many data points as can be collected without a warrant. Multiple companies offer "pre-crime" databases for determining criminal activity "hot spots," which allow officers to make foregone conclusions based on what someone might do, rather than what they've actually done.

Not that's it doing much good. For all the time, money, and effort being put into it, the databases seem to be of little utility.

Many law enforcement agencies use software to predict potential crime hot spots, and the police in Kansas City, Mo., and other places have used data to identify potential criminals and to try to intervene.

[...]

In Chicago, where there has been a sharp rise in violent crime this year, the police have used an algorithm to compile a list of people most likely to shoot or be shot. Over Memorial Day weekend, when 64 people were shot in Chicago, the police said 50 of the victims were on that list.

So much for "intervention." Having a list of people who have a higher risk of being shot doesn't mean much when all it's used for is confirming the database's hunches. However, these same databases are being put to use in a much more functional way: determining sentence lengths for the criminals who have been arrested.

When Eric L. Loomis was sentenced for eluding the police in La Crosse, Wis., the judge told him he presented a “high risk” to the community and handed down a six-year prison term.

The judge said he had arrived at his sentencing decision in part because of Mr. Loomis’s rating on the Compas assessment, a secret algorithm used in the Wisconsin justice system to calculate the likelihood that someone will commit another crime.

We're locking up more people for more years based on criminal activity they'll no longer have the option of possibly performing. This is nothing new. Sentencing enhancement is based on a lot of factors, not all of them confined to proprietary databases. But what is new are the algorithms used to determine these sentence enhancements, most of which belong to private companies who are completely uninterested in sharing this crucial part of the equation with the public.

In Mr. Loomis' case, the software determined he would be likely to engage in further criminal activity in the future. A so-called "Compas score" -- provided by Northpointe Inc. -- resulted in a six-year sentence for eluding an officer and operating a vehicle without the owner's consent. His lawyer is challenging this sentence enhancement and going after Northpointe, which refuses to release any information about how the Compas score is compiled.

What Northpointe has released are statements that confirm the code is proprietary and that the Compas score is "backed by research" -- although it is similarly unwilling to release this research.

The problem here isn't so much the use of algorithms to determine sentence lengths. After all, state and federal guidelines for sentence lengths are used all of the time during sentencing, which includes factors such as the likelihood of future criminal activity. But these guidelines can be viewed by the public and are much more easily challenged in court.

The use of private contractors to provide input on sentencing renders the process opaque. Defendants can't adequately challenge sentence enhancements without knowing the details of the "score" being presented by prosecutors to judges. The algorithms' inner workings should either be made available to defendants upon request, or the "score" should be determined solely by government agencies, where the data and determining factors can be inspected by the public.

We're now in the unfortunate situation where companies are telling judges how long someone should be locked up -- using data which itself might be highly questionable. The feeling seems to be that if enough data is gathered, good things will happen. But as we can see from Chicago's implementation of this technology, the only thing it's done so far is add confirmation bias toetags to the ever-increasing number of bodies in the city's morgues.

The use of locked-down, proprietary code in sentencing is more of the same. It undermines the government's assertion that prison sentences are a form of rehabilitation and replaces it with the promise that criminal defendants will "do the time" so they can't "do the crime" -- all the while preventing those affected from challenging this determination.

47 Comments | Leave a Comment..

Posted on Techdirt - 24 June 2016 @ 9:40am

Tying Rights To Useless 'Terrorist Watchlists' Is A Terrible Idea

from the the-right-to-remain-rightless dept

No matter how you may feel about the Second Amendment or firearms themselves, there's no way you can feel comfortable with access to Constitutional rights being predicated on something as worthless as the government's ever-expanding "you might be a terrorist" lists.

But that's what's being sought by legislators. In the wake of the Orlando shooting, politicians are searching for answers to unpredictable violent acts, and have seized on the FBI's multiple investigations of the shooter as a potential terrorist for deciding who can or can't obtain a gun. A "dramatic" sit-in by Congressional reps hoped to force the issue, even though it ended up pushing nothing forward at all.

Some legislators want gun ownership tied to terrorist watchlists -- the same watchlists that have turned 4-year-olds into suspected terrorists and designated entire families as suspicious simply because a single member somewhere in the branches of the family tree is under investigation.

This kneejerk reaction not only would eliminate rights but also any form of due process. As it stands now, there's very little chance anyone wrongly designated as a suspected terrorist by the US government will be able to remove themselves from these lists. A recent court decision about the TSA's "no fly" list has at least raised the redress procedure to "extremely difficult" from its previous status as "nonexistent."

But that's only one of the government's terrorist watchlists. Another watchlist contains thousands of Americans with no known ties to any terrorist group. The fact that these known unknowns comprise 40% of the watchlist is only part of the problem.

As we've seen from the FBI's neverending series of terrorist investigations, the government is more than happy to create all the "terrorists" it needs to ensure a steady flow of income to certain agencies and a steady decline in civil liberties for the rest of us.

Even if the list used to deny gun purchases is limited to those deemed too dangerous to board an aircraft (but not dangerous enough to arrest), rights will be denied to thousands who've never done anything wrong. The no fly list is a debacle as anyone but the TSA (and those pushing this legislation) will admit. The no fly list has, in the past, contained both people no one would normally consider unfit for gun ownership (Sen. Ted Kennedy, Rep. John Lewis), as well as an 18-month-old toddler. Accurate, it is not, and yet, legislators are more than willing to strip a right away from citizens based on an incredibly flawed database. Logic has no place in gun control arguments, though, as Rep. John Lewis is one of the legislators leading the charge, even though he should know personally how worthless and inaccurate the no fly list is.

What's even more disconcerting is the number of politicians who believe multiple rights should be stripped from those on watchlists. Senator Joe Manchin actually let these words tumble out of his mouth during an interview with MSNBC.

Really, the firewall we have right now is due process. It’s all due process. So we can all say we want the same thing, but how do we get there? If a person is on a terrorist watch list, like the gentleman, the shooter in Orlando? He was twice by the FBI — we were briefed yesterday about what happened — but that young man was brought in twice. They did everything they could. The FBI did everything they were supposed to do. But there was no way to keep him on the nix list or keep him off the gun-buy list, there was no way to do that.

So can’t we say that if a person’s under suspicion there should be a five-year period of time that we have to see if good behavior, if this person continues the same traits? Maybe we can come to that type of an agreement, but due process is what’s killing us right now.

Due process is "killing" Americans. And he's not the only one who feels this way. Senator Dianne Feinstein believes Americans are born with only one inalienable right: the right to earn their other rights by "proving their innocence."

Dems now expect Americans to "prove your innocence" before taking advantage of Constitutional rights.

All the while, legislators are tossing out catchy slogans like, "No Fly, No Buy" with zero awareness of the implications of that action. Others claim such a law would have prevented the Orlando shooting, similarly unaware of the fact that the shooter wasn't on a terrorist watchlist when he purchased his guns.

If lawmakers want to prevent suspected terrorists from purchasing guns, they need to base this on something far better maintained and narrowly defined than our current terrorist watchlists. The ones we have operate as dragnets -- bulk surveillance but for human beings. These lists already eliminate due process. They shouldn't be used to further diminish citizens' rights just because the perpetrator in the latest mass shooting was the subject of a terrorism investigation.

75 Comments | Leave a Comment..

Posted on Techdirt - 24 June 2016 @ 8:39am

Judge Says FBI Can Hack Computers Without A Warrant Because Computer Users Get Hacked All The Time

from the broken-blinds-policing dept

The FBI's use of a Network Investigative Technique (NIT) to obtain info from the computers of visitors to a seized child porn site has run into all sorts of problems. The biggest problem in most of the cases is that the use of a single warrant issued in Virginia to perform searches of computers all over the nation violated the jurisdictional limits set down by Rule 41(b). Not coincidentally, the FBI is hoping the changes to Rule 41 the DOJ submitted last year will be codified by the end of 2016, in large part because it removes the stipulation that limits searches to the area overseen by the magistrate judge signing the warrant.

For defendant Edward Matish, the limits of Rule 41 don't apply. He resides in the jurisdiction where the warrant was signed. He had challenged the veracity of the data obtained by the NIT, pushing the theory that the FBI's unexamined NIT was insecure (data obtained from targets was sent back to the FBI in unencrypted form) and info could have been altered in transit.

It's not much of a legal theory as any person performing these alterations would have had to know someone was performing long-distance acquisitions of identifying computer information and the IP addresses normally hidden by the use of Tor.

But that questionable legal theory is nothing compared to those handed down in Judge Henry Coke Morgan Jr.'s denial [pdf] of several motions by Matish. As the judge sees it, the FBI really didn't even need a warrant. Morgan Jr. says there's no expectation of privacy in an IP address, even if Tor is used to obscure it, which follows other judges' conclusions on the same matter. However, Morgan Jr. goes much further.

Morgan Jr. hints at the Third Party Doctrine but refuses to consider the fact that this information was not obtained from third parties, but rather directly from the user's computer via the FBI's hacking tool.

The Court recognizes that the NIT used in this case poses questions unique from the conduct at issue in Farrell. In Farrell, the Government never accessed the suspect's computer in order to discover his IP address, whereas here, the Government deployed a set of computer code to Defendant's computer, which in turn instructed Defendant's computer to reveal certain identifying information. The Court, however, disagrees with the magistrate judge in Arterburv. who focused on this distinction, see No. 15-cr-182, ECF No. 42. As the Court understands it, Defendant's IP address was not located on his computer; indeed, it appears that computers can have various IP addresses depending on the networks to which they connect. Rather, Defendant's IP address was revealed in transit when the NIT instructed his computer to send other information to the FBI. The fact that the Government needed to deploy the NIT to a computer does not change the fact that Defendant has no reasonable expectation of privacy in his IP address.

This reading of the Third Party Doctrine closely aligns with how the DOJ prefers it to be read. If someone knowingly or unknowingly turns over identifying info to a third party, it now belongs to the government -- even if the government obtains it directly through a search/seizure, rather than approaching third parties.

But more disturbing than this is Judge Morgan Jr.'s declaration that no expectation of security is the same thing as no expectation of privacy -- first highlighted by Joseph Cox of Motherboard.

“It seems unreasonable to think that a computer connected to the Web is immune from invasion,” Morgan, Jr. adds. “Indeed, the opposite holds true: in today's digital world, it appears to be a virtual certainty that computers accessing the Internet can—and eventually will—be hacked,” he writes, and then points to a series of media reports on high profile hacks. He posits that users of Tor cannot expect to be safe from hackers.

If hackers can break into computers and extract information, then law enforcement can do the same thing without fear of reprisal or suppression of evidence. Morgan Jr. equates it to "broken blinds" on a house window, where previous rulings have said it's perfectly fine for passing police officers to peer into windows that don't completely obscure the house's interior.

[I]n Minnesota v. Carter, the Supreme Court considered whether a police officer who peered through a gap in a home's closed blinds conducted a search in violation of the Fourth Amendment. 525 U.S. 83, 85 (1998). Although the Court did not reach this question, id at 91, Justice Breyer in concurrence determined that the officer's observation did not violate the respondents' Fourth Amendment rights. Id at 103 (Breyer, J., concurring). Justice Breyer noted that the "precautions that the apartment's dwellers took to maintain their privacy would have failed in respect to an ordinary passerby standing" where the police officer stood.

But that flies directly in the face of his previous determination that there's no expectation of privacy in IP addresses, even if a person takes steps to obscure that identifying info. Tor may be imperfect and can be compromised, but applying Morgan Jr.'s analogy to this situation means it's OK for the FBI to not only peer into the interior of a house, but to break the blinds in order to look inside.

The world Judge Morgan Jr. prefers is clear: that law enforcement should not be bound by the constraints of legal activity and, in fact, should be allowed to deploy hacking tools simply because computers get hacked every day. It's a judicial shrug that says the good guys should be able to do everything criminals do because the ends justify the means. Morgan Jr. explicitly states that "the balance weighs heavily in favor of surveillance" in cases like these (child pornography prosecutions) because of the criminal activity involved.

The ends will justify the means in cases like these, if Morgan Jr. is overseeing them. Even if you are sympathetic to the judge's belief that certain crimes call for more drastic law enforcement responses, the fact is that if given this judicial pass, law enforcement will not confine its use of jurisdiction-less warrants and invasive tech tools to only the worst of the worst. We need look no further than the deployment of a Stingray device to track down someone who stole $57 worth of fast food to see how this will play out in real life. The decision -- if it stands -- opens citizens up to a host of invasive, warrantless searches, just because security breaches are common and the pursuit of criminal suspects is more important than protecting citizens from government overreach.

Read More | 60 Comments | Leave a Comment..

Posted on Techdirt - 24 June 2016 @ 6:26am

Emails Show Hillary Clinton's Email Server Was A Massive Security Headache, Set Up To Route Around FOIA Requests

from the breaking-badly dept

More bad news for Hillary Clinton and her ill-advised personal email server. Another set of emails released by the State Department shows the government agency had to disable several security processes just to get its server to accept email from Clinton's private email address.

The emails, reviewed by The Associated Press, show that State Department technical staff disabled software on their systems intended to block phishing emails that could deliver dangerous viruses. They were trying urgently to resolve delivery problems with emails sent from Clinton's private server.

"This should trump all other activities," a senior technical official, Ken LaVolpe, told IT employees in a Dec. 17, 2010, email. Another senior State Department official, Thomas W. Lawrence, wrote days later in an email that deputy chief of staff Huma Abedin personally was asking for an update about the repairs. Abedin and Clinton, who both used Clinton's private server, had complained that emails each sent to State Department employees were not being reliably received.

After technical staffers turned off some security features, Lawrence cautioned in an email, "We view this as a Band-Aid and fear it's not 100 percent fully effective."

While trial-and-error is generally useful when solving connection problems, the implication is undeniable: to make Clinton's private, insecure email server connect with the State Department's, it had to -- at least temporarily -- lower itself to Clinton's security level. The other workaround -- USE A DAMN STATE DEPARTMENT EMAIL ADDRESS -- was seriously discussed.

This latest stack of emails also exposed other interesting things... like the fact that Clinton's private email server was attacked multiple times in one day, resulting in staffers taking it offline in an attempt to prevent a breach. (h/t Pwn All The Things)

In addition to the security issues, there's also some discussion about why Clinton was choosing to use her own server.

In one email, the State Department's IT person explains the agency already has an email address set up for Clinton, but offers to delete anything contained in it -- and points out that using the State Dept. address would make future emails subject to FOIA requests.

[W]e actually have an account previously set up: SSHRC@state.gov. There are some old emails but none since Jan '11 -- we could get rid of them.

You should be aware that any email would go through the Department's infrastructure and subject to FOIA searches.

So, there's one reason Clinton would have opted to use a personal email address and server. More confirmation of the rationale behind this decision appears in an earlier email (2010) from Clinton to her aide, Huma Abedin.

Abedin: We should talk about putting you on state email or releasing your email to the department so you are not going to spam.

Clinton: Let's get separate address or device but I don't want any risk of the personal being accessible.

There appears to be some intent to dodge FOIA requests -- either by ensuring "no documents found" when Clinton's State Department email address was searched, or by being able to control any release by being the chokepoint for responsive documents.

To accomplish this, Clinton's team set up a private email server that was insecure and did not follow State Department guidelines. In fact, her team brushed off the agency more than once before finally informing it that they simply would not comply with State Department regulations.

In a blistering audit released last month, the State Department's inspector general concluded that Clinton and her team ignored clear internal guidance that her email setup broke federal standards and could leave sensitive material vulnerable to hackers. Her aides twice brushed aside concerns, in one case telling technical staff "the matter was not to be discussed further," the report said.

The FBI investigation that Clinton refuses to call an investigation continues. There may be no criminal charges forthcoming, but there's already plenty of evidence that Clinton's use of a private email server was not only dangerously insecure, but put into place in hopes of limiting her accountability.

102 Comments | Leave a Comment..

Posted on Techdirt - 22 June 2016 @ 12:38pm

Cinemark Files Trademark Infringement Lawsuit Against Roblox Over User-Generated Content

from the brought-by-actual-lawyers-who-should-actually-know-better dept

Today's misguided IP infringement lawsuit comes from Cinemark USA, one of the largest theater chains in the United States. Its target is Roblox, a multiplayer online sandbox game where users can create their own "worlds" using blocks -- putting it somewhere between Minecraft and Second Life.

Cinemark is accusing Roblox and a few dozen of its users of trademark infringement, thanks to the latter's creations. According to the lawsuit [PDF], various users have created versions of Cinemark theaters (complete with branding) and placed them in their own worlds, or uploaded for others to use in theirs.

It's one thing for Cinemark to pursue these Does for trademark infringement. (Although it's bound to be a waste of time, money, and reputation...) It's quite another to go after Roblox for content created by its users. Just because there's no built-in protection for service providers against claims of trademark infringement (like Section 230 of the CDA or the DMCA safe harbor) doesn't mean targeting the platform, rather than the actual wrongdoers, is the right way to approach this.

But this filing makes no distinction between Roblox and its users, despite there being a long list of usernames included. The better way to do this (again, assuming suing users, many of whom are likely to be under the age of 18, is somehow "better" than simply asking Roblox to take the content down) would be to serve Roblox a subpoena for account holder information as part of pre-trial discovery, rather than blowing through the entire filing referring to both Roblox and Does as inseparable "defendants."

Now, it's understandable that Cinemark might be concerned about unauthorized brand use. One of the stipulations of maintaining this indefinite protection is to assert your control over it. Litigation isn't the only option, but it seems to be the most popular one.

As for consumer confusion, it's highly unlikely Roblox users would consider user-generated content to be an authorized marketing attempt by the theater chain… especially when things like the following carry Cinemark branding.

Upon information and belief, subscribers/registered users and the general public can purchase virtual weapons, namely guns, for use inside the virtual playgrounds/workshops to kill other subscribers/users/members of the public, for virtual monies, inside virtual theaters or worlds bearing The Marks. Users virtually reenact tragic, violent real-world events involving an active shooter scenario at a Cinemark theater bearing The Marks.

On the other hand, some people are just as incapable of competently directing their complaints as Cinemark is.

Cinemark has received actual complaints from customers in the United States concerning the graphic violence and games associated with The Marks on Defendants’ website and/or virtual playgrounds/workshops.

Cinemark wants Roblox to be responsible for this infringement because it's likely the only entity involved that isn't judgment proof. But other than listing it as a defendant, Cinemark only directly refers to the platform once in the allegations, with a paragraph that alleges no wrongdoing (but implies that Roblox inappropriately and directly profits from users' infringing activity.)

On information and belief, subscribers and the general public are able to create an account, develop a virtual playground/workshop, purchase monthly or yearly memberships to the platform, and purchase monetary credits from Defendant Roblox Corporation in order to further the user’s virtual playground/workshop within the platform. On information and belief, Defendant Roblox Corporation also pays monetary sums to users, including the remaining Defendants for developing virtual playgrounds/workshops visited by others. On information and belief, the Defendants accept monetary credits from users who visit the Defendants’ virtual playgrounds/workshops.

Throughout the rest of the complaint, the Does and Roblox are referred to collectively as "defendants," even though there's almost zero chance the company will remain a defendant for long.

The usual claims are included: Lanham Act violations, unfair competition, dilution, and vanilla trademark infringement. Then there's a rather unusual one: "Texas common law business disparagement." This is tied to the user-generated sandboxes where visitors are given guns and allowed to shoot up a virtual theater.

By using The Marks in connection with virtual mass shootings in connection with Cinemark’s movie theaters, Defendants knowingly and/or recklessly make false statements that disparage Cinemark’s good name, business reputation, services, products and goods. Defendants did so with the intent to cause, and actually caused, pecuniary loss to the Cinemark in violation of the laws of Texas. Defendants knowingly and/or recklessly create virtual playgrounds/workshops where children can purchase and use virtual guns to cause mass shootings at virtual movie theaters under The Marks creating the false statement that Cinemark’s movie theaters are “unsafe”.

LOL. "Intent to cause pecuniary loss." Some idiot thought it would be funny or edgy or whatever and other idiots agreed. The only intent here was to appeal to the lowest common denominator. No one's going to "shoot" up a Roblox theater using Roblox weapons and come to the conclusion Cinemark theaters are unsafe, just as no one's going to play a few levels of Doom and decide further exploration of Mars by NASA is a bad idea because the planet contains a portal to hell.

The interesting thing about this particular allegation is that Cinemark kind of admits its lawsuit is being brought against minors. Roblox's target market is kids, and its user base skews young. This could be why Cinemark has decided to bundle in the platform maker as a defendant, even though there's almost no chance Cinemark will be pursuing anyone other than the Does once Roblox files a response and a judge looks it over.

Even without a response being filed, Cinemark is already losing. It has filed two motions: one for a preservation of evidence order and one for expedited discovery. Both have been rejected by Judge Reed O'Connor, who finds Cinemark's breathless pleadings a bit much.

From the order on the preservation request [PDF]:

Plaintiff avers that “Defendants are in possession of extensive electronic data that is essential to Cinemark’s claims that could easily be overwritten, transferred, or expunged.” Pl.’s Mot. 4, ECF No. 3. Plaintiff argues that “[m]oreover, Defendants’ electronic data mayeven be lost through Defendants’ computer’s and/or servers’normal use. For example, information and data contained on a computer’s hard drive are automatically written over and replaced with new data.”

[...]

[C]inemark does not prove that Roblox would “flaunt [its] obligation under the federal rules without a preservation order.” Id. Cinemark does not provide any evidence that the relevant electronic data will be destroyed absent a court order.

[...]

“To supplement every complaint with an order requiring compliance with the Rules of Civil Procedure would be a superfluous and wasteful task, and would likely create no more incentive upon the parties than already exists.” Hester v. Bayer Corp., 206 F.R.D. 683, 685 (M.D. Ala. 2001).

The expedited discovery request [PDF] fares no better, as Cinemark makes no showing as to why it needs to have (a) Roblox deposed, (b) production of all electronic evidence completed, and (c) immediate leave to file all non-party subpoenas -- all within 10 days of service.

It seems the better way to do this is to serve Roblox with requests to remove infringing content. And to do it correctly. None of this "any IP dispute can be resolved with a DMCA takedown notice" crap. It appears Roblox has already taken steps to delete content containing infringing marks. Its rules of conduct expressly forbid the posting of infringing content and it bans users/deletes accounts of those violating these terms. But to decide the next step (or the best option) is to sue, combining an entity that isn't legally culpable (Roblox) with a few dozen Does, all of which may be in the game's target range (ages 8-18), doesn't say much for Cinemark or the legal team representing it.

Read More | 30 Comments | Leave a Comment..

Posted on Techdirt - 22 June 2016 @ 3:20am

Court Refuses To Uphold Evidence Seized During A Completely Bogus Traffic Stop

from the law-enforcement-dashcam-key-witness-against-law-enforcement dept

Very rarely does anyone want to believe a defendant in a criminal prosecution. They have the most to lose, are often presumed guilty by all involved, and if they'd done nothing wrong, they wouldn't be here defending themselves, right? None of that is how the system is supposed to work. But that's how it often does.

Law enforcement officers, on the other hand, are often treated as unimpeachably credible, even when their recollections of events are less than accurate. Sometimes they get called out for it. Most times they don't. About the only way their dishonesty is called out if if there's another set of eyes on the scene -- like dashcams or body-worn cameras. (This, too, is far from a sure thing.)

That's what happened here. A bogus traffic stop that morphed into a drug bust began with zero traffic violations -- even though the officer performing the stop claimed at least two violations had occurred. (via FourthAmendment.com)

Victor Dominguez-Fernand was pulled over for allegedly driving with his headlights off and following too close to the vehicle ahead. Unfortunately for Deputy Nicholas Ernestes, his dashcam showed both claimed violations were bogus.

First off, the supposed violation of "driving with headlights off" was only a presumed violation. Deputy Ernestes testified that he "believed" headlights were required because of the weather conditions (overcast and raining) but couldn't actually assert that such a requirement exists.

This, of course, is hardly a fatal error. The Supreme Court (along with dozens of lower courts) have made it clear law enforcement isn't required to know the laws it's enforcing. All they have to do is believe a violation has occurred to perform a traffic stop.

Not that it mattered. When Ernestes turned on his lights to pull over Fernand, his dashcam kicked in, and it showed something completely different [PDF].

The available dash-cam video shows that the taillights on Mr. Dominguez-Fernand’s car were on for at least 30 seconds before Deputy Ernstes turned on his emergency lights.

If the taillights are on, the headlights are on. Ernestes also claimed Fernand was following too close to the vehicle ahead of him, even though Ernestes was unable to remember many details about the vehicle Fernand was supposedly tailgating.

Deputy Ernstes attested in an affidavit submitted before the hearing that he “pull[ed] his vehicle even with the black Mitsubishi” to confirm its speed and observed at that time that it was allegedly following the vehicle in front of it too closely. Deputy Ernstes does not remember what type of vehicle was in front of Mr. Dominguez-Fernand’s car. Deputy Ernstes testified that he used a method that involved counting the “skip lines” on the roadway to determine that Mr. Dominguez-Fernand’s car was allegedly closer to the vehicle in front of it than the “two-second rule” established in the Indiana Driving Manual. Deputy Ernstes testified that based on that calculation, he believed Mr. Dominguez-Fernand had violated Indiana Code § 9-21-8-14. Deputy Ernstes testified that he only saw the alleged traffic infraction for a few seconds.

Again, the dashcam saw it differently.

It shows that it was raining and that a box truck was in the distance in front of Mr. Dominguez-Fernand’s car.

The defendant recalled the incident in a way that more agrees with the dashcam footage than the deputy's affidavit and testimony.

Mr. Dominguez-Fernand had been driving for several hours and it had been raining heavily for ten to fifteen minutes before he was stopped by Deputy Ernstes. Mr. Dominguez-Fernand specifically remembered that the headlights on the car were turned on because he had been continuously driving through the night and the car’s dashboard was lit up for visibility. He emphasized that he drove a delivery truck for a living and that he was intentionally driving slower than the speed limit because of the rain. He maintained a five or six second distance between his car and the box truck in front of him because it was spraying a lot of water up because of the rain. Indeed, the dash-cam video shows that the rain caused trucks traveling on Interstate 70 to spray water behind them for a considerable distance.

Deputy Ernestes claimed the vehicle's lights were off when the defendant passed him, something the court finds dubious because this supposed reason for pulling over the defendant was never mentioned once during the course of the stop. Further, state law doesn't require the use of headlights in these weather conditions -- only if vehicles cannot be clearly seen within 500 feet. Ernestes' own testimony stated he could see cars approaching "up to one mile away" and they all had their headlights on. 5,280 feet being ten times the length required by statute means headlights or not, there was no violation.

The camera also showed Fernand was a safe distance behind the vehicle in front of him. So, despite Fernand's eventual consent to a search of the vehicle (which resulted in the discovery of amphetamines), the initial stop was so bogus the court cannot allow the subsequent search to stand.

The court also points out that Ernestes could have bolstered his claims that the violations occurred before the dashcam's automatic recording by simply using the recording device in his vehicle to, you know, record evidence.

The impact of these inconsistencies might have been lessened if Deputy Ernstes had manually turned on his dash-cam to record the traffic violation he claims to have seen. While he admits he could have done so, he did not, depriving the record of significant, reliable evidence.

As to the inconsistencies, they were more than just the fuzziness one would expect from a law enforcement who performs dozens of inconsequential traffic stops every shift. The inconsistencies stemmed from Ernestes' initial statements and paperwork.

Deputy Ernstes testified that he could not remember anything about the type of vehicle Mr. Dominguez-Fernand was allegedly too closely following. Deputy Ernstes’ affidavit, however, attests that he pulled alongside Mr. Dominguez-Fernand’s car to observe its speed and that it was allegedly too closely following the preceding vehicle, which would have given him a clear view of the large box truck Mr. Dominguez-Fernand was following. The imprecise nature of Deputy Ernstes’ recollection is further underscored by the Court’s previous conclusion that Deputy Ernstes was incorrect about the headlights on Mr. Dominguez-Fernand’s car being turned off, as well as Deputy Ernstes’ testimony at the hearing that he could only see one person in Mr. Dominguez-Fernand’s car, despite the fact that his affidavit states he could see “that two males were located inside of the vehicle” when he pulled alongside it.

And away goes the evidence, which is the only thing supporting the government's charges.

The Court has already held that the Government has not met its burden to show by a preponderance of the evidence that Deputy Ernstes had probable cause to stop Mr. Dominguez-Fernand’s car. Thus, the exclusionary rule forbids use of the unlawfully obtained evidence at trial. Since the Government has not argued that an exception to the exclusionary rule applies in these circumstances, and it is the Government’s burden to do so, the Court concludes that the drugs discovered in Mr. Dominguez-Fernand’s car must be suppressed.

Surprisingly, the government never asked for consideration under the "good faith exception," nor did the court decide to entertain this idea on its own. That this resulted in tossed evidence even with the Heien decision in place suggests law enforcement can still manage to go too far when cooking up bogus reasons to stop drivers.

Read More | 34 Comments | Leave a Comment..

Posted on Techdirt - 21 June 2016 @ 2:03pm

Customs Agents, Local Doctor Subject 18-Year-Old To Vaginal, Rectal Probing In Search Of Nonexistent Drugs

from the CBP-demands-development-of-additional-orifices-to-violate dept

The Constitution-free buffer zone near our nation's borders ensures those who wander too far away from the center of our country will be robbed of their rights, thanks to ongoing wars vs. drugs and terrorism. They may also be robbed of their dignity.

There's apparently very little law enforcement personnel won't do when in pursuit of drugs. The gloves come off, only to be replaced with other gloves, which are then forcefully inserted into every orifice on a "suspect's" body. We saw this happen to New Mexico native David Eckert back in 2013. The list of invasions and indignities perpetrated on him by the Deming police and a far-too-compliant "medical professional" is long, ugly and comprehensive.

1. Eckert's abdominal area was x-rayed; no narcotics were found.
2. Doctors then performed an exam of Eckert's anus with their fingers; no narcotics were found.
3. Doctors performed a second exam of Eckert's anus with their fingers; no narcotics were found.
4. Doctors penetrated Eckert's anus to insert an enema. Eckert was forced to defecate in front of doctors and police officers. Eckert watched as doctors searched his stool. No narcotics were found.
5. Doctors penetrated Eckert's anus to insert an enema a second time. Eckert was forced to defecate in front of doctors and police officers. Eckert watched as doctors searched his stool. No narcotics were found.
6. Doctors penetrated Eckert's anus to insert an enema a third time. Eckert was forced to defecate in front of doctors and police officers. Eckert watched as doctors searched his stool. No narcotics were found.
7. Doctors then x-rayed Eckert again; no narcotics were found.
8. Doctors prepared Eckert for surgery, sedated him, and then performed a colonoscopy where a scope with a camera was inserted into Eckert's anus, rectum, colon, and large intestines. No narcotics were found.

The police obtained no drugs, but Eckert obtained a $1.6 million settlement.

Perhaps that sort of payoff is in 18-year-old Ashley Cervantes' future. Cervantes did nothing more than cross the border to eat breakfast in Nogales, Mexico. Upon her return, things went from bad to worse to nightmarish. [via Cyrus Farivar, Ars Technica]

The litany of abuses inflicted on her during a 7-hour search for nonexistent drugs mirrors that of Eckert's. From the lawsuit [PDF]:

The CBP Agent became more aggressive in his questions and accusations. That CBP Agent directed Ashley to follow him to a “detention” room, ostensibly for additional questioning. Over the course of the next few hours, Ashley:

a. was handcuffed to a chair;

b. had a number of CBP K9’s sniff her person (a violation of CBP policy, which prohibits the use of K9’s on a person); and,

c. was taken into a separate room, patted down, and asked to squat so female investigators could visually inspect her.

At no point was Cervantes advised of her Miranda rights, because forget it, Jake, it's Bordertown. The CBP's inability to locate the drugs the agent fervently believed Cervantes was smuggling into the country didn't result in the conclusion of the search. Instead, efforts escalated under the theory that Cervantes was just particularly skilled in the art of concealing drugs.

First, the CBP agent deployed his own questionable medical skills to fill out a "Treatment Authorization Request." In this Immigration Health Services' form, the agent "diagnosed" Cervantes as a "potential internal carrier of foreign substances" and ordered up an X-ray. Cervantes was placed in a CBP van and taken to Holy Cross Hospital, where an all-too-willing accomplice was found in the form of Dr. Patrick F. Martinez. Once there, more questionable paperwork was completed by those involved.

The Holy Cross records from Ashley’s time at the facility include a number of factual inaccuracies, including inaccurately setting out that Ashley was accompanied by her mother and arrived in a private vehicle. In reality, Ashley was transported in a CBP vehicle. Her handcuffs were not removed until she changed into a hospital gown for the alleged purpose of undergoing an X-Ray.

Cervantes never underwent an X-ray. Instead, she underwent a series of non-consensual penetrations -- something most people refer to as "rape."

Dr. Martinez, a male physician, entered Ashley’s room and, after asking a few cursory questions, brutally invaded her body on a warrantless and unjustified search for contraband.

Dr. Martinez forcefully and digitally probed Ashley’s vagina and anus.

Ashley had never before been to a gynecologist and, for the remainder of her life, will always remember that her first pelvic and rectal exams were under the most inhumane circumstances imaginable to a U.S. citizen at a hospital on U.S. soil.

[...]

The searches conducted by the CBP Agents, Holy Cross and Dr. Martinez injured Ashley physically, mentally and emotionally. Her labia, vaginal opening, and anus were left raw and sore and she felt violated, demeaned and powerless as a result of the searches.

Seven hours. No drugs. Multiple penetrations. No warrants. No consent. And all of this will likely be OK -- or at least not enough to leap the "qualified immunity" hurdle.

The courts have frequently held that the Fourth Amendment is nothing to get too concerned about near our nation's borders, what with drugs and terrorism on the loose. If the courts find it acceptable for the CBP to seize laptops and other devices and search them without a warrant, it stands to reason they'll probably find seizing and searching the lower half of a human being without probable cause to be just one of those things that happen in service of the public's "best interest."

Read More | 142 Comments | Leave a Comment..

Posted on Techdirt - 21 June 2016 @ 9:42am

DOJ Drops Stupid Drug Trafficking Charges Against FedEx After Judge Criticizes Its 'Novel Prosecution'

from the The-Man-reluctantly-moves-on-to-hassling-other-parties dept

After two years, the DOJ has decided to drop its bogus conspiracy/drug trafficking case against Federal Express. In July 2014, FedEx was hit with an indictment for allegedly knowingly delivering illegal/counterfeit drugs to a handful of sketchy recipients.

The government insisted FedEx perform interdiction efforts for it by opening boxes and determining (without guidance) whether or not the contents were legit. FedEx pointed out that it was in the package delivery business, not the law enforcement business. The DEA shrugged and said, "Do better." FedEx said, "Why don't you give us a list of people/businesses you think are engaged in illegal activities?" The DOJ refused to do so and rewarded FedEx's good faith efforts with an indictment.

An indictment is easy to obtain, as anyone familiar with the machinations of grand juries is aware. The DOJ's case, however, immediately fell apart after it dragged its purple and orange ham sandwich into a process that's actually adversarial. Judge Charles Breyer -- who we know from his hilariously-redacted denial of HP's heavily-redacted request to seal documents and his interest in the FBI's possibly-illegal courthouse step wiretaps -- presided over the opening arguments… and that was pretty much all he had to hear.

Maria Dinzeo of Courthouse News Service reports:

Addressing the court briefly, Breyer said, "I'm quite familiar with this industry. I'm deeply concerned by tragic consequences caused by sales of toxic substances to individuals, including children, who have not had a direct consultation with a licensed physician"

But this case was "entirely different," Breyer said. "The court has been asked to determine if defendant should be held criminally liable as a co-conspirator. As a result of detailed opening statements by the government and defense and accepting factual assertions as uncontested, the court concludes the defendants are factually innocent. They did not have criminal intent."

Breyer emphasized that FedEx repeatedly offered to help the government, asking officials to identify a particular customer shipping illegal substances, so that it might stop picking up its packages.

"The DEA was unwilling or incapable of providing that information to FedEx," Breyer said. "Rather the government decided to pursue this novel prosecution."

When judges call something "novel," it's rarely because they're impressed. "Novel" is a polite way of saying "bullshit." Or "insane." It's a word pro se plaintiffs hear quite frequently. The DOJ is probably not quite as used to it, as even its weakest arguments tend to be granted more deference than they deserve.

That was enough to convince the DOJ to drop the charges, wrapping up another ridiculous situation where drug warrior zealotry has culminated in The Man sticking it to Himself.

The DEA certainly could have intercepted suspicious packages and examined them itself, but it chose to pass that burden on to the intermediary. This suggests its investigations aren't going as smoothly as it might have hoped. Probable cause for search warrants isn't a particularly high bar, but the DEA presumably either can't meet it, or would rather let others do the work for it and save it the trouble of filling out the paperwork.

38 Comments | Leave a Comment..

Posted on Techdirt - 21 June 2016 @ 3:25am

Baltimore Transit Officials Won't Release Footage Of Freddie Gray Protests Because Everything Is Always About 'Terrorism'

from the an-excuse-with-a-universal-adapter dept

The excuse that worked so well for so long -- "because terrorism" -- seems to have lost its luster. Despite having a locked iPhone tied to a mass shooting with terrorist overtones, the FBI was unable to budge the needle on encryption backdoors or magical "lawful access" crypto keys.

However, that doesn't mean any number of government entities aren't willing to use the ever present "threat" of terrorism as fuel for their various civil liberties-endangering bonfires. Or that they won't use it as a profoundly cheap excuse to withhold information from the American public -- like the Indiana State Police's refusal to turn over Stingray docs because doing so might allow terrorists to plan attacks on cherished annual state events like the Mule Day Parade.

The Maryland Transit Authority has been ducking a Public Information Act (PIA) request from the Baltimore Sun for nearly a year at this point. The paper asked for surveillance footage from the Mondawin Metro station, captured in April of last year as police shut down mass transit in anticipation of protests following the death of Freddie Gray in the back of Baltimore PD van.

The MTA's first refusal utilized another very popular law enforcement excuse.

In denying the Sun's first PIA request last year, the MTA said that the office of Baltimore State's Attorney Marilyn Mosby had asked it not to release the footage because it was still being used in criminal investigations.

The Sun took this in stride and issued another request almost a year later.

The Sun sent the MTA another PIA request for the footage last month, noting that there is a statute of limitations of one year for misdemeanor charges, and that it had been a year since the incident in question — limiting the number of pending investigations there could be.

If some footage remained relevant to open investigations, The Sun said, that footage could be redacted and the rest made available.

The MTA's bluff had been called but it still had no interest in turning over the requested footage. So, it reached for the bluff that can never be called -- because it is existential, wholly subjective, and without an expiration date.

When the MTA responded last week, it made no mention of pending investigations in the state's attorney's office. It said instead that the footage could not be released because of Homeland Security concerns.

If you thought that was the end of the stupidity, you're mistaken. The Sun asked for clarification -- did this mean the MTA would never release footage from its security cameras? The MTA clarified with a bullshit-laden buck pass:

The MTA responded Friday, explaining that The Sun would have to ask the federal Transportation Security Administration for written permission to review any of the footage from the cameras, because they were funded through Homeland Security grants.

The MTA controls the cameras. It acquired them with grant money, but they are still the sole property of the MTA. The TSA is a completely unconnected third party. The DHS hands out grant money, not the TSA. And even if the TSA was somehow connected because of the grant, the footage requested only involved local law enforcement.

But it gets even worse. Even if the Sun were able to talk the TSA into granting permission (that really isn't its to grant) for the release of the requested footage, the MTA would still refuse to hand it over.

[I]f The Sun were to get that permission, it said, the MTA still would deny the footage based on its belief that the footage "would reveal the facility's safety and support systems, surveillance techniques, and security systems and technologies," as well as "jeopardize the security of the facility; facilitate the planning of a terrorist attack; and endanger the life or physical safety of the public."

This is the problem with public records laws. The government still maintains far too much control. Officials may occasionally talk big about "presumption of transparency," but when push comes to shove, its agencies like these doing all the pushing and shoving -- and routinely delivering the government equivalent of the playground rebuttal: "Make me."

15 Comments | Leave a Comment..

Posted on Techdirt - 20 June 2016 @ 11:23pm

Body Cam Footage Of Cop Hitting Handcuffed Man Leads To Firing Of Three New Orleans Police Officers

from the the-accountability-unicorn-makes-a-rare-appearance dept

Body-worn cameras as a tool of accountability is an idea whose time has come, but so far, the implementation has been less than ideal. Lawmakers -- pressured by law enforcement agencies and unions -- have frequently pushed legislation that makes it almost impossible for the public to get their hands on recorded footage.

In other cases it's been shown that camera placement results in highly-subjective footage -- where the "first-person" perspective can obscure what's really happening. One notable case resulted in two sets of footage. The body-worn camera footage gave the impression that officers were dealing with a highly-combative arrestee. A nearby surveillance camera showed something completely different: several cops beating a non-resisting suspect.

So, it's somewhat a surprise to hear that body camera footage has resulted in the firing of police officers. For one, officers generally don't get fired. They get suspended. Or, if the misconduct is egregious enough, they're allowed to resign.

In this case, however, multiple officers were fired in connection with the same incident. (h/t Techdirt reader Nathan F)

Three New Orleans police officers were fired Wednesday (June 15), and a fourth suspended, for their roles in a September 2015 incident in which a handcuffed man was hit several times while seated inside the department's French Quarter station.

Officer Alfred Moran's body-worn camera showed him using his hands to strike the man, who had been arrested for public intoxication shortly before midnight on Sept. 30, NOPD said.

[Worth noting here is the fact that the writer has chosen to use police lingo and exonerative passive phrasing while writing about the incident. Officer Moran hit a handcuffed man multiple times. An "incident" didn't just occur wherein a man "was hit." Furthermore, "using his hands to strike the man" is needlessly descriptive and gives the impression that there still might be some legal use of force contained in Moran's actions -- which were, let's not forget, hitting an unarmed, handcuffed man multiple times while in the presence of other officers who did nothing.

The writer then goes on to point out that the beaten man had "argued" with Moran earlier, again skewing the narrative slightly towards the police end of the spectrum. I don't believe these are even conscious decisions on the part of the writer. I think this sort of exonerative reporting is just as ingrained in some journalists as the blithe acceptance of misconduct is ingrained in some police organizations.

These firings are notable. This is something that just doesn't happen. When it does, it's usually only after an extended period of deflection where police spokespeople say things about "ongoing investigations" and "wanting to get all the facts first," while berating the media for reporting on the incident in a "one-sided" fashion and causing the public to "rush to judgment."

Also notable is the fact that this agency proactively reviews body cam footage, rather than simply uploading it and hoping it's overwritten before anyone files a complaint against an officer.

The incident came to light the following day during a supervisor's routine review of body-worn camera footage, said NOPD spokesman Tyler Gamble.

Even better, it wasn't just the abusive cop who was fired/punished. It was also those around him who not only did not intervene, but lied to cover up the misconduct.

NOPD's Public Integrity Bureau launched criminal and administrative investigations. But Moran, Simmons and Jennings were "untruthful" during the investigation, Gamble said. Tyler, meanwhile, answered honestly when questioned.

This is a very good -- and very rare -- thing. Law enforcement agencies tend to encourage bad behavior by delivering minimal punishment and allowing other officers present at the scene -- who didn't intervene and/or participated in the cover-up -- to walk away from it completely unscathed.

The inadvertently hilarious response to these firings comes from the police union -- which believes officers' testimony should outweigh video footage that directly contradicts their statements.

"Among many others, we have warned numerous times that video evidence only has value in context of the officer's perception of events and other measurable factors," [police union attorney Donovan] Livaccari said. "In this case, the video evidence, which was inconclusive, was relied on entirely in spite of testimonial evidence to the contrary..."

In other words, don't believe your eyes. Believe what you're told. Video footage should only be viewed in the "context" of assertions made by officers seeking to avoid punishment for wrongdoing. And only a police union rep could make the assertion that "officer's perception" is a "measurable factor" with a straight face. Yes, there's nothing more quantifiable than subjectivity, especially when it conflicts directly with more objectively-obtained evidence of wrongdoing.

45 Comments | Leave a Comment..

Posted on Techdirt - 20 June 2016 @ 2:06pm

FBI's Facial Recognition Database Still Huge, Still Inaccurate, And DOJ Shows Zero Interest In Improving It

from the ALL-YOUR-FACE-ARE-BELONG-TO-US dept

The FBI's biometric database continues to grow. Its Next Generation Identification system (NGI) is grabbing everything it can from multiple sources, compiling millions of records containing faces, tattoos, fingerprints, etc. from a blend of criminal and non-criminal databases. It went live in 2014, but without being accompanied by the Privacy Impact Assessment (PIA) it promised to deliver back in 2012.

Lawsuits and pressure from legislators finally forced the FBI to comply with government requirements. That doesn't mean the FBI has fully complied, not even two years past the rollout. And it has no interest in doing so in the future. It's currently fighting to have its massive database exempted from federal privacy laws.

Much of the information we have about the FBI's NGI database has come from outside sources. The EFF and EPIC have forced documentation out of the agency's hands via FOIA lawsuits. And now, the Government Accountability Office (in an investigation prompted by Sen. Al Franken) is turning over more information to the public with its review of the system.

What the GAO found is more bad news. The FBI is all about collecting data. It has little interest in ensuring the data is accurate or even usable.

The FBI’s system searches not just its own database, but also photo databases maintained by seven participating states, the US Department of State – which issues passports – and the US Department of Defense, shared among federal law enforcement agencies and the participating agencies, though access on the state level is obtained through the FBI.

This is only part of the NGI. To amass the 411 million photos it has collected to this point, the FBI dumps in the contents of a national criminal database.

[T]he GAO report found a much larger program, run by the criminal justice information services division of the FBI (CJIS), called Facial Analysis, Comparison and Evaluation, or Face, which “conducts face recognition searches on NGI-IPS and can access external partners’ face recognition systems to support FBI active investigations”.

The multiple inputs -- which allow criminal and non-criminal biometric data to intermingle -- still return an alarmingly high number of false positives. According to data obtained by EPIC, the facial recognition portion shows an error rate of 15-20% in the top 50 results returned from searches. That was the error rate in 2010. We can assume the hit rate has improved since then, but we have no way of knowing what the current error rate is because the FBI is uninterested in policing the accuracy of its database.

From the GAO report [PDF]:

Prior to deploying NGI-IPS, the FBI conducted limited testing to evaluate whether face recognition searches returned matches to persons in the database (the detection rate) within a candidate list of 50, but has not assessed how often errors occur. FBI officials stated that they do not know, and have not tested, the detection rate for candidate list sizes smaller than 50, which users sometimes request from the FBI… Additionally, the FBI has not taken steps to determine whether the face recognition systems used by external partners, such as states and federal agencies, are sufficiently accurate for use by FACE Services to support FBI investigations

The GAO report also points out the FBI has been severely delinquent in its obligations to the public. Reports it was supposed to deliver prior to rollout have only just recently appeared, including one release apparently prompted by the GAO's assessment of the NGI program.

NGI-IPS has been in place since 2011, but DOJ did not publish a System of Records Notice (SORN) that addresses the FBI's use of face recognition capabilities, as required by law, until May 5, 2016, after completion of GAO's review. The timely publishing of a SORN would improve the public's understanding of how NGI uses and protects personal information.

The GAO has made six recommendations to the agency, three of which are being disputed by the DOJ. According to the DOJ, the reason for the mandatory reports being delivered after-the-fact doesn't need to be examined because the FBI "has established practices that protect privacy and civil liberties beyond the requirements of the law." This sounds like the FBI has "nothing to hide," which is at odds with the lack of responsiveness by the agency to demands for updated PIAs and SORNs over the last eight years.

The DOJ also disagrees that it should have to audit the facial recognition database's "hit rate," something that was only 80-85% accurate five years ago. (In fact, the FBI's specifications consider 85% accuracy to be acceptable when returning lists of possible suspects.) The DOJ claims the database can never return a false positive because it apparently has enough manpower and resources to chase down every bogus lead.

In its response, DOJ stated that because searches of NGI-IPS produce a gallery of likely candidates to be used as investigative leads instead of for positive identification, NGI-IPS cannot produce false positives and there is no false positive rate for the system.

The GAO understandably disagrees. Accuracy is important, especially if the FBI is going to put innocent people under investigation… or overlook potentially dangerous suspects.

Without actual assessments of the results from its state and federal partners, the FBI is making decisions to enter into agreements based on assumptions that the search results may provide valuable investigative leads. In addition, we disagree with DOJ’s assertion that manual review of automated search results is sufficient. Even with a manual review process, the FBI could miss investigative leads if a partner does not have a sufficiently accurate system.

The DOJ apparently still feels a 20% chance of putting the wrong person under investigation is still acceptable. And it still believes that it's so far ahead of the privacy curve that it doesn't need to apprise the public of the potential privacy implications of its massive biometric database. The information forced out of its hands by litigants and outside agencies shows the FBI is far more interested in collection than dissemination -- that it should be able to take all it wants from the public without having to hand out anything in return.

Read More | 22 Comments | Leave a Comment..

Posted on Techdirt - 20 June 2016 @ 12:51pm

Judge In Playpen Case: FBI's Warrant Is Valid, Even If Its Claims About No Privacy In IP Addresses Are Not

from the a-net-win-for-the-feds dept

Another court handling an FBI Playpen case has handed down its decision on a motion to suppress. Like other courts fielding prosecutions resulting from this massive investigation, it has found [PDF] that the FBI's NIT (Network Investigative Technique) is invasive enough to be called a "search." (via FourthAmendment.com)

The FBI must have felt its NIT deployment would be considered a search. That's why it obtained a warrant in the first place. But it's been frantically peddling "not a search" theories as court after court has declared its warrant invalid because the searches were performed outside of the issuing magistrate's jurisdiction.

In this case, the issue of whether or not the NIT deployment was a search has not been disputed by either party. The court addresses it anyway because it affects the reasoning that follows.

Before reaching the merits of Defendant's motions, it will be useful to address a preliminary question unaddressed by the parties: Was the deployment of the NIT a "search" of Defendant's computer within the meaning of the Fourth Amendment? If the use of the NIT was not a search, the Fourth Amendment was not implicated, no warrant was required, and any violation of Rule 41(b) irrelevant.

Rule 41(b), which may be drastically altered by the end of this year, restricts searches to the jurisdiction where the warrants were issued. The FBI is well aware of the deficiencies of its NIT warrant, which is why it presented this legal theory to court in response to an earlier motion.

The government in its response to Defendant's First Motion to Suppress never argues that no warrant was required because deployment of the NIT was not a Fourth Amendment search. See Gov't's Resp. to First Mot. at 15-38. In failing to raise this argument when it would have been appropriate, the government has likely waived it. The government does, in justifying the scope of the warrant, argue that Defendant had no reasonable expectation of privacy in his IP address, even though he was using the Tor network.

The court blows past the "no expectation of privacy in IP addresses" for the moment, instead focusing on the execution of the FBI's NIT.

The "contents" of a computer are nothing but its code. In placing code on Defendant's computer, the government literally—one writes code—invaded the contents of the computer. Additionally, the code placed on Defendant's computer caused Defendant's computer to transmit certain information without the authority or knowledge of Defendant. In this manner the government seized the contents of Defendant's computer. Just as in Riley, it is irrelevant that Defendant might not have a reasonable expectation of privacy in some of the information searched and seized by the government. The government's deployment of the NIT was a Fourth Amendment search.

This key element having been decided, the court moves on to the warrant itself, as well as the government's contention that an IP address has no expectation of privacy. As to the latter, the court points out that the government obtained much more than just an IP address with its NIT and that it used an intrusive means to do so. The court ultimately agrees with the assertion about the lack of privacy in IP addresses, but does not agree that obtaining an IP address in this fashion can be considered harmless under the Fourth Amendment. Hence the nod to the Supreme Court's Riley decision. While many records contained on a phone may be subject the Third Party Doctrine and obtained without a warrant, they must be obtained from the third parties, rather than from the phone itself. Replace "phone" with "computer," and information with no built-in expectation of privacy gains a privacy shield due to where these "records" are stored.

The defendant's second motion to suppress brings up the Rule 41(b) issue. But it fails, spectacularly, because of the defendant's location.

Defendant argues that Rule 41(b) only allows magistrate judges to issue warrants for searches outside of their districts in limited, well-defined circumstances, none of which apply to the facts of the instant case. Second Mot. at 6-11. Of course, Defendant acknowledges that the website was being run from within the Eastern District of Virginia, that the magistrate judge sits in the Eastern District of Virginia, and that Defendant's computer was located in the Eastern District of Virginia when the NIT was deployed.

The legal theory advanced by the defense is that the warrant is still invalid, even when deployed in its proper jurisdiction, because it permitted the FBI to search an untold number of computers located all over the country. The court doesn't buy this rationale. In fact, it states it would have denied suppression even if the warrant had failed to hold up because the FBI took every step it could to ensure the legitimacy of its search.

The FBI agents in this case did the right thing. They gathered evidence over an extended period and filed a detailed affidavit with a federal magistrate in support of their search warrant application. They filed the warrant application in the federal district that had the closest connection to the search to be executed. The information gathered by the warrant was limited: primarily the IP addresses of those that accessed Playpen and additional information that would aid in identifying what computer accessed the site and what individual used that computer.

The judge doesn't let the FBI off the hook entirely. It also addresses the FBI's last-minute argument that the defendant shouldn't even have been allowed to challenge the warrant.

The government also argues that Defendant does not have standing to challenge the warrant because the alleged defect in the warrant, that it exceeded the magistrate's jurisdiction, does not apply to him because his computer was in the Eastern District. This seems to be a novel interpretation of standing law in Fourth Amendment cases. The standing inquiry in Fourth Amendment cases asks if the individual seeking suppression had a reasonable expectation of privacy in the thing searched. See Rakas v. Illinois. 439 U.S. 128, 133-34 (1978). Defendant's computer was searched, and he has a reasonable expectation of privacy in his computer.

The Playpen saga is a complete mess. There's nothing in this mixed bag of decisions that tips the scale in either direction. For every win about the lack of privacy in IP addresses the FBI secures, it loses another one to the invasive method it used to obtain these addresses. Every time a court grants its credit for "good faith," multiple courts countered with opinions finding the warrants invalid from the moment they were signed by a magistrate.

About the only "win" the FBI can definitively claim is that its NIT secrets are still mostly secret. And in order to achieve that, it had to watch its evidence be dismissed by a judge who actually believed the FBI had legitimate reasons for refusing to disclose this info.

And yet, it's unlikely that this will result in the FBI examining its investigation methods. As of right now, it has less than six months before the proposed Rule 41(b) changes are adopted by Congress. And there's a good chance they will be because Congress has to have the will and determination to "opt out" while distracted by an extended holiday season of shorter work weeks, the annual budget process, reelection campaigns, and a change in regimes.

Read More | 8 Comments | Leave a Comment..

Posted on Techdirt - 20 June 2016 @ 11:52am

Supreme Court Knocks A Little More Off The 4th Amendment; Gives Cops Another Way To Salvage Illegal Searches

from the endlessly-forgiving dept

The Supreme Court hasn't necessarily been kind to the Fourth Amendment in recent years. While it did deliver the Riley decision, which instituted a warrant requirement for searches of cellphones, it has generally continued to expand the ability of police to stop and search anyone for almost any reason.

Its Heien decision said it was perfectly fine for police officers to remain ignorant of the laws they're enforcing by allowing them to continue making bogus traffic stops predicated on nonexistent laws. The Rodriguez decision at least prohibits officers from artificially extending stops to bring out drug dogs or beg for consent to search a vehicle, but it doesn't do anything to prevent the bogus stops in the first place.

With its just-released Strieff decision, the Supreme Court -- in a 5-3 ruling -- extends the reach of bogus stops/searches to pedestrians. To get to where we are now, you have to go back a decade:

The case, Utah v. Strieff, started in 2006, when the Salt Lake City police got an anonymous tip reporting drug activity at a house. An officer monitored the house for several days and became suspicious at the number of people he saw entering and leaving. When one of those people, Edward Strieff, left to walk to a nearby convenience store, the officer stopped him and asked for his identification.

A routine check revealed that Mr. Strieff had an outstanding “small traffic warrant.” The officer arrested him based on that earlier warrant, searched him and found a bag of methamphetamine and drug paraphernalia in his pockets.

The evidence obtained should have been suppressed because the officer had no reason to stop Strieff and demand his ID. The state of Utah has already conceded this was an illegal stop. But it has appealed it all the way to the nation's top court because it wants the fruits of the illegal search to remain unsuppressed and, more importantly, the government wants the precedent. It got it. From the opinion [PDF]:

To enforce the Fourth Amendment’s prohibition against “unreasonable searches and seizures,” this Court has at times required courts to exclude evidence obtained by unconstitutional police conduct. But the Court has also held that, even when there is a Fourth Amendment violation, this exclusionary rule does not apply when the costs of exclusion outweigh its deterrent benefits. In some cases, for example, the link between the unconstitutional conduct and the discovery of the evidence is too attenuated to justify suppression. The question in this case is whether this attenuation doctrine applies when an officer makes an unconstitutional investigatory stop; learns during that stop that the suspect is subject to a valid arrest warrant; and proceeds to arrest the suspect and seize incriminating evidence during a search incident to that arrest. We hold that the evidence the officer seized as part of the search incident to arrest is admissible because the officer’s discovery of the arrest warrant attenuated the connection between the unlawful stop and the evidence seized incident to arrest.

Working backwards from the arrest and search incident to the arrest, the court finds that the warrant the officer knew nothing about before stopping Strieff is all the connective tissue lower courts will need to refuse suppression of evidence obtained from similar illegal stops. The majority says this reverse engineering is perfectly fine because it probably won't be abused -- and even if it is, those whose rights are violated can always lawyer up and file a civil suit.

Strieff’s counterarguments are unpersuasive. First, neither Officer Fackrell’s purpose nor the flagrancy of the violation rises to a level of misconduct warranting suppression. Officer Fackrell’s purpose was not to conduct a suspicionless fishing expedition but was to gather information about activity inside a house whose occupants were legitimately suspected of dealing drugs. Strieff conflates the standard for an illegal stop with the standard for flagrancy, which requires more than the mere absence of proper cause. Second, it is unlikely that the prevalence of outstanding warrants will lead to dragnet searches by police. Such misconduct would expose police to civil liability and, in any event, is already accounted for by Brown’s “purpose and flagrancy” factor.

The majority acts as though this sort of thing is an isolated incident -- a unicorn in the pantheon of law enforcement. Justice Sotomayor's angry dissent tears this argument apart, pointing out how the majority has just given law enforcement a permission slip for illegal searches while claiming this is a narrow reading of a one-off incident.

The Court today holds that the discovery of a warrant for an unpaid parking ticket will forgive a police officer’s violation of your Fourth Amendment rights. Do not be soothed by the opinion’s technical language: This case allows the police to stop you on the street, demand your identification, and check it for outstanding traffic warrants—even if you are doing nothing wrong. If the officer discovers a warrant for a fine you forgot to pay, courts will now excuse his illegal stop and will admit into evidence anything he happens to find by searching you after arresting you on the warrant.

The majority's decision pretends outstanding warrants won't encourage police fishing expeditions. But to mix a couple of metaphors, law enforcement agencies have access to massive honeypots.

These factors confirm that the officer in this case discovered Strieff ’s drugs by exploiting his own illegal conduct. The officer did not ask Strieff to volunteer his name only to find out, days later, that Strieff had a warrant against him. The officer illegally stopped Strieff and immediately ran a warrant check. The officer’s discovery of a warrant was not some intervening surprise that he could not have anticipated. Utah lists over 180,000 misdemeanor warrants in its database, and at the time of the arrest, Salt Lake County had a “backlog of outstanding warrants” so large that it faced the “potential for civil liability.”

This opinion gives officers the option to demand ID from every pedestrian they encounter in order to run a warrant check. There no longer needs to be a reason for the stop. Officers can work backwards by performing the stop, running an ID and, finally, arresting a person and performing a search if the database returns a hit. If you want a police state, you've got one, as Sotomayor points out.

By legitimizing the conduct that produces this double consciousness, this case tells everyone, white and black, guilty and innocent, that an officer can verify your legal status at any time. It says that your body is subject to invasion while courts excuse the violation of your rights. It implies that you are not a citizen of a democracy but the subject of a carceral state, just waiting to be cataloged.

We must not pretend that the countless people who are routinely targeted by police are “isolated.” They are the canaries in the coal mine whose deaths, civil and literal, warn us that no one can breathe in this atmosphere.

The logic of the majority's decision -- now the law of the land -- says even a warrant for an unpaid parking ticket is a free pass for officers to perform a search of your person. It sounds innocuous but it isn't. You'll be stopped and not allowed to leave. You may be pushed up against a wall or bent over the hood of a police car. Your personal belongings will be taken, laid out, and cataloged. You may also have your genitalia and bodily orifices probed and inspected. And, most likely, all of this will happen in public in full view of passersby. A search is an invasion, but the Supreme Court's decision treats as a minor inconvenience -- and one whose illegality can be excused after the fact.

Read More | 57 Comments | Leave a Comment..

Posted on Techdirt - 20 June 2016 @ 3:23am

Judge Doesn't Find Much To Like In 'Material Support For Terrorism' Lawsuit Against Twitter

from the doubling-down-on-wrong-does-no-one-any-favors dept

The lawsuit against Twitter for "providing material support" to ISIS (predicated on the fact that ISIS members use Twitter to communicate) -- filed in January by the widow of a man killed in an ISIS raid -- is in trouble.

Twitter filed its motion to dismiss in March, stating logically enough that the plaintiff had offered nothing more than conclusory claims about its "support" of terrorism, not to mention the fact that there was no link between Twitter and the terrorist act that killed the plaintiff's husband. On top of that, it pointed out the obvious: that Section 230 does not allow service providers to be held responsible for the actions of their users.

As reported by Nicholas Iovino of Courthouse News Service, the presiding judge doesn't seem too impressed by what he's seen so far from the plaintiff.

U.S. District Judge William Orrick said the complaint fails to show a link between the social media network's actions and the attack that took five lives in Jordan.

"I just don't see causation under the Antiterrorism Act," [Judge William] Orrick said. "There's no allegation that ISIS used Twitter to recruit Zaid."

That deals a blow to one of the lawsuit's allegations. Orrick also didn't find the plaintiff's claim that Twitter direct messages are somehow different than regular tweets when it comes to Section 230 protections.

Orrick was not persuaded that companies like Twitter could be sued for messages sent by users.

"Just because it's private messaging doesn't put this beyond the Communications Decency Act's reach," Orrick said.

This was in response to the plaintiff's lawyer's assertion that because direct messages are not accessible by the public, Twitter couldn't avail itself of Section 230 protections as a "publisher." Twitter's lawyer countered by pointing out email providers are still considered "publishers" and they can't be held responsible for users' communications, even though those messages are never made public.

It only took about 40 minutes for Judge Orrick to reach a decision, albeit one that doesn't shut down this ridiculous lawsuit completely. The lawsuit has been dismissed, but without prejudice and with an invitation for the plaintiff to file an amended complaint.

Given the hurdles the plaintiff needs to leap (some logical, some statutory) to find Twitter responsible for the actions of terrorists halfway around the world, it's unlikely that an amended complaint will fix the seriously misguided lawsuit. The only people truly responsible for the plaintiff's husband's death are those who took his life. While it's an understandable emotional response to want someone to pay for the murder of a loved one, sometimes there's no way to receive that sort of closure.

Twitter isn't a closed platform developed solely for terrorists' communications. It's available to anyone with an email address… even terrorists. Twitter is routinely criticized for its handling of illicit material and abusive behavior, but the undeniable fact still remains: these unpleasant communications are created by users, not by Twitter. Any attempt to connect the dots between a terrorist attack and terrorist chatter is tenuous, and any attempt to hold platforms responsible for the actions of their users carries with it the potential to make the internet worse for millions of law-abiding users.

12 Comments | Leave a Comment..

Posted on Techdirt - 17 June 2016 @ 2:09pm

Highly-Dubious Spiritualist Making Highly-Dubious Claims Loses Highly-Dubious Defamation Lawsuit Against Critic

from the cool,-refreshing,-Trivedi-brand-'bottles-o'-bullshit' dept

Mahendra Trivedi is a hell of a guy. Just ask him.

Mahendra Trivedi is recognized throughout the world for the discovery of his unique ability to transmit an extremely powerful and all-encompassing form of energy. The revolutionary impact of this energy is called The Trivedi Effect® .

[You can tell it's an extra-special energy because it has a registered trademark.]

Trivedi can simply stand near a bottle of water, transfer some of his powerful energy, and sell this bottled water to you at a presumably healthy markup. Among other things, the energized water can supposedly go full Lazarus on your flora.

But that's not all. Not only can Trivedi energize stuff to make it do other stuff, he's also quite the human specimen.

Research done on various aspects of his physiology has confirmed unique differences in his body, such as variations in body temperature ranging between 95 and 68 degrees Fahrenheit. His breathing pattern shows minimal movement in his diaphragm (which is physically impossible). An MRI of his brain reveals that he has the largest pituitary fossa ever found in a healthy person known to date. More so, an EEG found that his brain is in an alpha state when he is simply "normal.“ According to modern medical science, Mahendra Trivedi‘s physiological conditions contradict everything we know about science, the human body and the power of consciousness.

"Contradicting everything we know about science" is a pretty good summation of Trivedi's goods and services. According to information gathered by the Skeptic's Dictionary, Trivedi has staked a claim to any number of miraculous actions.

...Mr. Trivedi began to ask why this energy is limited to humans. He felt that if this energy is real, it must work everywhere. It must enhance the abilities, properties, and productivity of crops; transform bacteria, viruses and fungi; convert cancer cells into non-cancer cells; and make metals, chemicals, and polymers stronger. Due to his skeptic nature, he started scientific research. With help from the most sophisticated technology available to science under controlled conditions; [sic] he began to discover the proven impact of this energy’s characteristics, behavior, limitations and abilities. He thought that if this energy could change the structure of an atom, then nothing was impossible for this energy. He has compiled a remarkable track record of success, including nearly 4,000 well-documented scientific studies on his ability to profoundly affect matter down to the level of the atom.

4,000 well-documented scientific studies? Who could argue with that? Well, anyone who wants to, apparently.

I am sorry to say that I have been unable to locate even one of these 4,000 studies that has been published in a reputable scientific journal. Many are published in predatory open access journals.

And, even under the complete lack of scrutiny provided by pay-for-play "scientific journals," the studies Trivedi claims back up his miracles have nothing approaching scientific methodology contained in them. One claiming Trivedi was able to introduce bacterial mutations simply by waving his hand over some Petri dishes is deftly summed up this way by a slightly more sympathetic blogger at "Integral World."

No attempt even to recognize, let alone engage with, these issues is made in the paper. It's basically just, this is what we found, believe it or not.

Nothing says "science" quite like the conclusion, "There's no explanation for this, so Trivedi must be a miracle worker."

This alone would make Trivedi a target of mockery and skepticism. Add to that the fact that he's faced multiple labor-related lawsuits alleging abusive behavior and you have a magnet for criticism. Unfortunately for St. Paul blogger Dennis Lang, Trivedi can't handle having his long string of dubious claims and equally-long string of abuse allegations discussed in public. Lang has been on the receiving end of two defamation lawsuits by Trivedi -- both targeting Lang's reporting on claims made by former employees of Trivedi's.

Trivedi did manage to obtain a default judgment against Lang back in 2012. The judgment has nothing to do with the merits of his case and everything to do with the inexplicable behavior of the judge awarding it. Here's Mike Moseby of Minnesota Lawyer recounting the leadup to Lang's most recent legal battle with Trivedi.

It may have come in 2013, when Lang received a call from another Trivedi-nemesis — the former partner of the organization’s current CEO. The caller informed him that a judge in Arizona had just entered a default verdict and Lang was officially $59 million in the red.

But the peak silliness may have come on June 14, 2013, when a local attorney working for Trivedi — Kelly Hadac of the St.Paul firm HDK — sought to enforce that $59 million default judgment in Minnesota.

Fortunately, the judge in Minnesota found this judgment award unbelievably ridiculous and refused to uphold it.

As she reviewed the paperwork, Ramsey County District Court Judge Margaret Marrinan expressed bafflement — both at the size of the judgment and the fact that there was no accompanying memorandum from the judge.

“It’s a fill in the blank kind of order, isn’t it?” she said. “I guess I’m rather appalled that a court would do that.” According to a transcript of the proceedings, at other points, Marrinan referred to “the incredible laxness of the judge” as “way out west” and “not the way I do business.”

The judgment was vacated for lack of jurisdiction. Undeterred, Trivedi sued Lang again, this time in Minnesota. The end result was even worse.

If you say you’re a guru who has performed thousands of medical miracles around the world, it’s harder to say in court that you’re a regular guy.

That’s one of the takeaways from Ramsey County District Judge Robert Awsumb’s ruling last week that dismissed Mahendra Trivedi’s defamation lawsuit against a St. Paul blogger, Dennis Lang.

Awsumb’s ruling is a welcome victory for the First Amendment, especially for the vast majority of writers who have no institution to protect them from well-funded legal attacks intended to silence them. The judge ruled that Trivedi was a “limited purpose public figure,” which opens him up to public criticism with a stronger shield from lawsuits.

Trivedi tried to argue that he was not a public figure. The court found this assertion ridiculous.

Despite the extraordinary nature of the powers and abilities claimed by Trivedi and the Trivedi Entities, Trivedi states that he is "not nationally or regionally famous in the United States or elsewhere in the world."

He further states:

Even within the field of alternative medicine or energy transmissions, I am very much unknown in the United States and the rest of world. When I speak to individuals concerning the Trivedi Effect, I have to introduce myself and explain the nature of the Trivedi Effect. Unless the individual has been introduced to me by another mutual contact, the individual has never heard of me or the Trivedi Entities before. This was especially true i n 2011 and 2012 when I had only been i n the United States for a few years.

Nonetheless, in 2014 Trivedi stipulated that he was a limited purpose public figure for purposes of a related defamation lawsuit in Pennsylvania. [Trivedi v. Slawecki] In fact, the court's decision in Trivedi v. Slawecki is very similar factually to this case and involves similar issues.

Yes, the same person who boasts of "performing 70,000 medical miracles around the world" and made his "debut" alongside Deepak Chopra insists he's not a public figure… even when he's claimed otherwise to further an earlier defamation lawsuit (that he lost).

The court also points out that the nature of Trivedi's "business" invites more justifiable criticism than, say, a real scientist using real science might.

The court does not intend to consider or evaluate the accuracy or validity of Trivedi's claims or abilities. Nonetheless, the claims of being Jesus-like or Einstein-like are, by their nature, controversial claims likely to be challenged or refuted. To be sure, debate was occurring both on the internet through the PurQi.com blog and by research professor Slawecki at Penn State, who had publicly posted her summary of Penn State research questioning Trivedi's purported abilities. These claims, along with the self-proclaimed 4,000 scientific studies and publications in "170 publications in leading international, peer-reviewed scientific journals" put Trivedi and his enterprise directly into the global marketplace of ideas, obviously intended to reach a broad audience and attract interest in Trivedi and his enterprise. These vast claims of his personal powers propelled Trivedi and his entities into the public arena to affirm, debate, question and challenge his assertions, and in so doing, his character and credibility.

There's your "voluntary injection" into the public debate. Point: Lang. And lawsuit dismissed.

As James Eli Shiffner of the Star Tribune points out, this win is everyone's win, whether it's long-established journalistic outlets or hobby bloggers performing their own investigative work.

The ability to criticize public figures is a bedrock of free speech. With some public figures calling for new restrictions on that right, Awsumb’s ruling sends a message that it’s not only big media organizations that will have the court’s backing.

And if Trivedi thought suing critics would make his dubious claims and alleged abuse fade from the public eye, he's finding out (repeatedly) that his common sense is no more finely honed than his scientific skills.

Read More | 21 Comments | Leave a Comment..

Posted on Techdirt - 16 June 2016 @ 11:21pm

Scottish Law Enforcement Also Apparently Hooked Up To NSA/GCHQ's Data Firehose

from the metadata-on-everyone...-for-everyone! dept

The fun thing about leaked documents is that they almost always reveal something more than just the focal point. The leaked reports that showed British intelligence agencies to be drowning in data also exposed a previously hidden part of the UK intelligence apparatus.

The documents confirm that a little-known policing body called the Scottish Recording Centre (SRC) was given access to information logs that includes millions of communications data including phone activity, internet histories, and social media behaviour on Facebook.

The confirmation that UK state spy agency GCHQ ran a specific programmed, called “MILKWHITE”, to share data with devolved policing and tax authorities is the first Snowden leak to directly implicate Scottish authorities in the controversial policy of ‘bulk data’ collection.

And just like that, the "obscure Scotland-based surveillance unit" is no longer obscure. It's safe to say most of Scotland's citizens were unaware of its existence until the latest revelations. While there's probably only been a small bump in general public awareness, it has mobilized activists and given them the ammo they need to question their representatives.

Richard Haley, chair of human rights group Scotland Against Criminalising Communities, has said that the SRC raises “very serious questions”.

Haley asked: “The Scottish Recording Centre might be unknown to most of us, but the Scottish Government must be familiar with it because of its role in legally authorised interception. Did the Scottish Government know of its involvement in MILKWHITE? If not, why not? And if they did, why didn't they sound the alarm? And for that matter, what is the Scottish Recording Centre? A real set of offices and computers, or just an organisational concept?”

Haley and others are seeking answers. They likely won't be getting them any time soon. The Police Service of Scotland -- which partakes of the SRC data haul -- says it won't discuss "intelligence matters." GCHQ added its own boilerplate in response, stating it also won't discuss "intelligence matters," and that everything it does is subject to multiple legal authorities and strict oversight: two claims leaked documents keep refuting.

Those claims are even refuted within this article about the leaked documents. Michael Gray of CommonSpace points out that the Police Service of Scotland previously spied on communications between journalists in violation of the law. The service has also been linked to targeting of political activists -- none of which sounds particularly "lawful," much less "authorised, necessary, and appropriate," to borrow a phrase from GCHQ's non-comment.

4 Comments | Leave a Comment..

Posted on Techdirt - 16 June 2016 @ 9:39am

Court Says Free Speech Rights For Prisoners Not 'Clearly Established,' Gives Pass To Retaliatory Actions By Officials

from the 'because-you-asked-wrong,-we-won't-examine-the-unexamined-issue' dept

While it's true that prisoners enjoy fewer rights than Americans who've never been convicted of a crime, their rights are by no means nonexistent. Except in some cases... where bits and pieces of protected speech vanish into the gaps between established prison guidelines and case law directly addressing the matter.

That's an admittedly unclear summation of the appeals court decision finding a federal prisoner's rights weren't violated when he was removed from a halfway house and placed in solitary confinement in retaliation for publishing an article about his prison experience.

Daniel McGowan, an environmental activist whose prosecution for "eco terrorism" was the subject of an award-winning film, was finishing his seven-year term at a Brooklyn halfway house when he wrote a HuffPost blog post that contained details about a secretive prison where he had spent years in isolation.

There was nothing particularly revealing about what he wrote: Much of it had been made public in an ongoing civil rights lawsuit he and other low-risk prisoners filed in federal court in Washington challenging their placement there, for no other reason than their political views or who they are.

Even if McGowan had published something more revealing, it still shouldn't have mattered. The law used to punish him for publishing the piece was no longer on the books at the time a prison official decided to pull McGowan from the halfway house and take him to a detention center in Brooklyn. From the Second Circuit Court of Appeals decision [PDF]:

McGowan alleges that, shortly after his article appeared online, defendant Tracy Rivers, the Residential Reentry Manager at the New York Residential Reentry Management Office of the Bureau of Prisons (“BOP”), determined that he should be issued an incident report and remanded to a federal detention center. The incident report stated that McGowan had violated “BOP Program Statement no. 1480.05 dated September 21, 2000; 540.62 page 5, section (d),” which provided that “an inmate currently confined in an institution may not be employed or act as a reporter or publish under a byline” (the “Byline Regulation”).   

The problem with citing this guideline is that the Bureau of Prisons had rescinded it in 2010, (belatedly) following a 2007 Colorado district court decision finding the regulation unconstitutional. Unfortunately for McGowan, despite the regulation being nonexistent when it was used to put him in solitary confinement, the appeals court has found that there's no Second Circuit precedent clearly asserting First Amendment protections for federal prisoners.

Whether or not we would agree with that analysis is beside the point. We conclude only that, in light of the different interests at stake, our case law establishing a prisoner’s right to file a lawsuit or grievance does not clearly establish a prisoner’s right to publish an article under a byline. Indeed, the only authority that McGowan has identified that involved expression similar to that at issue in this case is a district court opinion, which, of course, is not binding.

That erases McGowan's retaliation claim. The official who made the decision to confine McGowan is entitled to qualified immunity as no "clearly established right" was violated -- just the use of federal prisoner guideline that had been removed by the BOP three years earlier.

By reaching these conclusions, the appeals court is able to dodge thornier issues -- like further clarifying the limits of First Amendment protections for federal prisoners.

As one of McGowan's lawyers, Alexander Reinert, put it, the decision was silent about how "prisoners may express themselves to the outside world."

Reinert, a law professor at Cardozo, said he's disappointed in the ruling and is considering asking for a rehearing. Ryan Grim, HuffPost's Washington bureau chief, called the decision "appalling on its face."

Nothing but stasis from the Second Circuit Appeals Court. It notes that no "clearly established right" was violated here, but passes on the opportunity to more clearly define the boundaries of prisoners' First Amendment rights. A rehearing could fix this by pushing the court towards examining the issue it overlooked during its decision, but until it does so, prisons in the Second Circuit will still be able to get away with using nonexistent guidelines to punish prisoners for otherwise protected speech.

Read More | 34 Comments | Leave a Comment..

Posted on Techdirt - 16 June 2016 @ 8:33am

The FBI Says Its Homegrown Terrorist Stings Are Nothing More Than A Proactive Fight Against 'Going Dark'

from the MADE-WITH-PRIDE-IN-THE-USA! dept

The New York Times is taking a look at the FBI's battle against terrorism (not the first time it's done this) -- namely, its near-total reliance on sting operations to round up would-be terrorists. As the Times' Eric Lichtblau points out, stings used to be a last-resort tactic. Now, it's standard operating procedure. Two out of every three terrorism prosecutions begin with undercover agents nudging citizens and immigrants toward acts of violence and "material support." In some cases, the FBI agents are doing all the work themselves.

The FBI, of course, maintains that these terrorists would have acted on their own without the agency's intercession -- even though it seems to be placing a rather heavy finger on the scale.

While F.B.I. officials say they are careful to avoid illegally entrapping suspects, their undercover operatives are far from bystanders. In recent investigations from Florida to California, agents have helped people suspected of being extremists acquire weapons, scope out bombing targets and find the best routes to Syria to join the Islamic State, records show.

According to the agency, this stuff that looks like entrapment is nothing more than expedience.

“We’re not going to wait for the person to mobilize on his own time line,” said Michael B. Steinbach, who leads the F.B.I.’s national security branch. He added that the F.B.I. could not afford to “just sit and wait knowing the individual is actively plotting.”

I guess this all depends on your definition of "actively plotting." In cases we've covered here (and mentioned in the NYT article), federal agents have done everything from script and film "declaration of intent" videos to purchase all of the supplies needed for a "terrorist attack" they planned from start to finish.

The rogues gallery compiled by the FBI over the past half-decade is hardly threatening. It includes senior citizens, mentally-disabled teens, would-be terrorists who weren't even threatening enough to get their mothers to give them back their passports, and an assortment of extremely-impressionable young men who were all talk and no action.

While the FBI maintains it's doing nothing wrong, former FBI agents and intelligence community members aren't so sure.

“They’re manufacturing terrorism cases,” said Michael German, a former undercover agent with the F.B.I. who researches national security law at New York University’s Brennan Center for Justice. In many of the recent prosecutions, he said, “these people are five steps away from being a danger to the United States.”

Karen J. Greenberg, the director of the Center on National Security at Fordham University, said undercover operations had become the norm for the F.B.I. in the most recent Islamic State cases, with little debate or understanding of how the bureau actually conducts its investigations, especially its online stings.

“I think the F.B.I. is really going down the wrong path with a lot of these ISIS cases,” she said…

When pressed to defend aggressive sting operations, FBI officials fall back on one their favorite scapegoats: encryption.

“When the bad guys turn to encrypted areas, we’re dark, and the only way to gain a better understanding of what we’re up against may be through an undercover,” Mr. Steinbach said.

But exactly how much terrorism is this stopping? There's no way to gauge the effectiveness of these tactics other than to count up successful prosecutions, as the FBI likes to do. What the FBI says is the "least intrusive" method of fighting terrorism often appears to be nothing more than padding the stats. As long as the FBI can continue to chalk up terrorism prosecutions, it can avail itself of a nearly-bottomless well of funding. The agency has shifted its focus to intelligence rather than law enforcement since 2001, and nothing brings in the bucks like counterterrorism efforts.

Does it make us safer? That's also unquantifiable, although every day that goes by without a successful domestic terrorist attack could theoretically be added to the "win" column. But it's hard to believe these sting operations are actually taking credible threats out of circulation.

The FBI's tactics have a lot in common with the DEA/ATF's reliance on stash house robbery stings -- busts in which no actual drug dealers, weapons suppliers, weapons, or drugs are actually taken off the street. Everything inside the bogus stash houses exists only in the minds of the undercover agents. The only tangible aspect of the sting operations are the sentences handed down, the length of which is determined by the total amount of drugs federal agents say was "present" in the stash house that never existed and was never robbed.

Both "wars" being fought by law enforcement seem to be incredibly counterproductive. Four decades of drug warring has done almost nothing to stop the flow of illicit drugs into the country. What it has done, however, is turn the manufacturing countries into violent hellholes.

As for the War on Terror, the only terrorists being locked up appear to be those pushed and cajoled into acting out undercover agents' fantasies. The terrorist threat in other parts of the world remains almost unchanged, despite a decade-plus of FBI counterterrorist operations and CIA drone strikes. Here, too, there appears to be a certain amount of "looking busy" -- treadmill-like activity that does little to attack the threat but still guarantees a healthy budget year after year.

50 Comments | Leave a Comment..

Posted on Techdirt - 16 June 2016 @ 6:28am

Air Force, Lockheed Martin Combine Forces To 'Lose' 100,000 Inspector General Investigations

from the Up-in-the-air!-Into-the-wi34dz.eea.3rdek))we$#21....-[A]BORT,-[R]ETRY,-[F]AIL dept

In an era where storage is insanely cheap and the warning to schedule regular backups has been ringing in the ears of computer users for more than four decades, there's seemingly no explanation for the following:

The U.S. Air Force has lost records concerning 100,000 investigations into everything from workplace disputes to fraud.

A database that hosts files from the Air Force’s inspector general and legislative liaison divisions became corrupted last month, destroying data created between 2004 and now, service officials said. Neither the Air Force nor Lockheed Martin, the defense firm that runs the database, could say why it became corrupted or whether they’ll be able to recover the information.

The Air Force didn't lose investigations dating back to the mid-60s and stored on archaic, oddball-sized "floppies." It lost more than a decade's-worth of investigatory work -- from 2004 going forward, right up to the point that Lockheed discovered the "corruption" and spent two weeks trying to fix before informing its employer. At which point, the USAF kicked it up the ladder to its bosses, leaving them less than impressed.

In a letter to Secretary James on Monday, Sen. Mark Warner, D-Va., said the lost database “was intended to help the Air Force efficiently process and make decisions about serious issues like violations of law and policy, allegations or reprisal against whistleblowers, Freedom of Information Act requests, and Congressional inquiries.”

“My personal interest in the [Inspector General’s] ability to make good decisions about the outcomes of cases, and to do so in a timely manner, stems from a case involving a Virginia constituent that took more than two years to be completed, flagrantly violating the 180-day statutory requirement for case disposition,” Warner wrote.

Some notification is better than no notification, even if the "some" notification is extremely minimal and arrives well after the fact. Senator Warner remains underwhelmed.

“The five-sentence notification to Congress did not contain information that appeared to have the benefit of five days of working the issue,” Warner wrote.

The Air Force says there's no evidence of malicious intent, as far as it can tell. But there's also no evidence of competence. Why is it that files related to oversight of a government agency have no apparent redundancy? It's small details like these that show the government generally isn't much interested in policing itself.

If anything's going to be recovered, it's going to be Lockheed's job, and it's already spent a few weeks trying with little success. There may be some files stored locally at bases where investigations originated, but they're likely to be incomplete.

While I understand the inherent nature of bureaucracy makes it difficult to build fully-functioning systems that can handle digital migration with any sort of grace, it's completely incomprehensible that a system containing files collected over the last decade would funnel into a single storage space with no backup. It's one thing if this was just the Air Force's fault.

But this is more Lockheed's fault -- and despite its position as a favored government contractor -- it's also known for its innovation and technical prowess. Neither of those qualities are on display in this public embarrassment. And if it can't recover the data, it's pretty much erasing more than a decade's-worth of government mistakes, abuse, and misconduct. And while no one's going to say anything remotely close to this out loud, there has to be more than a few people relieved to see black marks on their permanent records suddenly converted to a useless tangle of 1s and 0s.

50 Comments | Leave a Comment..

Posted on Techdirt - 15 June 2016 @ 2:10pm

EFF, Public Citizen Enter Legal Battle That Started With Defamation But Is Somehow Now All About Copyright

from the the-Section-230-sneak-attack dept

Copyright is supposed to be a limited-use protection for creative works. The "limited" part went away with endless term extensions and auto-copyright for any creation attached to a "fixed medium." These days, copyright is the magical cure-all that doesn't actually cure anything. It's a weapon to be wielded dishonestly and inelegantly against the ignorant, in hopes of limiting speech to only what IP abusers like.

A lawsuit over a negative review hosted at Ripoff Report began with an all-too-familiar tactic: an attempt to route around Section 230 protections by claiming copyright infringement. The chain of events leading up to the bogus copyright claim is all sorts of problematic.

The case arose from a posting on a gripe site called Ripoff Report that recites a litany of insults and complaints written by Christopher Dupont against Massachusetts lawyer Richard Goren. Goren sued for defamation, and Dupont never showed up to defend the suit, so the court issued a "default judgment" in favor of Goren.1

Here's where things get odd. As part of the default judgment, Goren asked for and received a court order purporting to transfer Dupont's ownership of his copyright in the post to Goren. Goren and his company Small Justice then sued Ripoff Report's parent company Xcentric for copyright infringement.

The default judgment transferring copyright is indeed odd, as it has nothing to do with relief from defamation. The judgment simply should have resulted in a court order directed at Dupont to remove the review. (It's a default judgment so the question of whether or not the review is truly defamatory hasn't been explored, but...)

Ripoff Report isn't really helping matters with its policies. For one, it refuses to take down reviews for almost any reason, while also allowing entities to purchase services like statement retractions and the burial of negative reviews. It also prevents users from deleting posted complaints, presumably to head off legal threats issued by criticized parties. This doesn't do much for users who might delete something when threatened, but it also lets those who issue bogus threats know that this tactic won't work here.

Ripoff Report's copyright claim to the disputed review isn't much better than the lawyer's post-judgment claim. Anyone posting a complaint to Ripoff Report is forced to click through an "agreement" that hands over the rights to the complaint to Xcentric.

Unfortunately, Xcentric's legal theories haven't all been good for users, either: Xcentric claimed that it, in fact, is the true owner of the copyright in content posted to its site, not the users. The argument was based on the fine print to which users "agree" when they post content, which says that Xcentric gains an "exclusive license" to the content. It is a quirk of copyright law that this exclusive license language is actually code for transferring ownership of the copyright.

The EFF and Public Citizen argue against this "agreement," as well as Goren's abuse of IP protections, in its submitted brief [PDF]. In it, they make the point that Xcentric/Ripoff Report have a non-exclusive license to host users' reviews, rather than being in complete control of the content. While this may seem more favorable to the plaintiff and his infringement claim, it also insulates Xcentric from being sued for copyright infringement.

In contrast, users do clearly intend to give Xcentric permission to host the content, and understand that permission cannot be revoked. This is called an irrevocable, non-exclusive license, and in this case granting such a license to Xcentric advances the user's interest in censorship-resistant publishing on Ripoff Report and does not restrict their freedom to repost elsewhere. Therefore, even if Goren did obtain ownership of the copyright, Xcentric would not be liable because it has permission to host the content, and that permission cannot be retracted.

This doesn't mean any of the parties composing the brief are supportive of Ripoff Report's copyright grab. Public Citizen's Paul Alan Levy (who contributed to the amicus brief) sums it up this way in his post on the lawsuit:

In lay terms, the terms of service are themselves a ripoff.

This explains why Ripoff Report wants the court to bypass any examination of its browsewrap "agreement" when considering the amicus brief, despite the fact that it would help defend it against bogus infringement lawsuits like Goren's.

Abusing IP law is often the path of least resistance. And that is true of Ripoff Report just as much as it is for the aggrieved lawyer.

Those who wish to censor will try to use whatever area of law has the weakest protections for free speech. We encourage the First Circuit and other courts to bolster speech protections in the copyright realm, to resist attempts to dress up other claims as copyright infringement in order to censor speech, and to look askance at clickthrough "contracts" that compromise users' freedom.

Fortunately, Ripoff Report has now decided -- after the submission of this amicus brief -- to revamp this part of its terms of service. Paul Alan Levy notes that the company (Xcentric) should be applauded for taking this step, but perhaps not sent a round of drinks on the house.

In a comment posted yesterday to my blog post last week about an amicus brief that Public Citizen and EFF filed in the First Circuit, Ripoff Report founder Ed Magedson announced that his company is going to modify the browsewrap agreement that it has been imposing on users, whereby the company purported to obtain an exclusive license to carry reviewers’ critical content. This is progress for which that company deserves praise.

Progress, yes. But Xcentric still asserts its control of the copyright, albeit now in nonexclusive form. Magedson claims this control is needed to battle scraper sites, and will never (and has never) been used to go after site users. But Levy is not so sure this "protection" is actually necessary.

Indeed, when I pressed Magedson in a conversation after he made his comment, it seemed to me that the justification for taking copyright was two-fold – that scrapers take traffic from his web site, and that scrapers make it less valuable for companies to buy into the “Corporate Advocacy Program.” Neither of those arguments suggests that there is any reason why the interests of consumers who write reviews on Ripoff Report are advanced by the taking copyright ownership away from them.

With the modification to the terms of use in place, it's likely Xcentric/Ripoff Report will be able to sidestep any additiona judicial scrutiny as this case moves forward.

Read More | 15 Comments | Leave a Comment..

More posts from Capitalist Lion Tamer >>