Capitalist Lion Tamer’s Techdirt Profile

capitalisliontamer

About Capitalist Lion TamerTechdirt Insider

List of blogs started with enthusiasm, which now mostly lie dormant:

[reserved for future use]
http://5k500k.wordpress.com

[recently retired]
http://capitalistliontamer.wordpress.com

[various side projects]
http://cliftonltanager.wordpress.com/
http://bl0wbybl0w.wordpress.com/
http://thepenismadeoutofspam.wordpress.com/



Posted on Techdirt - 27 April 2015 @ 3:43pm

Seattle PD Hires Coder Who Demanded It Hand Over Every Video Produced By Its Body Cameras

from the we-need-more-of-this,-please dept

Back in December, an anonymous person requested pretty much every report the Seattle PD generates daily, along with all footage from its newly-instituted body camera program. Today, that man is no longer anonymous and was recently hired by the Seattle PD.

The Seattle Police Department is taking the unconventional step of bringing a programmer who bombarded it with public records requests in-house. Chief Operating Officer Mike Wagers has led efforts to hire 24-year-old self-taught programmer Tim Clemans—initially, at least, on a three-month trial basis to work on redaction and disclosure of data.

He'll make $22.60 an hour and start on May 6. If all goes well, Clemans will stay on as a full-time staffer.
Seattle's police department has been mired in bad news for a few years now, but it does seem to actively be trying to change its culture (read: being responsible for 20% of the city's homicides) and relationship with the public. Additional scrutiny from the DOJ has nudged it in this direction, but Tim Clemans' request almost killed the body camera program before it got off the ground.

Fortunately, some reconsideration of the issue resulted in the PD attempting to make transparency and technology its ally, rather than its enemy. It has started its own YouTube channel and uploads body cam footage frequently. It held a hackathon to address the issue of en masse redaction -- something no other police force seems to have considered when facing the same nexus between accountability and privacy. Most have simply opted to withhold the footage from 99.9% of the public.

But not the Seattle PD. Not only did it host a hackathon, but it hired Clemans, despite his admittedly vexatious FOIA request and despite him having posted dash-cam footage of an incident where he was hassled by one of Seattle's finest.
The police department is hiring Clemans despite a tense March 27 encounter with Officer Jason Bender at Westlake Center. Clemans said he was filming police that day and pointed his camera at the officer during a benign interaction with two young men—one black and one white. "My filming just demonstrates what the police are doing," he said when asked why he was filming them in particular. "Both the good and bad."

But, he said, Bender was annoyed at being filmed. A dash-cam video (obtained by Clemans and posted on his YouTube account, of course!) only recorded garbled audio of a lengthy argument that ensued. Bender, who identifies himself as a member of the department's Crisis Intervention Team, asks Clemans pointedly, "Do you videotape criminals? No, you don't. You know why? Because the criminals are not"—but here the audio becomes difficult to make out. "Enjoy your safety that's provided to you."
It should be noted that Seattle has been much more proactive in considering the concerns of its citizens, rather than in deferring to whatever law enforcement officials say is best for everybody. The mayor's office evicted the Seattle PD's two drones, citing the need to "focus" on "community building," rather than simply keeping an eye on as much of the community as technologically possible. (The drones ended up with the LAPD, which shares none of these concerns.)

The good news is that Clemans is viewed as someone who can help the Seattle PD reach its goals. He'll be working on more auto-redaction solutions -- targeting the removal of personally-identifiable information on citizens from police documents. His auto-redaction work for body cam footage is still being fine-tuned. Most of what's been uploaded to date is blurry and unintelligible, but this recently-uploaded video tries a new approach -- one that's visually striking, even if it's still mostly useless as a tool of accountability.


Considering how most law enforcement agencies value their privacy over that of the general public's, it's kind of nice to see an agency take a much more balanced approach to this sort of situation. Body cameras are headed towards being as ubiquitous as dash-cams, so there will need to be processes in place to prevent privacy violations. While most have opted at this point for maximum obfuscation, the Seattle PD actually seems to want to be ahead of the transparency curve.

14 Comments | Leave a Comment..

Posted on Techdirt - 27 April 2015 @ 2:46pm

Copyright Troll Gets Fed; Resumes Torrent Lawsuits After Multiple Dismissals Led To A 19-Month Pause In Filings

from the well,-you've-got-to-lose-money-to-make-money...-or-something dept

Don't feed the trolls.

OPINION AND ORDER granting in part and denying in part 20 21 the Motions for Default Judgment. Philip Spain and Heather Dew are permanently enjoined from infringing plaintiff's copyrighted work, as outlined in the Opinion and Order, and are ordered to destroy all copies of plaintiff's motion picture "Killer Joe," as outlined in the Opinion and Order. Plaintiff is awarded damages against Phillip Spain in the amount of $6,000 and attorneys' fees and costs in the amount of $950 and damages against Heather Dew in the amount of $6,000 and attorneys' fees and costs in the amount of $950. The Clerk is directed to enter Judgment in accordance with this Opinion and Order. Signed by Chief Judge Edmund A Sargus on 03/16/2015.
With this order, Killer Joe Nevada, LLC is back in the copyright trolling business. Its last Doe lawsuit was filed August 28, 2013. Since March 16th, it has filed eight Doe lawsuits. More are likely on their way.

Who is "Killer Joe?" It's actually a what -- an apparently well-received 2011 film that just didn't make much money. A budget of $10 million only produced $3.7 million in box office receipts. Part of this is due to director William Friedkin's refusal to recut the film to earn a more box office-friendly R rating, resulting in its release being limited to 75 theaters. Another part of this is due to the general public finding other movies to spend their money on. But according to producer Nicolas Chartier, it's piracy that's killing his box office receipts, almost single-handedly.
Hurt Locker ended up winning six Oscars, but at the same time we had 8 million illegal downloads on the movie. And I was like, "Wow, you know, we barely reimbursed the movie and we had 8 million illegal downloads." Well, if everybody had given me one dollar, that would be 8 million dollars, and the movie cost 11, so we lost 80 percent of the movie to piracy. That cannot hold.
Chartier's math is so suspect it should be held without bail. Chartier is the CEO of Voltage Pictures -- an entity more well-known for its mass copyright infringement lawsuits than the movies it produces. Killer Joe is one of Chartier's babies and his legal reps spent a great deal of 2013 trying to "recoup" its losses by suing large numbers of torrenting Does.


The action commenced on April 16, 2013, with Killer Joe Nevada, LLC filing six lawsuits "targeting" 114 Does. This pace continued for a few months before coming to a halt in late August. Here are the numbers:
April 2013 - 27 lawsuits, 824 Does
May 2013 - 23 lawsuits, 875 Does
June 2013 - No lawsuits filed
July 2013 - 6 lawsuits; 152 Does
August 2013 - 1 lawsuit; 15 Does
And then… nothing.

Killer Joe may have been suing en masse and saving on its $350 filing fees by naming multiple Does to each suit, but it wasn't seeing any return on this investment. Some judges just weren't buying it.

In the Western Tennessee District Court, a judge dismissed five of its lawsuits because it failed to serve even a single defendant out of the 95 Does it sued.
On March 19, 2014, the Court ordered Plaintiff to submit a status report informing the Court about the steps that have been taken up to this point, what additional information Plaintiff requires, and what additional steps Plaintiff needs to take before it will be ready for a Rule 16(f) conference. Plaintiff’s response to the Court’s order was due within ten (10) days of the entry of the order. Plaintiff never responded to the Court’s order. Thereafter, on April 4, 2014, the Court entered an order to show cause as to why Plaintiff’s Complaints should not be dismissed without prejudice under Federal Rule of Civil Procedure 4(m). That Rule provides that “[i]f a defendant is not served within 120 days after the complaint is filed, the court–on motion or on its own after notice to the plaintiff–must dismiss the action without prejudice against the defendant or order that service be made within a specified time.” Plaintiff filed its Complaints one year ago yesterday, and more than 120 days since the entry of the Magistrate Judge’s order granting Plaintiff’s request for discovery. However, there is no evidence that Plaintiff has successfully served any Defendant named in any of the cases before the Court. To date, no Defendant has answered or appeared to defend, and Plaintiff has failed to take any further action against any Defendant.
In an Ohio district court, four more cases were voluntarily dismissed by Killer Joe -- again because it couldn't produce any defendants or otherwise respond to the court's order to show cause.


It also voluntarily dismissed four lawsuits (against 99 Does) in Illinois. A Georgia District Court judge ordered it to withdraw subpoenas issued to ISPs, only to find out Killer Joe had apparently decided to ignore her instructions. [Emphasis in the original. Also of note, famous troll fighter Blair Chintella was the attorney bringing this fact to the judge's attention.]

Although the correspondence and e-mails do not conclusively show that subpoenas were being sent after May 28, at the least, they strongly suggest that plaintiff has yet to contact the ISPs to inform them of the Court’s decision nullifying all subpoenas except for those directed at John Doe #1. For these reasons, the Court REMINDS the plaintiff that discovery should have been discontinued and rescinded as to all defendants who were severed and dismissed. The Court DIRECTS the plaintiff to immediately contact the ISPs in each case to rescind and withdraw previously-issued subpoena for each such defendant. Further, any information that plaintiff may have obtained through these subpoenas must be returned.
The same court also called out Killer Joe for the shady logic it deployed to justify suing Does en masse.
[P]laintiff’s own evidence illustrates the unlikelihood that many of the defendants identified in this action were online and “sharing” at the same time. For example, John Doe 2 was observed to have been in the BitTorrent swarm on April 7, 2013. (Activity Log, attached to Pl.’s Compl. [1] as Ex. A.) John Doe 10, however, was observed to be participating on January 22. (Id.) Therefore, John Doe 10 needed to stay online for over two (2) months in order to be involved in the same transaction as John Doe 2. This seems implausible at best.
But now Killer Joe is back in business. All it took was one default judgment against a few defendants it actually managed to track down before the lawsuits collapsed under their own ridiculousness. It has successfully managed to wrest $13,900 from two defendants -- out of a possible pool of 1,866.

This is "success" as defined by copyright trolls. A hit rate of .107%. Only being ~$6,000 in the hole after nearly two years of "litigation." (Based on the $350 filing fee only: 57 lawsuits at $350/per is $19,950.). The lawyers still need to be paid, which means the $6,000 net loss is likely much larger… unless the lawyers are working on a contingency basis, in which case they apparently have too much free time.

Killer Joe seems to have learned something from its previous experiences. It's now targeting one Doe per lawsuit. That won't make it more successful, as it still believes it can turn an IP address into a named defendant, but at least it won't be voluntarily or involuntarily dismissing dozens of potential defendants at a time and is less likely to be called out by judges for its questionable logic and mass filing schemes.

But all the same, trolls shouldn't be fed. And these defendants allowed it to happen, when even the most minimal of defensive efforts likely would have seen Killer Joe drop the case and quite possibly stop trying to convert torrent hashes into "lost" ticket sales.

Read More | 14 Comments | Leave a Comment..

Posted on Techdirt - 27 April 2015 @ 12:34pm

NSA's Stellar Wind Program Was Almost Completely Useless, Hidden From FISA Court By NSA And FBI

from the lies-on-top-of-lies-on-top-of-legal-quackery dept

A huge report (747 pages) on the NSA's Stellar Wind program has been turned over to Charlie Savage of the New York Times after a successful FOIA lawsuit. Stellar Wind has its basis in an order issued by George W. Bush shortly after the 9/11 attacks. Not an executive order, per se, but Bush basically telling the NSA that it was OK to start collecting email and phone metadata, as well as warrantlessly tap international calls into and out of the United States.

The extensive detailing of the program's history contains some rather surprising elements. While much of it remains redacted, there's still enough exposed that indicates the program was like many others the NSA has pursued: expansive, intrusive, done without oversight… and ultimately mostly useless.

In 2004, the F.B.I. looked at a sampling of all the tips to see how many had made a “significant contribution” to identifying a terrorist, deporting a terrorism suspect, or developing a confidential informant about terrorists.

Just 1.2 percent of the tips from 2001 to 2004 had made such a contribution. Two years later, the F.B.I. reviewed all the leads from the warrantless wiretapping part of Stellarwind between August 2004 and January 2006. None had proved useful.
Not that this lack of results kept those writing the report from celebrating the "successes" the FBI apparently couldn't find. Of course, there's nothing to be gleaned from this information because those have been completely redacted.

What is clear is that the program quite possibly did more harm than good. The NSA was sweeping up an unprecedented amount of information but -- because of its secret origins -- was mostly unable to share with the CIA or FBI. In particular, the warrantless wiretapping the NSA engaged in couldn't be passed on to the FBI until leaked details finally forced legislators to act on this apparent breach of Americans' privacy -- which they did by codifying the NSA's actions, making them perfectly -- and retroactively -- legal. Even then, it still posed problems for the FBI.
F.B.I. agents were asked to scrutinize phone numbers deemed suspicious because of information from the program. But the agents were not told why the numbers had been deemed suspicious, only “not to use the information in legal or judicial proceedings.”

That made some agents uncomfortable, and it was not clear how such mysterious leads fit into their rules for investigations.
The FBI, which is now heavily engaged in the management of parallel construction for law enforcement Stingray usage, found itself in the awkward position of disguising the origin of intelligence it hadn't specifically asked for, as well as having the NSA tell it what it could and couldn't say in front of judges. This would include applications made to the FISA court.
We asked [DOJ intelligence counsel James] Baker whether he thought the restrictions on the use of Stellar Wind-derived leads disseminated to field offices, as described above, were sufficient to guard against including Stellar Wind information in FISA applications. Baker stated that his experience with FBI record-keeping practices did not give him a high degree of confidence that such separation could be consistently maintained. In addition, Baker believed that the nature of FBI international terrorism investigations would make it difficult to track Stellar Wind-derived information. According the FBI OGC, Baker did not share with the FBI his concerns about whether its record-keeping practices would keep Stellar Wind information from being used in FISA applications.
Rather than disconnect the FBI from the influx of questionably-obtained NSA "tips," the administration worked with the DOJ to make it easier for the agency to find something to do with intelligence passed on by the NSA.
The Justice Department created the new type of investigation, initially called a “threat assessment,” which could be opened with lower-grade tips. Agents now use them tens of thousands of times a year.
Questionable "intel" leads to even more questionable not-quite-investigations. As can be seen by the FBI's own conclusions, about the only thing Stellar Wind did for it was increase the number of man hours wasted running down the NSA's "leads."

As for the FISA court, there's a good reason it's been perceived as a "rubber stamp" for NSA requests. Bush's secret executive authorizations were disclosed to FISA Judge Royce Lamberth by Bush himself. Further orders for these collections were routed only through Lamberth, and his successor, Colleen Kollar-Kotelly.

This belated admission (which did nothing to halt the collections) was prompted by none other than James Baker, who stumbled across a clumsy attempt at parallel construction.
[Baker] came across “strange, unattributed” language in an application for an ordinary surveillance warrant and figured it out, then insisted on telling Judge Lamberth.
Another FISA court judge did discover the NSA's Stellar Wind program, although to him it appeared to be an extensive string of telephone metadata abuses by the NSA. Judge Reggie Walton threatened to shut down the Section 215 collection entirely in 2009, concerned about the agency's deliberate misleading of the court on the program's inner workings and its extent. As Marcy Wheeler points out, these weren't technically "abuses." They were just Stellar Wind collections that failed to be properly obscured when placed in front of a FISA judge other than Colleen Kollar-Kotelly.
I have long scoffed at the claim that the phone dragnet violations discovered in 2009 were accidental. It has always been clear they were, instead, features of Stellar Wind that NSA simply never turned off, even though they violated the FISC orders on it.

The Stellar Wind IG Report liberated by Charlie Savage confirms that.

It describes that numbers were put on an alert list and automatically chained.

"An automated process was created to alert and automatically chain new and potential reportable telephone numbers using what was called an “alert list.” Telephone numbers on the alert list were automatically run against incoming metadata to look for contacts. (PDF 31)"

This was precisely the substance of the violations admitted in 2009.
Kollar-Kotelly, on the other hand, was much more indulgent when responding to NSA requests, allowing the agency to recast the low bar of pen register orders as justifying bulk email metadata collections obtained through Stellar Wind -- something she did a few years before the NSA allowed Stellar Wind to bleed into its Section 215 collections.

The documents don't restore any faith in the "oversight" of the NSA's activities. Instead, it shows two presidents acting in secrecy to permit the surveillance of American citizens and involved agencies covering it up with parallel construction, intense secrecy, manipulation of oversight bodies and several very questionable legal theories.

Read More | 8 Comments | Leave a Comment..

Posted on Techdirt - 27 April 2015 @ 9:26am

Motel Decides It Should Just Start Faxing All Guest Info To Local Police Every Night

from the corporate-suckup dept

The Third Party Doctrine is ridiculous. Law enforcement and intelligence agencies routinely exploit this loophole to warrantlessly access all sorts of data because of the stupid assertion that anything you "voluntarily" turn over to a third party carries no expectation of privacy. The agencies blow right past the reality of the situation: that any "voluntary" exchange of personal data for services is anything but voluntary. Service providers won't provide you with an internet connection or cell phone service without collecting massive amounts of usage data. Hotels and motels won't rent you a room unless you tell them who you are and provide documentation to back up your claims.

So, it's stupid all over and no one's in any hurry to fix it because drugs need to be warred against and terrorists must be handcrafted by FBI undercover agents and the rest of whatever. The courts have generally refused to stretch the Fourth Amendment to cover the data created by these involuntary exchanges. That's a problem and one that is only very slowly being addressed.

Motel 6 has just decided to make it worse. While warrantless access to motel records is being challenged in the Supreme Court, the chain has decided to preemptively strip away any privacy expectations that may result from court rulings and just hand it all over to law enforcement because sometimes criminals stay in motel rooms.

City police have arrested four people staying at the Motel 6 on Jefferson Boulevard as a result of the hotel chain's agreement to provide police with a daily guest list, Mayor Scott Avedisian said Tuesday.

The names of Motel 6 guests, which police then check for outstanding warrants, is one of five steps Motel 6 corporate managers agreed to take in response to a string of high-profile incidents and concerns the establishment was becoming a haven for passing criminals.
Everything about this is pure bootlicking dickishness. See if you can finish reading this statement without looking for something to wipe all the "smug" off you.
"We know everyone who is staying in the hotel tonight," [Mayor Scott] Avedisian said in a phone interview after a meeting with Motel 6 executives that also included Warwick police chief Col. Stephen M. McCartney and Seekonk, Mass., Town Administrator Shawn E. Cadime.
Great. And that's your business why? Oh, because some arrests were made. A modicum of successful law enforcement cures all privacy ills, etc.

Motel 6's spokesmouths aren't exactly coming across as champions of the people either.
As of now, guests who check-in at Warwick’s Motel 6 will not be told their names are on a list that goes to the police station every night.

Alerting motel guests that local police know their whereabouts "is not a normal process of our check-in,” said Victor Glover, a vice president of safety and security for G6 Hospitality, the parent company for Motel 6. “I don’t know that we have any plans of instituting that as we move forward.”
Now that Motel 6 has stepped up to serve as a purveyor of moderately-priced rooms and a fully compliant police informant, law enforcement's foot is completely wedged in the door between room rentals and personal privacy. Mayor Avedisian plans to use Motel 6's kowtowing as leverage against other hotels and motels in the area.
Avedisian said now that Motel 6 has agreed to share its national "do not rent" list of problem guests, he intends to reach out to the Rhode Island Hospitality Association to see if other establishments in the city would be willing to do the same.
I have no problem with private businesses maintaining lists of customers they won't do business with and passing on this information to police if the list contains suspected criminals. But that's miles away from what Motel 6 has agreed to do -- hand over information on everybody who rents a room before the police even ask for it. That's just begging for a lawsuit.

The Warwick police chief says his department never demanded this level of compliance. This was Motel 6's own offering in response to a couple of high profile sex trafficking arrests and pressure from the city, which threatened it with lawsuits and additional regulation. Rather than recognize it as the sort of unfortunate thing that happens from time to time and just move on, Motel 6's execs decided the solution was to fax over a list of guests every evening. The police have no idea on what sort of privacy protections it will put into force -- if anything. Police Chief Stephen McCartney has passed the buck to the state attorney general... as if that mainly-prosecutorial office is going to issue tough restrictions on data retention or meaningful privacy protections.

The Third Party Doctrine is already terrible enough. What it doesn't need is do-gooders like Motel 6 erasing what minimal line there is between its customers' data and law enforcement.

73 Comments | Leave a Comment..

Posted on Techdirt - 24 April 2015 @ 6:12pm

UK Government Belated FOI Transparency Lamented By The Man Who Pushed For It, 'Cash-Strapped' Agencies

from the stupid-public-keeps-demanding-something-in-return-for-its-tax-dollars dept

The UK's Freedom of Information law was a long time coming. In contrast to the United States government, which (begrudgingly) (and only sort of) threw open its filing cabinets for its citizens' perusal in 1966, the UK's version didn't go live until 2005, after nine years of legislative maneuvering. Tony Blair, who started the push as an opposition leader, was already expressing his regrets five years later.

“Freedom of information,” he wrote in his 2010 memoir, “A Journey.”“Three harmless words. I look at those words as I write them, and feel like shaking my head till it drops off my shoulders. You idiot. You naïve, foolish, irresponsible nincompoop.”
And why wouldn't he? It's a wonderful tool of transparency and accountability. But it's also this:
The requests come in to local councils with appalling regularity: “How many residents in Sutton own an ostrich?” “What procedures are in place for a zombie invasion of Cumbria?” “How many people have been banned from Birmingham Library because they smell?”

In Wigan, the council was asked what plans were in place to protect the town from a dragon attack, while Worthing Borough Council had to outline its preparations for an asteroid crash.
That's the unavoidable side effect of allowing the public to request information from their government. These requests are referred to as "vexatious" and a waste of government funds. But the alternative is to "go dark." There's no middle ground that won't ultimately be misused by government agencies to withhold more information than they already do. And judging from what's been uncovered so far thanks to the UK's FOI law, there's nothing many government entities would like more than additional exceptions and exemptions.
A slew of political scandals have come to light under the act. It was Ms. Brooke’s F.O.I. request that ultimately led to the parliamentary expenses scandal in 2009, resulting in the imprisonment of five Labour members of Parliament and two Conservative peers.

More recently, Jeremy Hunt, the current health secretary who formerly was culture secretary, was embroiled in controversy after F.O.I. requests revealed his close relationship with Rupert Murdoch’s media empire during News Corp’s approximately $12 billion bid for the broadcaster BSkyB. And Eric Pickles, the minister for communities and local government, landed in hot water for spending about $110,000 on tea and biscuits in a single year.
Smaller government bodies are the ones doing the most complaining about the costs of responding to FOI requests. The complaint is partially legitimate. Less funding means stretching tax dollars further. But it also leads to some disingenuous proclamations.
At Buckinghamshire County Council, workers last year spent 11,276 hours handling more than 1,700 requests, costing the taxpayers more than $400,000. The leader of the council, Martin Tett, complained of the cost in “times of austerity.”

“This is money we could be spending on other vital services, like children’s services or care for the elderly,” he said.
There's a solution to that problem, and it doesn't involve a return to greater secrecy. It's a national law, and funding to cover requests should be made available by the UK government itself if smaller locales find themselves cutting children's services to handle FOI requests. Sure, there's not an infinite amount of funds available, but what's being spent on handling FOI requests is basically a rounding error.
Between October 2013 and September 2014, central government departments received 48,727 requests, which would put the approximate annual cost of freedom of information at over $20 million.

Still, as advocates point out, that represents about 0.0019 percent of the budget — and $20 million is less than what the British taxpayer has paid for the travel expenses of Prince Andrew, the Duke of York.
While ostriches, asteroids and dragons may be "wasting" local funds, the amount spent handling requests is almost nonexistent. Local governments should be petitioning the national government for FOI funding assistance, not claiming that increased transparency is robbing the elderly of proper care or taking food out of children's mouths. It's "think of the children," slightly rephrased. Whenever funds run low, government agencies never take a look at the $110,0000 spent on tea and biscuits. They'd much rather generate outrage and sympathy by pointing the fiscal gun at the heads of retirees and schoolchildren.

Considering the amount of fiscal impropriety FOI requests uncover (despite the best efforts of government agencies to thwart them), it can easily be argued that this transparency pays for itself -- especially when it only has to cover .002% of the national budget to break even.

14 Comments | Leave a Comment..

Posted on Techdirt - 24 April 2015 @ 1:47pm

DHS Opening Office In Silicon Valley To More Efficiently Complain To Tech Companies About Encryption

from the we-have-no-solutions-but-we-do-have-plenty-of-talking-points! dept

If only the endlessly-escalating West Coast cost of living could have prevented this:

Today I am pleased to announce that the Department of Homeland Security is also finalizing plans to open up a satellite office in Silicon Valley, to serve as another point of contact with our friends here. We want to strengthen critical relationships in Silicon Valley and ensure that the government and the private sector benefit from each other’s research and development.
That's Jeh Johnson addressing the crowd at the RSA Conference. Of all the news no one wanted to hear, this has to be close to the top of the list. Three-lettered government agencies are pretty much NIMBY as far as the tech world is concerned, especially after Snowden's revelations have seriously and swiftly eroded trust in the government.
No one wants a next-door neighbor who's going to constantly be dropping by for a cup of decryption.

The current course we are on, toward deeper and deeper encryption in response to the demands of the marketplace, is one that presents real challenges for those in law enforcement and national security.

Let me be clear: I understand the importance of what encryption brings to privacy. But, imagine the problems if, well after the advent of the telephone, the warrant authority of the government to investigate crime had extended only to the U.S. mail.

Our inability to access encrypted information poses public safety challenges. In fact, encryption is making it harder for your government to find criminal activity, and potential terrorist activity.

We in government know that a solution to this dilemma must take full account of the privacy rights and expectations of the American public, the state of the technology, and the cybersecurity of American businesses.

We need your help to find the solution.
"Let me be clear: I understand the importance of what doors bring to privacy. But, imagine the problems if, well after humanity moved out of caves, the warrant authority of the government to investigate crime had only extended to dwellings without doors."

Bullshit. The DHS, along with other law enforcement agencies -- is seeking is the path of least resistance. It can get warrants to search encrypted devices. It just may not be able to immediately crack them open and feast on the innards. It may also get court orders to compel decryption. This is far less assured and risks dragging the Fifth Amendment down to the Fourth's level, but it's still an option.

Then there's the option of subpoenaing third parties, like cloud storage services, to find the content that can't be accessed on the phone. So, it's not as though it's locked out forever. This may happen occasionally but it won't suddenly turn law enforcement into a wholly futile pursuit.

Silicon Valley isn't going to help the DHS "find a solution." There isn't one. The DHS may as well get some legislation going and force companies to provide a stupid "good guys only" backdoor because the tech world already knows you can't keep bad guys out with broken encryption. This should be painfully obvious and yet, the "good guy" agencies seem to think tech companies are just holding out on them.

From there, Johnson switches to his most disingenuous rhetorical device: the assertion that Americans are clamoring for an unrealistic level of safety.
I tell audiences that I can build you a perfectly safe city on a hill, but it will constitute a prison.
Who the fuck is asking you to do that? The only people pushing for "perfectly safe" are government agencies who like big budgets and increased power and the private companies that profit from this sort of fearmongering. Most Americans are far more pragmatic and they'd rather keep what's left of their privacy and civil liberties, even if it means the safety of the country is slightly less assured.

And this makes me want to vomit with contempt:
In the name of homeland security, we can build more walls, erect more screening devices, interrogate more people, and make everybody suspicious of each other, but we should not do this at the cost of who we are as a nation of people who cherish privacy and freedom to travel, celebrate our diversity, and who are not afraid.
THAT IS LITERALLY ALL YOU HAVE DONE SINCE 2001.

In the name of "homeland security," we have TSA agents groping people, breaking their luggage, humiliating people with medical issues and stealing personal belongings -- all without ever having prevented a single attempted hijacking or bombing. In the name of "national security," we have indulged every nosy do-gooder with numerous hotlines to report their neighbors' ownership of luggage or cameras or pressure cookers. In the name of the "war on terror," we have a 100-mile buffer zone around the nation's borders that nearly completely eliminates every Constitutional protection.

Jeh Johnson hasn't been in the position long, but he's already descended into inadvertent self-parody. This speech was apparently delivered with complete sincerity, which means Johnson has no idea how his agency is perceived. There are very few people who believe the DHS is some sort of civil liberties champion. Jeh Johnson is obviously one of them.

40 Comments | Leave a Comment..

Posted on Techdirt - 24 April 2015 @ 12:38pm

Designer Still Pursuing Bogus Takedown Of Periodic Table Of HTML Elements; Has No Idea How Copyright Works

from the Australia:-land-of-IP-thieves,-pop.-2 dept

Very recently, we covered designer Alara Mills' wholly misguided takedown efforts against Mike Riethmuller, a coder who crafted a periodic table of HTML 5 elements that she claimed looked like hers. Here's Riethmuller's:


Which was inspired by Josh Duck's earlier effort:


Neither of which look like the HTML 5 table Alara Mills sells:


But she claims Duck's (and consequently, Riethmuller's) infringes on this earlier version, which was the subject of a lawsuit she brought against Duck.


The suit was dismissed. Duck settled rather than fight Mills' baseless claims, which included the unsupported accusation that somehow Duck had intercepted her original version -- which she had emailed to someone else entirely -- and used that to craft his version. From the cease-and-desist order, in which her lawyers don't sound too sure about the theory their client is pushing:
Ms. Mills submitted an earlier version of her chart within a book prospectus to a publisher in July 29, 2010, a copy of which is enclosed. This is the version that was possibly leaked to you in creation of your Periodic Table.
Using this "win" (she voluntarily dismissed the suit with prejudice), she's now pursuing Riethmuller over his Duck-inspired version -- not because it looks like her current version, but because it looks like the unreleased version Duck supposedly infringed on.

When I wrapped up the last post, I noted that Mills had apologized to Riethmuller and withdrawn her legal threats. Apparently, that move was just PR-related. Mills had no intention of dropping her baseless claims against Riethmuller. The same night that post went live (with the final "good news" added to it), she reversed course. Mills has filed a followup complaint to Github in hopes of expediting the removal of Riethmuller's HTML 5 table.

Here's her original takedown request, which spends as much time on claims of "owning" common elements like Mendeleev's periodic table design and coding constants as it does espousing conspiracy theories and mangling IP terminology. [Interrupted periodically for commentary.]
I, Alara Mills, have read and understand GitHub's Guide to Filing a DMCA Notice.

1.     Identify the copyrighted work you believe has been infringed.
The copyrighted work I believe is infringed is my copyright in the 2-D artwork titled “The HTML Table of Elements.” The copyright is registered with the United States Copyright Office with an effective date of registration of January 27, 2010 and registration number VAu 1-014-116. “The HTML Table of Elements” is my original, United States copyrighted artwork. It is an original work inspired by the Periodic Table of Elements from chemistry that I first sketched out on paper December 25, 2009. The HTML Elements within my chart are placed in my own unique categories. It is this unique ordering that took it out of fair use and thereby made it eligible for copyright. (Author's unique ordering of HTML5 Elements within their literary books is also what makes them unique for copyright.)
[You can't take something "out" of fair use. Fair use is a defense. She may have meant "public domain," but even if so, she's still completely wrong. You can make use of public domain elements, but what you can't do is "remove" them so that no one else can do the same. But that's what she's claiming.]
2. Identify the material that you allege is infringing the copyrighted work listed in item #1, above.
The material I am alleging is infringing the copyrighted work is hosted at the following URL: http://madebymike.com.au/html5-periodic-table/


My HTML Elements and Attributes Infographic has evolved into a proprietary graphic with various derivative works. The one in question is an earlier derivative work which was submitted within a book prospectus submitted to publishers as early as May 2010. This version was leaked to Joshua Duck, who then made an unauthorized derivative work of my original work and hosted it at http://joshduck.com/periodic-table.html.
[Word salad. First, this still assumes that these are "derivative" from her works, when there's very little evidence to support that. And, remember, the only control Mills has is on derivative works of the parts of the original that was actually protectable by copyright. And there's almost nothing in the original that is protectable -- and what little there is does not appear to be carried over into Duck's or Riethmuller's design. And, of course, this argument rests on the still-unsubstantiated claim that Duck had access to her earlier versions and used that as the basis for his table.]
I filed a lawsuit against Joshua Duck March 2014 and the matter was settled out of court with Joshua Duck agreeing to removing the infringing content and not to use it again (Settlement agreement is attached). However, I have discovered that Michael Riethmuller has recreated another unauthorized derivative work which is an exact recreation of Josh Duck's work, which is also an unauthorized derivative work which infringed on my copyrighted work.
[It's not an "exact" recreation. It's significantly different and it's inspired by Duck's version, rather than being a ripoff of a ripoff of Mills' questionable "original."]
3.     Explain what the affected user would need to do in order to remedy the infringement
I recently emailed Michael Riethmuller to express my concerns and asked him to please change the credit language he is attributing to Josh Duck on his sites page. I am willing to allow Michael Riethmueller to keep the derivative work IF he is willing to update the credit language to state me as the true and rightful owner of the work.
[The only person who believes you're the "rightful owner" of common coding elements arrayed on a remix of Mendeleev's periodic table is YOU, Ms. Mills.]
He has not responded, which makes me allege that Josh Duck is somehow behind Michael Riethmuller recreation of his work, to add injury to insult. Additionally, both parties are coincidentally from Australia, though Josh Duck now resides in Northern California and is employed at Facebook. If Michael is unwilling to make this change in credit of the work, then I want to request for it to be completely taken down.
[The world according to Mills: Australia is a continent inhabited solely by Riethmuller and Duck, who have both conspired to screw Mills out of some poster sales. This bizarre theory helps explain why Mills can't be dissuaded of her notion that Duck somehow intercepted her earlier, unpublished chart. The world -- well, at least Australia -- has it in for Mills and will stop at nothing to steal her HTML 5 table.]
I also want to challenge Michael Riethmuller's threat that he will simply send a counter to my take down request on the bases of fair-use. Though the periodic table is fair-use and the HTML5 elements categorized by the W3.org is fair-use, my unique effort in categorizing and placement of the HTML5 elements within my chart made it eligible for U. S. copyright. Josh Duck copied my work without permission and with the false assumption that it was not copyrighted and thus he did not apply any real originality to his version, using the exact same color choices and placement of the elements within his chart making them jarringly similar. It is for this reason that I am asking Michael Riethmuller to either give appropriate credit to me at the true author of his "inspired" work, or take it down.
[Nice. A preemptive strike against fair use. The best offense is a good offense, I guess. As for the rest, anyone with eyes can see Duck's version does not use the "exact same color choices and placement of elements." And this has to be the first recorded use of the phrase "jarringly similar." Click through for the full-size version.]


The original takedown request is thoroughly ridiculous. As is Mills herself, who keeps finding conspiracies where none exist and doesn't seem to have even a basic understanding of fair use, idea vs. expression, derivative works or even that her chart she claims Duck copied exactly only very faintly resembles her version.

So, she told Riethmuller she'd drop all of this and let it go. That was the evening after the post went live. The next day, Riethmuller emailed me Mills' revived effort to have his table kicked off of Github.
Dear Github Support,

I am emailing to follow-up on the status of my DMCA notice. As per my last communication with Michael Riethmueller, I requested that he please place an appropriate credit to me as the original author of the work instead of taking down the work all together.

There is no mistake as to my copyrighted work being a protected work that does not fall under fair-use.
[This again. FAIR USE DOES NOT WORK THAT WAY. You can't exempt your copyrighted material from fair use. It either is or it isn't, but you can't somehow get out ahead of it just by declaring your work not open to fair use.]
I added enough originality to the expression of this art work by placing the HTML5 elements in my own unique order different from the World Wide Web Consortium's categorization of the HTML elements. This is the same copyright protect that is granted to all other authors of HTML5 literary books: they all came up with their own unique listing of the HTML elements within their works.
[So what? Just like all these authors used the same common elements to create protect-able creations, so did Mills. And Duck. And Riethmuller. It is completely possible for all of these to exist without infringing on each other and for every single one to be protected by copyright. Mills cannot seem to wrap her mind around this concept.]
The work that Michael Riethmueller is using is a modified version of Josh Duck's unauthorized version of my original art work. Josh Duck was under the false assumption that my work was not copyrighted and therefore copied my exact color scheme and placement of the HTML elements making the works too similar.
["Too similar?" It isn't. It's only as "similar" as the elements behind it force it to be (Mendeleev's periodic table design; the semi-rigid hierarchy of coding elements).]
I don't think it is unreasonable for me to request that Michael Riethmueller's work be credited appropriately to me to avoid additional unauthorized use of his work. Again, if Mr. Riethmueller is unwilling to update the author credit, I do want to request to have the work taken down.
[Riethmuller won't credit her because he never saw Mills' version. He may have seen Duck's version and his more closely bears resemblance to Duck's than to Mills', but either way none of these charts bear enough resemblance to each other to make one of them infringing. Riethmuller owes Mills nothing in the way of "credit." She had no part of this. She only thinks she does because she registered her version back in 2010 and now feels other versions are somehow infringing on her creation.]
Given Michael Riethmueller's refusal to credit the work to me as the rightful owner, I am also alleging that Josh Duck is somehow very much behind Michael's recreated work as a form of retaliation for my rightfully filing a lawsuit against him which was settled out of court at Josh Duck's explicit request.
[More conspiracy theories. Nothing factual alleged here and veering very close to being defamatory. This argument is about as worthless as her decision to play the sexism card during my earlier Twitter conversation with her. (If you're planning on chatting with her, get screenshots. She likes to delete tweets.]


So, Mills has learned nothing other than how to give the appearance that she's learned something. She's continuing to push Riethmuller to give her credit she doesn't deserve (and which is not a part of copyright law anyway) and she has clearly shown she doesn't understand the first thing about fair use, derivative works or that the underlying elements of "her" HTML 5 periodic table can be remixed in a number of highly-similar ways without infringing on her "original."

From where I sit, there just aren't enough periodic tables of HTML 5 elements and that situation should be remedied, although I would ask any Australians to refrain from participating unless they already know everyone else who lives on their continent.

63 Comments | Leave a Comment..

Posted on Techdirt - 24 April 2015 @ 11:30am

In Deal To Get Loretta Lynch Confirmed As Attorney General, Senate Agrees To Undermine Free Speech On The Internet

from the to-save-victims,-we-must-destroy-the-innocent dept

Two versions of bills aimed at sex trafficking are being kicked around by legislators. The SAVE Act (Stop Advertising Victims of Exploitation) passed out of the House last year. The Senate version -- the much-less-acronymically-catchy JVTA (Justice for Victims of Trafficking Act) is looking to be no better than the House's version, thanks to a last-minute proposed amendment from Senator Mark Kirk, who's been dying to kill off Backpages.com's adult advertising for quite some time now. And Kirk was able to get this terrible amendment added as part of the "Senate deal" to finally confirm Loretta Lynch as our new Attorney General.

Unfortunately, part of the deal to move the bill forward appears to include a version of the SAVE Act which will amend existing federal anti-trafficking law in vague ways that will be used to prosecute online content hosts for third-party content. This bill, Amendment 273 to the JVTA, closely parallels a version of the SAVE Act that passed the House in January.
As can be clearly seen by the House bill's title, advertising is being targeted. Kirk's amendment adds "advertising" to the list of forbidden activities, which obviously will have repercussions for website owners should this pass with the amendment attached. It would effectively wipe out Section 230 for many websites, if any content on their sites is seen as "advertising sex trafficking."

Obviously, no one here is supporting "sex trafficking," but the focus should be on going after the actual people engaged in sex trafficking -- not allowing criminal charges to be placed against any website that didn't magically block someone putting up such ads. In an age of user generated content, such "advertising" content could potentially show up anywhere -- and any website operator who doesn't magically find and delete all of it faces criminal charges (that our incoming Attorney General can then use to go after them).

This would put website owners in the line of fire, should they fail to immediately delete advertising that falls under the purview of this law. ISPs, search engines and carriers are exempted from the SAVE Act, but site owners are not. Not only that, but if more of the SAVE Act gets folded into the JVTA, site owners will be given the burden of acquiring proof that every affected ad only pertains to adults over the age of 18. Failure to do so could result in a five-year prison sentence.

In a perfect world, illegal ads would be easy to spot. But it isn't a perfect world and those advertising illicit services are highly unlikely to hand over the information site owners need to have on hand to avoid being held responsible for third-party postings. It's a quick evisceration of Section 230 protections being performed by a very broad blade.

The bill's sponsors are more than happy to admit they're trying to attack Backpages and Craigslist. This is questionable enough, but they're apparently unconcerned if other site owners -- ones who don't specialize in advertising -- get caught in the crossfire.
This vagueness and the resulting uncertainty it brings for hosts of third-party content will create a chilling effect on hosts’ willingness to allow users to upload content to their platforms. The specter of facing federal criminal trafficking charges over content created by someone else will make content hosts extremely wary and will encourage over-blocking of wholly lawful, constitutionally protected speech.
Worse -- at least from the perspective of trying to eliminate trafficking ads -- the wording of the bill suggests the best way for site owners to win is not to play.
One thing is clear: by creating a situation where a host is vulnerable to liability if it has knowledge of trafficking-related content on its servers, Amendment 273 will actually discourage proactive filtering and screening mechanisms that many platforms currently employ.
If this appears to be the safest route for site owners to take, this law will result in more trafficking ads, rather than less.

Even further on this point, right now, sites like Craigslist and Backpages are great tools for law enforcement to find and track down actual sex traffickers. Putting the liability on them to stop the advertisements or face criminal charges doesn't stop the sex trafficking at all, it just makes it that much harder for law enforcement to find it. Does Senator Kirk really want to go down as the Senator who made it more difficult for law enforcement to find and arrest sex traffickers?

This language also suggests a certain amount of laziness on the part of those pushing the bills, as well as those charged with enforcing it. It's a whole lot easier to track down site owners and punish them than it is to find out who's behind the posting of illicit ads. By dumping the burden of proof -- as well as a certain amount of liability -- on site owners, law enforcement agencies will be encouraged to harvest the low-hanging fruit first. And while they do, those touting these laws will praise their efforts, despite the paucity of actual traffickers arrested or indicted.

17 Comments | Leave a Comment..

Posted on Techdirt - 24 April 2015 @ 6:04am

Irish Legislator Proposes Law That Would Make Annoying People Online A Criminal Act

from the because-snail-mail,-telephones-and-the-internet-are-all-the-same,-right? dept

Is Ireland looking to pass a law that would "outlaw ebooks and jail people for annoying others?" Well, no, not really, but that's the sort of unintended consequences that follow when laws are updated for the 21st century using little more than a word swap. (h/t Brian Sheehan)

Ireland has had long-standing laws against harassment via snail mail, telephones and (as of 2007) SMS messages. A 2014 report by the government's somewhat troublingly-named "Internet Content Governance Advisory Group" recommended updating this section of the law to cover email, social media and other internet-related transmissions. UPDATE APPLIED:

1. The Post Office (Amendment) Act 1951 is amended in section 13, as substituted by section 4 of and Schedule 1 to the Communications Regulation (Amendment) Act 2007, by the substitution of the following section:

“Offences in connection with public electronic communications networks

13. (1) A person who—

(a) sends or causes to be sent, by means of a public electronic communications network, a message or other matter that is grossly offensive or is indecent, obscene or menacing, or


(b) for the purpose of causing annoyance, inconvenience or needless anxiety to another—

(i) sends or causes to be sent, by means of a public electronic communications network, a message that the sender knows to be false, or

(ii) persistently and without reasonable cause makes use of a public electronic communications network, is guilty of an offence.
Violators are looking at sentences ranging from 1-5 years and fines of up to €75,000 -- all for doing something as minor as "causing annoyance, inconvenience or anxiety." In addition, the proposed amendment would provide for the seizure of devices used to send the annoying messages, including computers, cell phones -- even the internet connection itself.

Provisions for device seizures first showed up in the 2007 update, as cell phones finally gave law enforcers something they could confiscate with minimal public outrage, at least at that point. Even in 2015, it's still pretty difficult to justify cutting off someone's phone service and almost impossible to find anyone who agrees that banning someone from using the postal service isn't a pretty clear violation of basic rights. But when it comes to computers and internet connections, many legislators still feel these essential tools of communication are just "luxuries" -- a status they haven't held for several years.

But back to the headline. The broad language -- if read literally -- could make emailing an ebook to someone a criminal offense. Works of fiction are, by definition, false. But this isn't a new "feature" of this proposed amendment. The sending of knowingly false messages dates back to the day when people still routed most of their communications through the post office. So, everyone who's ever sent anyone a fictional book through the mail -- including Amazon -- is a potential violator of this law.

It's the vestigial language from previous iterations of the law -- words meant to target scam artists and aggressive telemarketers -- that is problematic. Simply appending the words "electronic communications" to an old law doesn't address the perceived problem (cyberbullying is cited in the governance group's report). It just creates new problems.

Written in this manner, the proposed law allows the pursuit of criminal charges for annoyance and inconvenience -- and the internet has plenty of both. The saving grace is that this pursuit is left to law enforcement, rather than routed through a civil process. It's a criminal offense, which is an adversarial process every step of the way -- in stark contrast to other, far more terrible "cyberbullying" laws that shift the burden of proof to the accused --- if they're even allowed to defend themselves.

Yes, the law is badly written, but it's a not a legislative land grab. It's just a lazy update to an existing law -- one that may have worked out fairly well given the narrow confines under which it operated. But this proposal -- a lazy "on the internet" patch job -- has the potential to criminalize lots of previously protected speech.

Read More | 29 Comments | Leave a Comment..

Posted on Techdirt - 24 April 2015 @ 4:01am

Canada Extends Copyright Terms, Finally Giving Musicians Who Released Works More Than 50 Years Ago A Reason To Create

from the INCENTIVES! dept

For reasons no more sound than it possibly felt a bit inadequate when comparing copyright term length with its next-door-neighbor, Canada has increased the copyright term for sound recordings and performances from 50 years to 70 years. Supposedly, this will spur on further creative efforts in the future, seeing as the previous copyright term length brought about a creative drought spanning nearly two decades -- one that commenced shortly after the end of World War II.

This move will allow Canada to keep apace of the United States' contributions to the public domain by ratcheting that number closer to the desired "zero." This should also trigger a massive explosion in creation, seeing as many recording artists will now be able to monetarily support their record labels far into their golden years (theirs -- not the record labels'). This will also serve to keep the recordings out of the hands of deadbeats… like libraries… or archivists.

Michael Geist figures the TPP is behind this copyright extension.

The TPP is nearing the end game and the U.S. is still demanding many changes to Canadian copyright law, including copyright term extension for all works (not just sound recordings). The Canadian government’s strategy in recent years has been to enact reforms before the trade agreements are finalized in order to enhance its bargaining position. For example, it moved forward with notice-and-notice rules for Internet providers without the necessary regulations in order to have the system in place and protect it at the TPP talks. It may be trying to do the same here by extending term on sound recordings and hoping that that concession satisfies U.S. copyright demands.
This outside pressure would seem to be the prime motivator. It certainly isn't coming from within the country -- not even from the expected cheerleaders of upwardly-mobile copyright terms.
[J]ust last year the Standing Committee on Canadian Heritage conducted a major review of the music industry in Canada with dozens of witnesses taking the time to appear or submit briefs. The final report and the government’s response never raise the term of protection for sound recordings and performances as a concern.
But Canadian citizens shouldn't get too upset by this wholly expected turn of events. After all, as the head of Music Canada (RIAA, but maple-flavored) points out, an increasingly empty public domain is much better for the public than the alternative.
"With each passing day, Canadian treasures like Universal Soldier by Buffy Sainte-Marie are lost to the public domain. This is not in the public interest. It does not benefit the creator or their investors and it will have an adverse impact on the Canadian economy.”
Perhaps this argument could be repurposed for income tax: "Contributing money to public funds is not in the public interest. It does not benefit the guy who wants to keep all that money for himself." The "public interest," apparently, is whatever benefits the labels represented by Music Canada, rather than any other commonly-accepted definition.

Perhaps the worst excuse for this unneeded extension is this: it helps producers and musicians catch up with the positively surreal copyright terms songwriters and composers enjoy.
Songwriters and performing artists both contribute to the success of a recording. In Canada, the copyright in musical works subsists for the life of the songwriter plus 50 years. Performing artists are not treated equally, as their copyrights expire 50 years after the recording is made. Term extension to 70 years after recording or release partially addresses this disparity.
The smarter move would be to adjust the lengthier term down, rather than crank the shorter terms up. But once you've handed out this extension to a set of creators, you'll never be allowed to roll it back. The creators may recognize the ridiculousness of this arrangement, but those that benefit the most from extended terms -- the middlemen -- have enough clout to ensure copyright protections constantly expand.

45 Comments | Leave a Comment..

Posted on Techdirt - 23 April 2015 @ 9:03pm

A Residence With Locking Doors And A Working Toilet Is All That's Needed To Justify A No-Knock Warrant

from the In-Every-Dream-Home,-a-SWAT-raid dept

No-knock warrants have become the strategy of first choice for many police departments. Most of these target those suspected of drug possession or sales, rather than the truly dangerous situations they should be reserved for. The rise in no-knock warrants has resulted in an increased number of deadly altercations. Cops have been shot in self-defense by residents who thought their homes were being invaded by criminals. Innocent parties have been wounded or killed because the element of surprise police feel is so essential in preventing the destruction of evidence puts cops -- often duded up in military gear -- into a mindset that demands violent reaction to any perceived threat. In these situations, the noise and confusion turns everything into a possible threat, even the motions of frightened people who don't have time to grasp the reality -- and severity -- of the situation.

No-knock warrants are basically SWATting, with cops -- rather than 13-year-old gamers -- instigating the response. Judges should be holding any no-knock warrant request to a higher standard and demand more evidentiary justification for the extreme measure -- especially considering the heightened probability of a violent outcome. But they don't.

A Massachusetts court decision posted by the extremely essential FourthAmendment.com shows just how little it takes to obtain a no-knock warrant. The probable cause provided to obtain the no-knock warrant was ridiculous, but it wasn't challenged by the magistrate who signed off on the request. What's detailed here should raise concerns in every citizen.

The affidavit supporting the warrant contained the following representations: 1) the extensive training and experience in drug investigations, controlled purchases and arrests of the officer who made the affidavit, 2) the confidential informant's report that the apartment for which a warrant was sought was "small, confined and private," 3) the confidential informant's report that the defendant "keeps his door locked and admits only people whom he knows," 4) the fact that the defendant sold drugs to the informant only after arrangements were made by telephone, and 5) the officer's assessment that, given the retail nature of the defendant's operation and the fragile nature of the illegal drugs involved, "it would not be difficult for [the defendant] to destroy the narcotics if given the forewarning."
In other words, if you have a "private" home with working toilets and locks and you don't routinely allow complete strangers to wander around your home, you, too, could be subjected to a no-knock warrant. This description fits pretty much every person who lives in a residence anywhere. All it takes is an officer's "upon information and belief" statement and a few assertions from a confidential informant, whose otherwise unreliable narration (if, say, he/she was facing charges in court) is routinely treated as infallible by cops and courts alike.

The appeals court may have pointed out how ridiculous this warrant application is, but its statements are far removed from the time and place the application was submitted, approved and served. So, the courts still provide an avenue of recourse, but this decision does nothing to prevent cops from using the same specious assertions to obtain no-knock warrants in the future.

In fact, this decision possibly makes the situation worse. The court notes that many of the assertions made by the police in support of the no-knock application aren't solely applicable to the presumed destruction of evidence. The apartment's "small size" would supposedly make it "easier" for the suspect to destroy evidence during the serving of a normal warrant. The court points out that the limited confines would also make it easier for officers to find and apprehend the suspect before such destruction could take place. It also points out that a locked door isn't just a thing people use to keep cops out. They also use it to keep other criminals out, like burglars.

But in the end, the evidence obtained by the no-knock search remained unsuppressed. Even though the warrant application made a bunch of broad assertions that could conceivably cover every private residence, the defects in the paperwork couldn't overcome the court's willingness to cut the PD some slack.
Applying these principles to the present circumstances, we conclude that suppression is not warranted. The police did not act unilaterally; they properly applied for a warrant, requested a no-knock provision and submitted an affidavit setting forth all the available and relevant facts known to them. While we conclude as a matter of law that they did not ultimately provide sufficient basis for the issuance of the warrant in that form, the police did not act in bad faith, and the defendant makes no such claim. Having obtained the warrant, they observed its strictures.
The "good faith exception" triumphs again. Police officers don't need to know if the law they're trying to enforce is even on the books, nor do they have to provide actual probable cause to obtain a warrant. They just have to "reasonably" believe they're in the right, and wait for a court to back up their beliefs. Faith-based policing means every citizen needs to follow the letter and spirit of wholly imaginary laws, and subject themselves to whatever powers law enforcement officers "reasonably believe" they have.

This decision changes nothing. In fact, it makes things worse for Massachusetts residents. Cops can still obtain warrants using almost nothing in the way of probable cause, and when challenged in court, rely on judges to uphold the belief that officers always "try their best" --- even when it appears they barely tried at all.

Read More | 85 Comments | Leave a Comment..

Posted on Techdirt - 23 April 2015 @ 4:05pm

Attorney Representing Whistleblowing Cops Claims Police Department Dropped Spyware On His Hard Drive

from the RAT.EXE dept

This news is infuriating if true. And its chance of being true are pretty high, considering how little cops having the whistle blown on them care for those blowing the whistle. In this case, police officials didn't just stonewall a court order to produce records. They also allegedly dropped backdoors and keyloggers onto the plaintiff's hard drive.

An Arkansas lawyer representing current and former police officers in a contentious whistle-blower lawsuit is crying foul after finding three distinct pieces of malware on an external hard drive supplied by police department officials.
In response to a discovery request, the Fort Smith Police Department was ordered to turn over numerous items, including Word documents, PDFs and emails. Attorney Matt Campbell provided an external hard drive to the PD. When it was returned to him, it contained some of what he requested, along with three pieces of software he definitely didn't request.
In a subfolder titled D:\Bales Court Order, a computer security consultant for Campbell allegedly found three well-known trojans, including:

Win32:Zbot-AVH[Trj], a password logger and backdoor
NSIS:Downloader-CC[Trj], a program that connects to attacker-controlled servers and downloads and installs additional programs, and
Two instances of Win32Cycbot-NF[Trj], a backdoor
The police department claims it has no idea how these ended up on Campbell's hard drive. It maintains its innocence despite acknowledging its computers have anti-virus software installed that should have prevented these from ending up on its drives, much less being copied to an external drive. Campbell isn't buying these proclamations. In an affidavit submitted to the court, he alleges the PD added these trojans to take control of his computer and intercept his passwords and communications.

Campbell's first attempt to have this apparent breach investigated went nowhere.
Last September, Arkansas State Police officials declined Campbell's request that the agency's criminal investigation division probe how the hard drive sent to Campbell came to be booby-trapped. "The allegations submitted for review appear to be limited to misdemeanor violations which do not rise to a threshold for assigning a case to the CID Special Investigations Unit," the commander of the CID wrote in a September 29 letter declining the request.
So, even though CID stands for "Criminal Investigation Division" and a misdemeanor is, in fact, a criminal offense, the Arkansas State Police decided that it couldn't be bothered to examine an incident that could have resulted in breaches of attorney-client privilege. "Don't bother us until it's a felony, " is the message being sent here. Even if the CID had no interest in dealing with small-time (but not really, considering the implications) misdemeanors, it could have at least referred Campbell to authorities who would be interested in pursuing this. But it didn't -- which either means it had no interest in anyone pursuing this further or knew no other entity would be interested in pursuing an investigation of the Ft. Smith PD.

Perhaps the latter is more likely. Campbell took his complaint to the district's prosecuting attorney and met similar non-results. The district attorney's office claimed it didn't have the resources to pursue this, suggesting that its limited resources will only be used to investigate those outside of the law enforcement sphere.

So, Campbell has asked the judge to hold the department in contempt of court and impose sanctions. Not only did the PD apparently drop malware on Campbell's drive, but it also skirted many of the discovery order's stipulations.
Defendants have failed to properly answer discovery requests in compliance with this Court's Order, to wit:

a. Defendants have engaged in intentional spoliation of evidence by deleting entire email accounts without allowing Plaintiffs to search the emails;

b. Defendants have engaged in ongoing, intentional spoliation of evidence by failing to preserve and provide deleted emails that, by their own admissions, were recoverable;

c. Defendants have relied upon past AFOIA responses in answering Plaintiffs' discovery requests, resulting in Defendants providing emails that have improper redactions; and

d. Defendants have failed to provide usable documents related to Capt. Alan Haney's computer, inasmuch as the external hard drive supplied to Plaintiffs contained malicious software designed to hack into Plaintiffs' counsel's computer, rendering the hard drive unsafe for Plaintiffs' use.
The affidavit goes into greater detail on all of these accusations. One of the most egregious abuses alleged is the apparently intentional deletion of the entire content of a PD official's email account.
After receiving Defendants' responses to Plaintiffs' requests, Plaintiffs reviewed the produced documents and noted that few, if any, emails from most of the Defendants had been produced, aside from what had been previously produced in response to AFOIA requests. Accordingly, Plaintiffs' counsel arranged with Defendants' counsel to meet at the FSPD with Mr. Matlock, and that meeting was scheduled for August 5, 2014.

[...]

As this Court may recall, Defendants cancelled this scheduled meeting on August 1, 2014, via email to Plaintiffs' counsel. Plaintiffs' counsel contacted this Court on August 4, 2014, in an effort to have the August 5 meeting date honored. Defendants' counsel responded on that same date, contending that there was nothing untoward or suspicious about the last-minute rescheduling and that Court intervention into the matter was not needed.
Except there was something suspicious about this last-minute rescheduling.
The meeting between Plaintiffs, Defendants, and Mr. Matlock was rescheduled for August 28, 2014. On August 5, 2014, however, Maj. Chris Boyd, Sr., retired from the FSPD. On August 28, when Plaintiffs' counsel asked Mr. Matlock to pull up Maj. Boyd's email account, Defendant Jarrard Copeland immediately asked Mr. Matlock whether Boyd still had an email account, to which Mr. Matlock replied that he did not. Mr. Matlock further informed Plaintiffs' counsel that the emails had been deleted. When pressed on this issue, Mr. Matlock confirmed that they were deleted after Maj. Boyd's retirement on August 5, 2014.
On top of that, Mr. Matlock was still telling other cops he would to be in town during the day he told the plaintiffs he wouldn't be available (August 5), according to emails obtained by Campbell. Then, suddenly, he was completely unavailable.
That this was intentional spoliation is bolstered by the fact that, as late as 6:10 PM on August 4, 2014, Mr. Matlock was planning on being at the SPD 'by lunch' on August 5, 2015, and was communicating with other officers about doing specific tasks on the afternoon of August 5…

It was not until 9:06 AM on August 5, 2014 - the date originally scheduled for the meeting and four days after Defendants had cancelled the meeting that Mr. Matlock informed anyone that he was taking that entire day off as a 'discretionary day.' And it was not until on or about August 19, 2014, when Plaintiffs' counsel requested Mr. Matlock's payroll record for the period covering August 5, that the SPD Payroll Department was actually informed that Mr. Matlock had taken a discretionary day two weeks prior. Interestingly, this is the only discretionary day that Mr. Matlock has taken in the last three-plus years.
Given the amount of obstruction and non-compliance alleged in this affidavit, it's really not that surprising that someone -- with or without approval from superiors -- loaded tainted software onto Campbell's hard drive. Sure, there's a case to be made for stupidity rather than malice, but with the other obfuscation detailed in Campbell's affidavit, the scale is definitely leaning towards the latter.

Hopefully, the court will examine these accusations closely, considering no other entity that could hold the PD responsible for its alleged misconduct seems willing to move forward with an investigation.

Read More | 19 Comments | Leave a Comment..

Posted on Techdirt - 23 April 2015 @ 2:46pm

Judge Tells FBI To Stop Screwing Around And Search For Documents Requested By Man Seeking To Clear His Name

from the 23-years-later,-apparently-still-a-threat-to-drug-warring dept

In 1991, Adolfo Correa Coss was convicted of drug trafficking, but has steadfastly maintained his innocence. While working towards clearing his name, he discovered an FBI informant named Guillermo Casas had a hand in his arrest and indictment. He also discovered that Casas kept detailed notebooks containing records of his drug purchases and sales.

In 1989, he was arrested for possession of cocaine with intent to deliver. The search of his home, car, and business “was based on [the allegations of] a confidential . . . police informant” who claimed to have made three separate purchases of cocaine from Coss on May 8, 1989. At trial and during his subsequent appeal, Coss alleged that the informant – who he even then believed was Casas – had fabricated his story; as a result, Coss maintained, the police officer’s search-warrant application contained false statements and was thus invalid. These arguments did not succeed, and Coss’s conviction was affirmed.
In early 2013, Coss filed FOIA requests with the FBI and the Executive Office for United States Attorneys (EOUSA) for these notebooks, in hopes of obtaining exonerating information. Instead, he spent the next several months being told less than nothing by both agencies, which rebuffed him with Glomar responses, refusing to confirm or deny the existence of the notebooks.

After multiple, increasingly narrow FOIA requests were submitted by Coss in hopes of evading the Glomar blockade, the EOUSA finally told him that it had found nine boxes which could possibly contain the requested notebooks, but that Coss would need to pay up front for the costs involved in searching them. Coss sent the DOJ a check for the amount requested. The agency processed it on May 23, 2014… and then did nothing. Coss filed his lawsuit on July 13, 2014. Over two months later, the DOJ finally informed Coss that the notebooks he sought weren't in the boxes.

The FBI, on the other hand, continues to cling to its Glomar -- even in the face of Coss' lawsuit -- claiming it isn't done dicking him around he hasn't "exhausted his administrative remedies." The court dismisses Coss' claims against the EOUSA/DOJ, stating that the agencies made a "good faith effort" to locate the documents. But his claims against the FBI will be allowed to stand. The court tackles each of the FBI's weak counterclaims from its motion for dismissal.
There is no dispute that “[a] FOIA requester is generally required to exhaust administrative appeal remedies before seeking judicial redress.” The difficulty here is locating an FBI decision from which Coss should have appealed. As set forth in Section I, supra, the FBI’s July 30, 2013, Glomar response offered Plaintiff several avenues through which he might overcome the Bureau’s position: have the third party sign an authorization form, prove the third party’s death, or demonstrate that the public interest in disclosure outweighed the third party’s privacy interests. Apparently picking door number three, Coss responded with his August 16 letter, stating, “The public interest in ensuring that no innocent person is convicted of a crime far outweighs any privacy interest in withholding the information.”

As the FBI never responded thereafter, it seems disingenuous for the Bureau to now adopt a failure-to-appeal position. In other words, Plaintiff followed the instructions of the July 30 letter, and even though his justification was rather scant, the Bureau would still have needed to reject it in order for Coss to know he should then pursue an appeal. Its radio silence left him in FOIA limbo. In such an instance, the law makes clear that exhaustion is not a proper defense: “[I]f an agency fails to make and communicate its ‘determination’ whether to comply with a FOIA request within certain statutory timelines [20 working days here], the requester ‘shall be deemed to have exhausted his administrative remedies.’” The Bureau, consequently, may not rely on exhaustion here.
The FBI's Glomar response similarly receives no love.
In this case, the FBI contends that the “disclosure of any information would tend to identify a third-party individual, and the FBI discerned no public interest in disclosure of this information and found that privacy interests were paramount.” Yet this is a mere parroting of the standard without any clear thought about what is actually sought here. All Coss demands in this suit are the notebooks in which Casas detailed his drug transactions. Their existence is not secret; indeed, it is printed for all to see in the pages of the federal reporter. As the Seventh Circuit explained, “From above a trapdoor in Casas’ bedroom closet, DEA agents recovered . . . some notebooks . . . . [which] contained records and tabulations of multiple multikilogram cocaine transactions.”

As Coss simply seeks the notebooks that were admitted in Casas’s and his co-defendants’ trial, this is not a case in which Plaintiff is endeavoring to unmask the identity of an informant or to compromise anyone’s security. He has made clear on multiple occasions, furthermore, that all personally identifying material that does not refer to him may be redacted. Refusing to acknowledge whether or not the notebooks exist borders on foolishness.
As the ruling closes out, the judge sends one final shot across the FBI's obfuscatory bow:
The FBI notes that, as a courtesy once the suit was filed, it searched its Central Records System using Coss’s name and located no material. This could well be relevant had Plaintiff’s request been for FBI records pertaining to himself. Given that he sought only the Casas notebooks, it is unsurprising that these documents were not uncovered in such a search. While these efforts by the Bureau deserve commendation, they are no substitute for a targeted search for the actual notebooks.
It's refreshing to see a government agency's Glomar get shot down by a judge. The problem is that the supposed "administrative remedies" available to FOIA requesters rarely remedy anything. For far too many FOIA requesters, the FOIA lawsuit is the only remedy that seems to produce any results.

Read More | 9 Comments | Leave a Comment..

Posted on Techdirt - 23 April 2015 @ 1:44pm

Jeb Bush Compliments Obama For Continuing And Expanding His Brother's War On Terror

from the HOT-THREE-WAY-SURVEILLANCE-ACTION! dept

I have already intimated to you the danger of parties in the state, with particular reference to the founding of them on geographical discriminations. Let me now take a more comprehensive view, and warn you in the most solemn manner against the baneful effects of the spirit of party, generally…

The alternate domination of one faction over another, sharpened by the spirit of revenge, natural to party dissension, which in different ages and countries has perpetrated the most horrid enormities, is itself a frightful despotism. But this leads at length to a more formal and permanent despotism. The disorders and miseries, which result, gradually incline the minds of men to seek security and repose in the absolute power of an individual; and sooner or later the chief of some prevailing faction, more able or more fortunate than his competitors, turns this disposition to the purposes of his own elevation, on the ruins of Public Liberty…

It serves always to distract the Public Councils, and enfeeble the Public Administration. It agitates the Community with ill-founded jealousies and false alarms; kindles the animosity of one part against another, foments occasionally riot and insurrection. It opens the door to foreign influence and corruption, which find a facilitated access to the government itself through the channels of party passions. Thus the policy and the will of one country are subjected to the policy and will of another.


George Washington's Farewell Address, 1789
Not for nothing did Washington warn against the formation of political parties. In this country, bipartisan support can occasionally still be found for the innovative or the innocuous, but for very little else. Not that the parties are really that different. A lot of partisan opposition is predicated on nothing more than the "wrong" party pushing the legislation. There are sharp divides in terms of social programs and issues, but when it comes to funding the military, intelligence agencies and law enforcement, there's very little difference between the Democrats and the Republicans.

But the illusion of disparity still exists, even in these issues, and even when many on both sides are receiving similar funding from interested parties. So, it's a bit odd to hear a leading figure of one political party publicly praise the leader of another. Jeb Bush did just that, recently. He managed to toss President Obama a thumbs-up for one set of policy decisions.
Medved: If you were to look back at the last seven years, almost, what has been the best part of the Obama administration?

Jeb Bush: I would say the best part of the Obama administration would be his continuance of the protections of the homeland using the big metadata programs, the NSA being enhanced. Advancing this — even though he never defends it, even though he never openly admits it, there has been a continuation of a very important service, which is the first obligation, I think of our national government is to keep us safe. And the technologies that now can be applied to make that so, while protecting civil liberties are there. And he’s not abandoned them, even though there was some indication that he might.
Of course, he would say that. After all, Obama's approach to this area has been roughly the same as his brother's, George W. Bush. The 9/11 attacks opened the door for another endless war and all the government land grabs that went with it. Obama's tenure has only expanded on Bush's groundwork. There have been reforms mooted, but they're reforms Obama would never have considered if it hadn't been for Snowden's leaks. The reforms are mostly cosmetic and concentrate far too much on a program that even some intelligence officials have admitted is close to useless: the bulk phone metadata collections.

As Glenn Greenwald points out at The Intercept, even the farthest right of the Republican party have had generally nice things to say about his foreign policy decisions, seeing as they're the sort of things you'd normally expect the more-hawkish Red Staters to deploy: extrajudicial drone killings, indefinite detention and other areas where civil liberties have taken a back seat to national security.

If there's any place our government remains (mostly) united, it's the War on Terror. Government figures love government power and nothing makes the State "healthier" than a good, long war. Jeb Bush's by-proxy approval of his brother's programs isn't going to hurt his presidential chances with much of the party faithful. He might steer those concerned by the unchecked growth of the surveillance state towards his competition, however, what with Rand Paul promising to kill off the NSA's domestic surveillance programs shortly after delivering his inaugural address -- a promise I like in principal but am much less enamored with in terms of practicality.

In short, Jeb Bush's compliments are nothing more than a government figure telling the world that he likes government power. And the more it gets, the happier he'll be.

23 Comments | Leave a Comment..

Posted on Techdirt - 23 April 2015 @ 11:41am

Sen. McConnell Undercuts USA Freedom Act By Dropping Bill To Reauthorize PATRIOT Act Until 2020 Directly On The Senate Floor

from the keep-those-traitorous-reformers-in-line-and-all-that dept

In a little more than a month, elements of the PATRIOT Act are up for renewal. Among aspects being considered is the Section 215 program, an element which could suddenly disappear from the NSA's surveillance arsenal if the provision isn't re-upped yet again. (Or not. Wording in the most recent Section 215 authorization from the FISA court suggests it will just renew the order on June 1st unless it hears otherwise from Congress.)

With enough of a concerted non-effort, these provisions could simply expire. But there's no way this date comes and goes without a vote. PATRIOT Act renewals have generally faced minimal opposition, but this year there's a bit more uncertainty. A year-and-a-half of surveillance leaks has finally forced many legislators to confront what exactly they're authorizing in the name of national security. The leaks have led directly to numerous bills seeking to curb the NSA's domestic surveillance efforts. None have been successful to this point, but there's enough ill will out there that this renewal isn't the slam dunk it's been in previous years.

Obviously well aware of this increased opposition, Sen. Majority Leader Mitch McConnell has introduced a last-minute bill that would reauthorize the expiring PATRIOT Act provisions until the end of 2020. To ensure it gets to the floor before opposing bills or June 1st's expiration date, McConnell and co-sponsor Richard Burr invoked a Senate rule that allowed them to bypass the usual process -- namely its initial appearance before a Senate committee, which can then decide if the bill should move forward.

This allows McConnell and supporters to get a jump on Sen. Leahy's revamped USA Freedom Act, which is due to be presented to the Senate committee Wednesday. (McConnell presented his bill Tuesday night). Leahy isn't happy.

“Despite overwhelming consensus that the bulk collection of Americans’ phone records under Section 215 of the USA Patriot Act must end, Senate Republican leaders are proposing to extend that authority without change,” he said in a statement Tuesday night. “This tone deaf attempt to pave the way for five and a half more years of unchecked surveillance will not succeed. I will oppose any reauthorization of Section 215 that does not contain meaningful reforms.”
McConnell may not believe he has the votes necessary to push through a "no questions asked" renewal of these PATRIOT Act provisions, but his actions signal there's still a number of senators willing to grant national security agencies whatever they need, whenever they ask.

Read More | 28 Comments | Leave a Comment..

Posted on Techdirt - 23 April 2015 @ 9:39am

Stingray Uber Alles! St. Louis Cops Drop Case Against Robbery Suspects Rather Than Discuss Use Of IMSI Catcher

from the vigorously-enforcing-the-law-(exceptions-may-apply) dept

According to the FBI and the law enforcement agencies it slaps with restrictive non-disclosure agreements, it's better to have indicted and lost than to not have deployed the Stingray at all.

Just one day before a city police officer was to face questions about a secret device used to locate suspects in a violent robbery spree, prosecutors dropped more than a dozen charges against the three defendants.

The move this month freed the officer from having to testify about a highly controversial surveillance tool — one that is subject to a confidentiality agreement between the St. Louis police and the FBI.
The department insists the Stingray had nothing to do with the dismissal. In fact, the spokesperson doesn't mention the Stingray at all (because one simply mustn't). Instead, it claims that recently uncovered information has "diminished the prosecutive merits of the case." What an odd statement to make when one suspect has already entered a guilty plea in connection with a robbery spree that resulted in the theft of cash and cell phones from seven people in just under two hours.

One of the public defenders assigned to the case believes otherwise. A victim's cell phone was traced to a hotel room using "a proven law enforcement technique." What this "technique" involved was never specified. When asked to explain in greater detail, the St. Louis Police Department called it a day. And now it looks as though it may not even be able to hold onto its single guilty plea.
Defense lawyers scheduled a deposition April 9 to ask an intelligence officer under oath about StingRay. But the charges were dismissed April 8 against all but the female defendant. She had already admitted the crimes and agreed to testify against the others but now wants to rescind her guilty plea.
This is great news for the victims of the crime spree.
Brandon Pavelich, who was pistol-whipped in one of the robberies and required 18 stitches, said he was “shocked” when prosecutors told him the charges were dropped and explained only that “legal issues” had developed.
Sorry 'bout all the stitches, says the FBI. These things will happen, unfortunately, because getting pistol-whipped and relieved of your belongings are integral to protecting this nation against terrorists.
The bureau supplied an April 2014 affidavit from Supervisory Special Agent Bradley Morrison, chief of the Tracking Technology Unit. He wrote that “cell site simulators are exempt from (court) discovery pursuant to the ‘law enforcement sensitive’ qualified evidentiary privilege” and also not subject to freedom of information laws.

Any FBI information shared with local authorities “is considered homeland security information,” he wrote. He warned that targets of investigation could benefit from piecing together minor details, “much like a jigsaw puzzle.”
It's not much of a consolation prize for the victims. In fact, it probably makes things a bit easier for criminals. The "jigsaw puzzle" piece handed over to criminals by this refusal to discuss "techniques" is that cell phone theft has a much better chance of going unprosecuted than criminal activities not involving cell phones. Cell phones are a potential "Get Out of Jail Free" card. Sure, they're also handy tracking devices -- the Narc That Fits in Your Pocket™ -- but if vague but "proven" law enforcement "techniques" are used to obtain warrants or effect arrests, evidentiary challenges and discovery requests have a small chance of resulting in a "screw it" from law enforcement agencies. That's better odds than were in play prior to the widespread use of IMSI catchers.

Certainly the victims of criminal activity are righteous in their anger. But where are the courts? They should be incensed that law enforcement feels it can withhold information from judges and defense attorneys simply because the FBI says so. The FBI doesn't have jurisdiction over courts or law enforcement agencies. The only power it does have is to do what it can to block local law enforcement from obtaining or deploying IMSI catchers if they won't play by its rules.

And where's the DOJ in all of this? It stands to reason the FBI is more concerned with prosecutions than justice, but this is a department wholly dedicated to the premise -- even if its actions often run counter to the "justice" ideal. It sits idly by while its subordinate agency tells law enforcement agencies to conceal Stingray usage and to drop cases rather than risk any national insecurity or additional criminal evasiveness.

This has gone past the point of outrage into the realm of the absurd. Dangerous criminals are being cut loose because certain techniques can't be confirmed or denied -- free to roam the streets like anthropomorphized Glomar responses, only with the potential to cause actual harm, rather than simply acting as existential threats to law enforcement techniques or the nation's well-being.

33 Comments | Leave a Comment..

Posted on Techdirt - 23 April 2015 @ 8:03am

Cybersecurity Official Believes Encryption Can Be Backdoored Safely; Can't Think Of Single Expert Who Agrees With Him

from the broken-encryption-isn't-broken-said-no-one-ever dept

The government continues to looks for ways to route around Apple and Google's phone encryption. The plans range from legislated backdoors to a mythical "golden key" to split-key escrow where the user holds one key and the government shares the other with device makers.

None of these are solutions. And there's no consensus that this is a problem in search of one. Law enforcement and intelligence agencies will still find ways to get what they want from these phones, but it may involve more legwork/paperwork and the development of new tools and exploits. Without a doubt, encryption will not leave law enforcement unable to pursue investigations. Cellphones are a relatively recent development in the lifespan of law enforcement and no crime prior to the rise of cellphone usage went uninvestigated because suspects weren't walking around with the entirety of their lives in their pockets.

But still the government continues to believe there's some way to undermine this encryption in a way that won't allow criminals to exploit it. This belief is based on nothing tangible. One can only imagine how many deafening silent beats passed between question and answer during White House cybersecurity policy coordinator Michael Daniel's conversation with reporters following the recent RSA conference.

In a meeting with a handful of reporters, Daniel was asked whether or not he could name a respected technology figure who believed it possible to have strong encryption that could be circumvented by just one party's legal authority.

"I don't have any off the top my head," Daniel said…
And he never will. No one who knows anything about encryption will ever say it's possible to create a "good guys only" backdoor. Or front door. Or whatever analogy government officials choose to deploy when arguing for the "right" to access anyone's device with minimum effort.

But that's not the end of Daniel's embarrassing response. He went on to disingenuously toss this back at "Silicon Valley" with a back-handed compliment insinuating that if these companies don't solve this "problem" for the government, they're either stupid or evil.
[Daniel] added that if any place could come up with an answer, it would be the "enormously creative" Silicon Valley.
The government believes there's a solution out there -- some magical alignment of hashes that would keep malicious hackers out and let the government in. It certainly can't figure out this conundrum, so it's going to keep insinuating that tech companies already know how to solve the problem but they hate children/law enforcement/America so much they won't even consider meeting the government halfway.

But the tech companies know -- as do security experts -- that there's no "halfway." You can have encryption that works and keeps everyone locked out or you can have the government's "encryption," which is spelled exactly the same but has extremely leaky quote marks constantly appended, and which lets everyone in the same "door," no matter who they are or what their intent is.

38 Comments | Leave a Comment..

Posted on Techdirt - 22 April 2015 @ 3:55pm

New Jersey Cop Demands Camera From Eyewitness After Police Dog Allowed To Maul Prone Suspect

from the additional-narrative-control-efforts-to-follow dept

If you've done nothing wrong, you've got nothing to hide, right? That's what the government tells us when it wants to erect cameras and fund domestic surveillance efforts. So, what do you tell a police officer who demands a citizen hand over their phone? Even if the officer has done something wrong, he still can at least attempt to hide it. And even if the effort fails, he still likely has nothing to fear. That's the imbalance of power at work and it leads directly to this sort of thing.

New Jersey police may have gone too far when they took the cell phone from an onlooker who recorded their encounter with a suspect who was mauled by a police dog and later died.

The man, Phillip White, had dog bites all over his body last week, his lawyer said, and a jarring video shows cops struggling to pull the dog away.

A police officer took the video from a witness who was recording the arrest — possibly in violation of the law — but the footage was later obtained by NBC Philadelphia.
The tail end of the "arrest" and the officer's questionable demand for the witness' cellphone can be seen here:


[And here's additional, just-released video, courtesy of PINAC that seems to show the suspect was unconscious for a majority of the "altercation."]


Demanding personal information from an eyewitness is one thing, but demanding the person turn over the phone is something else entirely. Either the demand failed to take or the phone was returned intact to its owner (third possibility: an automatic upload to cloud storage after recording was interrupted) because the footage was later turned over to a Philadelphia news station.

No excuse has been offered for this officer's actions yet, but one imagines the justification will fall under the "evidence of a crime" warrant exception. Of course, any criminal activity committed by Phillip White, the suspect being mauled by a police dog in the video, had long since ceased. The only potential criminal activity captured by this recording would have been committed by law enforcement officers.

The officer's line of questioning gives some insight into his motivations. First, he asks if the witness saw everything. Then he informs the witness that he'll need to take the cellphone.

The police were responding to a "disorderly person" call. By the end of it, the "disorderly" person was dead. Police claimed White was combative and a dispatch recording contains an officer claiming the suspect tried to grab his gun. Eyewitnesses, however, said White wasn't resisting. Even the single eyewitness who did say White was resisting said he wasn't by the time the recording was captured.
Agustin Ayala of Ayala Towing said he was driving down Grape Street in his tow truck when he saw two police cars on the street and two officers trying to handcuff a man.

"He was resisting," Ayala said of White.

The two officers, including a K9 officer, handcuffed the suspect and brought him to the ground, he said. Ayala said he asked the officers to stop because he was concerned for the man's welfare.

An officer then reportedly said to Ayala, "you didn't see him try to take my gun."
So, it would appear the deployment of arguably excessive force was retaliation for White's earlier, alleged gun-grabbing. For making an officer feel fear, he was restrained to death with an assist from a four-legged officer -- one who won't stop attacking until instructed otherwise. And at the end of it all, there's an illegal "request" for a citizen's camera. There isn't much about the incident that looks good and the officer's demand for the unflattering footage seems to confirm he's well aware of this.

50 Comments | Leave a Comment..

Posted on Techdirt - 22 April 2015 @ 2:53pm

LA School District's iPad Farce Reaches Nadir As Officials Demand Refunds From Apple, Answer Questions From The SEC

from the all-aboard-the-USS-Not-Our-Fault! dept

The Los Angeles school district's headfirst leap into technological waters has turned into the ultimate cautionary tale. Rather than ensure everything was up to spec, the district chose to distribute 90,000 iPads bundled with Pearson software and hand them over to its students… who cracked the minimal built-in protections within a week and turned the devices into something they wanted to use, rather than something they had to use.

Why the full-on dive? Well, it appears at least part of it may have been motivated by low-level corruption -- the sort of thing you'd expect to be present in a $500 million project, one that ballooned to $1.3 billion, even as most students went without new iPads or laptops. (Only 91,000 of the 650,000 iPads had been purchased by the point the program was shut down.)

Now, the district is facing an inquiry by the SEC -- to go with its ongoing investigation by the FBI for some pre-contractual irregularities (i.e., wining and dining with eventual contract winners Apple and Pearson) by the then-superintendent overseeing the program.

The federal Securities and Exchange Commission recently opened an informal inquiry into whether Los Angeles school officials complied with legal guidelines in the use of bond funds for the now-abandoned $1.3-billion iPads-for-all project.

In particular, the agency was concerned with whether the L.A. Unified School District properly disclosed to investors and others how the bonds would be used, according to documents provided to The Times.
Now that the program is effectively dead and under intense scrutiny, the ineptness of the district's rollout is under discussion. The district is claiming this debacle really isn't its fault.
The Los Angeles Unified School District is seeking to recoup millions of dollars from technology giant Apple over a problem-plagued curriculum that was provided with iPads intended to be given to every student, teacher and administrator.
Apple may be in the headline and leading paragraph, but district officials seem more irritated with software provider Pearson. Under the terms of the agreement, Pearson was allowed to half-ass its way through the first year, providing only "partial curriculum." It was expected to be at least as prepared as the students by the beginning of the following school year. It wasn't, despite receiving $200 per iPad in licensing fees.
“Only two schools of 69 in the Instructional Technology Initiative ... use Pearson regularly,” according to an internal March report from project director Bernadette Lucas. “Any given class typically experiences one problem or more daily. Teachers report that the students enjoy the interactive content — when it’s available. When it’s not, teachers and students try to roll with the interruptions to teaching and learning as best they can.”

The remaining schools, she said, with more than 35,000 students, “have given up on attempting regular use of the app.”
Pearson, despite having received millions of dollars (and possibly some preferential treatment during the bidding process), is flunking. It hasn't created bilingual versions of its software -- something of a necessity in Los Angeles. The analytic software it promised to the district (as part of the justification for the software premiums) has yet to arrive. It hasn't even provided online versions of periodic achievement tests.

How much Apple and other device makers are really at fault is up for debate. As the device makers, they only needed to provide a device and operating system. The rest seems to be on Pearson, which at this point, should really be doing better at providing functional educational software. The LA school district may have erred in its decision to roll this out before ensuring everything worked properly, but the future's not just going to sit around waiting for giants like Pearson to get their end of the equation in order. The field is ripe for disruption. Or, it would be... if entrenched interests (government entities) weren't so set on bedding down with equally entrenched interests (textbook publishers).

But what comes across here is something more than just ensuring government contractors live up to the terms of their agreements. Above the better-late-than-never attempt at fiscal responsibility (always save your receipts!), you can hear the faint whinging noise of the district arguing that it shouldn't be responsible for its own botched rollout, financial impropriety or inability to respond to problems with more agility. As much as I'd like to bash Pearson (and I really, really would), there's definitely a hint of buck-passing in the air.

The district could have handled this better, but there was just too much money at stake. Hundreds of millions of dollars in expeditures can't guarantee working tech, but it goes a long way towards ensuring a certain level of mismanagement. Large contracts tend to bring out the worst in people. Not only will there almost always be some level of impropriety, but there will also be a compulsion to do everything fast and hard so the public can see where its money's being spent. Doing something, even if it's clumsy and questionable, is almost always preferable to doing it the right way. The LA school district wanted to win the race to the future, but only managed to knock over every hurdle before collapsing several hundred iPads short of the finish line. And now it wants the same companies it allegedly allowed to seduce it into handing over more that $500 million to give some of it back.

26 Comments | Leave a Comment..

Posted on Techdirt - 22 April 2015 @ 12:41pm

Supreme Court Rules That A Traffic Stop Ends When The 'Objective' Is 'Complete,' Rather Than Whenever The Officer Feels It Is

from the a-little-more-Fourth,-anyone? dept

Another small win for the Fourth Amendment, thanks to the US Supreme Court. With its ruling in the Rodriguez v. US case, law enforcement officers will have to work just a little bit harder to perform unconstitutional searches during traffic stops.

"A seizure for a traffic violation justifies a police investigation of that violation” – not more — and “authority for the seizure . . . ends when tasks tied to the traffic infraction are – or reasonably should have been—completed…" Traffic stops have to be reasonably short, and unless there is reasonable suspicion of some other crime, officers can’t use the stop as a subterfuge for extraneous investigation. Most specifically, says Justice Ruth Bader Ginsburg’s opinion for the Court, officers can’t prolong a traffic stop just to perform a dog-sniffing drug search.
The unanswered question is how long can a traffic stop last before it becomes "prolonged?" The bright line would appear to be that it becomes prolonged if extended past the point a citizen should feel free to go. For instance, if someone's pulled over for speeding, the instant the officer issues a ticket or warning, the stop is over. Any searches performed past that point (including deploying drug-sniffing dogs) would be a violation of the Fourth Amendment if there's no probable cause.

In Rodriguez's case, he was pulled over and issued a ticket. This should have been the end of the encounter, but the officer went on a fishing expedition, hoping to have Rodriguez grant him permission to have a drug dog sniff his vehicle. Rodriguez refused but the officer detained him until another officer arrived and walked the dog around the vehicle anyway. It alerted and a search of the vehicle uncovered a bag of methamphetamines.

The DOJ argued that law enforcement should have the leeway to handle traffic stops in any fashion they see fit, including holding people without cause until they've exhausted their options (bringing in other officers, performing K-9 searches), even if they've already issued a citation for the offense that predicated the stop. Justice Sotomayor was completely unimpressed by this logic during oral arguments, pointing out that continued deference to law enforcement would turn the Fourth Amendment into a "useless piece of paper."

This decision makes the Fourth Amendment only slightly less "useless." A previous decision has already undermined a great deal of Fourth Amendment protections by giving law enforcement the permission to use nearly any reason imaginable to initiate a stop -- even nonexistent laws. What this does is forbid law enforcement officers from prolonging stops past the point that they've achieved their original objective: the issuance of a ticket or warning (if for a traffic violation). This ruling should turn "Am I free to go?" into a drivers' mantra.

Officers will often prolong stops by asking permission to do a variety of things, being very careful to phrase it as optional (which it is) while still implying that it probably isn't (you don't have anything to hide, right?). "Am I free to go?" can help cut through this clutter. But it probably won't be enough and it definitely won't work every time. In fact, this ruling may have helped restore some Fourth Amendment protections, but in doing so, the specifics create a roadmap for unconstitutional searches. Officers just need to explore their options before issuing a citation.
Have the dog there before you hand over the ticket and you get a sniff, no Constitution allowed. Don’t rush the ticket, because nobody knows how long it does, or should, take to complete the core mission. And if the dog happens to show before it’s done, boom, lawful.

Ask those Frisbee questions before you hand over the paperwork. Seek consent while you still have the driver’s license in hand. Smell the car for that “pungent” odor, peer knowingly for that furtive gesture, or stare carefully for those watery and lethargic eyes, before you hand over the papers.
So, we don't have an answer on the question of how long is too long? What we do have is an endpoint. Everything beyond that is unconstitutional. So, there will be more pressure applied by fishing cops, because consent is the ultimate Fourth Amendment waiver. As long as their words say something their implications don't, it's all perfectly legal. The longer they can delay "completing" the "objective," the more time they'll have to explore their options. According to the Supreme Court, once that citation hits a person's hands, they're free to go. But that endpoint might be five minutes or two hours from the initiation of the stop.

Read More | 51 Comments | Leave a Comment..

More posts from Capitalist Lion Tamer >>