Posted on Techdirt - 25 May 2016 @ 12:35pm
The Kansas City Royals' long-delayed return to competitive baseballing coincided with one of the most ridiculous raids ever conducted by the Department of Homeland Security. Birdies, a Kansas City lingerie shop, was "visited" by DHS agents -- working in conjunction with ICE -- who seized a number of panties emblazoned with a handcrafted take on the Royals' logo, along with the phrase "Take the Crown."
The agents performing the raid didn't seem all too enthused about their participation in this panty raid, according to the shop's owner, Peregrine Honig.
She says you could tell “they [DHS agents] felt like they were kicking a puppy.”
Honig also pointed out that many local law enforcement officers had purchased lingerie, including the supposedly-trademark infringing panties, without expressing concerns about IP violations or counterfeited goods.
The printing shop that made the panties for Birdies was also visited by DHS agents, who threatened the owner with six years in prison for "breaking copyright law" unless he consented to a warrantless search.
All of this culminated in plenty of unfavorable press coverage highlighting Homeland Security's panty raid and how much "safer" we all were thanks to its intercession on behalf of the Kansas City Royals and Major League Baseball.
Aaron Gordon of Vice Sports has acquired DHS communications related to the infamous panty raid via a FOIA request. The internal emails contain an awesome mixture of self-congratulation, defensiveness, and the agency's willingness to go above and beyond to please its "eager" partner in IP enforcement.
On October 16, five days before the raid, an anonymous ICE officer from the Intellectual Property Rights Coordination Center (IPRC)—in the documents released, names of officers were redacted; an appeal has been filed to release the names of the officers involved—wrote an email with the subject "Op Team Player - world series update," referring to Operation Team Player, ICE's partnership with U.S. professional sports leagues to intercept counterfeit goods, including tickets and merchandise.
The unnamed officer wrote, "They [the Kansas City office] are trying to get their numbers up and will accept any leads for controlled delivery in Kansas or Missouri, even if they do not meet the criteria because the AUSA Prosecutor is eager."
For the want of increased "numbers," the DHS lowered its standards to raid a lingerie shop. That's basically all there is to it. Without the prompting of an "eager" AUSA, this may never have happened.
Within hours of the raid, the story was already spreading across the internet. A blanket statement was composed for handling inquiries from the press: the usual "Go Team IP Enforcement" jingoism that accompanies ICE's sporting event-related raids performed in close partnership with the MLB, NBA, NFL etc. But someone in the email chain knew the usual stuff wasn't going to be nearly as effective in this case.
The headlines at the bottom of the email pretty much say it all. We're going to be all over the news tomorrow for the wrong reasons. We'll obviously try to spin this as an opportunity to discuss IPR, but the panty raid jokes will make it hard.
Apparently, ICE/DHS felt this particular narrative might be beyond its control. So it tried to drag Major League Baseball down with it.
On the same thread, at 9:57 PM, someone wrote, "We need MLB to step forward and throw some support for what we do. Let us get with our MLB contact and we'll be proactive as we can re: media." Someone with the title "Executive Associate Director of Homeland Security Investigations-ICE" replied, "Great idea. Let's move on it."
As Gordon notes, perhaps the hilarious part of the email chain is the agency's severe underestimation of the internet's thirst for stories containing (a) abuse of government power, or (b) women's intimate garments -- especially any combination of (a) and (b) that's capable of composing its own headlines.
[S]omeone else on the same thread exhibited a fundamental misunderstanding of the internet's interest in panty raids by writing, "So far it appears to have just localized press. Hopefully, it won't make it out of the local news bubble."
Well, hope in one hand and hold seized panties in the other, as they say. Still, one agent appeared to believe that the government's panty raid was nothing more than a judicious use of Homeland Security assets and taxpayer dollars.
Excellent work, which speaks for itself!
Sure does. That's why press coverage was unanimously negative. ICE, DHS and an "eager" AUSA joined forces with MLB to generate additional acronyms like "WTF" and "BS." Americans were protected from unauthorized sportsball underwear -- something than can only serve to increase their respect for intellectual property rights... and the sprawling, often-thuggish bureaucracies that enforce them.
Read More | 14 Comments | Leave a Comment..
Posted on Techdirt - 24 May 2016 @ 11:23pm
The perennial FOIA Reform Masquerade Ball is again under way, with legislators attempting to dodge blustery requests to "cut in" by administration officials and similarly-motivated federal agencies. The dance usually ends with Congressional committee chairmen yanking needles from records and booting everyone out of the dancehall.
Meanwhile, limited headway is being made in another branch of the government, far from the muffled protests of overwhelming majorities who have been shouted down by parties of one. The DC Appeals Court has just ruled that the government must extend its FOIA fee discounts to students at educational institutions, rather than just to instructors and administration.
The Department of Defense has fought this the whole way. It wanted a clear-cut delineation between students and staff for reasons only it comprehends, as that would mean saddling those with fewer financial resources (students) with higher fees.
The decision starts out by noting that FOIA fees -- if high enough -- are an effective deterrent to requesters. It then goes on to examine the government's assertion that the category of "educational institution" does not include these institutions' student bodies.
We thus must decide whether the statutory term “educational institution” is properly read, as the Government reads it, to include teachers but exclude students from the category of preferred requesters who are eligible for reduced fees. We conclude that the Government’s reading is inconsistent with the statute. Indeed, we think the Government’s reading makes little sense at all.
It would be a strange reading of this broad and general statutory language – which draws no distinction between teachers and students – to exempt teachers from paying full FOIA fees but to force students with presumably fewer financial means to pay full freight.
The government -- in making its nonsensical argument that students are not part of educational institutions -- relies on two different pull quotes. One is from a statement Sen. Charles Leahy made way back in 1986 during his legislative push to amend the FOIA to reduce fees for schools.
“A request made by a professor or other member of the professional staff of an educational or noncommercial scientific institution should be presumed to have been made by the institution.”
The government has chosen to believe this excludes students. The court, however, points out that Leahy was actually expanding the definition from what was originally assumed: that only top-level representatives of education institutions (presidents, chairpersons, etc.) could benefit from the lowered fees. The amendment, as written, makes no delineation between staff and students, no matter what the government feels Leahy must have meant when he made that statement.
The second pull quote is from an OMB (Office of Management and Budget) FOIA guideline.
“A student who makes a request in furtherance of the completion of a course of instruction is carrying out an individual research goal and the request would not qualify” as a request made by an educational institution.
With this, you'd figure the DoD has a point. But it doesn't, as the court explains. There are questions that need to be answered and one of them is, "How does the OMB arrive at this conclusion without a single statutory leg to stand on?"
In our view, OMB’s rule for student requests is inconsistent with the statute. FOIA refers broadly to an “educational institution.” As we have explained, we see no good basis in the text or context of FOIA to draw a line here between the teachers and students within the educational institution. The Guideline’s ipse dixit distinction of students from teachers is entirely unexplained and unpersuasive. The Guideline says that a geology teacher seeking information about soil erosion to support her research is entitled to reduced fees. But why not the geology student seeking the same information for the same reason? Crickets. We discern no meaningful distinction for purposes of this statute between the geology teacher and the geology student.
As the court sees it, the OMB's diversion from the statutory mean may be more motivated by its position (the "Budget" part of OMB) to seek higher fees from more requesters -- allowing it to make more money while deterring a certain percentage of FOIA requesters. If so, that's its own problem and one it fixes immediately. The FOIA isn't supposed to be a profit-making enterprise, much less a reliable revenue stream.
But this statute, as we read it, does not empower the Government to pursue fiscal balance or provide relief for the FOIA bureaucracy on the backs of students. The statutory text and context lead us to this simple conclusion: If teachers can qualify for reduced fees, so can students.
The court cautions that its take on the "educational institution" price break is not meant to be read as FOIA: Student Edition and used by attendees to obtain cheap documents for personal or commercial use. It says the government can take steps to prevent abuse by requiring things like copies of student IDs, letters from instructors, etc. That being said, the court is similarly not granting agencies the power to follow the letter of ruling while doing everything they can to break its spirit.
We caution agencies against requiring hard-to-obtain verifications that will have the practical effect of deterring or turning away otherwise valid student FOIA requests.
This is a win for student Kathryn Sack and for all others similarly situated. It returns a fee exemption to a more logical place, rather than leaving it in the shape it was, where it could be used to deter requesters with limited means.
Read More | 5 Comments | Leave a Comment..
Posted on Techdirt - 24 May 2016 @ 2:04pm
Yet another court has found that the warrant used by the FBI in the Playpen child porn investigation is invalid, rendering its NIT-assisted "search" unconstitutional. As USA Today's Brad Heath points out, this is at least the sixth court to find that Rule 41's jurisdictional limitations do not permit warrants issued in Virginia to support searches performed all over the nation.
While the court agrees that the warrant is invalid, it places the blame at the feet of the magistrate judge who issued it, rather than the agents who obtained it.
That Congress has “not caught up” with technological advances does not change the fact that the target of the NIT in Werdene’s case was located outside of the magistrate judge’s district and beyond her jurisdiction under subsection (b)(1). The property to be seized pursuant to the NIT warrant was not the server located in Newington, Virginia, but the IP address and related material “[f]rom any ‘activating’ computer” that accessed Playpen. (Gov’t’s Opp., Ex. 1 Attach. A.) Since that material was located outside of the Eastern District of Virginia, the magistrate judge did not have authority to issue the warrant under Rule 41(b)(1).
So, unlike other cases, this will not result in a suppression of evidence, thanks to the "good faith exception."
Werdene claims that the Government acted with intentional and deliberate disregard of Rule 41 because the FBI misled the magistrate judge “with respect to the true location of the activating computers to be searched.” (Def.’s Mem. at 17.) This argument is belied by both the warrant and warrant application. Agent Macfarlane stated in the warrant application that the “NIT may cause an activating computer—wherever located—to send to a computer controlled by or known to the government, network level messages containing information that may assist in identifying the computer, its location, other information about the computer and the user of the computer.” With this information, the magistrate judge believed that she had jurisdiction to issue the NIT warrant. Contrary to Werdene’s assertion, this is not a case where the agents “hid the ball” from the magistrate or misrepresented how the search would be conducted.
[T]o the extent a mistake was made in this case, it was not made by the agents in “reckless . . . disregard for Fourth Amendment rights.” Davis, 564 U.S. at 238 (quoting Herring, 555 U.S. at 144). Rather, it was made by the magistrate when she mistakenly issued a warrant outside her jurisdiction.
Added to this is another wrinkle that doesn't work in the defendant's favor. The court also follows Third Circuit precedent in finding that there is "no expectation of privacy" in an IP address, even if a person has taken measures to hide that information from others.
Werdene had no reasonable expectation of privacy in his IP address. Aside from providing the address to Comcast, his internet service provider, a necessary aspect of Tor is the initial transmission of a user’s IP address to a third-party: “in order for a prospective user to use the Tor network they must disclose information, including their IP addresses, to unknown individuals running Tor nodes, so that their communications can be directed toward their destinations.” United States v. Farrell, No. 15-cr-029, 2016 WL 705197, at *2 (W.D. Wash. Feb. 23, 2016). The court in Farrell held that “[u]nder these circumstances Tor users clearly lack a reasonable expectation of privacy in their IP addresses while using the Tor network.”
The FBI is struggling to keep its many Playpen cases from falling apart, thanks to bogus warrants, a tool it refuses to discuss, and unexpected pushback from usually ultra-compliant courts. The proposed changes to Rule 41 will remove jurisdiction limits, but it isn't law yet. (Fortunately, there's an actual effort to prevent this from happening, as it would only take Congressional inactivity to see it become codified.) This outcome doesn't necessarily hurt this particular case, but yet another judge finding the warrants invalid from word one isn't exactly a confidence-builder either.
Read More | 27 Comments | Leave a Comment..
Posted on Techdirt - 24 May 2016 @ 12:50pm
The DOJ likes to sling lawsuits and injunctions towards law enforcement agencies with histories of misconduct and deception, but it's apparently less interested in ensuring its own behavior is above reproach.
A lawsuit filed by a handful of states in opposition to the administration's new (and controversial) immigration policies have made their way through a number of courts, with one headed to the top court in the land. Meanwhile, down in Texas, a federal judge has uncovered DOJ lawyers have been engaged in a pattern of deception since the inception of the litigation. While the Supreme Court will be tackling the question of whether the administration has to play by its own rules, Judge Andrew Hanen is spending his time reprimanding the government's lawyers for their misdeeds. (via Jonathan Turley)
What remains before this Court is the question of whether the Government’s lawyers must play by the rules. In other words, the propriety of the Defendants’ actions now lies with the Supreme Court, but the question of how to deal with the conduct, or misconduct, of their counsel rests with this Court. To that end, this Court neither takes joy nor finds satisfaction in the issuance of this Order. To the contrary, this Court is disappointed that it has to address the subject of lawyer behavior when it has many more pressing matters on its docket. It is, at best, a distraction, and there is nothing “best” about the conduct in this case. The United States Department of Justice (“DOJ” or “Justice Department”) has now admitted making statements that clearly did not match the facts. It has admitted that the lawyers who made these statements had knowledge of the truth when they made these misstatements. The DOJ’s only explanation has been that its lawyers either “lost focus” or that the “fact[s] receded in memory or awareness.”
These misrepresentations were made on multiple occasions starting with the very first hearing this Court held. This Court would be remiss if it left such unseemly and unprofessional conduct unaddressed.
The lies the DOJ told involve a 2014 DHS directive that changed its handling of Deferred Action for Childhood Arrivals (DACA). The DOJ told the court and opposing counsel that no action under the new guidelines would commence until February 2015. These statements were made both orally (January 15, 2015) and in a filing (December 19, 2014). But in reality, the guidelines were already being used to process immigrants, resulting in over 100,000 modified DACA applications being granted or renewed by the DHS prior to either of these statements.
This was caught by the court in April 2015, but the DOJ insisted its statements weren't lies, but rather the "innocent mistakes" of poorly-informed counsel, shifting the blame towards the DHS. Months later, the real truth has come out.
Now, however, having studied the Government’s filings in this case, its admissions make one conclusion indisputably clear: the Justice Department lawyers knew the true facts and misrepresented those facts to the citizens of the 26 Plaintiff States, their lawyers and this Court on multiple occasions.
In fact, the Justice Department knew that DHS was implementing the three-year renewal portion of the 2014 DHS Directive weeks before its attorneys told this Court for the very first time that no such action was being taken. Apparently, lawyers, somewhere in the halls of the Justice Department whose identities are unknown to this Court, decided unilaterally that the conduct of the DHS in granting three-year DACA renewals using the 2014 DHS Directive was immaterial and irrelevant to this lawsuit and that the DOJ could therefore just ignore it. [Doc. No. 242 at 17]. Then, for whatever reason, the Justice Department trial lawyers appearing in this Court chose not to tell the truth about this DHS activity. The first decision was certainly unsupportable, but the subsequent decision to hide it from the Court was unethical.
This isn't the DOJ lying about a minor procedural detail. This is the DOJ lying about the DACA modification central to the states' lawsuit against the US government. To purposely mislead the court and the defendants about the status of DACA applicants cannot be waved away with claims of foggy memories. It also cannot be waved away with claims that the DOJ had no idea so many applicants were already being processed using guidelines still being contested in federal court.
In its own defense, the Government has claimed it did not know before February 27, 2015, that the number of individuals that had been granted three-year deferrals between November 24, 2014, and the date of the injunction exceeded 100,000. It claims that it notified the Court very quickly after it realized that the number exceeded 100,000. This may be true, but knowing the exact number is beside the point. [...] Whether it was one person or one hundred thousand persons, the magnitude does not change a lawyer’s ethical obligations. The duties of a Government lawyer, and in fact of any lawyer, are threefold: (1) tell the truth; (2) do not mislead the Court; and (3) do not allow the Court to be misled. See MODEL RULES OF PROF’L CONDUCT r. 3.3 cmts. 2 & 3 (AM. BAR ASS’N 2013). The Government’s lawyers failed on all three fronts. [...] The failure of counsel to do that constituted more than mere inadvertent omissions—it was intentionally deceptive. There is no de minimis rule that applies to a lawyer’s ethical obligation to tell the truth.
The DOJ's lies made the court's temporary restraining order a joke.
The Court issued the temporary injunction on February 16, 2015. The timing of this ruling was clearly made based upon the representations that no action would be taken by Defendants until February 18, 2015. If Plaintiffs’ counsel had known that the Government was surreptitiously acting, the Plaintiff States could have, and would have according to their representations, sought a temporary restraining order pursuant to Federal Rule of Civil Procedure 65(b) much earlier in the process. [...] Due to the Government’s wrongful misstatements, the Plaintiff States never got that opportunity. The misrepresentations of the Government’s attorneys were material and directly caused the Plaintiff States to forgo a valuable legal right to seek more immediate relief.
Unfortunately, the court is limited to what it can do in response to the DOJ's misconduct. Holding the DOJ responsible for the involved states' legal fees would result in the participating states effectively paying their own legal fees. It would be nothing more than moving around money collected from taxpayers and, thanks to federal taxes, robbing plaintiffs to pay plaintiffs. Instead, Judge Hanen has ordered that any DOJ lawyer who has -- or will -- appear in the courts of the 26 states involved in the lawsuit attend legal ethics courses. The courses will be provided by a legal agency unaffiliated with the DOJ, and the DOJ itself will be required to provide annual reports to the court confirming these courses are being attended.
This may seem like a laughable conclusion to such widespread, persistent dishonesty, but with the case currently in front of the Supreme Court, Judge Hanen only has a few options at his disposal. Awarding fees would be even more of a joke and he's in no position to find in favor of the State of Texas, much less the other 25 plaintiffs. So, this will have to do. More importantly, this opinion is on the record, in writing, and will serve as documentation of the DOJ's willingness to bend/break rules to serve its own purposes.
Read More | 54 Comments | Leave a Comment..
Posted on Techdirt - 24 May 2016 @ 8:38am
Last week, Twitter engaged in some dubious behavior on behalf of a few super-secret someones who'd rather the press didn't discuss their sexual activity. Twitter was apparently firing off "letters of warning" to users who had dared break an injunction issued by the UK Supreme Court forbidding anyone in the media from discussing a threesome involving a prominent British celebrity.
There was very little legal force behind the "warning letters" (despite threats from local authorities) and Twitter users were under no obligation to comply with the company's request. The fact that Twitter even bothered to issue these highlights the utter futility of injunctions/super-injunctions of this variety, which are really just a way for British citizens of a certain level of importance to control local media. It doesn't really matter if the UK's highest court upholds a super-injunction if it has no way of enforcing it beyond its super-limited purview.
That doesn't mean the lawyers who have obtained these injunctions on behalf of their clients aren't trying. While doing a bit of research for an unrelated story, I stumbled across Web Sheriff's utter failure to talk Google into delisting URLs by waving this injunction around in a threatening manner.
The copyright owner is (apparently): APPELLANT (COMPLAINANT’S IDENTITY PROTECTED BY COURT OF APPEAL RULING / ORDER)
Whatever these clients are paying Web Sheriff, it's far too much. Web Sheriff has issued 12 requests targeting 447 URLs. And so far, all 447 URLs are still live.
Contained in these takedown notices is an awe-inspiring wall of text -- something that might impress the average DMCA notice recipient. But Google? Not so much. Here's just a very small portion of it:
Then, of course, there are the URLs targeted for delisting, which -- thanks to Web Sheriff's failed injunction-quoting requests -- are all basically injunction spoilers.
Included in the failed notices are some seriously dubious requests, like Web Sheriff demanding an entire post at the Onion's AV Club be taken down because of a single comment and what appears to be Web Sheriff's own attempted Zendesk request for removal of content from Reddit.
Thanks to Web Sheriff's efforts to force the rest of the world to comply with UK law and its ridiculously unenforceable injunctions, more people are now aware of who's being "protected" by the ruling and where to find more details.
24 Comments | Leave a Comment..
Posted on Techdirt - 24 May 2016 @ 6:23am
Here we go again: intellectual property laws being abused to silence critics. In this case -- which resembles the tactics exposed by Pissed Consumer recently -- bogus copyright claims contained in bogus DMCA notices are being used to remove negative reviews from websites.
In this case, it's a British firm -- one that first tried to abuse that country's oft-abused defamation laws.
[Annabelle] Narey, who is the head of programme at an international children’s charity, had turned to London-based BuildTeam for a side return extension, but almost six months later, the relationship had turned acrimonious. The build, which was only supposed to take 10–14 weeks, was still unfinished, she wrote. “On Christmas day a ceiling fell down in an upstairs bedroom,” she says, apparently due to an issue with the plumbing. “Mercifully no one was hurt. [That] there seem to be so many glowing reports out there it is frankly curious. Proceed at your own risk,” the review concluded.
BuildTeam disputes her account. In a letter sent to Mumsnet, which the site passed on to Narey, the builders complained that the comments were defamatory. They say it is “untrue” that the ceiling fell down due to an issue with plumbing, and cited a total of 11 statements they claimed were defamatory.
Mumsnet refused to remove the post, so BuildTeam decided to start harassing Narey at her home, showing up with printouts of the negative review and asking for it to be taken down. BuildTeam's reps refused to discuss Narey's accusations or verify for themselves the damage allegedly caused by their work. They were only interested in the removal of the review.
More unsatisfied customers joined Narey's thread at Mumsnet. So, BuildTeam decided to nuke the entire thread from orbit by abusing the DMCA process and IP laws meant to protect artistic endeavors, not shoddy construction work.
As soon as the DMCA takedown request had been filed, Google de-listed the entire thread. All 126 posts are now not discoverable when a user searches Google for BuildTeam – or any other terms. The search company told Mumsnet it could make a counterclaim, if it was certain no infringement had taken place, but since the site couldn’t verify that its users weren’t actually posting copyrighted material, it would have opened it up to further legal pressure.
But there was no copyright infringement. The DMCA notice links back to a bogus site created solely for the purpose of posting the review BuildTeam wanted removed, backdating it so it appeared to predate Narey's complaint, and use that post as the basis of a bogus takedown request.
The website crafted for the purpose of crafting bogus takedown requests follows the same M.O. we've seen elsewhere: random bits of content are scraped to create the appearance of a legitimate website. After that, the reviews companies/individuals want to see vanished are mixed in and DMCA notices issued.
Someone calling themselves "Douglas Bush" now claims Narey's negative review of BuildTeam was written by him, according to his overwrought DMCA takedown request.
I'm upset at finding out my article was copied without my permission starting at "Do not be taken in by the slick facade this company presents to the public", word for word, till the very end. My name was also removed from the post, and now it looks like it's not mine. I flagged the post and mentioned that it was stolen, but they did not remove it (about a month passed). At least I want it to be removed from Google. Thank you
As the Guardian's Alex Hern points out, there is no "Douglas Bush."
The post, headlined “Buildteam interior designers” was backdated to September 14 2015, three months before Narey had written it, and was signed by a “Douglas Bush” of South Bend, Indiana. The website was registered to someone quite different, though: Muhammed Ashraf, from Faisalabad, Pakistan.
BuildTeam denies having anything to do with Ashraf, Bush, the bogus website, or its bogus DMCA takedown notice -- a statement that deserves no more credibility than "Douglas Bush" himself. This sort of thing does not happen in a vacuum. It may be that BuildTeam has created plausible deniability by placing a series of intermediaries between it and this bogus DMCA takedown, but it's no coincidence that a review it wanted removed badly enough it sent reps to Narey's house has now been destroyed by a scraper site doing double duty as a half-assed reputation management service.
31 Comments | Leave a Comment..
Posted on Techdirt - 23 May 2016 @ 12:47pm
Another defamation lawsuit against a parody account has failed, brought on by a lawyer who should have known better but didn't. Todd Levitt -- self-proclaimed "Badass Lawyer" -- has a verifiable history of bad decisions that perhaps made this sort of bogus litigation a foregone conclusion, however.
Levitt tried to fire up his own reality show, which would have presumably covered such lawyeriffic behavior as singing karaoke with college students, inviting comparisons to TV's sleaziest lawyer (Saul Goodman of Breaking Bad), creating a Top College Lawyers website solely for the purpose of awarding himself the title of "Top College Lawyer," and somehow mistaking alleged defamation for a criminal offense.
Levitt sued the person behind the Todd Levitt 2.0 Twitter account, which parodied the original Levitt's more "badass" qualities, like partaking in excessive amounts of drinking/drug use, as well as the lawyer's Skill Crane-esque grasp on the nuances of the law. According to Levitt, the parody account, which clearly stated on more than one occasion that it was a parody account, was resulting in lost clients.
A Michigan court dismissed his lawsuit last February. Levitt appealed the decision only to find the Michigan Appeals Court no more sympathetic to his weak claims. (via The Volokh Conspiracy)
The court spends some time discussing Levitt's own behavior, as it's definitely relevant to the supposed "harassment" he "endured" at the hands of the short-lived, barely-followed parody account.
Todd Levitt is an attorney and a former adjunct professor at Central Michigan University (CMU). Allegedly, university students are a primary clientele of plaintiff law firm. Levitt was actively involved in marketing his law firm on various social media platforms, including Twitter. His since-deleted Twitter account represented that he was a “badass lawyer.” In addition to promoting his law practice on Twitter, Levitt admittedly made several posts which referenced marijuana and alcohol use. For instance, he posted a tweet about serving alcohol in a class he taught at CMU, and in another, stated that “Mr. Jimmy Beam just confirmed a guest appearance in class next week.” In other tweets, he reminisced about his days as a student at CMU, stating that he “tore it up” in the 1980s, and warning students not to “jump [while] drunk” in the elevators at a certain dormitory. He tweeted about being a guest bartender at a local bar and about throwing an end-of-semester party. He also referenced marijuana in several tweets; in one tweet he posted an ode to “mommy marijuana,” who “always put me at ease.” In addition, he tweeted that if marijuana were legal in Mount Pleasant, Michigan, the CMU “dorms would look like they were on fire.”
With this much ammo being provided by the plaintiff, it's hardly surprising that a less-than-impressed CMU IT employee (Zachary Felton) would issue tweets like these from the Todd Levitt 2.0 account.
1. “What’s the difference between the internet and my tweeted legal advice? A: none. They’re both 100% accurate!”
2. “Buying me a drink at Cabin Karaoke will get you extra [credit], but it’s not like that matters because you are guaranteed an A in syllabus.”
3. “Partying = Defense Clients[.] Defense Clients = Income[.] If I endorse partying, will my income grow? It’s like a Ponzi scheme for lawyers!”
4. “@twebbsays should either meet me at 4/20 in my satellite office or take a hiatus from the medical card” and “#inToddWeToke” and “4/20 = Pot smoking holiday[.] Possession of marijuana = Client[.] Client = Income[.] In the words of Snoop Dogg: smoke weed every day. #inToddWeToke[.]”
Why these tweets would "attack Levitt's credibility" more than anything Levitt himself had posted is something only Levitt comprehends. The Appeals Court, however, finds in favor the First Amendment and parody accounts -- especially those clearly defined as parody accounts.
When read in context, defendant’s tweets are a parody and cannot reasonably be interpreted as coming from Levitt, an attorney and college professor. The cited tweets ridicule and demean the legal profession, as well as Levitt’s status as an attorney and a college professor. In particular, some of the tweets encourage followers to commit alcohol and drug-related offenses in order to further Levitt’s business. As aptly stated by the trial court, “[i]t would be quite foolish for an attorney to outright state by way of self-promotion that he wants college students to drink and use illegal drugs so that he can increase his income by defending them in court.” Other tweets suggest that Levitt’s students can earn extra credit in his class by buying him a drink. Surely this statement cannot be interpreted as coming from a college professor. As noted by the trial court, when the challenged tweets are read in the context of Levitt’s own tweets, a reasonable person would see defendant’s tweets as attempting to ridicule and satirize Levitt’s tweets about alcohol and marijuana use.
Moreover, the idea that the tweets were a parody is soundly reinforced by several disclaimers posted to the imposter account stating that the account was indeed a parody. At the outset, the account itself was styled as “Todd Levitt 2.0,” which has come to be commonly accepted jargon for describing an upgrade of an original concept. Thus, “Todd Levitt 2.0” signals that the account was identifying itself as a superior or upgraded version of Levitt, which hints at the notion that it is a spoof. Further, defendant’s tweets expressly stated, on multiple occasions, that the account was intended as a parody. For instance, one tweet read that the account was “[a] badass parody of our favorite lawyer . . . .” Another gave a “gentle reminder to potential seekers of Todd Levitt: This is not him. This is a parody account. You can find the real Todd(ler) @levittlaw.” (Emphasis added). In light of these statements, a reasonable reader could not have interpreted the account as stating actual facts about Levitt.
Levitt's worst enemy isn't a parody Twitter account. It's himself. And it's been that way since long before a CMU student started mocking his outlandish behavior on social media. Levitt is still pursuing a defamation lawsuit against Digital First Media for its coverage of his Twitter lawsuit and, at one point, had Felton's lawyer listed as a defendant. That lawsuit is currently awaiting a decision from the Court of Appeals.
Read More | 11 Comments | Leave a Comment..
Posted on Techdirt - 23 May 2016 @ 11:39am
It wasn't supposed to go this way. The same tactics that are causing the FBI problems now -- running a child porn website, using local warrants to deploy its spyware to thousands of computers around the US (and the world!) -- slipped by almost unnoticed in 2012. In a post-Snowden 2016, the FBI can hardly catch a break.
Just recently, a judge presiding over one of its child porn cases agreed the FBI should not be forced to hand over details on its Network Investigative Technique to the defendant. Simultaneously, the judge noted the defendant had several good reasons to have access to this information. While this conundrum spares the FBI the indignity of the indefinite confinement it's perfectly willing to see applied to others, it doesn't exactly salvage this case, which could be on the verge of dismissal.
In related cases, judges have declared the warrant used to deploy the NIT is invalid, thanks to Rule 41's jurisdictional limits. If a warrant is issued in Virginia (as this one was), the search is supposed to be performed in Virginia, not in Kansas or Oklahoma or Massachusetts.
While the larger issue of whether the evidence can be used against Jay Michaud continues to be discussed, the FBI is spending its time officially expressing its displeasure with its NIT being referred to disparagingly as "malware."
In a testimony earlier this week in the case of US vs. Jay Michaud, FBI special agent Daniel Alfin argued that the hacking tool used to identify Michaud and thousands of other Playpen users—which the FBI euphemistically calls a “Network Investigative Technique” or “NIT”—isn't malware because it was authorized by a court and didn't damage the security of Michaud's computer.
According to the FBI agent, this software isn't malware because it doesn't do any permanent damage.
I have personally executed the NIT on a computer under my control and observed that it did not make any changes to the security settings on my computer or otherwise render it more vulnerable to intrusion than it already was. Additionally, it did not “infect” my computer or leave any residual malware on my computer.
In a very limited sense, Agent Alfin is correct. The tool left no residual damage, nor did it alter settings on the end users' computers. However, it did do something most computer users would consider malicious: it stripped them of their anonymity. The people visiting this site used Tor to obscure their identifying info. They did this on purpose, most likely because they were seeking illegal content. But the fact that the tool removes protections users consciously deployed makes it malicious.
Child porn enthusiasts and other criminals aren't the only people who take active steps to obscure their connection points. Journalists do it. Activists do it. Citizens of oppressive government do it. The FBI doesn't restrict itself to only deploying its surveillance tools against the worst of the worst. It has a long, troubling history of deploying its surveillance tools against people engaged in activities protected by the First Amendment. Anything that undoes something the recipient has proactively done is by definition unwanted, if not simply malicious.
As regular Techdirt commenter That Anonymous Coward pointed out on Twitter, the FBI sure as hell would find this tool "malicious" if it were directed at its computers and devices by someone outside of the agency. This would definitely fit under the CFAA's broad definition of "unauthorized access." Deploying this NIT via a compromised FBI server would make it a lot easier to locate agents working in the field. I don't think the FBI would be OK with this despite there being no "residual malware" left behind after field devices had been identified and located.
Read More | 25 Comments | Leave a Comment..
Posted on Techdirt - 23 May 2016 @ 8:28am
There are no safe routes for intelligence community whistleblowers. The proper channels are pretty much guaranteed to end your career. The same goes for the unofficial channels, which route through countries uninterested in complying with extradition requests.
The administration has prosecuted more than its share of whistleblowers over the last eight years. (In fact, its share of prosecutions outnumbers all those in previous presidential administrations combined.) Another whistleblower has come forward to provide details on… the government's treatment of whistleblowers.
John Crane, a former senior Defense Department official, details his firsthand experience with the government's zealous pursuit of previous NSA whistleblowers like Thomas Drake and William Binney. He was part of the "official channels" and actively fought to protect these individuals from government retaliation. As Mark Hertsgaard of The Guardian notes, Crane carried with him at all times two essential documents: a copy of the Constitution and a copy of the Whistleblower Protection Act of 1989. These were often pulled out to settle disputes over treatment of whistleblowers.
According to Crane, these whistleblowers followed all of the correct protocols when expressing their concerns about warrantless domestic surveillance and the NSA's failure to move forward on communications it had collected from the terrorists who would go on to perform the 9/11 attacks. While this did budge the Congressional needle on a couple of NSA programs, it did nothing to protect the whistleblowers from FBI raids, criminal charges, and the end of their careers with the US government.
The person most instrumental in the prosecution of these whistleblowers was the DoD's general counsel, Henry Shelley. It was Shelley who stripped away the protections granted to whistleblowers in order to serve them up to a highly-irritated Bush White House.
According to Crane, his superiors inside the Pentagon’s Inspector General’s office were eager to help. Henry Shelley, the general counsel – the office’s top lawyer – urged that the IG office should tell the FBI agents investigating the Times leak about Drake and the other NSA whistleblowers.
Crane fought back, pointing out that whistleblowers are supposed to be protected (using the copy of the Whistleblower Act he always carried with him). Shelley was unimpressed by Crane's citation of applicable statutes and told him he was in charge and would do things his way.
There were no further discussions between Crane and Shelley. The next move was made by the DOJ, which sent the FBI after four NSA whistleblowers. Crane suspected Shelley had used information obtained from the Inspector General's office to identify the whistleblowers. Shelley refused to discuss the raids with Crane. Four months later, the FBI raided Thomas Drake's house based on an indictment that seemed all too familiar to Crane.
The complaint from Drake’s lawyers seemed to confirm his suspicion that someone in the IG’s office had illegally fingered Drake to the FBI. Worse, the indictment filed against Drake had unmistakable similarities to the confidential testimony Drake had given to Crane’s staff – suggesting that someone in the IG’s office had not simply given Drake’s name to the FBI, but shared his entire testimony, an utter violation of law.
Crane also claims the Inspector General's office told him to stonewall a FOIA request crucial to Drake's defense against the government's charges until after his trial. The IG's office also "accidentally" destroyed records related to Drake's retaliation complaint against the government. Crane was told by Shelley that this "wasn't a problem" and could continue not being a problem if Crane was a "good team player."
Crane -- like other whistleblowers and those who fight for them -- was forced out of his job. The Inspector General's second-in-command ordered him to resign in 2013. He's been fighting back ever since.
Crane filed a complaint against Shelley and Halbrooks, detailing many more alleged misdeeds than reported in this article. The Office of Special Counsel, the US agency charged with investigating such matters, concluded in March of 2016 that there was a “substantial likelihood” that Crane’s accusations were well-founded. The OSC’s choice of the term “substantial likelihood” was telling. It could have ruled there was merely a “reasonable belief” Crane’s charges were true, in which case no further action would have been required. By finding instead that there was a “substantial likelihood”, the OSC triggered a process that legally required secretary of defense Ashton Carter to organise a fresh investigation of Crane’s allegations.
Unfortunately, the investigation is back in the DOJ's hands because the Department of Defense -- like other government agencies -- isn't allowed to investigate itself. The DOJ is being entrusted with investigating yet another whistleblower's claims, but its history of zealous prosecutions suggests it's far more comfortable investigating the whistleblowers themselves.
John Crane was part of the "proper channels" for whistleblowers and, despite his best efforts, several whistleblowers were raided, indicted, and prosecuted. Crane himself was ousted from his position. The logical conclusion whistleblowers like Ed Snowden will reach is that the official channels are no less dangerous than the "unofficial" options. The latter option may be more unpredictable, but it gives whistleblowers a much better chance of being heard.
17 Comments | Leave a Comment..
Posted on Techdirt - 23 May 2016 @ 3:23am
As we covered recently, the judge presiding over Jay Michaud's case in Washington -- part of the FBI's Playpen child porn sting operation -- recently declared the FBI did not have to turn over information on its hacking tool to the defense. How Judge Robert Bryan arrived at this conclusion wasn't fully explained during his oral order, but it had something to do with the government's secret, judge's-eyes-only presentation that preceded the order.
It also may have had something to do with the government's declaration that it wouldn't be turning over this information to Michaud under any circumstances. Either way, Bryan arrived at the contradictory conclusion that the FBI did not need to turn over this information despite conceding the defense had a right to see this information.
A written ruling has been issued which offers a bit more in the way of explanation while simultaneously failing to deliver Judge Bryan from the conundrum he has created. (via Ars Technica)
The government’s oral arguments on February 17 and May 12, 2016 and its related briefing addressing materiality essentially amount to an ipse dixit argument, without convincing expert support, that 1) giving the defendant full access to the N.I.T. code will not turn up anything helpful to the defense, and 2) a showing of materiality demands facts, not hypotheses, and the defendant has done nothing more than fabricate guesses about what the N.I.T. code could show.
Bryan believes the government is entitled to withhold this information. He also believes the information should be handed over to the defense for a number of reasons.
These arguments bear little fruit. The defendant is not required to accept the government’s assurances that reviewing the N.I.T. code will yield no helpful information. The government asserts that the N.I.T. code will not be helpful to the defense, but that information may well, in the hands of a defense lawyer with a fertile mind, be a treasure trove of exculpatory evidence.
Judge Bryan points out the information still has worth to the defendant even if it doesn't show anything that could result in suppressed evidence. It could also be the details do nothing more than further cement the government's case against Michaud. If so, all the more reason for the defense to have access to it.
Furthermore, even if the defendant’s review of the N.I.T. code ultimately only yields inculpatory evidence,“[e]ven inculpatory evidence may be relevant [because a] defendant who knows that the government has evidence that renders his planned defense useless can alter his trial strategy.
Acknowledging the conundrum is the first step.
The resolution of Defendant’s Third Motion to Compel Discovery places this matter in an unusual position: the defendant has the right to review the full N.I.T. code, but the government does not have to produce it. Thus, we reach the question of sanctions: What should be done about it when, under these facts, the defense has a justifiable need for information in the hands of the government, but the government has a justifiable right not to turn the information over to the defense?
According to motions filed by Michaud, one way out of the mess is the dismissal of the case. Bryan doesn't exactly seem amenable to that outcome -- especially given his belief that the FBI's secrecy is justified -- but with this much paint surrounding his corner, he may be forced to resolve this in favor of the defendant, rather than continue to lock him out of information that could drastically alter its outcome.
Read More | 32 Comments | Leave a Comment..
Posted on Techdirt - 20 May 2016 @ 7:39pm
It wasn't enough that Creative Labs/Creative Technology spent March 24th suing almost every big name in the cell phone business for patent infringement. These lawsuits, all filed in the East Texas patent troll playground, asserted the same thing: that any smartphone containing a music app (which is every smartphone produced) violates the patent it was granted in 2005 to use in conjunction with its mp3 players. "Venue is proper" because smartphones are sold in Texas, even if the plaintiffs are located in California and Singapore, respectively.
That wasn't all Creative Technology did. It also filed a complaint with the US International Trade Commission seeking to block the import of smartphones from manufacturers like Sony, LG, BlackBerry, Samsung, etc. under the theory that every imported phone contains patent-infringing software. The ITC has opened an investigation of Creative's allegations, which will at least hold off any potential import blocks until it reaches a decision. The ITC's summary of Creative's patent claims clearly shows how broad the patent's potential coverage is -- and (inadvertently) why it should be invalidated.
The products at issue in the investigation are portable electronic devices, such as smart phones, with the capability of playing stored media files selected by a user from a hierarchical display.
Creative Labs started its patent war early, suing Apple back in 2006
for "violating" its patent with its iPods. Apple ultimately settled with Creative for $100 million -- not only encouraging Creative's trolling ways but also moving Apple towards more aggressive acquisition
(and defense) of patents, even for something truly obvious like "rounded corners
Google has decided it's not going to wait around for the ITC or east Texas courts to come to the wrong conclusions. It's gone on the offensive, seeking declaratory judgment
that it does not violate Creative's broad patent. Every company sued by Creative on March 24th sells Android phones that contain Google's "Play Music" app. On behalf of its customers (and its own Motorola Mobility, which was also sued), Google wants Creative's BS patent's power neutered.
No version of the Google Play Music app directly or indirectly infringes any claim of the ’433 patent. No third party infringes any claim of the ’433 patent by using the Google Play Music app in other devices. Google has not caused, directed, requested, or facilitated any such infringement, and has not had any specific intent to do so. The Google Play Music app is not designed for use in any combination that would infringe any claim of the ’433 patent. Rather, the Google Play Music app has substantial uses that do not infringe any claim of the ’433 patent.
An actual and justiciable controversy therefore exists between Google and Creative regarding whether the Google Play Music app infringes or has infringed the ’433 patent. A judicial declaration is necessary to determine the respective rights of the parties regarding the ’433 patent. Google seeks a judgment declaring that the Google Play Music app does not directly or indirectly infringe any claim of the ’433 patent.
Creative is asking for a substantial payout for something as obvious as selecting and adding songs to a playlist. The claim specified in its lawsuits
is this one:
The method of selecting a track as recited in claim 1 wherein the accessing at least one track comprises selecting an item in the third display screen and adding at least one track associated with the selected item to a playlist.
If Google's receives a judgment in its favor, it will at least protect the cell phone manufacturers from having to deal with claims related to its "Music Play" app. For all of those that load their own music apps on their phones (which, again, is all of them), they're still on their own when it comes to fending off Creative's rent-seeking.
The market has changed and left Creative behind. Back when it sued Apple, it at least had a competing mp3 player on the market. Now, it has nothing even remotely related to smartphones, but still thinks it's entitled to a cut of those profits because it made music players once upon a time. And it's so desperate to leech off viable companies that it's willing to abuse more than a friendly district court to achieve its ends.
Read More | 56 Comments | Leave a Comment..
Posted on Techdirt - 19 May 2016 @ 11:48am
Legislators like pushing cyberbullying/cyberharassment bills, but seldom seem to consider how their badly/broadly-written laws will be abused. Like many legislators pushing cyber legislation, New Jersey politician David Norcross just wanted to help the children.
State Sen. Donald Norcross (D-Camden) said the bill is tailored specifically to protect children, closing a loophole in state law that prevents people from being criminally prosecuted for online harassment of minors.
"There have been cases of cyber harassment across the country that have taken a tragic turn, and ended in the loss of life," Norcross, who co-sponsored the bill with state Sen. Nicholas Sacco (D-Hudson), said. "We have to make sure that our state laws reflect the reality that children are being harassed and bullied every day on the Internet. That means making sure those who engage in this conduct can be held accountable under the law."
The bill would ban people from using electronic devices and social media to threaten to injure or commit any crime against a person or his property, or send obscene material to or about someone.
So much for the "specific tailoring." Norcross wanted to protect kids from bullies, but instead it's "protecting" a cop from a local man
with a long history of colorful speech and law enforcement interactions.
They’ve busted him for smoking pot, running a business past curfew, and not keeping his restaurant’s kitchen clean enough.
On Friday, however, it was Ed Forchion’s mouth that got him slapped in handcuffs, freedom of speech notwithstanding.
Days after Forchion stood outside his eatery and pot temple shouting “f— the police!” and calling one of the police officers a “pedophile,” NJ Weedman was charged with cyber-harassment and disorderly conduct.
The cyber-harassment charge, according to a copy of the complaint filed by Officer Herbert Flowers, was based on a Facebook and YouTube video of the confrontation in which Forchion is heard telling Flowers he’s a pedophile, while the disorderly conduct was for Forchion’s F-bombs against police “in public and social media forum.”
F-bombs are protected speech, so even the "disorderly conduct" charge is largely baseless. But the use of the cyberharassment law -- which carries a possible penalty of 18 months in jail and a $10,000 fine -- is completely ridiculous. If Forchion committed no crime by calling Officer Flowers a pedophile in person
, no crime was committed simply because this confrontation was recorded (by a third party) and posted to YouTube (also, apparently by a third party).
This is simply a bad law being abused because that's what bad laws -- no matter how well-intentioned -- allow people like Officer Flowers to do.
Officer Herbert Flowers has a history of subjectively interpreting Constitutional rights. He may have been upset by Forchion's F-bombs, but that doesn't explain his decision to punish Forchion for using his First Amendment rights. But Flowers has been down this road before.
Here's the conclusion reached by the New Jersey Appeals Court
, at the tail end of a six-year legal battle.
[W]e conclude that a reasonable police officer in 2006 could not have believed he had the absolute right to preclude Ramos from videotaping any gang activities or any interaction of the police with gang members for the purposes of making a documentary film on that topic.
The unreasonable police officer was none other than Herbert Flowers.
Ramos is a documentary filmmaker. In 2006, he was working on a project about the emergence of gangs in Trenton. Flowers is a police officer employed by the Trenton Police Department. Ramos contends that he had five encounters with the Trenton Police during the time he was filming the activities of various members of the “Sex Money Murder” Bloods sect, one of the largest Bloods gang units in Trenton. Three of the encounters involved Flowers. He alleges that Flowers’ actions during those three encounters interfered with his constitutional rights to free speech and assembly, as well as his right to be free from unlawful police search and seizure.
One of those encounters:
On July 6, 2006, the Trenton police responded to a call from the Trenton Public Library to investigate a meeting being held by known gang members on its premises. One of Ramos’s sources gave him a tip that he should go to the library to film the events as they unfolded. Once Ramos arrived at the library, Flowers told him he was interfering with a police investigation, adding: “I am sick of you already, I am sick of seeing you, I do not want to hear you anymore, you are not allowed here anymore.” Ramos asserts that Flowers grabbed his video camera and put it in his car. Flowers then told Ramos: “If I see you again … I am locking you up and I don’t care what for … you better not let me see you again … watch what happens.”
The filmmaker was charged with multiple violations after his arrest by Flowers. Only one charge stuck (obstructing a sidewalk), which was downgraded to a mere city ordinance violation.
Flowers is using a badly-written law meant to close statutory loopholes that prevented adults from being charged for harassing minors via social media to punish an adult for saying mean things to him to his face.
Because Flowers didn't arrest Forchion on the spot, this means he had to go looking for "evidence" of Forchion's supposed "cyberharassment," which the officer somehow feels is a better statutory match for verbal abuse he experienced in person
. Sure, Flowers could try to sue Forchion for defamation, but that takes time and Flowers' own cash. Flowers would rather have taxpayers finance his vendetta and see Flowers face a possible $10,000 fine and a stretch in jail than walk away from the disorderly conduct charge he likely won't be able to make stick.
This is why we warn against the unintended consequences of laws like these. It's not because we don't care about bullied kids. It's because adults -- especially those in positions of power -- will abuse them to stifle speech. Rather than simply ignore the personal attack, Flowers chose to treat it as a criminal offense. The end result is that Forchion, a.k.a. "NJ Weedman" -- a person who runs a "pot temple" he apparently feels is beyond the reach of state regulation -- is now the least ridiculous participant in this confrontation.
21 Comments | Leave a Comment..
Posted on Techdirt - 18 May 2016 @ 3:36pm
If your social media "presence" has been submitted as evidence, you'd better leave everything about it unaltered. That's the conclusion reached by the judge presiding over a Fair Housing Act lawsuit. The plaintiff didn't go so far as to delete Facebook posts relevant to the case at hand, but did enough that the defense counsel (representing the landlord) noticed everything wasn't quite the way it was when the plaintiff was ordered to preserve the evidence.
According to one of the lawyers for the defense, she accessed plaintiff’s accounts at one point despite not being “friends” with plaintiff. She later looked at the accounts and saw many posts were missing. The Plaintiff also testified that, to her knowledge, she never deleted anything. She did hide a few posts from her timeline which appeared there because she had been tagged by others. She said she thought she originally set her Facebook account to private and she merely double checked this after defendant filed its spoliation motion.
Whether or not the plaintiff was telling the truth about the Facebook account's privacy settings ultimately doesn't matter. She changed something after being instructed not to. This resulted in posts being hidden from public view. According to the court, this flip of a digital switch was a violation of the order to preserve evidence.
By altering her Facebook account, Thurmond violated the Court’s May 21 order. Her conduct had the effect of hiding her postings from public view, and hence from defendants’ counsel’s view.
There were no sanctions for this action. Just a few stern words from the judge. The damage done was minimal as the defense counsel was still able to obtain the "missing" posts. The plaintiff herself offered to print out the hidden posts in an effort to comply with the order. Of course, this offer came after
she had altered the privacy settings and the defense counsel had noticed the alteration.
The damage, however, could cost the plaintiff her case, even if the judge isn't going to issue sanctions for violating a preservation order and even though the defense was able to recover the missing posts.
Of course, it does not appear that the postings were deleted, and they remain available for defendants’ use, and defendants have not shown that they were prejudiced by Thurmond’s conduct in violating the order. Nevertheless, it is troubling that the posts were removed from public view after this Court issued a consent order designed to preserve the status quo of her social media accounts. Also troubling is Thurmond’s execution of an affidavit that contained a statement she knew to be inaccurate. Although the false statement was ultimately immaterial to the issues in the pending motions, Thurmond’s willingness to sign the affidavit knowing or having reason to know that it included a false statement threatens the integrity of the judicial process. Thurmond’s conduct in both respects is certainly a fair subject for cross-examination at trial and could result in the impeachment of her credibility.
As Venkat Balasubramani points out, changing privacy settings on relevant social media accounts during litigation is something to do "at your own peril." In this case, the damage was minimal. At most, the plaintiff undercut her own credibility. That may cost her a positive ruling, but it won't result in anything more serious like jail time.
What is a larger problem are the federal
rules for evidence preservation, which include preserving evidence you possibly won't even know
is evidence until you've been indicted. As we've seen in the past, rules meant to prevent corporations
from using culpatory documents for bonfire fuel are instead being used by the feds to stack charges
against defendants who've done normal computer housecleaning, like culling hard drive clutter or clearing their browser history.
says evidence -- which now apparently includes every bit of your digital presence in addition
to physical files -- relevant to "foreseeable
investigations" must be preserved. Since citizens don't initiate investigations, the ball is completely in the government's court, and every
investigation seems "foreseeable" once it's underway. Those being investigated may not have seen it coming, but they're still saddled with a post facto requirement to preserve evidence dating back to whatever arbitrary point the government declares to be the beginning of the alleged wrongdoing. Civil litigants may get away with nothing more than some words from an irritated judge, but federal defendants won't be nearly as lucky. Thanks to the misuse of this law, anyone
changing privacy settings to a social media account does so "at their own peril."
20 Comments | Leave a Comment..
Posted on Techdirt - 18 May 2016 @ 2:09pm
Those of us who dwell on the internet already know the Internet Archive's "Wayback Machine" is a useful source of evidence. For one, it showed that the bogus non-disparagement clause KlearGear used to go after an unhappy customer wasn't even in place when the customer ordered the product that never arrived.
It's useful to have ways of preserving web pages the way they are when we come across them, rather than the way some people would prefer we remember them, after vanishing away troublesome posts, policies, etc. Archive.is performs the same function. Screenshots are also useful, although tougher to verify by third parties.
So, it's heartening to see a federal judge arrive at the same conclusion, as Stephen Bykowski of the Trademark and Copyright Law blog reports.
The potential uses of the Wayback Machine in IP litigation are powerful and diverse. Historical versions of an opposing party’s website could contain useful admissions or, in the case of patent disputes, invalidating prior art. Date-stamped websites can also contain proof of past infringing use of copyrighted or trademarked content.
The latter example is exactly what happened in the case Marten Transport v. PlatForm Advertising, an ongoing case in the District of Kansas. The plaintiff, a trucking company, brought a trademark infringement suit against the defendant, a truck driver job posting website, alleging unauthorized use of the plaintiff’s trademark on the defendant’s website. To prove the defendant’s use of the trademark, the plaintiff intended to introduce at trial screenshots of defendant’s website taken from the Wayback Machine, along with authenticating deposition testimony from an employee of the Internet Archive.
The defendant tried to argue that the Internet Archive's pages weren't admissible because the Wayback Machine doesn't capture everything
on the page or update every page from a website on the same date. The judge, after receiving testimony from an Internet Archive employee, disagreed. He found the site to a credible source of preserved evidence -- not just because it captures (for the most part) sites as they were
on relevant dates but, more importantly, it does nothing to alter the purity of the preserved evidence.
[T]he fact that the Wayback Machine doesn’t capture everything that was on those sites does not bear on whether the things that were captured were in fact on those sites. There is no suggestion or evidence … that the Wayback Machine ever adds material to sites.
Further, the judge noted that the archived pages were from the defendant's own website and he'd offered no explanation as to why pages from his own site shouldn't be considered as evidence of alleged infringement.
It's nice to know that what many of us have considered an independently-verifiable source of evidence is also acceptable in federal courts. It's more than just a handy way to preserve idiotic statements and potentially-illegal customer service policies. It's also a resource for litigants who might find their opponents performing digital cleanups after a visit from a process server.
17 Comments | Leave a Comment..
Posted on Techdirt - 18 May 2016 @ 12:52pm
Recently, we covered the ongoing jailing of a former Philadelphia police officer for his refusal to unlock encrypted devices for investigators. "John Doe" is suspected of receiving child porn but the government apparently can't prove its case without access to hard drives and Doe's personal computer. So far, it's claiming the evidence it's still seeking is a "foregone conclusion" -- an argument the presiding judge found persuasive.
The "foregone conclusion" is based on an interview with Doe's estranged sister, who claims she once saw something resembling child porn on Doe's computer -- although she can't say for sure whether it involved the devices the government seeks access to -- and its own expert, who says it's his "best guess" that child porn can be found on the devices.
Hardly compelling, but compelling enough that Doe has spent seven months in jail to date. The government has filed its response to Doe's motion to stay the contempt order. It argues that Doe can spend the rest of his life in jail for all it cares. If he wants to be released, he just needs to unlock the encrypted devices. (via Brad Heath)
Doe faces no irreparable harm in the absence of a stay. In arguing otherwise, what he fails to recognize is that his imprisonment is conditional – it is based entirely on Doe’s continued defiance of the district court order. There can be no question that loss of liberty is a recognized harm. But Doe’s incarceration is by his own hand. His release pending an appeal is entirely avoidable through obedience to the court order.
The government goes on to point out that Doe -- once he's unlocked the devices -- can then present his arguments for evidence suppression.
Doe could choose to obey the court’s directive by unencrypting his devices, and his release would be granted. This is no way affects his appeal. He would still be able to persist in his appeal, and, if successful, the evidence the government would gain through forcing Doe to unencrypt his devices would be suppressed. The “irreparable harm” Doe complains of now is not “irreparable” in any sense, as it is entirely within Doe’s control.
As the government notes, civil contempt charges are meant to be coercive. As such, the only person keeping Doe from being released from prison is Doe himself. Of course, if the drives contain what the government claims they contain, he'd just be exchanging an indefinite sentence for a more finite one.
The added wrinkle to this case is the terms of Doe's confinement for contempt. Doe is in solitary confinement -- something the UN has declared to be torture
-- supposedly for his own protection. It's generally true that the prison population has no love for child porn fans. They're not overly fond of imprisoned law enforcement officers either. And the nuances of the case -- that Doe has not actually been convicted of child porn charges but rather has been jailed for contempt of court -- will likely go unexamined by other inmates.
So, it may be that Doe's solitary confinement would be less torturous than spending time in general population, but at the end of it, we have a person jailed indefinitely in solitary confinement for nothing more than contempt charges. The government's arguments on behalf of the jailing seem to assert that it has plenty of evidence already in hand. If so, the question is why the government hasn't moved forward with prosecution, rather than pushing for Doe to decrypt his devices. Either it has a case or it doesn't. If it doesn't, then the indefinite jailing is punitive -- a punishment for the defendant not being more helpful in building a case against himself, which is the root of Fifth Amendment protections
, no matter how the government chooses to phrase it.
Read More | 88 Comments | Leave a Comment..
Posted on Techdirt - 18 May 2016 @ 6:28am
Beyond James Comey, there are still a few law enforcement officials beating the anti-encryption drum. Manhattan DA Cyrus Vance is one of those. He's been joined in this fight by some like-minded district attorneys from the other coast, seeing as New York and California both have anti-encryption bills currently working their way through local legislatures. Vance, along with Los Angeles County DA Jackie Lacey and San Diego County DA Bonnie Dumanis, penned an op-ed against encryption for the LA Times. In it, they argue that tech companies have set them up as "gatekeepers" of communications and data, which they believe law enforcement should always have access to, no matter what.
DA Dumanis goes even further in a press release issued by her office. Tech companies aren't just gatekeepers standing between law enforcement and data. They're "gatekeepers of justice," apparently standing between victims of crime and punishment of wrongdoers.
The EFF's Dave Maass has fired back, via a post of the Voice of San Diego, pointing out that Dumanis especially shouldn't be inserting herself into the encryption debate -- not with her general disdain for the security of her constituents.
It opens with this:
The last person San Diego should trust with their computers and smartphones is District Attorney Bonnie Dumanis.
And goes on to clearly articulate why Dumanis has no business attempting to legislate computer security. Dumanis spent public money acquiring and pushing a horrendously insecure piece of "parental monitoring" software.
In 2012, Dumanis spent $25,000 in public money on 5,000 copies of a piece of “parental monitoring” software called ComputerCop. This CD-ROM, which was distributed to families throughout the county for free, included a video from Dumanis promoting the program as the “first step” in protecting your children online.
This first step, however, involved parents installing keylogger software on their home computers. This type of technology is a favorite tool of malicious hackers, since it captures everything a user types, including personal information such as passwords and credit card numbers. Not only did ComputerCop store keylogs in an unencrypted file on the person’s computer, but it also transmitted some of that information over unsecured connections to a mysterious third-party server.
Two years later, Dumanis finally pulled the plug on the publicly-funded program, admitting the monitoring software was faulty and telling parents to disable the insecure keylogging function. Dumanis was hardly the only DA to recommend this terrible software, but she's one of the few who's stuck her head above the encryption parapet to offer her support of the Feinstein-Burr anti-encryption bill.
But that's not all. Dumanis and her office won't even secure their own website.
The district attorney’s website fails to use HTTPS, the protocol that has become the industry standard for secure browsing online. This means that residents, including crime victims, whistleblowers and witnesses, cannot visit her site with confidence that their browsing won’t be intercepted or manipulated by third parties.
Dumanis -- like Vance, Comey, and others -- would rather sacrifice the safety of the public for a few more criminal prosecutions. The "greater good" apparently means nothing when a very small percentage of cases might involve encrypted communications or devices.
Law enforcement has never had more access to communications and data that it does now. In the past, files were burned, papers were shredded, people passed notes and spoke in person -- all of which rendered these inaccessible to law enforcement. Now that these files and communications are conveniently stored en masse on cellphones and personal computers does not mean the government is somehow entitled to 100% access. A warrant that runs into encryption is a small price to pay for the security of millions of cellphone users. Despite maintaining the narrative that criminals are moving toward encrypted platforms, law enforcement reps and officials have yet to deliver any evidence that this is so widespread that backdooring or banning encryption is the only option. And the loudest law enforcement voices protesting tech companies and their "gates" are often those who care the least about protecting innocent people from criminals.
[Dave Maass pointed out on Twitter that Suffolk County (MA) District Attorney Dan Conley -- who spent a lot of time displaying his ignorance during the Congressional hearing about device encryption -- has also stumped for the insecure monitoring software.]
13 Comments | Leave a Comment..
Posted on Techdirt - 17 May 2016 @ 3:44pm
There's no greater sin than being wrong on the internet. But can you build a federal case out of it? Thomas Robins tried to do exactly that by filing a potential class action lawsuit against Spokeo ("the people search engine") for posting incorrect information about him to its website.
The district court tossed his case for lack of standing, only to see it revived by the Ninth Circuit Appeals Court, which found that Robins could potentially demonstrate that Spokeo's incorrect information may have violated Robins' personal statutory rights. This eliminated the class action option, but granted him the standing to pursue this on his own behalf.
Now, Robins has reached the end of the line and there's not much there for him. The Supreme Court has reversed the Appeals Court's judgment in favor of Robin's and booted the case back to determine whether Robins can actually be granted standing, considering that to date he has yet to show he has suffered any "actual injury" from Spokeo's inaccurate information.
This analysis was incomplete. As we have explained in our prior opinions, the injury-in-fact requirement requires a plaintiff to allege an injury that is both “concrete and particularized.” Friends of the Earth, Inc. v. Laidlaw Environmental Services (TOC), Inc., 528 U. S. 167, 180– 181 (2000) (emphasis added). The Ninth Circuit’s analysis focused on the second characteristic (particularity), but it overlooked the first (concreteness). We therefore vacate the decision below and remand for the Ninth Circuit to consider both aspects of the injury-in-fact requirement.
So, the decision is mostly procedural and doesn't address any questions concerning Spokeo's gathering and dissemination of possibly incorrect information. As alleged by Robins, Spokeo basically has no idea who he really is.
His profile, he asserts, states that he is married, has children, is in his 50’s, has a job, is relatively affluent, and holds a graduate degree. App. 14. According to Robins’ complaint, all of this information is incorrect.
If all of this is incorrect, then one might think Robins should thank Spokeo for putting a more positive spin on his life. But Robins wasn't happy with the bogus results and claims this entirely positive (if entirely false) profile has cost him employment opportunities.
The problem with his allegations, though, is that Robins has yet to allege anything more than a violation of the Fair Credit Reporting Act (FCRA) by Spokeo. And while violations can result in $100-1000/screwup payouts to claimants for inaccuracies, the Supreme Court expect Robins to produce more than allegations if he hopes to collect from Spokeo. [Paul Alan Levy of Public Citizen emailed me to point out that Spokeo came up on a motion to dismiss where the allegations are what matter, so these inaccuracies could result in collected fines, even if actual harm isn't proven. He also pointed out that the case is back before the Appeals Court so it can further examine Robins' allegations, which it failed to do with enough particularity the first time around.]
As the Court notes, plenty of false information can be circulated without ever generating "concrete, particularized" harm.
Robins cannot satisfy the demands of Article III by alleging a bare procedural violation. A violation of one of the FCRA’s procedural requirements may result in no harm. For example, even if a consumer reporting agency fails to provide the required notice to a user of the agency’s consumer information, that information regardless may be entirely accurate. In addition, not all inaccuracies cause harm or present any material risk of harm. An example that comes readily to mind is an incorrect zip code. It is difficult to imagine how the dissemination of an incorrect zip code, without more, could work any concrete harm.
Without more information on the alleged harm, Robins has no standing. Robins may be able to produce this, but he'll be doing it in front of the Ninth Circuit Appeals Court. The dissenting opinion, however, finds Robins has already satisfied this requirement by stating the misinformation's negative impact on his ability to obtain employment.
Because of the misinformation, Robins stated, he encountered “[imminent and ongoing] actual harm to [his] employment prospects.” Ibid. As Robins elaborated on brief, Spokeo’s report made him appear overqualified for jobs he might have gained, expectant of a higher salary than employers would be willing to pay, and less mobile because of family responsibilities.
But as it stands, Robins hasn't produced enough evidence to satisfy what the Supreme Court is looking for in terms of harm, and it's leaving that up to the court that revived the case. "Jobs he might have gained" doesn't sound very "concrete."
There's no doubt information gathered without sufficient vetting will inevitably produce misleading or wholly incorrect "profiles." Spokeo's bulk collection seems to falling short of its stated goal of being a "people search engine," at least in Robins' case, but if he wants to pursue this further for himself -- much less as the leading representative for class of similarly-harmed individuals, he'll at least need to show he has actually been harmed by the misinformation, rather than theoretically harmed by his perception of employers' responses to the false data.
Read More | 13 Comments | Leave a Comment..
Posted on Techdirt - 17 May 2016 @ 10:38am
Back in February, the judge presiding over the FBI's case against Jay Michaud ordered the agency to turn over information on the hacking tool it used to unmask Tor users who visited a seized child porn site. The FBI further solidified its status as a law unto itself by responding that it would not comply with the court's order, no matter what.
Unfortunately, we won't be seeing any FBI officials tossed into jail cells indefinitely for contempt of court charges. The judge in that case has reversed course, as Motherboard reports.
The government's motion has been granted, and the FBI does not have to provide the exploit code to the defense as previously ordered. That means that the defense in the case will probably be unable to examine how the evidence against their client was collected in the first place.
It is not totally clear why Judge Robert J. Bryan changed his mind. On Thursday, the government and Bryan held a private meeting, where the government presented its reasons for nondisclosure of the Tor Browser exploit.
The judge apparently believes the defense should still be able to examine the code but apparently can't be bothered with ensuring this will happen.
Despite backtracking somewhat, Bryan still thinks the defense has a reason to see that code, according to audio of the public section of Thursday’s hearing provided by activist Phil Mocek. Of course, whether the FBI decides to then provide it is another matter.
Given the FBI's earlier promise to withhold the details of the NIT despite being ordered to disclose them, I'd say there's about a 0% chance of the FBI voluntarily turning this information over to the defense. Right now, the agency is working overtime just trying to keep the evidence
it obtained with its hacking tool from being tossed out
of three other courts
. It's also facing the prospect that third-party interlopers
like Mozilla may still
result in it having to release these details to someone
outside of its own offices. At this point, hardly anything's going the FBI's way, so it will take whatever it can get, even if it's only temporary relief.
31 Comments | Leave a Comment..
Posted on Techdirt - 16 May 2016 @ 12:46pm
It may be that Hillary Clinton was the only State Department employee proactive enough to set up her own email server, but she's hardly the only one to use insecure channels to route classified information. Steven Lee Myers of the New York Times reports classified communications routinely traveled through the State Department's unclassified system.
A review of the 30,322 emails from Mrs. Clinton’s private server that the State Department has made public under the Freedom of Information Act provides an extensive record of how such sensitive information often looped throughout President Obama’s foreign policy apparatus on unclassified systems, from embassies to the United Nations to the White House.
The senders included Denis R. McDonough, currently the White House chief of staff and previously the deputy national security adviser, and Susan E. Rice, the former American representative at the United Nations who is now Mr. Obama’s national security adviser.
Many of the emails were sent over the State Department’s unclassified system, state.gov, which is considered secure but not at the level of the State Department’s system for emailing classified information.
In their defense, State Department officials say they often can't control how classified communications will be routed. After all, they have no control over receipt of messages from foreign government officials that might be considered classified. And they routinely use other insecure channels to communicate, like normal phone systems.
For that matter, it's difficult to determine what the government will consider classified at the point the communications are sent and received. In the case of Clinton's emails, the investigation (which James Comey recently confirmed is an investigation
, not a "security inquiry" as Clinton has portrayed it) and response to FOIA requests have prompted an after-the-fact classification review of State Dept. communications contained in the FOIA response.
Of the 30,322 emails made public, 2,028 have had portions redacted and are now classified at the lowest level of classification, “confidential.”
In 18 emails, for example, information has been classified on the grounds that it identifies C.I.A. officials, including two instances that are now considered “secret.”
One of those was a seemingly benign photo opportunity listed on Mrs. Clinton’s daily schedule, with the person who gave her a daily intelligence briefing, making it obvious that the person was an agency employee.
That email was originally released as “confidential” but upgraded to “secret,” probably reflecting that the person holds an undercover position now.
It's not as though Clinton and others are blameless in their mishandling of classified information, but there are definitely some areas of the communications process that are entirely out of their hands. Other government agencies stepping in to add layers of classification to communications that once seemed innocuous enough to handle on insecure channels does little to mitigate the appearance of impropriety.
That being said, there's still plenty of digital blood on the hands of State Department officials when it comes to treating sensitive information insensitively. Communications that traveled across the State Department's less-secure channels apparently included discussions of the CIA's drone strike program, Palestine-UN communications about the country's bid for statehood and, ironically enough, conversations about how to handle the security details related to General Petraeus' sudden resignation following his own mishandling
of classified information.
But the overall impression left by the review of the released emails shows the agency is willing to use less secure channels if it makes communications easier to facilitate -- even if this presents a greater risk of these communications being intercepted or obtained by hackers. And it's apparently considered acceptable -- right up to the point a server is hacked or a top official is spotted running their own email server.
20 Comments | Leave a Comment..
Posted on Techdirt - 16 May 2016 @ 3:17am
A law enacted "for the children" in Louisiana has been blocked by a federal judge for being -- like almost anything enacted "for the children" -- overbroad, badly written, and generally inconsiderate of protected expression.
The ACLU summed up the law this way after it was passed late last year.
The law makes it a crime to publish anything on the Internet that could be deemed "harmful to minors" without verifying the age of everyone who wants to see it. If you are in Louisiana, and publish anything on the Internet, you have to either make sure that none of that content could be considered harmful to a minor of any age — a high bar, considering a lot of constitutionally protected speech might not be fit for an 8-year-old — or install an age-verification screen asking if the viewer is 18 or over before allowing access.
If you don't, it's a crime.
As the ACLU pointed out then, the law was so broadly written, it could be read as covering posts made to social media accounts -- platforms where users have no way of controlling who views their posts. To steer clear of potential violations, some social media users may have been better off withholding anything that could possibly be deemed unacceptable.
The most likely recipients of extra law enforcement attention due to the new law were the state's many booksellers, most of whom sell books online. Smaller sellers would have been forced to implement age verification procedures for their websites and somehow determine what content was acceptable for minors and segregate it accordingly. The simplest solution would be to simply "age wall" all books and treat all
purchasers as though they were buying "Fifty Shades of Grey," rather than, say, "Clifford, the Big, Red Dog."
The ACLU joined two Louisiana bookstores in challenging the terrible law and, only a few months after its passage, have received an injunction blocking its enforcement
. The court decision
spends several paragraphs discussing the numerous flaws in the law's wording, many of which could result in a chilling effect on free speech and act as indirect (and perhaps unintentional) prior restraint.
Criminal statutes, such as §14:91.14, must be defined “with sufficient definiteness that ordinary people can understand what conduct is prohibited and in a manner that does not encourage arbitrary and discriminatory enforcement.” Kolender v. Lawson, 461 U.S. 352, 357 (1983). The ill-defined terms in §14:91.14 do not adequately notify individuals and businesses in Louisiana of the conduct it prohibits, which creates a chilling effect on free speech. For example, despite the array of definitions in Section (B) of the statute, it does not define “for commercial gain” or “publish.”
The State contends that the phrase “for commercial gain,” which is embedded in the definition of “material harmful to minors,” means the statute applies to material published on the Internet for commercial gain. (Doc. 41 at p. 9). However, under a similar criminal statute, La. Stat. Ann. §14:91.11,7 a Louisiana court held that the term “for commercial gain”—which was similarly embedded in that statute’s definition of “material harmful to minors”—refers to the “creation or production of the material involved and not to the nature of the transaction.” [...] Thus, the State’s proposed definition of the term “for commercial gain” completely ignores a Louisiana court’s explicit interpretation of that term.
The court also has a problem with the State's inability to define what's encompassed by the word "publish."
The State also contends that the word “publish” is synonymous with the word “upload.” The State offers no competent support for this contention. The State only provides a declaration from the Senior Systems Administrator for the Louisiana Department of Justice—who is not a member of the Louisiana Legislature or qualified as an expert—to advise as to his personal interpretation of the term. The meaning of “publish,” as used in this statute, is vague as written and could include uploading or displaying content that is harmful to minors. Absent an explicit definition in the statute, the Court and the public can only speculate as to its meaning and intended application.
Because the State passed a badly and vaguely-written law, it has no one but itself to blame for its unintended consequences.
To avoid the stigma of a criminal prosecution, Plaintiffs, and those similarly situated, will be inclined to either broadly apply the age verification process well beyond what is necessary or refrain from publishing any material that arguably falls within the confines of the statute. A possible consequence of the chill caused by §14:91.14 is to drive protected speech from the marketplace of ideas on the Internet.
As the court sees it, the booksellers and those similarly situated have two choices when complying with this law -- neither of which are acceptable under the First Amendment: either deploy overly-broad age verification processes, which could prevent site users from accessing information, or simply stop "publishing" anything that might be deemed "harmful to minors."
The State can still appeal this decision, but it would likely be a waste of time. Legislators may try to rewrite the law, which would be preferable rather than trying to keep it alive in its current form. But a better solution would simply be to strike the law from the books and accept the fact that it's almost impossible to "save" the "children" from "harmful content" without punching holes in First Amendment.
There are plenty of "content filters" already in place, standing between minors and "harmful material." They're called "parents." And even if they're not perfect, they're at least as effective as this law would be, what with minors still being able to access content not hosted by Louisiana entities or lying about their age to content filtering systems.
Read More | 24 Comments | Leave a Comment..
More posts from Capitalist Lion Tamer >>