Mike Masnick’s Techdirt Profile

mmasnick

About Mike MasnickTechdirt Insider

Mike is the founder and CEO of Floor64 and editor of the Techdirt blog.

He can be found on Twitter at http://www.twitter.com/mmasnick



Posted on Techdirt - 22 November 2017 @ 12:25pm

Uber Hid Security Breach Impacting 57 Million People, Paid Off Hackers

from the not-good,-uber,-not-good dept

It's no secret that Uber's management over the years has been pretty sketchy, if not downright nefarious. At some point I may write a longer post about this, but it appears that the company culture took the idea of reasonably pushing back on bad laws (such as those that restricted competition in the taxi space) and took it to mean that it could just ignore all sorts of rules. And it appears that a company culture was created that celebrated rulebreaking in all sorts of ways -- most of which were bad. The company has a new CEO, Dara Khosrowshahi, who comes in with a strong reputation and has indicated his intent to change the culture. On Tuesday, the company admitted that it had covered up that data on 57 million users had been leaked. While the data didn't include credit card info or trip data, it did include drivers' license info for 7 million drivers, and the email addresses and phone numbers of 50 million riders.

It's bad enough that the data leaked, but covering it up is serious -- and means that the company is going to be hit with lawsuits. California (among others) has a strong data breach law, and it seems quite likely that Uber broke that law in failing to alert people that their info had been accessed. Perhaps more incredibly, the cover-up happened at the very same time that the company was negotiating with FTC officials over a previous data breach. Also, it appears that Uber paid off the hackers who were trying to extort the company to keep the data secret:

Here’s how the hack went down: Two attackers accessed a private GitHub coding site used by Uber software engineers and then used login credentials they obtained there to access data stored on an Amazon Web Services account that handled computing tasks for the company. From there, the hackers discovered an archive of rider and driver information. Later, they emailed Uber asking for money, according to the company.

Apparently, Uber paid the hackers $100,000 to keep the data from getting out.

In response to this, Khosrowshahi has put up a blog post taking responsibility for this and more or less admitting that the company had royally fucked up. He also fired two employees who were apparently responsible for covering this up (the report technically says one was "asked to resign" while the other was fired). The whole thing sounds like a complete shitshow from a company that, well, has a history of Broadway-level shitshows.

While the blog post is clearly an attempt to show that the company is trying to turn over a new leaf, the whole situation is still troubling. The blog post doesn't mention paying off the hackers -- it just says that the company "obtained assurances that the downloaded data had been destroyed." It certainly feels like the overall statement could be stronger. Here's part of it:

At the time of the incident, we took immediate steps to secure the data and shut down further unauthorized access by the individuals. We subsequently identified the individuals and obtained assurances that the downloaded data had been destroyed. We also implemented security measures to restrict access to and strengthen controls on our cloud-based storage accounts.

You may be asking why we are just talking about this now, a year later. I had the same question, so I immediately asked for a thorough investigation of what happened and how we handled it. What I learned, particularly around our failure to notify affected individuals or regulators last year, has prompted me to take several actions:

  • I’ve asked Matt Olsen, a co-founder of a cybersecurity consulting firm and former general counsel of the National Security Agency and director of the National Counterterrorism Center, to help me think through how best to guide and structure our security teams and processes going forward. Effective today, two of the individuals who led the response to this incident are no longer with the company.
  • We are individually notifying the drivers whose driver’s license numbers were downloaded.
  • We are providing these drivers with free credit monitoring and identity theft protection.
  • We are notifying regulatory authorities.
  • While we have not seen evidence of fraud or misuse tied to the incident, we are monitoring the affected accounts and have flagged them for additional fraud protection.

None of this should have happened, and I will not make excuses for it. While I can’t erase the past, I can commit on behalf of every Uber employee that we will learn from our mistakes. We are changing the way we do business, putting integrity at the core of every decision we make and working hard to earn the trust of our customers.

It will be interesting to see if the company can really change its culture. I still think that the concept behind Uber is powerful and can do some fairly useful things in the world, but the way in which the company has gone about running its business has been a disgrace.

24 Comments | Leave a Comment..

Posted on Techdirt - 22 November 2017 @ 9:22am

Russia Threatens To Go To War With Google Over Stupid Comments By Eric Schmidt

from the what-a-mess dept

What a world we live in, where a giant country and a giant company may be about to go to war. At a security conference, Alphabet "executive chairman" Eric Schmidt made some fairly dumb comments saying that the company was looking at downranking sites like RT and Sputnik:

“We’re working on detecting this kind of scenario ... and de-ranking those kinds of sites,” Schmidt said, in response to a question at an event in Halifax, Canada. “It’s basically RT and Sputnik. We’re well aware and we’re trying to engineer the systems to prevent it.”

To be clear: I have no doubt that RT and Sputnik have engaged in attempts to push anti-US propaganda in the US. That seems fairly obvious at this point. My concern is twofold: first of all, saying that "it's basically RT and Sputnik" suggests Schmidt thinks that the issue is just those two sites and merely downranking them will solve problems related to propaganda. That's both wrong and naive. Second, having the executive chair of Google's parent company directly announce that Google is working on ways to downrank two specific sites is bad. Part of Google's longstanding position has always been that they don't interfere to go after specific sites, in part because that creates a massive slippery slope. Of course, Google gave up on part of that position five years ago when it caved in to Hollywood and agreed to start downranking sites based on accusations (not actual convictions) of copyright infringement.

Directly coming out and saying that Google is targeting these two sites -- no matter how bad those sites are -- only reinforces the idea that Google will ideologically rank sites, rather than focus on what was its core mission of helping people find the information they were looking for.

And, of course, there are the wider implications of this -- whereby you now have the head of Russia's media regulator Roskomnadzor, threatening to retaliate should Google actually downrank those sites:

Alexander Zharov, head of media regulator Roskomnadzor, said his agency sent a letter to Google on Tuesday requesting clarification on comments Saturday by Alphabet Executive Chairman Eric Schmidt about how the Russian websites would be treated in search, according to Interfax.

“We will receive an answer and understand what to do next,” Interfax quoted Zharov as saying. “We hope our opinion will be heard, and we won’t have to resort to more serious” retaliatory measures.

Now that's quite an interesting SEO strategy, to have a nuclear power threaten retaliation for dropping in the rankings. Never mind that this is the same Roskomnadzor currently involved in a corruption scandal, and which has been pushing forward on widespread internet censorship without due process.

The whole thing seems like quite a mess -- one that easily could have been avoided if Schmidt hadn't specifically called out those two sites, which, at best, are only a small corner of a larger issue. It would have been fine to suggest that Google was looking to algorithmically do a better job of minimizing false reports or outright propaganda (though, even that might raise serious questions). But to single out two specific sites backed by the Russian government just seems dumb. On the flip side, having Roskomnadzor hit back so strongly also seems fairly short-sighted, as it appears to be the Russian government more or less admitting that it relied on US companies to spread propaganda, and it won't tolerate efforts to diminish the power of its propaganda.

Of course, it does seem worth noting that three years ago, Google shut down its Russian office just as Russia picked up its efforts to censor the internet in that country. So it's not as if Google and the Russian government haven't been at odds before -- but this certainly feels like an escalation.

41 Comments | Leave a Comment..

Posted on Techdirt - 21 November 2017 @ 3:32pm

Alabama Media Group Isn't Messing Around With Roy Moore's Silly Threat

from the try-us dept

Last week, we wrote about the truly ridiculous letter sent by Senate candidate Roy Moore's nutty lawyer, Trenton Garmon, threatening to sue Alabama Media Group for defamation for daring to write about reports of Moore's sketchy behavior towards girls and young women. In that piece, we noted that AMG made it clear it wasn't going to back down, noting that it stood behind its reporting and the threats only made the news organization that much more interested in "doggedly" pursuing the truth. Now, as pointed out on Boing Boing, we see the official response from Alabama Media Group's lawyer, John G. Thompson Jr.

Suffice it to say, Thompson doesn't have much time for Garmon's nonsense:

You have (now twice) threatened to sue AMG and AL.com concerning AL.com's recent reporting about Roy Moore, Kayla Moore, and their Foundation for Moral Law. You have accused AL.com of making "false reports and/or careless reporting" about multiple subjects related to your clients. Your letter demands that AL.com retract and recant its prior stories and that it "cease and desist" from any further reporting about your clients.

AL.com hereby rejects your demand. AL.com stands by its reporting regarding all of the matters addressed in your letter. AL.com has reported on newsworthy matters of significant public concern regarding your clients. Roy Moore is now, and for decades has been, a public figure. He is now running for a seat in the United States Senate. He is asking people of Alabama to financially support his campaign and his Foundation (headed by Mrs. Moore), and to vote for him. Alabamians -- for that matter, all Americans -- have a right to know about the individuals who wish to represent them in public office. Like every political candidate, Mr. Moore is subject to scrutiny and analysis by the media and the general public regarding his fitness for public office. AL.com's reporting has provided the public with important information directly relevant to that inquiry.

You accuse AL.com of defamation in purely conclusory fashion. You have not explained how anything that AL.com reported is untrue, inaccurate, or erroneous, nor do you provide any support for your position. You have also not shown that AL.com reported any of its stories with actual malice, as you know you must because your clients are public figures (a point you have admitted in in recent television interviews). To the contrary, an ever-increasing torrent of accusers and journalist investigators have publicly verified the facts reported by AL.com.

Nice, simple and to the point. While there's no doubt that Moore is a public figure (which requires the higher "actual malice" bar for defamation), it's a nice little jab to point out that Garmon himself admitted that during a TV interview.

From there, Thompson points out that any damage to Moore's reputation comes from Moore's actions, not AL.com's accurate reporting:

Your letter goes on to say that AL.com's reporting has harmed Mr. Moore's reputation. Mr. Moore, however, has quite a colorful past that long-preceded any of AL.com's recent coverage of your clients. Moreover, much of the information that you claim harmed Mr. Moore's reputation had already been published by those who know him personally and reported by other media outlets. In other words, any damage to Mr. Moore's reputation was self-inflicted and had already occurred long before AL.com's recent reporting.

And, from there, we get to the "and if you do go through with this, we'll hit back harder than you'd like" part of the letter, in which AMG says that it'll move for Rule 11 sanctions for frivolous filings, and also demand that the Moores' need to preserve any documents for any countersuit effort.

For these and other reasons, we strongly believe that any lawsuit of the type you threaten would be frivolous, and could not be brought in good faith. Should your clients nevertheless decide to pursue this matter further, AL.com will vigorously defend itself, and will employ all available remedies, including a Rule 11 motion if warranted. We are confident that litigation would not only demonstrate that Al.com exercised the utmost diligence and employed high journalistic standards in reporting these stories, but would also reveal other important information about your clients.

That last line is basically "Look, we all know that Moore doesn't want to go through discovery on this..."

We are hereby putting your clients on notice of their duty to preserve and maintain all materials, documents, writings, recordings statements, notes, letters, journals, diaries, calendars, emails, photographs, videos, computers, cell phones, electronic data, and other information that is or could remotely be relevant in any manner to any of the claims that you have made. These include, but are not limited to, all materials and information related to Mr. Moore's history of romantic relationships or physical encounters (whether consensual or not); your clients' fundraising, compensation, and finances; and Mr. Moore's speaking engagements, travel arrangements, and other expenses. As you know, failure to preserve any such materials may expose your clients to sanctions.

Reading this letter, you almost get the sense that Alabama Media Group would quite enjoy getting sued by Moore...

Read More | 51 Comments | Leave a Comment..

Posted on Techdirt - 21 November 2017 @ 1:34pm

Dozens Of Tech Experts Tell DHS & ICE That Its Social Media Surveillance And Extreme Vetting Should Be Stopped

from the bad-policies dept

Last week dozens of well known technologists sent a letter to Homeland Security arguing that Immigration & Customs Enforcement's (ICE) plans to use technology for "extreme vetting" is a really, really dumb idea.

According to its Statement of Objectives, the Extreme Vetting Initiative seeks to make “determinations via automation” about whether an individual will become a “positively contributing member of society” and will “contribute to the national interests.” As far as we are aware, neither the federal government nor anyone else has defined, much less attempted to quantify, these characteristics. Algorithms designed to predict these undefined qualities could be used to arbitrarily flag groups of immigrants under a veneer of objectivity.

Inevitably, because these characteristics are difficult (if not impossible) to define and measure, any algorithm will depend on “proxies” that are more easily observed and may bear little or no relationship to the characteristics of interest. For example, developers could stipulate that a Facebook post criticizing U.S. foreign policy would identify a visa applicant as a threat to national interests. They could also treat income as a proxy for a person’s contributions to society, despite the fact that financial compensation fails to adequately capture people’s roles in their communities or the economy.

The Extreme Vetting Initiative also aims to make automated determinations about whether an immigrant “intends to commit” terrorism or other crime. However, there is a wealth of literature demonstrating that even the “best” automated decisionmaking models generate an unacceptable number of errors when predicting rare events. On the scale of the American population and immigration rates, criminal acts are relatively rare, and terrorist acts are extremely rare. The frequency of individuals’ “contribut[ing] to national interests” is unknown. As a result, even the most accurate possible model would generate a very large number of false positives - innocent individuals falsely identified as presenting a risk of crime or terr

In short, this is the tech world telling DHS and ICE that its belief that there's a "nerd harder" solution to using computers and algorithms to sniff out terrorists is a load of pure hooey. It may be true, as Arthur C. Clarke once stated, that "any sufficiently advanced technology is indistinguishable from magic," but the corollary does not apply: not all magical solutions can be implemented in technology. It's kind of ridiculous that actual technologists were needed to explain this to DHS, but that's where things are these days.

Read More | 11 Comments | Leave a Comment..

Posted on Techdirt - 21 November 2017 @ 9:31am

Nobel Prize Winning Economist Says Non-US Countries Have Unique Opportunity To Reform Intellectual Property

from the go-for-it dept

For well over a decade, we've noted that Nobel Prize-winning economist Joe Stiglitz has been one of the many, many economists who are skeptical of the benefits of our current patent system, noting that it appears to do a lot more harm than good, both to the process of innovation and (importantly) to the wider distribution of the gains from innovation. He's been particularly critical of pharmaceutical patents over the years. And, it appears that he may sense a somewhat unique opportunity to actually get countries around the world to actually rethink traditional patent and copyright regimes -- in part because the US, under the Trump administration, is pulling back from various international agreements and fora.

Earlier this year, along with Dean Baker and Arjun Jayadev, Stigliz authored an interesting paper about ways to rethink innovation, intellectual property and development. I don't necessarily agree with everything in the paper, but I do agree with much of it -- especially the presentation of the problems of today's systems.

Today’s global intellectual property regimes have been strongly affected by the historical evolution of IPR in the United States and in the advanced industrialised countries over the last century. Certainly, the adoption of the World Trade Organization’s Trade Related Intellectual Property System (TRIPS) reflects the understanding of the management of intellectual and knowledge advancement that prevailed in the last quarter of the previous century and the structure of economic power at that moment.

Perhaps somewhat ironically the world has coalesced on a set of institutions to manage knowledge advancement just as advanced industrialised economies have begun to run up against the severe impediments that this system entails - a system that they thought had been designed by and for themselves. Nowadays, it is widely recognised that the management of innovation in countries like the US has been sub-optimal and led to a situation that is increasingly litigious and plagued by conflicts. In fields such as information technology, a whole set of weak patents and an epidemic of over-patenting has made subsequent innovation difficult and has eroded some of the gains from knowledge creation (see Bessen and Meurer, 2008 among others). Moreover, in some areas, such as in pharmaceuticals, ever-stronger IP protections has not necessarily led to an increase in the discovery of new chemical entities (see Dosi and Stiglitz, 2014). Rather, the demands and needs of different industries become more opposed, leading to serious concerns for policy makers. There is a shrinking of the knowledge commons as even publicly funded and promoted innovation is privatised, thereby reducing both equity and efficiency. There is no agreement on what exactly ought to be done, but it is certainly recognised that the current system is not satisfactory for developed countries.

As you can tell from that snippet from the intro, there's a lot of concern about how US-driven "harmonization" of (mainly) patent rights has done more harm than good -- especially in believing in a one-size-fits-all approach. However, the paper notes that it's difficult to move away from the older setup, since so many countries were pressured into joining TRIPS (and some other international trade agreements).

The whole paper is worth reading (and it's embedded below, based on the Creative Commons license on the paper -- though, oddly, they never designate which CC license is actually being used, but I believe our posting here would be covered by all CC licenses). But beyond the paper, it appears that Stiglitz is sensing an unfortunate, if unique, opportunity to actually make other countries consider moving away from the old patent regimes: The administration of Donald Trump. Again, while the core concepts of intellectual property maximalism didn't necessarily originate with the United States (and in some areas, we've actually been laggards), there's no denying that over the last few decades, the US has mainly been the strongest supporter of putting such rules into all sorts of international trade agreements (or using those agreements to expand patent and copyright laws even beyond what we currently have in the US).

However, with a President who is extremely skeptical of international trade agreements (even if for the wrong reasons), Stiglitz has decided that it's a potential opportunity. His recent comments in South Africa make that clear. After criticizing Trump, he went on to note the opportunity:

He said developing countries must use the Trump administration as an opportunity to realise that the US hasn’t played the global leadership role it claims to have and take the initiative to negotiate new systems of globalisation, such as reforming intellectual property laws that benefit large corporates at the expense of social welfare.

Speaking out in South Africa is timely, since the country is considering a new patent law that would increase access to drugs that have been cost-prohibitive due to patents.

Stiglitz... welcomed South Africa’s draft changes and urged the country to continue working on the paper. “Any intellectual property regime has to get a balance on innovation on the one hand and dissemination on the other,” he said.

“You should be very concerned about anything that impedes competition,” said Stiglitz, warning South Africa and other developing countries of assisting corporations like big pharmaceutical companies to establish monopolies that don’t benefit local health systems or economic growth.

Stiglitz disputed claims that stringent intellectual property laws are necessary for innovation.

“There’s a whole history of using intellectual property law to try to squelch innovation,” he said.

While I hope I'm wrong, I'm skeptical that most countries will be willing to embrace a total rethink of intellectual property systems and the problems they cause for innovation -- but it will be worth paying attention to see if other countries do start pushing back on these outdated regimes.

Read More | 16 Comments | Leave a Comment..

Posted on Techdirt - 20 November 2017 @ 11:50am

EFF Wins Over Patent Troll Trying To Silence EFF Calling Its Patent Stupid

from the protected-speech-ftw dept

Earlier this year we wrote about the EFF going to court in California to protect it against an Australian patent troll, GEMSA, who objected to EFF naming a GEMSA patent one of EFF's "Stupid Patents of the Month." Apparently GEMSA sued in Australia, didn't properly serve EFF, and then got an injunction in Australia, which it threatened to enforce in California. EFF went to court using the all important SPEECH Act, which bars foreign judgments from being enforced in the US if they are in conflict with the First Amendment.

GEMSA, perhaps not surprisingly, declined to show up in the California court, leading EFF to move for default. A magistrate judge initially recommended against this, arguing that the court did not have personal jurisdiction over GEMSA. EFF asked the court to try again, and in a extraordinarily detailed and careful ruling, Judge Jon Tigar rejects the magistrate's recommendation and gives EFF the default judgment it sought. We've complained in the past that often the problem with default judgments is that courts are only too willing to just grant them if one party declines to show up for the case. This is not one of those situations. Tigar goes out of his way to explore pretty much every possible argument that GEMSA might have for why the court shouldn't have jurisdiction, for why the SPEECH Act should not apply and for why EFF's post may have been defamatory. And one by one by one, he points out why GEMSA is wrong and EFF is right. I won't repeat all the reasoning here, in part because there are so many different elements, though it's a fun and quick read in the filing.

Most importantly, after analyzing everything EFF put in the post, the court concludes: "In short, not one of the alleged defamatory statements would be defamatory under California law. EFF would not have been found liable for defamation under U.S. and California law." Combine that with the court recognizing that it has personal jurisdiction over GEMSA (GEMSA hurt its case here by continuing to appear in California courts in some of its patent lawsuits while ignoring this case...) and deciding that all of the elements of the SPEECH Act applies, and EFF prevails. And thus, it's protected speech to call GEMSA's patents stupid, and GEMSA can't censor EFF saying so here in California.

Given all that, we'd like to reiterate just how stupid GEMSA's stupid patent really is. It's for US Patent 6,690,400 on "virtual cabinest" and, damn, is it ever a stupid patent.

Read More | 5 Comments | Leave a Comment..

Posted on Free Speech - 20 November 2017 @ 10:37am

Angry Lawyer Already Engaged In A SLAPP Suit Promises To Sue More Critics, Use His Machine Gun If Sanctioned

from the well,-that'll-go-over-well dept

Earlier this year, we mentioned the Texas lawyer Jason Lee Van Dyke in relation to a story in which Twitter, ridiculously, banned Ken "Popehat" White after he wrote about threats from Van Dyke. We had written about Van Dyke years earlier when he sued the Tor Project because a revenge porn site was using Tor. We also noted that that case involved a guy who had been declared the leader of a hate group, Kyle Bristow -- and appeared to involve Van Dyke deliberately and knowingly "serving" the wrong party. The revenge porn site that Van Dyke claimed he was targeting had sarcastically provided Bristow's address as its address to mock Van Dyke, and Van Dyke then claimed he had properly "served" the revenge porn site by serving it on Bristow.

That post, from back in 2014, also included an awful lot of Van Dyke cursing out people and threatening to sue lots and lots of people. Oh, and also declaring "it's my job to violate the civil rights of people like you" to one critic. The more recent story, involving threatening Ken White and Asher Langton, showed that not much has changed with regards to anger management and Van Dyke. I won't rehash the entire story, but Ken White summarized it earlier this year. Just suffice it to say, Asher Langton turned up quite a bit of evidence suggesting that Van Dyke was advertising his legal services to white nationalists on Stormfront.

Since then, Van Dyke has, repeatedly, threatened to sue and (separately!) to physically harm both White and Langton. He's also declared himself to be part of the "Proud Boys" -- a nutty group of self-declared chauvinists, who get upset if you suggest they're racists or neo-Nazis, even if many of the distinctions appear to be quite fuzzy. Either way, they appear to get quite upset if anyone calls them those things, even though the press regularly associates them with racists, neo-nazis or the "alt-right."

Van Dyke has also threatened to sue a number of news organizations for these claims, and actually did sue a small local news site in Ohio called the Mockingbird. The Mockingbird published this article about Proud Boy antics in Ohio -- which led Van Dyke to send Mockingbird a letter requesting the site delete the article, no longer write about the Proud Boys and pay $10,000. Mockingbird's Gerry Bello responded appropriately, telling Van Dyke to fuck off, but also stating Bello's opinion (backed up with evidence) that Van Dyke is a Nazi.

It is over this letter that Van Dyke then sued (not the original article that inspired the bumptious threat letter). The lawsuit was filed in county court in Denton, Texas, which seems unwise. Texas actually has a fairly robust anti-SLAPP law that the courts have construed broadly to cover all sorts of SLAPP suits, making Texas one of the strongest defenders of free speech in the country.

Anyway, you can read Van Dyke's complaint here. Mockingbird removed the case from the local county court to the federal district court late last week (we'll see if Van Dyke tries to block that). Van Dyke is representing himself. The crux of the lawsuit:

On information and belief, Defendants are associated with a domestic terrorist collective known as “Antifa” that prides itself on harassing, defaming, and committing acts of violence against persons and groups that espouse conservative groups. In this instance, Defendants wrongfully accused members of the Houston, Texas and Columbus, Ohio chapters of “The Proud Boys” of the following: (a) being “neo-Nazis”; (b) engaging in a hate crime by placing hand-drawn swastikas into mailboxes; (c) engaging in “ethnic cleansing” during hurricane relief efforts in the Houston area; and (d) roaming the nation in an effort to commit acts of mass murder against minorities. It should be noted in this case that Plaintiff was present with the Houston Proud Boys during Hurricane Harvey relief efforts and assisted them in rescuing residents in need of evacuation and in the distribution of relief supplies such as food, bottled water, cleaning supplies, and other items to residents of areas affected by the hurricane.

Plaintiff sent a demand letter for Defendants to issue a retraction of these statements (which clearly meet the criteria for defamation per se) and Defendants responded by publishing the letter attached hereto as Exhibit “B” on their website

Because of all of this, Van Dyke insists Bello/Mockingbird have committed libel per se, specifically in reference to the statements about Van Dyke being a Nazi, as well as statements Bello made claiming Van Dyke had a previous arrest and conviction. Bello claims this was "on weapons charges and domestic violence." Van Dyke counters that it was a misdemeanor weapons charge -- not domestic violence -- and has since been expunged. He also claims that Bello wondering if Van Dyke is forum shopping his lawsuit is defamatory, as might also be Bello's statement that under his conviction Van Dyke should not be allowed to possess firearms. Amusingly, in Van Dyke's lawsuit, he also disputes that he was the lawyer pitching for business on Stormfront, but insists that he's not suing over that because it's not libel "per se."

It does appear that Bello certainly goes a bit closer to the line than I imagine most lawyers would advise in making statements about Van Dyke, but the "Nazi" line is clearly protected opinion or rhetorical hyperbole. The throwaway line about forum shopping is clearly not defamatory either. The statement about whether he can possess firearms was presented as a question rather than a statement, so again is a stretch. As for getting the specific details of the conviction wrong, Bello doesn't cite where he got that information, but it is true -- as Van Dyke readily admits -- that he was convicted on a misdemeanor firearm charge. So Van Dyke would have to show that Bello not only got things wrong beyond that in a defamatory way, but that Bello knew the information he posted was false. That's... a tough bar to reach.

Bello/Mockingbird's "Original Answer" is fairly short on details, other than denying all the claims and (for now) throwing out all possible affirmative defenses (I assume a more specific answer will be forthcoming later). Bello's lawyer has also said that they'll file an anti-SLAPP motion, though that does not appear to have happened yet.

Meanwhile, Bello has launched a crowdfunding campaign as well.

Oh, and we're not even remotely done yet. A few weeks back, Van Dyke also got into a Twitter spat with, of all people, Talib Kweli. While the conversation is now gone (in part because Twitter recently suspended Van Dyke's account), here's how Kweli describes it:

“His first tweet to me was that he was a defense attorney and worked with mentally challenged people,” explained Kweli. “He wrote, ‘You are stupider than the mentally challenged people I work with,’ and so that caught my eye immediately, because why would a defense attorney be upset at a black stranger and starting using his own clients to engage in harassment?”

Kweli responded to the tweet, explaining that he doesn’t start arguments, but is willing to engage when challenged. “And so, I engaged him,” he said. “And the way I engage people who harass me like that is I always ask them to explain their position, because if you ask a racist or a bigot to explain their position, it falls apart.”

As this went on, Kweli eventually posted Van Dyke's publicly available business contact info -- and, not unlike Ken White, Twitter stupidly temporarily suspended Kweli's account, because (again) Twitter is bad at understanding the difference between abuse and calling out abuse. Over the last few months and weeks, Van Dyke has been ranting about Kweli, Langton and White. He even wrote up and posted completely made up stories about Langton and White, calling them satire. It seems like he thinks he's proving a point, though what point is unclear.

As for why Van Dyke was finally suspended from Twitter, it was apparently for tweeting a pretty gruesomely horrible racist tweet -- involving both the n-word and a noose. In the HuffPo article, they spoke to the president of the Texas state bar, who does not seem happy about Van Dyke's actions:

“The statements attributed to this individual are reprehensible and contrary to the values we hold as Texas lawyers,” State Bar of Texas president Tom Vick said in an email to HuffPost. “I condemn them in the strongest terms.”

Meanwhile, Van Dyke has been posting (on various other social networks) increasingly angry messages about Kweli -- many of which have pretty clear racist overtones, and some of which include threats of violence. He complains about Kweli being "uppity" while promising to beat him and skin him alive. He compares Talib to Amadou Diallo, the man assassinated by the NYPD in 1999. He also says that Talib will have to change his name to "Toby", a pretty damn likely reference to the famous scene in Roots in which Kunta Kinte is whipped by his owner, until he says his name is Toby -- at which point the owner says "Aye, that's a good n****r." So, yeah. If Van Dyke is trying to portray himself as not being racist, he's not doing a very good job of it so far.

And, because Van Dyke never seems to find the bottom of the hole he keeps digging, Asher Langton posted the following screenshot of Van Dyke not only promising to sue White, Langton, Kweli and the Huffington Post today, but also saying that he doesn't care if he gets disbarred or sanctioned, and if they do he'll defend himself with a gun.

If you can't see that, it says:

No longer welcome where I've trained for years. This is the final straw. Langton, White, Kweli, HuffPo - they are all getting sued first thing Monday morning. This ends now. They can disbar me if they want, I don't give a damn. If they sanction me, my property is defended with a 50 BMG.

I'm guessing that the Texas bar might not like that one so much either -- nor any court where these lawsuits may be filed. Of course, we saw similar threats in what we posted about Van Dyke years ago as well, which did not lead to lawsuits. This time, he has sued Bello and Mockingbird, though, so perhaps he will attempt to follow through on these other threats also. Apparently he has sent Mockingbird/Bello's lawyer the following email, asking to amend the original complaint to raise the damages from $60,000 to $10 million and to add White, Langton, Kwelli, Huffington Post and Andy Campbell (the author of the HuffPo piece).

It is, at the very least, unclear how he thinks any of this helps him rather than digging him deeper and deeper into a hole. As far as I can tell, Van Dyke seems upset that he's facing the consequences of his own actions -- which include threats of violence and lawsuits in addition to a variety of other highly questionable statements. And rather than recognize that perhaps he shouldn't do those things, he's responding to people who document his own statements by doing even more of the same, which only continues the cycle. We'll see if he's actually foolish enough to follow through on this lawsuit. It is unlikely to end well. Not only are there unlikely to be any legitimate claims, it makes no sense to add them to this other lawsuit, which is about an entirely different set of statements. Randomly joining together other people who have called you out separately hardly seems like good lawyering. It does, however, remind us of Rakofsky v. the Internet, in which a young (and not very good) lawyer sued basically everyone who criticized him. It didn't end well. And, of course, that one didn't include threats of violence mixed in.

I suspect he's not interested in taking our advice -- he has regularly mocked Techdirt any time we've written about him -- but there's a time when the correct response is to stop digging. Suing people for calling you out won't end well. Threatening violence, repeatedly, over criticism is not a good look, especially for a lawyer.

Read More | 43 Comments | Leave a Comment..

Posted on Techdirt - 20 November 2017 @ 9:24am

The Sad Legacy Of Copyright: Locking Up Scientific Knowledge And Impeding Progress

from the you're-doing-it-wrong dept

We've repeated this over and over again, but the Constitutional rationale for copyright is "to promote the progress of science" (in case you're wondering about the "useful arts" part that comes after it, that was for patents, as "useful arts" was a term that meant "inventions" at the time). "Science" in the language of the day was synonymous with "learning." Indeed, the very first US copyright law, the Copyright Act of 1790 is literally subtitled "An Act for the Encouragement of Learning." Now, it's also true that the method provided by the Constitution for the promotion of this progress was a monopoly right -- locking up the content for a limited time. But the intent and purpose was always to promote further learning. This is why, for years, we've questioned two things: First, if the monopoly rights granted by copyright are hindering the promotion of learning, should they still be Constitutional? Second, if the goal is the promotion of learning, shouldn't we be exploring if there are better methods to do that, which don't involve monopoly rights and limiting access. And this, of course, leaves aside all the big questions about how much copyright has changed in the past 227 years.

Still, I'm thinking about all of this again in response to a new report -- first found on BoingBoing -- noting that 65 out of the 100 most cited papers are behind a paywall. The report is interesting and depressing. It doesn't just point out that these 65 papers are behind a paywall, but notes the price of the article, and what the effective total price to cite really is (which they list as "cost to buy individually").

The web was built specifically to share research papers amongst scientists. Despite this being the first goal of the modern web, most research is still published behind a paywall. We have recently highlighted famous math papers that reside behind a paywall as well as ten papers that have achieved a near rockstar status in research and the public. Here we systematically look at the top one hundred cited papers of all time and find that 65\%65%​ of these papers are not open. Stated another way, the world’s most important research is inaccessible from the majority of the world.

In case you're wondering, the average price to access each article is $32.33 (and the median is $32), with the range being $4 to $41. There aren't too many down around the $4 range, mind you. It's pretty much an outlier. As you'd suspect from the average, most are priced in the $25 to $40 range.

Of course, it's worth thinking carefully about this -- especially in an age where a useful service like Sci-Hub, which has created a library of academic research, open to all, is being attacked as an infringer, with all sorts of attempts to shut it down. Does this really make sense if the goal of copyright is to increase learning? (It's a separate discussion altgoether whether the purpose of copyright was ever really to increase learning, or if that was just a fig leaf to cover over the idea that it was a monopoly right for publishers).

The people writing these academic papers are almost never incentivized by the copyright. Hell, in most cases, the journals they publish in require the copyright be turned over to the journal. The journal, which profits massively from all this free labor, seems to disproportionately benefit from this setup. It gets the copyright. It charges insane amounts -- mainly to a captive audience of universities which feel required to pay extortionate rates -- and everyone else gets left out (or has to resort to infringement). It's difficult to see how anyone can justify this system in an intellectually honest manner.

The supporters of the system will fallback on a few points: they will claim that the journals provide peer review -- leaving out that this is also done as volunteer (free) labor, and there's no reason it need be done via a journal. On top of that, there's the fact that the existing peer review system is a joke that doesn't actually work. Some will argue that the journals provide a level of trust and credibility to papers -- and that's true, even if they still often publish bogus papers.

And, of course, all of this ignores the internet. The internet solves nearly every "problem" that journals claim they solve, and does it much better and more cost effectively. With the internet, peer review can be better and more efficient (and can let in many more perspectives.). On the internet, distribution can be much wider (which, on top of everything else, encourages greater peer review!).

And so we're left in a position where the only "benefit" of copyright in academia is to prop up a journal system that is expensive and inefficient, and which is almost entirely obsolete in the age of the internet. That's not to say there isn't any role for journals -- there clearly are, as we see from various open access journals that take a much more modern approach to these issues.

But, in looking all of this over, it seems like an unfortunate legacy of the copyright system that is props up the broken model of expensive, obsolete, inefficient and poorly vetted journals, while outlawing the efficient, cheap and useful model of an online library of knowledge like Sci-Hub.

If an alien were to come down to the planet today, and you had to justify why Sci-Hub is illegal and the journals are considered admired institutions of academia, I don't think anyone could legitimately do so. And when that's the situation, it seems like it's time to fix the system that lead to such a completely broken result.

55 Comments | Leave a Comment..

Posted on Techdirt - 17 November 2017 @ 10:45am

Defense Department Spied On Social Media, Left All Its Collected Data Exposed To Anyone

from the not-cool-guys dept

There are two big WTFs in this story. First, the Defense Departments Central Command (Centcom) was collecting tons of data on social media posts... and then the bigger one, they somehow left all the data they collected open on an Amazon AWS server. This was discovered -- as so many examples of careless data exposure on Amazon servers -- by Chris Vickery and UpGuard, who have their own post about the mess. You may recall Vickery from such previous stories as when the GOP left personal data on 200 million voters on an open Amazon server. Or when Verizon left private data available on millions of customers. Or when a terrorist watch list was left (you guessed it) on an open server. Or when he discovered that Hollywood studios were leaving their own screeners available on an open server. In short, this is what Vickery seems particularly good at: finding large organizations leaving sensitive data exposed on a server.

You would think (wouldn't you?) that Centcom would be better about these things than, say, Verizon or the GOP or Hollywood. But, nope.

"[It's] a pretty serious leak when you're talking about intelligence information being stored in an Amazon cloud service and not properly safeguarded," said Timothy Edgar, a former White House official in the Obama administration and former U.S. intelligence official.

Centcom's response is... sketchy. It uses the important term "unauthorized access," which suggests that it may be pushing for CFAA charges against Vickery/Upguard, since "unauthorized access" is a key part of the CFAA:

"We determined that the data was accessed via unauthorized means by employing methods to circumvent security protocols," said Maj. Josh Jacques, a spokesperson for U.S. Central Command. "Once alerted to the unauthorized access, Centcom implemented additional security measures to prevent unauthorized access."

But if it was truly left open, then the access was not "unauthorized." Indeed, it appears that Centcom went for convenience over security by making its Amazon S3 bucket open for access, and hoping obscurity would hide it.

Amazon servers where data is stored, called S3 buckets, are private by default. Private means only authorized users can access them. For one to be made more widely accessible, someone would have to configure it to be available to all Amazon Web Services users, but users would need to know or find the name of the bucket in order to access it.

By searching specific keywords, Vickery identifies information that companies and organizations inadvertently expose. In this case, he looked for buckets containing the word "com."

Three S3 buckets were configured to allow anyone with an Amazon Web Services account to access them. They were labeled "centcom-backup," "centcom-archive" and "pacom-archive," Vickery said.

As for just what Centcom was doing here -- it does appear that it was publicly available social media content, so that's less of a direct concern, but it still does make you wonder why Centcom was storing all of this social media info. There are also, of course, related concerns about the US Defense Department conducting surveillance on Americans. This is from Upguard's post on the matter (linked above):

The data exposed in one of the three buckets is estimated to contain at least 1.8 billion posts of scraped internet content over the past 8 years, including content captured from news sites, comment sections, web forums, and social media sites like Facebook, featuring multiple languages and originating from countries around the world. Among those are many apparently benign public internet and social media posts by Americans, collected in an apparent Pentagon intelligence-gathering operation, raising serious questions of privacy and civil liberties.

While a cursory examination of the data reveals loose correlations of some of the scraped data to regional US security concerns, such as with posts concerning Iraqi and Pakistani politics, the apparently benign nature of the vast number of captured global posts, as well as the origination of many of them from within the US, raises serious concerns about the extent and legality of known Pentagon surveillance against US citizens. In addition, it remains unclear why and for what reasons the data was accumulated, presenting the overwhelming likelihood that the majority of posts captured originate from law-abiding civilians across the world.

I know that the US government still has this "collect it all" mentality, but as we've discussed over and over again, adding more hay to the haystack doesn't make it easier to find the needles.

23 Comments | Leave a Comment..

Posted on Techdirt - 16 November 2017 @ 12:04pm

Roy Moore's Threat Letter To Sue The Press Is An Artform In Bad Lawyering

from the is-this-real-life? dept

By now it's become something of a pattern over the past few months, after many of the recent accusations come out about sexual harassment, abuse (or worse), lawyers representing the powerful men accused of such horrible acts threaten or promise to sue, often on incredibly flimsy reasons. In most cases, no such lawsuits will ever be filed. This is, in part, because the accusers know they have no case and in part because they know that if the case gets that far, going through discovery is likely to backfire big time. But, of course, for decades people have (often falsely) believed that in place of a real basis for making a legal threat, pure bluster will suffice.

The bluster in these letters is often impressive, but we have a new entrant that I think may quickly shoot to the top of the list. Roy Moore, of course, was the former Chief Justice of the Alabama Supreme Court, which would lead you to believe he knows a lot of good lawyers. And, yet, somehow, he ended up with Trenton Garmon. Garmon made some news earlier this week when he went on CNN with Don Lemon and called him "Don Lemon Squeezy Keep It Easy" But then he followed it up by sending one of the most profoundly ridiculous threat letters we've ever seen to the Alabama Media Group, the publisher of al.com, which has been reporting on Moore. You can click the link, or see it embedded below. It's fairly astounding. Beyond the poor grammar and the typos, it makes no sense.

It starts out by basically arguing that AL.com's reporting was "careless" (a bit ironic, given the mistakes in the letter) but (as is typical of threat letters of this nature) without giving many specifics. It does claim that the reporting on Moore signing a high school yearbook was untrue, but does so in a weird way:

Your client as an outlet is carelessly and perhaps maliciously reporting that my client, Judge Roy S. Moore, noted and signed a Yearbook of an accuser as a "DA" and in a manner which experts, to include our own, have confirmed is not consistent with his handwriting (To wit: structure, strokes, slant, base alignment, etc.) and does not comport to his typical vernacular.

And then it makes bizarre and nonsensical arguments about spoliation, which isn't exactly relevant here:

Please also note that per Alabama law there is a Third Party Tort for Spoliation. Thus, even if your client is not a held to have defamed or otherwise worked civil damages upon our clients, your client may remain responsible in a Court of law for damages caused by failure to preserve evidence. This is often times referred to as "Adversse Interference."

"Worked civil damages upon our clients?" Huh?

And then the letter gets into defamation, first defining defamation (poorly) and then accuses the site of having "inteionally refused to advance the truth regarding our clients." As to what, specifically, was defamatory... well, Garmon mentions that a report claimed five women have accused Moore, while Garmon says it was just two. No really. And who starts a paragraph (let alone a sentence) with the word "meaning"?

Meaning your client has used terms in reports maliciously or carelessly which has falsely portrayed our clients. Specifically your client's reports have indicated there are five [5] women accusing Chief Justice Roy Moore of sexual misconduct when in fact only two [2] women have made accusations of sexual misconduct. And both of these women have made false statements which your client has yet to publish. The other ladies which were rounded up in the witch hunt merely allege they perceived him to have made advances, but do not accuse him of any sexual misconduct.

When your claim of defamation is based on the fact that some of the women only accused your client of being a creep, rather than a full-on abuser, you're not in a very strong legal position. Also, is Garmon really suggesting that Al.com can be accused of defamation for not printing false statements? Huh?

Legal Twitter has been having a blast in response to this, though my favorite has been the pseudonymous legal blogger Tweeter @nycsouthpaw, who marked up the letter:

Popehat won't even touch it:

Some on Twitter pointed out that Garmon had his law license suspended in the past.

Incredibly, Judge Roy Moore voted to uphold Garmon's disbarment, and then just a few years later decided to bring him on as his lawyer?

Since the letter came out, Garmon has also appeared on MSNBC where he started making completely nonsensical comments about one of the hosts he was talking to, Ali Velshi, implying that because Velshi was born in Kenya (though raised in Canada) he understood why dating teenagers may be considered appropriate in some cultures. Beyond making no sense at all in trying to somehow pull Velshi into this, the comment, at the very least, appears to imply that Judge Moore did the very things the other letter sort of claims may be false, and... that it might be okay because some other cultures think something else entirely is okay. Or something. None of it makes sense at all.

“Culturally speaking there’s differences. I looked up Ali’s background, and wow, that’s awesome that you have got such a diverse background, it’s really cool to read through that," attorney Trenton Garmon said when asked why Moore would need permission from girls' mothers to date them.

“What does Ali Velshi’s background have to do with dating children, 14-year-old girls?” co-host Stephanie Ruhle interjected.

Velshi was born in Kenya, raised in Canada and graduated from Queen’s University in Ontario.

“In other countries, there’s arrangement through parents for what we would refer to as consensual marriage,” Garmon said.

“Ali’s from Canada,” Ruhle said.

“Ali’s also spent time in other countries,” Garmon said. “So it’s not a bad thing.”

“I don’t know where you’re going with this, Trenton,” Velshi said.

I'm guessing that Alabama Media Group is not exactly worried. Indeed, it has responded succinctly:

Michelle Holmes, Vice President of Content for Alabama Media Group, responded Wednesday to the letter. "Roy Moore seeks election to the United States Senate. As such a public figure, he merits and can expect intense scrutiny by the electorate and the media on its behalf, including by Alabama Media Group, the state's largest media outlet."

"We stand behind our past reporting on Roy Moore, and vow to continue to doggedly pursue the truth on behalf of the people of Alabama. These threats will not silence us, and they will not slow us."

Of course, as some have pointed out, it's possible that Moore could file a lawsuit, just so he can claim that the articles about his actions are false... but then drop the case soon after the election next month (win or lose). That seems like a risky move and could backfire in all sorts of ways, but I don't think anyone's going to be arguing that Moore or Garmon are paragons of good decision making right now. Either way, this quickly runs up the rankings of the dumbest blustery legal threat letters we've seen -- and we've seen a lot.

Read More | 51 Comments | Leave a Comment..

Posted on Techdirt - 16 November 2017 @ 10:44am

Why Are People Celebrating Al Franken's Incomprehensible Speech About The Internet?

from the it-makes-no-sense dept

Note: I wrote this post last night, before the news broke this morning that Franken is yet another powerful man sexually abusing women. That story is horrific and gross and Franken deserves all the shit (and more) that he's getting for it. This story is not about that, but about a speech he gave last week. I'm guessing that (quite reasonably) more people will be focused on those revelations rather than this dumb speech, but I wanted to at least explain why the speech was dumb too.

Last week, Karl wrote a post about Senator Al Franken's keynote speech at the Open Markets Institute -- a group that has been getting plenty of attention of late for arguing that big tech companies are too big and too powerful. Karl's post focused on Franken's weird argument that "net neutrality" should apply to edge companies like Google and Facebook, which made no sense. But what's more troubling to me is that Franken's whole speech was bordering on incomprehensible. This is disappointing, as I tend to think that Franken is pretty thoughtful and careful as a Senator (even when I disagree with him at a policy level -- such as with his support of PIPA).

The speech seems to basically be Franken throwing off random quips that attack just how big internet companies are, which is certainly red meat for the Open Markets crowd. And I don't deny that there are some very serious questions to be asked about the size and power of companies like Google, Facebook, Amazon and the like... but Franken's speech was not that. But because it has a few quotable lines and is attacking everyone's favorite punching bags, it's being hailed by sites like Wired as "the speech big tech has been dreading." If this is the speech that big tech has been dreading, they've been worrying about nothing.

Much of Franken's speech can be summarized as listing off the general complaints lots of people have about Google, Facebook and Twitter. Specifically: these sites are big, they may have too much power, they track too much info and bad people abuse the sites. All of those things may actually be true -- but such arguments should be presented with actual evidence and some idea of what to do about it. Franken, on the other hand, gives a bunch of points that don't hold together and repeatedly contradict his own statements within this very speech. He careens back and forth wildly from "these sites should stop bad stuff" to "how dare these sites think they can decide what's good and what's bad online." Over and over again -- with an interlude at one point that's all about "how dare these sites not prop up my friends in Hollywood." People who hate Google and Facebook have been cheering on this speech, but it doesn't do them any favors either, because the thread of the speech is non-existent. There's no coherent message that comes out of it, other than that Franken has no clue what he's talking about here, but wanted to please the Google and Facebook haters, and so he tossed out every cliche he could think of, even when they were self-contradictory.

Let's go through the speech bit by bit:

As lawmakers grapple with the revelations regarding Russia’s manipulation of social media during the 2016 election, many are shocked to learn the outsized role that the major tech companies play in so many aspects of our lives. Not only do they guide what we see, read, and buy on a regular basis, but their dominance – specifically in the market of information – now requires that we consider their role in the integrity of our democracy.

This is actually a good start. The events of the last year should have people wondering about how these platforms can impact democracy. I think lots of people are asking that question. But it quickly goes off the rails...

Last week’s hearings demonstrated that these companies may not be up to the challenge that they’ve created for themselves. In some instances, it seems that they’ve failed to take commonsense precautions to prevent the spread of propaganda, misinformation, and hate speech.

What "challenge" have they "created for themselves"? The platforms he's talking about have focused on increasing communications among anyone -- and sometimes those communications are not good. And that's a concern, but is it the responsibility of the tools to determine which speech is good and bad? Even more to the point -- do we want internet platforms to be the ones saying that "propaganda, misinformation and hate speech" (with no clear definitions) are not allowed? That would create all sorts of problems worse than the supposed "challenge" Franken is so worried about. Also, making the platforms somehow responsible is a ridiculous idea, as it only gives them much more power -- and, as he notes in his opening paragraph, he's already upset about how dominant they are.

So even just in the first two paragraphs he's contradicted himself. They have too much power, and he's shocked that they don't use that power to silence perfectly legal speech that he doesn't like. And this is leaving aside the idea that if Facebook, Google, Twitter and such suddenly announced that they weren't allowing "propaganda or misinformation" online people would be up in arms as they took down lots of perfectly legal speech that people supported. Almost all political content is propaganda or misinformation of some kind or another. Hell, one could argue that this speech is full of misinformation. And now Franken is saying that these platforms should be forced to "prevent" such speech?

Senator John Kennedy, a Republican from Louisiana, asked Google, Facebook, and Twitter some really tough questions in a judiciary committee hearing, and he captured my takeaway from recent events perfectly: the power of these companies “sometimes scares me”.

So, now we're back to them being too powerful. Paragraph 1: too powerful. Paragraph 2: why don't they use their power to censor more? Paragraph 3: they have so much power it scares me.

The platforms that big tech has designed may now be so large and unruly that we can’t trust the companies to get it right when they do start paying attention. If you have five million advertisers a month using your highly sophisticated, nearly instantaneous ad platform, can you ever really know who all of them are? Can you ever catch all the signals that would seem obvious to a pair of human eyes – for example, political ads that are paid for in rubles?

And, boom, we're right back to these platforms not actually exercising their power. And then getting confused about what's really a key point in all of this. It's true that you can't really know who all the users of these platforms are. And that's part of the reason why these sites are so useful. The fact that anyone can go and buy ads on Facebook is actually a wonderful thing for most businesses that use the platform. It has taken away the traditional gatekeepers, who made advertising difficult, expensive and poorly targeted. Now, there are other issues with the targeting of ads, related to privacy questions or just the general "creepy" factor, but complaining that these platforms can't "know" all the details of all their customers kind of misses the point about why these platforms are so useful.

Before I move on, I want to be very clear about something. In my view, the size of these companies is not – in isolation – the problem. But I am extremely concerned about these platforms’ use of Americans’ personal information to further solidify their market power and consequently extract unfair conditions from the content creators and innovators that rely on their platforms to reach consumers.

So... now it's not the size that's the problem, but the power to use that size to be unfair to "content creators and innovators that rely on their platforms to reach consumers." Okay, but you just complained in the previous paragraph that it's a problem that these sites don't "know" all of their customers, suggesting that they should be much more restrictive. But this paragraph suggests you think they're too restrictive and people who use the platform to reach "consumers" should have more ability to do so. WHICH ONE IS IT, AL?

And as has become alarmingly clear in recent months, these companies have unprecedented power to guide Americans’ access to information and potentially shape the future of journalism. It should go without saying that such power comes with great responsibility.

Yes, this is a concern, but you keep going back and forth on why it's a concern. Is it a concern because the companies aren't blocking propaganda and misinformation? Or is it a concern because they're not letting enough information through to end users?

As the founder and top Democrat on the judiciary subcommittee on privacy, technology, and the law, I’ve watched as the tech community’s collection and treatment of users’ personal information has evolved over the years. In the past, I’ve raised concerns about Facebook’s use of facial recognition technology, and I’ve pressed Google on its unauthorized collection of K-12 student data.

While I appreciate that these companies have taken steps to improve transparency of their use of Americans’ personal information in recent years, unfortunately, accumulating massive troves of information isn’t just a side project for them; it’s their whole business model. We are not their customers; we are their product.

I've already explained why I find the expression "if you're not paying, you're the product" to be a silly and meaingless statement, but there is certainly a legitimate concern about how much information these companies have and what they do with that information. Franken won't get an argument from me on that point, but given how his speech keeps swinging back and forth, it's hard to see where he's going with this.

Facebook and Google’s vast collection of our personal information has fueled their advertising business, which has now become their main source of revenue and given the companies a strong duopoly in the digital advertising market. Facebook announced that it made $9.3bn in the second quarter this year, with 98% of that coming from its advertising business.

Google made $26bn, with 87% coming from advertising. Once these companies establish dominance over our data, they can more easily erect barriers to entry for potential competitors – in the digital advertising market as well as the other markets in which they operate. Ultimately, they have even less incentive to respect our privacy going forward or more closely monitor their advertising tools for use by bad actors.

Again, this may be a legitimate concern. The two companies are behemoths in the online advertising space, and it certainly could be bad if they then leveraged that position to stamp out competition. That's something that I think is absolutely worth paying attention to and using antitrust law to prevent. But... Franken tries to tie this to a failure to "closely monitor their advertising tools for use by bad actors."

And that takes us back to the basic confusion about what Franken is concerned about here. Is it that they have too much power to silence people... or that they have no incentive anymore to silence people? Because those two things seem to be in direct conflict, and Franken seems to be arguing them both simultaneously (even going back and forth on them as if they're the same thing).

About the only way this makes sense is if Franken is really arguing that Google and Facebook should be legally required to show people "more good stuff" and legally required to show us "less bad stuff" but without giving any actual definition of "good stuff" or "bad stuff." And perhaps this is why some people are cheering on the speech. Who doesn't want more good stuff and less bad stuff? But by assuming that (1) it's easy to tell the good stuff from the bad stuff and (2) that everyone will agree to what's good and what's bad and (3) giving that much power over truth to a few private companies won't backfire... is bizarre.

You may not like that Facebook uses your likes, shares, and comments to decide for you which advertisements or friends’ posts are most relevant for your News Feed. And you may not like that Google can now deliver ads to you by combining its DoubleClick data on your web-browsing behavior with your personally identifiable information that it gathered through your Gmail account. But are you ever going to delete the profile and connections you’ve spent years establishing on the world’s dominant social network? Or get rid of your Gmail account?

Again, this is a valid concern, but seems contradictory to his alternating point about wanting these platforms to do more to stop "bad" stuff from happening on their platforms. To do that, wouldn't they need access to information like this?

The information that these companies collect can also be a very dangerous weapon if it falls into the wrong hands. ProPublica recently revealed that up until two months ago, Facebook allowed advertisers using the company’s self-service ad-buying platform to target more than 2,000 people who expressed interest in the topic of quote “Jew hater” and other antisemitic themes.

While these categories were apparently automatically generated by an algorithm based on users’ self-reported interests, it is Facebook’s responsibility to monitor such tools and ensure that it isn’t facilitating or – worse – making a profit on such hateful activity. Facebook ultimately removed the categories from the ad platform, but only after reporters notified the company about it.

And... we're right back to demanding that Facebook spy on people even more. What the fuck, Senator Franken? In one breath you say that Facebook is tracking too much information and in the next you complain that it's not tracking enough information to stop anti-Semites. Which is it?

Algorithms seem to be a convenient excuse. Facebook has cited its algorithms for creating hateful advertising categories and failing to catch a hostile foreign power using its platform to spread lies and sow discord. Google has previously said that its algorithms necessarily include websites dedicated to illegal activity in search results, such as pirate sites, even as in other instances it maintains that its results do reflect Google’s judgment.

Okay. So here we have Senator Franken complaining that Facebook and Google are not discriminating and blocking certain content, so stay tuned, because this will seem mighty silly in a few more paragraphs.

And at the same time, Facebook, Google, and Amazon have used their algorithms to extract unfair terms and fees from those dependent on its platform, promote their own products and services above those of competing companies, and even manipulate the emotional state of its users.

I'm curious what unfair fees he's talking about. He doesn't elaborate. But again, the message here is so muddied. He's concerned these sites have too much power, at the same time he's upset that they don't get more aggressive in abusing that power.

In 2014, Facebook published its findings from an experiment in which it altered its News Feed algorithm for a segment of its users – unbeknownst to them, of course – and filtered posts based on their emotional content. As orchestrated by the altered algorithm, some users saw predominantly positive content while others saw mostly negative content. Unsurprisingly, the big takeaway was that Facebook has the power to influence our psychological state.

That’s scary.

Yes. It is. So why, just paragraphs earlier, were you demanding that Facebook actively modify their feeds to show less bad stuff and promote more good stuff? Weren't you demanding the exact thing you now claim is "scary"?

So on the one hand, the troves of user data and automated algorithms make these companies appear almost clumsy. But on the other, they’re a sophisticated strategic tool used to maintain and strengthen their own power. As Americans have lost meaningful control over their personal information, the content creators that rely on platforms to reach consumers have lost all of their leverage.

He keeps throwing in these weird little digs about "content creators" which seems like a dog whistle on copyright issues. But this makes no sense. Most content creators pre-internet had no leverage at all. Most content creators were drummed out of the business if they had no deal with a giant gatekeeper -- record label, movie studio, book publisher -- who had all the leverage and demanded not just your copyright, but 85% of your earnings. These new platforms have opened up the ability for all those people who couldn't even get past the gatekeepers to start making money online, and other services like Kickstarter and Patreon have opened up ways for them to have tremendous leverage by going direct to their fans. What's that have to do with the fact that Facebook is big? I haven't the slightest idea. But, I will say that tons of people who make money online these days from their creations have these platforms to thank for being able to build up such a large audience to support them.

I understand what it means to dedicate your life to writing, creating, and praying that someone somewhere will eventually get to appreciate your work.

In more ways than not, the internet, along with all the companies we’re discussing here today, has made it possible for every American – no matter their corner of the country – to express themselves to their friends – and to people all over the world.

Okay, so now we're saying that these platforms have been amazingly beneficial right after saying they've wiped out all leverage. Hmm.

But as the wealth of information available on the internet has grown, big tech has taken it upon itself to sort through all the viewpoints, news, and entertainment, and decide for us what we should read, watch, buy, or even how we should engage in civil society.

What the hell, Al? You keep going back and forth. First you want them to delete bad stuff online, and now you're back again complaining when they do exactly what you were asking a few paragraphs ago?

As far as I can tell, Al Franken's big complaint here is "why do Facebook and Google sometimes show stuff that I, Al Franken, dislike, and why doesn't it do more to promote the content that I, Al Franken, really like?" That's the only way in which this speech makes any sense at all.

And they’re doing it all under the shadow of complicated algorithms that make little sense to either the content creators whose livelihood depends on them or the users whose everyday decisions they’re controlling.

Hmm. Did the decision-making that Universal Music used to fuck over musicians decades ago make any sense to musicians back then? No, it didn't. And, back then, musicians were fucked if a giant label like that did them wrong. Today, artists can strike out on their own, build fan bases on their own and use a variety of services to make it work. Not everyone will succeed, but any content creator relying on Facebook or Google to be a success these days made a bad decision. A US Senator should not be telling companies that they have to make certain content creators succeed. That's scary.

It doesn’t require an antitrust lawyer to understand that these companies’ dominance in the market of information gives them tremendous power to dictate terms with journalists, publishers, and authors and to control the information available to consumers.

Once again, I don't know what point Franken is making. The companies are bad because they have the power to censor content and the companies are bad because they don't censor content. Which is it?

As it stands now, Google and Facebook control 75% of all internet news traffic referrals, meaning that three out of four times an internet user accesses a news story online, they get there via Google or Facebook. The numbers are even more alarming by topic. According to Parsely analytics, almost 60% of “US Presidential Politics” traffic comes through Facebook, nearly 25% comes through Google, and less than 16% comes through other sources.

With this unprecedented power, platforms have both the incentive and the ability to redirect into their own pockets the advertising dollars that once fueled the newspaper business. And news publishers fighting for eyes are forced to navigate Facebook and Google’s optimization policies, which have previously prevented news organizations from using paywalls or offering subscription services and have driven journalists to write stories that they know will be promoted in Google Search, on News Feeds, and in the “trending” section of Facebook.

This is a concern. But it's because news publications fucked up. They got sucked into this. Some of us (like, literally, us), focused on creating good content and building up a solid audience who would return directly. Some of us (like, literally, us) chose not to play the games of SEO and social media tricks, because that's a waste of time and get you sucked into this vortex. Yes, some news orgs went the other direction and that was dumb of them. But is Franken really arguing that we should prop up news organizations that made a dumb decision and handed more power over to Google and Facebook?

While I appreciate the companies’ recent efforts to ensure that publishers and journalists are more adequately compensated, the end result may be the same: journalism for the masses and the never-ending search for the next viral story.

Wait. So... now the complaint is one about human nature?

In his book World Without Mind, Franklin Foer describes newsrooms’ reliance on Chartbeat – a site that allows them to track in real time the readership of each and every article, which of course fuels advertising, and ultimately puts pressure on journalists and editors to create the most click-worthy story.

To quote Foer: “The site’s needle made us feel as if our magazine were a car, showing us either sputtering up the hill of a poor traffic day or cruising to a satisfying number.” During the 2016 election, then presidential candidate Donald Trump, with his truly unpredictable outbursts on Twitter, was the perfect focus for newsrooms seeking as much traffic as possible.

Again, it was always dumb for news orgs to focus on clicks rather than building up a loyal audience. We use Chartbeat here, but I'm the only one who looks at it and none of our writers get to see it because we've never wanted our writers to focus on clicks or traffic. We want them writing great stories so that all of you keep coming back. A flash in the pan from some other site sending traffic is nice, and maybe a few people stick around, but that's not a strategy. That's chasing the wind. Lots of news publishers made mistakes, but why should that be Franken's concern? And why would he blame Google and Facebook for it?

Tragically, the need to find the next viral story may soon hit the book-selling business as well.

In 2007, Amazon revolutionized reading when it unveiled the Kindle. With the introduction of the e-reader, Americans could instantly access almost any book they desired – from the comfort of their home and at an all-time low price.

It is widely reported that Amazon strategically set their prices below cost in an effort to capture the market. Indeed, for years, American consumers benefited from the company’s ultra-low prices and slowly shifted their business away from brick-and-mortar stores and other online retailers. Currently, Amazon controls over 83% of e-book sales, nearly 90% of online print sales, and almost 99% of digital audio sales.

Amazon has since used its unprecedented monopsony power to force publishers to agree to contract terms and conditions that the publishers say have stalled price competition among book distributors, ultimately resulting in higher e-book prices for consumers.

How do you set ebook prices "below cost"? The "cost" of another copy is zero. Amazon's original ebook pricing was a $9.99 flat rate for every book. It was only after Apple colluded with other publishers to change that pricing and push for higher prices that Amazon was pressured (not the other way...) into variable pricing. This is a bizarre rewriting of history by Franken.

Amazon has also used its power to demand additional payments for critical items like warehousing and inclusion in its personalized user recommendations – an algorithm that I’m sure most users assume is based purely on their personal preferences. And now that Amazon is a publisher itself, it has every incentive and ability to promote its own books over those of others in user recommendations, price promotions, and bestseller lists.

Reasonable point. But is it happening? If it is, that's worth exploring. Just saying it has the incentive to do so is meaningless if there's no evidence of this abuse of power.

As a recent article by Lina Khan so neatly lays out, in many ways, Amazon’s evolution in the book business is the perfect illustration of how an entity can use anticompetitive tactics to not only capture a market, but also maintain it, and ultimately use its platform to enter and dominate entirely new markets. Like diapers.

And as we’ve seen in the book business, once Amazon captures a market, it then has the ability to eliminate competition on consumer prices. So while Amazon’s prices on any given item may be low for now, it’s only a matter of time before the company starts squeezing consumers. Like we’ve seen with diapers.

If Amazon provides a better diaper buying experience than others, what's the problem, exactly? Yes, Amazon is big, but if it really starts abusing that position, doesn't that seem like an opening for others to jump in? I mean, diapers are an odd example, since Amazon did, in fact, buy Diapers.com because it was an upstart that did a damn good job of competing with Amazon. And then after Amazon bought the site, Diapers.com's founder went off and founded a new site that also competes with Amazon.

Unsurprisingly, as a result of Amazon’s tactics in the book business, publishers say they’re selling fewer books than they otherwise would.

Who exactly determines what "they otherwise would" here? Because that phrase is doing a lot of work for a claim made with no basis at all.

And they fear the day that they’ll be unable to invest in new authors or less popular genres, instead focusing all of their diminishing resources on the “blockbusters” of the book business. These are the some of the long-term effects that I find truly disturbing.

This is the same bullshit line that the music and movie industries have given for decades. And it's always turned out to be wrong. It's based on what the giant gatekeepers (record labels, movie studios, book publishers) are saying, ignoring that the internet has enabled tons of musicians, filmmakers and authors to create, distribute, promote and monetize. The idea that there will suddenly be less investment in books is ludicrous if you look at how many books are being published today vs. two decades ago. And much of that is because of Amazon and the ability for people to avoid the publishers altogether.

Now, I have spent much of my time in the Senate advocating for strong net neutrality rules to preserve the longstanding principle that all lawful content on the internet should receive equal treatment from internet service providers regardless of who owns the content or how much money he or she has in the bank.

And in 2015, millions of American consumers and businesses celebrated the FCC’s landmark vote to preserve a free and open internet under Title II of the Communications Act. Ensuring those strong rules are maintained – and enforced – remains my top priority.

As tech giants become a new kind of internet gatekeeper, I believe the same basic principles of net neutrality should apply here: no one company should have the power to pick and choose which content reaches consumers and which doesn’t. And Facebook, Google, and Amazon – like ISPs – should be “neutral” in their treatment of the flow of lawful information and commerce on their platforms.

And yet in this screed you keep insisting that Google and Facebook need to block bad content. And now you're back to saying they should be neutral. Do you even realize how directly in conflict your own speech is with your own speech?

Following years of hard work and dedication, we found in the Open Internet Order a strong and time-tested framework to protect net neutrality. While we fight to preserve the Order, we must now begin a thorough examination of big tech’s practices in order to secure the free flow of information on the internet.

The free flow of information on the internet is incredibly important. I've been fighting it for probably longer than Franken knew the internet existed. But that's not what Franken is saying here. In this speech, he's arguing for the exact opposite of what he thinks he's arguing for.

Everyone is rightfully focused on Russian manipulation of social media, but as lawmakers, it is incumbent upon us to ask the broader questions. How did big tech come to control so many aspects of our lives? How is it using our personal information to strengthen its reach and its bottom line? Are these companies engaging in anticompetitive behavior that restricts the free flow of information and commerce? Are they failing to take simple precautions to respect our privacy and protect our democracy? And finally, what role should these companies play in our lives, and how do we ensure transparency and accountability from them going forward?

This I agree with. These are all good questions. But, you can't dig into these issues if you don't actually have a clue about what's going on, and the rest of Franken's speech suggests he has no clue. And that's unfortunate.

We need to talk about data in digital advertising and how it influences competition and encourages a disregard for Americans’ privacy. We need to better understand how past deals – Google’s purchases of DoubleClick and Waze or Facebook’s acquisitions of WhatsApp and Instagram, for example – have impacted consumers’ privacy and big tech’s ability to establish barriers to entry for emerging rivals.

And finally, we desperately need to conduct vigorous oversight – in the form of investigations and hearings – to fully understand current practices and the potential for harm. We must work together to make this happen.

Sure. We should talk about these things. I have my concerns about those acquisitions as well, but again, Franken's speech is all over the place. There's no consistent message at all. It's just "how dare the platforms not take more responsibility in blocking content... but also how dare they block any content?" Also, "how dare they become so useful that people use them... and how dare they not prop up news organizations that didn't innovate?" It's "how dare these platforms become successful for content creators... but also how dare they not magically make all content creators successful?"

I'm sure that the haters of the internet have lapped this talk up and are all excited about it. I've seen tweets from people cheering it on, because it slams Google and Facebook and Amazon. And there are reasons to be worried about all of those companies. But this speech makes no sense at all. As a thought experiment: if you worked at one of those companies and sincerely wanted to change things to make Senator Franken happy after hearing this speech, what would you do? You should not block or favor any content, but you should not allow misinformation or propaganda. How do you do both of those things? Perhaps Senator Franken can explain.

36 Comments | Leave a Comment..

Posted on Techdirt - 14 November 2017 @ 9:41am

Monkey Selfie Photographer Says He's Now Going To Sue Wikipedia

from the this-will-never-end dept

Thought the monkey selfie saga was over? I'm beginning to think that it will never, ever, be over. If you're unfamliar with the story, there are too many twists and turns to recount here, but just go down the rabbit hole (monkey hole?) of our monkey selfie tag. Last we'd heard, PETA and photographer David Slater were trying to settle PETA's totally insane lawsuit -- but were trying to do so in an immensely troubling way, where the initial district court ruling saying, clearly, that monkeys don't get a copyright would get deleted. Not everyone was comfortable with this settlement and some concerns have been brought before the court. As of writing this, the court seems to be sitting on the matter.

We knew exactly why PETA didn't want its big loss to remain on the books, but it initially appeared that Slater was more neutral. However, he's now claiming that he's preparing to sue Wikipedia -- in which case having the earlier ruling off the books (where it makes it clear that a monkey can't get a copyright) would probably be helpful. This bit of news about a planned Wikipedia lawsuit was a throwaway line in... well... a pretty bad episode of This American Life, which takes on the monkey selfie story, but does a surprisingly awful job of it. I'm a huge fan of This American Life, and in the past when they've done stories where I'm intimately familiar with the details, I think they've done a really excellent job.

But, on this story, TAL falls flat on its face. It presents the story of David Slater mostly through his own telling of it, and frames Wikipedia declaring the image to be in the public domain to be a fairly radical position. I'm actually surprised that TAL didn't talk to a copyright lawyer about this (they quote Slater's lawyer, but specifically on questions related to PETA's case -- and not the copyright status of the image). Indeed, I'm surprised that the reporter, Dana Chivvis, didn't appear to speak to anyone at Wikipedia itself. She kicks off the discussion of Wikipedia's role in the monkey selfie case with this bit of utter nonsense that does not reflect Wikipedia's view at all:

In other words, anyone could use it, without David's permission, for free. To David, that was just stealing. He makes a living from selling his pictures, so it was really helpful to have one that was such a hit. But now, anyone could download it from Wikipedia and hang it on their wall. Or print it in their publication.

Wikipedia's opinion is that information on the internet should be free.

Where to start? This is just so full of wrong, it's embarrassing. Whether or not Slater makes his living from that photo has no bearing on the legal question of who holds the copyright. And Wikimedia's reason for declaring the monkey selfie in the public domain is not that "information on the internet should be free." Its position is that the law is well established that non-human creators don't get copyright, and thus the image is in the public domain. This isn't some crazy "ooh man, everything should be free" argument. It's a legal argument based on the entire history of copyright law. While (thankfully!) Slater and/or TAL left us out of this story (Slater frequently blames us in combination with Wikipedia for the sin of accurately reporting on the law, but somehow we got spared in this story), it does a terrible job presenting the actual legal arguments about the public domain question. Wikipedia does support making knowledge available to the public, but that's unrelated to the legal question of whether the image is in the public domain -- but the way Chivvis presents it, it's as if Wikipedians just randomly declare images in the public domain because they think everything online should be free. That's wrong. And it's just bad reporting.

Chivvis does do a much better job getting into the legal issues with PETA's dumb lawsuit and accurately presenting the issues at play there, but that's a separate issue from whether or not the image is in the public domain (even if the issues are somewhat entangled). She also leaves out the key part of the settlement being a desire to delete the original ruling in the case -- or the fact that the court does not appear to have accepted the settlement, and the case is technically still open (she claims that it's all settled).

There is just a quick aside about Slater's plan to sue Wikipedia at the end, right before the supposed "kicker" to the story: Slater claims that "Naruto" -- the monkey PETA claims it represents and who it claims took the photo -- is not, in fact, the monkey who took the selfie. This isn't a new argument, as it's been raised before (by Slater and others) that Naruto is the wrong monkey.

Either way, suing Wikipedia for accurately claiming the monkey selfie image is in the public domain would not be a wise move on Slater's part. He's almost certain to lose if it goes that way. He's also threatened to sue us in the past over this same issue, and that would be even dumber (again: we just reported on the copyright status of an image based on his own statements about how the image came to be -- he has since changed his story to make it appear that he had more of a role in the photo, but that was not his original story at all). Note that in original story, Slater said he left the camera "unattended" and the camera "attracted the attention" of a macaque. It was only later, after people pointed out that under those conditions, he doesn't have a copyright that the story began to morph into one where Slater had a bigger role (which is also heard in the TAL broadcast).

Either way, Slater continues to tilt at this windmill, and it's not going to change the law. PETA's lawsuit was dumb and hopefully it really is over (though, hopefully the original ruling remains on the books). I really feel sorry that PETA decided to pick Slater as the victim of one of its stunts as it's a shitty experience to be sued. But for Slater to think the lesson to take from all of this is to sue others would be disappointing.

60 Comments | Leave a Comment..

Posted on Techdirt - 13 November 2017 @ 11:53am

With The US Out, Canada Gets Copyright Out Of TPP And Moves Closer To Agreement

from the but-we-thought-it-couldn't-be-done... dept

We've been talking about the Trans Pacific Partnership (TPP) agreement for many, many years. And one point that we've made over and over again about the TPP and other trade agreements, is that there actually is a lot of good and important stuff in those agreements, and we don't understand why the US (mainly) keeps insisting on two issues that don't belong in these agreements at all: (1) "intellectual property" chapters, which are almost always the opposite of "free trade" in that they focus on ratcheting up government protectionism and monopolies for a few specific industries and (2) a section on what we refer to as corporate sovereignty, which which the trade world calls "investor state dispute settlement" or "ISDS." That's where companies can demand an private tribunal judge if a country unfairly treated that company poorly and order the country to pay the company millions or sometimes billions of dollars.

Of course, the US has been a major driver of both of those provisions -- but over and over again we were told that these kinds of agreements were "impossible" without an intellectual property chapter and corporate sovereignty. Turns out, once you get the US out of the way, things aren't so impossible. Just a couple weeks ago, we noted that many countries around the world (including the new USTR, Robert Lighthizer) appear to be souring on corporate sovereignty provisions, but the really big news is the TPP.

Right after Donald Trump became President, the US officially dropped out of the TPP negotiations, leading many to believe that the entire process was dead. Instead, the other countries have continued to negotiate, and on Friday agreed in principle on key aspects of a deal, for the newly renamed Comprehensive and Progressive Agreement for Trans-Pacific Partnership (CPTPP)

One of the stumbling blocks, on which Canada allegedly played hardball, was removing much of the intellectual property chapter (including basically all of the really bad stuff). As Michael Geist notes:

The Liberal government demonstrated genuine leadership in demanding significant changes to the flawed TPP intellectual property chapter and refusing to back down under intense pressure from some of the negotiating parties. The result isn’t perfect, but the newly named Comprehensive and Progressive Agreement for the Trans Pacific Partnership (CPTPP), which still requires considerable negotiation, features a significantly improved IP chapter that suspends some of the most problematic provisions.

Weeks after the release of the TPP text in 2015, I wrote a lengthy series on the Trouble with the TPP.  Many of the most problematic provisions, including copyright term extension, digital lock rules, and intermediary liability have been suspended from the CPTPP at the insistence of the Canadian delegation. Their removal is a remarkable victory for those that argued against overbroad, restrictive copyright provisions in the TPP and maintained that there was no reason to include unbalanced copyright provisins in a modern trade agreement.

The new version also appears to remove some of the corporate sovereignty/ISDS provisions.

There's still a lot of work to be done on the agreement, but it certainly appears that Canada has taken the lead with the US out of commission. This is particularly amusing, as Canada was a late entrant into the TPP negotiations, and part of that involved the US demanding that Canada accept the text as it was and not reopen negotiations on key points already agreed upon. And now, the end result is that the US has withdrawn and Canada led the way in ditching some of the key provisions the US had demanded.

And, again, the current deal still has some serious problems. For one, it notes that it's possible that the worrisome intellectual property provisions could re-emerge, zombie-like, at a later date. It also notes that there's still enough of the corporate sovereignty provision to be worried about (and same with telecommunications services provisions). But, on the whole, it appears that the new CPTPP is moving in a much, much better direction, in large part by dumping the intellectual property elements.

Meanwhile, later this week, NAFTA renegotiations will be taking place and intellectual property issues are on the agenda. Perhaps Canada can do the same thing it did with the TPP and convince everyone else to take that issue off the table entirely.

11 Comments | Leave a Comment..

Posted on Techdirt - 13 November 2017 @ 9:34am

DOJ Still Demanding Identity Of Twitter Users Because Someone They Shouldn't Have Arrested Tweeted A Smiley Emoji

from the this-case-remains-fucked-up dept

Last month, I had two blog posts about a particularly insane lawsuit being pushed by the Justice Department against a computer security researcher, Justin Shafer. As we explained, the arrest and prosecution of Shafer appeared to be the result of a truly ridiculous vendetta against Shafer by the FBI because Shafer got angry over a previous (and totally misguided) decision to raid his home, after he properly disclosed security problems involving some dental practice software. It seems clear that Shafer never should have been arrested (and never should have had the FBI raid his house three times over just a few months). Of course, what first brought the case to my attention was an even more ridiculous part of the story, in which the DOJ had sent a subpoena to Twitter demanding basically all info on five Twitter users -- even though two of them don't hide their identity -- because Shafer tweeted a smiley emoji at them.

That story is even more insane than it sounds, but I'm not going to repeat the details here -- I'll just repeat: the case involved the DOJ demanding the identity (and more) of five Twitter users because someone else (who they're railroading over bogus charges) sent a smiley emoji to them on Twitter where they were discussing a different lawsuit altogether.

We now have two updates on that story: (1) Shafer is appealing the fact that he's still in jail, months later and (2) the DOJ has refused to withdraw the emoji subpoena. Yes. You read that right. The DOJ is doubling down, demanding the identity (and more) of Twitter users because someone they never should have arrested, sent a smiley emoji to them. We can cover that second point first because there's not much more to say beyond "What the fuck is wrong with the DOJ?" As you may recall, the five Twitter users whose info was sought by the subpoena included @dawg8u ("Mike Honcho"), @abtnatural ("Virgil"), @Popehat (Ken White), @associatesmind (Keith Lee) and @PogoWasRight (Dissent Doe). Ken White and Keith Lee are both known (and each has blogged about the situation). The rest are at least partially pseudonymous. Dissent Doe, for one, has strong reasons for retaining anonymity, given her focus on data breaches and privacy issues. She revealed the DOJ's stunning decision to keep going over the weekend, noting that she now needs to fight the subpoena in court.

Dissent Doe explained to me later that her lawyers have tried, repeatedly, to contact the DOJ about this ridiculous subpoena, and the DOJ has ignored all attempts to communicate. Twitter has told her that any motion to quash the subpoena needs to be filed this week. She also notes, appropriately, that she's "really really ticked off" about all of this. We all should be.

And, just to be clear, there is no way the subpoena is even remotely Constitutional. Not even armchair lawyers could possibly think so. Over and over again, courts have said that anonymity is protected under the First Amendment, and you need to have very strong reasons to pierce the anonymity. The key case here is McIntyre v. Ohio Elections Commission, but plenty of others have weighed in since then. As we pointed out, the recent Awtry v. Glassdoor case nicely summarizes the history of cases protecting anonymity under the First Amendment:

The Supreme Court has recognized that “an author’s decision to remain anonymous, like other decisions concerning omissions or additions to the content of a publication, is an aspect of the freedom of speech protected by the First Amendment.” McIntyre v. Ohio Elections Comm’n, 514 U.S. 334, 342 (1995). Indeed, “[t]he right to speak anonymously was of fundamental importance to the establishment of our Constitution.” Doe v. 2TheMart.com Inc., 140 F. Supp. 2d 1088, 1092 (W.D. Wash. 2001) (citing McIntyre, 514 U.S. at 341-42). In particular, “Justice Black . . . reminded us that even the arguments favoring the ratification of the Constitution advanced in the Federalist Papers were published under fictitious names.” McIntyre, 514 U.S. at 342 (citing Talley v. California, 362 U.S. 60, 64 (1960)). So too were the responses of the anti-federalists, which were published by authors who used such fictitious names as “Centinel,” “Brutus” and “The Federal Farmer.” In re Anonymous Online Speakers, 661 F.3d 1168, 1172-73 (9th Cir. 2011).

Further, it is well-established that anonymous speech on the Internet, like other types of anonymous speech, enjoys First Amendment protection. In re Anonymous Online Speakers, 661 F.3d 1168, 1173 (9th Cir. 2011)(“online speech stands on the same footing as other speech—there is `no basis for qualifying the level of First Amendment scrutiny that should be applied’ to online speech”) (quoting Reno v. Am. Civil Liberties Union, 521 U.S. 844, 870 (1997)). As the Ninth Circuit has explained, “the ability to speak anonymously on the Internet promotes the robust exchange of ideas and allows individuals to express themselves freely without `fear of economic or official retaliation . . . [or] concern about social ostracism.'” Id.(quoting McIntyre, 514 U.S. at 341-42).

First Amendment protection of anonymous speech “is not unlimited, however, and the degree of scrutiny varies depending on the circumstances and the type of speech at issue.” Id. Political speech is considered to be “core” speech and is afforded the highest level of First Amendment protection. McIntyre, 514 U.S. at 346. Online messages such as the ones at issue here are also entitled to some level of First Amendment protection, even if the hurdle for overcoming that protection is less stringent than it is for political speech. See In re Anonymous Online Speakers, 661 F.3d 1168 at 1177; see also Highfields Capital Mgmt., L.P. v. Doe, 385 F. Supp. 2d 969 (N.D. Cal. 2005) (finding that identity of individual who anonymously posted derogatory comments about a company on an online message board was protected from disclosure under the First Amendment); Art of Living Foundation v. Does 1-10, No. 10-cv-5022 LHK, 2011 WL 5444622, at *5 (N.D. Cal. Nov. 9, 2011) (finding the standard articulated in Highfields applied to anonymously posted online commentary criticizing the plaintiff’s organization).

Given that tons of people are pointing this out publicly, what possible reason could the DOJ have for continuing to push Twitter to cough up this info other than to just be assholes?

As for the second update: Shafer has appealed the decision of a magistrate just revoking his pretrial release. The filing, by lawyers Tor Ekeland and Frederic Jennings, is... quite a read (and even cites my articles). It certainly doesn't hold back:

The government accuses Justin Mark Shafer of putting an FBI agent and his wife in substantial emotional distress and publishing restricted information about that FBI agent with the intent to incite violence against him. But nowhere in the record, or in the discovery in this case, is there any true threat of violence against anyone. There is no explicit language articulating any kind of threat. The “restricted” information in question was a prior home address for the FBI agent, publicly available on the internet. This entire case is built on innuendo and speculation that withstands neither constitutional nor statutory scrutiny. It is a chilling example of federal law enforcement overreach, and has serious ramifications for constitutional free speech and due process in relation to the internet and computer law. If the government’s accusations in this case are a crime, then millions of social media using Americans are subject to the prosecutorial whim of the Department of Justice.

The factual bases of the government’s bare bones indictment are a handful of public tweets; a Facebook friend request and message sent to a public Facebook account; the following of a public Twitter account;1 and two emails to an FBI Agent – one with a 😊 emoji and another inquiring about the status of a report of a patient privacy violation. The Defendant made no attempt to mask his identity, and the FBI never contacted the Defendant to express any concern or to ask him to stop his communications. Instead they arrested him. And any claim that he engaged in a sustained course of conduct with a continuity of purpose to cyberstalk or threaten are ludicrous when compared to facts embodied in the case law regarding these statutes.

These accusations led to a pretrial release order so broad it functioned as a prior restraint on Mr. Shafer’s constitutional right to speak about the accusations made against him. When he sought to do so – through a post on his work-related blog – the magistrate judge revoked release, broadly interpreting the release condition terms and finding a violation of those conditions.

An innocent man—who the government has not charged, and cannot charge, with any violent crime, nor with any history of violent crime— is now in jail on the basis of protected speech.

I recommend people read the entire document, as it goes into great detail (even beyond my original posts) about the vindictive nature of the FBI's vendetta against Shafer -- not for doing anything wrong, mind you -- but for being upset that the FBI raided his house and took all his electronics twice for completely bogus reasons. And it's not just Shafer, but Shafers three kids who are now traumatized over the mutliple FBI raids, in which agents pointed weapons at the children, or denied their parents the ability to get the children out of their rooms for extended periods of time.

The children now suffer currently from trauma and substantial emotional distress as a result of the repeated armed FBI raids. The Shafers’ three-year old is now unable to sleep alone in her room. Their (now) six-year old is struggling and withdrawn in school, where he previously excelled. Their ten-year old is now afraid to be near open shades, for fear of being surveilled.... Their father has not come home since April 18, 2017, because he is in jail awaiting trial.

As for why Shafer has been in jail all this time? Apparently it's because he wrote a blog post about the case. You can read that blog post here. I wouldn't necessarily say that the blog post was a good idea, because he's clearly venting his anger about the arrest and the treatment by the FBI and Special Agent Nathan Hopp in particular. But it hardly meets the criteria of threatening Hopp or "contacting" him via social media. And yet, since Shafer was barred from either of those things as condition for pretrial release, he was brought back in and has been in jail ever since. That raises a whole new set of First Amendment questions. Shafer is in jail for blogging.

During the period of Mr. Shafer’s pretrial release, he committed no crimes. He used no illegal or prohibited substances. He neither fled nor attempted to flee. He did nothing that posed a threat to the safety of any person or the community. He simply wrote a blog post comprised of constitutionally protected speech criticizing his prosecution. (See Ex. C, April 14, 2017 Blog Post) For this he has been taken away from his wife and children.

Shortly after the blog post was published, Mr. Shafer received a notice of potential violation of his pretrial conditions of release.

On April 18, 2017, a revocation hearing was held before Magistrate Judge Toliver. The government referenced vague concerns regarding flight risk, and claimed that the blog post Mr. Shafer had written was evidence of danger to the community or violation of the no-contact order between Mr. Shafer and SA Hopp. The government argued at the revocation hearing that merely “criticizing” SA Hopp in the “blog site” [sic] was indirect contact. (Tr. 5:8-6:10 (Apr. 18, 2017).) At the close of the revocation hearing, Magistrate Judge Toliver revoked Mr. Shafer’s pretrial release order. He has been detained since.

More specifically, Shafer's lawyers point out:

The original terms of his supervised release violated his free speech rights under the First Amendment. Imprisoning him pre-trial based on his speech is unconstitutional. This current, unconstitutional incarceration before an adjudication by a jury of his peers hampers Mr. Shafer’s ability to put on an effective defense, as he is not free to diligently prepare for his defense with his attorneys due to constant monitoring and harassment in jail. This violates his Fifth Amendment Due Process rights and his Sixth Amendment right to mount an effective defense. Moreover, none of Congress’s narrowly prescribed exceptions to an innocent defendant's presumption of liberty apply here. Mr. Shafer should be released pre-trial under appropriate conditions because his current incarceration violates the Constitution and federal law.

Everything about this case is crazy. We've certainly seen overreach by the DOJ in the past, but this case seems like a pretty blatant example not just of overreach, and not just of the DOJ doing whatever the fuck it wants, but of it doubling down to violate the rights of people just because it doesn't like being called out about it.

Read More | 26 Comments | Leave a Comment..

Posted on Techdirt - 10 November 2017 @ 10:49am

Wikipedia Warns That SESTA Could Destroy Wikipedia

from the be-careful-what-you-aim-for dept

So much of the debate about SESTA has focused on three companies: Backpage, Facebook and Google. The focus on Backpage was because it's the go to example for why some claim this bill is needed (even though Congress passed another law two years ago to target Backpage, and that law has never been used, and even though there's already a federal grand jury investigating Backpage and there's nothing that stops the DOJ from going after Backpage under federal law). The focus on Facebook and Google is a bit more nebulous, but could be summed up as: "those companies are too big and should do more to stop bad stuff happening online." There's a pretty easy path from "Section 230 of the Communications Decency Act says internet platforms aren't responsible for what their users do" to "we need them to be more responsible" to "let's amend CDA 230." This line of thinking is problematic for any number of reasons that we've already discussed, so I won't go over them again now.

But, as we've tried to explain, SESTA doesn't just impact Backpage, Facebook and Google. Indeed, Facebook and Google are uniquely positioned to handle the burdens (bogus takedowns, trollish threats, baseless litigation) enabled by SESTA. We've already shown how SESTA leaves small sites like our own at tremendous risk (and we're still waiting for anyone -- but especially the bill's authors -- to explain how we avoid that risk), but lots and lots of other sites will be impacted as well.

Take Wikipedia for example. The Wikimedia Foundation has published an excellent article describing how Wikipedia only exists because of CDA 230 and how it creates the space for a site driven entirely by its userbase to exist. More importantly, the article, by Wikimedia's Leighanna Mixter, details three ways in which SESTA puts Wikipedia at serious risk by upsetting the careful balance created by CDA 230. And here's where it's important to remind people that CDA 230 actually does two things. Many of its largest critics, incorrectly, think that all CDA 230 does is give websites a free pass to ignore everything that happens on their platform. But it also encourages sites to moderate activity that they don't want on their platform by noting that they don't lose their immunity in doing some forms of moderation. It's this part of CDA 230 that gets less attention, but is potentially more important. And yet SESTA rips that apart. That leads to Wikimedia's first concern:

1. Website operators need freedom to review content without legal risks

The fundamental goal of Section 230 is to keep the internet free and safe by encouraging operators to host free expression and remove problematic content without the disincentive of possible lawsuits.

SESTA introduces a vague standard for website operators that expands liability for “knowing” support of certain criminal activity. This will encourage websites to avoid gaining knowledge about content (to avoid liability) instead of actively engaging in content moderation.

The post then drills down (as we have) to explain why the knowledge standard in SESTA (even as updated) leaves Wikipedia in serious danger. Because Wikipedia is maintained by thousands upon thousands of volunteers -- what will constitute "knowledge" of illegal behavior. If one of the volunteers comes across links to sex trafficking and fails to remove them, does that mean all of Wikipedia has "knowledge"? Do all editors of Wikipedia now need to be deputized to respond to sex trafficking issues? Does Wikipedia need to stop allowing volunteer editing (its entire basis of existing) and switch only to paid editors?

A second problem with SESTA is how it opens up any web platform to a whole variety of state laws that smaller sites are unlikely to be able to follow and understand (and which can change over time).

SESTA would amend Section 230 to allow, for the first time, civil and criminal liability for websites under state law as well as federal law in cases where the federal sex trafficking law has also been broken. This improves upon an earlier version of the bill, which would have allowed for much broader liability under state law. Website operators should not have to monitor and attempt to comply with differing laws in all 50 states. Doing so would require substantial time and resources just to stay aware of new laws and ensure compliance, which would be particularly difficult for a small company or nonprofit like the Wikimedia Foundation. It also would put operators in an impossible bind if two states passed laws with contradictory requirements.

Finally, perhaps the biggest concern is how SESTA opens up smaller sites to what's likely to be myriad new lawsuits, in part because people will be testing the contours of the new law, but also because the standards in the law are so vague. Again, Facebook and Google can handle themselves when faced with lawsuits. Smaller sites? Not so much. As we expressed in our earlier post, small sites like our own and other individually owned blogs will have tremendous difficulty dealing with frivolous lawsuits under the law, but even Wikipedia notes that this would be very damaging.

When plaintiffs target online speech, they often go after the website, not the speaker. It can be difficult to track down individual users, and suing a website may appear to be more lucrative. For two decades, Section 230 has protected websites with a shield from civil liability for user-created content. Critically, Section 230 does not prevent websites from being held responsible for their own actions — websites that are directly involved in illegal activities can already be prosecuted by the Department of Justice. However, SESTA would open up websites to more liability under federal and state law, likely resulting in increased litigation. Some of these lawsuits will be legitimate responses to improper conduct by websites; others may simply target the website over the speaker as an easier way to attack online speech. Even if these lawsuits are meritless, getting them dismissed demands significant time and resources.

Small internet companies, startups, and nonprofit websites like the Wikimedia projects lack the resources to defend against a flood of lawsuits. Websites shouldn’t be sued into the ground, or afraid to even launch, simply because of holes in Section 230’s protections. Any amendments to Section 230 must take into account their effects not just on large, well-funded tech companies, but on startups and nonprofit organizations as well.

For many people supporting SESTA, the discussion seems to start and end with "sex trafficking is bad, this bill says it targets sex trafficking and therefore it's good" (and maybe with a touch of "if it hurts big internet companies, that's fine, they deserve it.") But, the impact of SESTA goes way beyond that (not to mention it doesn't actually do anything to stop sex trafficking and could make the problem worse). It's good to see Wikimedia speak up -- and hopefully someone in Congress will finally start to understand why SESTA is such a bad bill.

66 Comments | Leave a Comment..

Posted on Techdirt - 9 November 2017 @ 12:06pm

Playboy Sues BoingBoing For Linking To Collection Of Centerfold Pictures

from the really-now? dept

Playboy apparently has lawyers with itchy trigger fingers. As first spotted by Law360, Playboy Entertainment Group has sued the BoingBoing, the popular and awesome blog that covers a variety of issues around culture and technology. The case is technically against the company that owns BoingBoing, called Happy Mutants LLC. Law360 claims the lawsuit claims that BoingBoing "stole every centerfold ever." But... that's not at all what the lawsuit says.

It appears that the issue is this blog post from February of 2016, written by one of BoingBoing's core writers, Xeni Jardin. Here's a screenshot of the post from the lawsuit:

As you can see, it's a blog post titled "Every Playboy Playmate Centerfold Ever." There's a very short paragraph that reads:

Some wonderful person uploaded scans of every Playboy Playmate centerfold to imgur. It's an amazing collection, whether your interests are prurient or lofty. Kind of amazing to see how our standards of hotness, and the art of commercial erotic photography, have changed over time.

And then it links to the Imgur page. Beneath that, it links to and embeds a YouTube video that apparently contains the same 746 images. Both the reddit collection and the YouTube video are missing now. Any sane and competent lawyer would recognize that this is BoingBoing reporting on and commenting on the existence of this collection. But not Playboy's lawyers from the law firm of Doniger / Burroughs, which describes itself, laughably, as "California's premier fashion, art, entertainment and technology law boutique." To those lawyers, BoingBoing, by writing about these collections, is magically responsible for them. No amount of pointless and excessive legalese employed by these lawyers can hide just how dumb and misguided this lawsuit is:

Plaintiff PLAYBOY owns 477 original photographs commonly referred to as Playboy Centerfolds (“Subject Works”) that have been registered with the United States Copyright Office. Attached hereto as Exhibit A is a chart listing the 477 Subject Works.

Plaintiff is informed and believes and thereon alleges that following PLAYBOY’s publication of the Subject Works, Defendants, and each of them used the Subject Works without Plaintiff’s authorization for commercial purposes on its website, including, but not limited to, their use in articles and advertising.

Plaintiff is informed and believes and thereon alleges that one such use of the Subject Works by Defendants, and each of them, was an article from February 29, 2016 touting the availability of “Every Playboy Playmate Centerfold Ever” for viewing or download without Plaintiff’s authorization, as shown below

Reporting on such a collection is clearly fair use. BoingBoing wasn't distributing the files. It wasn't hosting the files. It wasn't copying the files. It was just reporting on the existence of them (and saying nice things about them). And while Playboy may have a perfectly legitimate copyright claim against whoever uploaded all of the images to Imgur, it's ridiculous to argue that BoingBoing writing about the collection was infringing, or that it would harm Playboy in any way, shape or form.

Frankly, this feels like yet another pure SLAPP suit, and is yet another reminder of why we need a federal anti-SLAPP law. Even though this is filed in California, it's unlikely that California's anti-SLAPP law would apply, since the claims are copyright claims, which are federal, and state anti-SLAPP laws only cover state law based claims. Thankfully, copyright law does enable fee shifting for questionable lawsuits, and this one seems ripe for fee shifting. Again, Playboy seems to be going after the entirely wrong target here. And while it can even be argued that it's dumb for Playboy to go after someone uploading the collection elsewhere, arguing that BoingBoing is responsible, merely for writing about the collection and linking to it, is pure nonsense.

Read More | 44 Comments | Leave a Comment..

Posted on Techdirt - 8 November 2017 @ 1:38pm

Ron Wyden Puts A Hold On SESTA And Warns About Its Dangers

from the good-for-him dept

Following the Senate Commerce Committee voting SESTA out of Committee this morning, Senator Ron Wyden quickly announced that he is placing a public hold on the bill while at the same time issuing a warning about just how damaging the bill could be:

“Today I am announcing my public hold and a public warning about SESTA. Having written several laws to combat the scourge of sex trafficking, I take a backseat to no one on the urgency of fighting this horrendous crime. However, I continue to be deeply troubled that this bill’s approach will make it harder to catch dangerous criminals, that it will favor big tech companies at the expense of startups and that it will stifle innovation.

“After 25 years of fighting these battles, I've learned that just because a big technology company says something is good, doesn't mean it's good for the internet or innovation. Most innovation in the digital economy comes from the startups and small firms, the same innovators who will be harmed or locked out of the market by this bill. That said, I appreciate that Senators Thune and Nelson worked to improve SESTA, including by narrowing its scope. While it still makes inadvisable changes to bedrock internet law, those changes are narrower than originally proposed.

Those are fighting words -- and it's good to see him come out and directly say that just because big tech companies are for SESTA it doesn't mean it's a good thing (now will some people finally stop falsely claiming that Wyden just represents the big tech companies?). Last week's decision by the Internet Association (which represents the largest internet companies) along with Facebook's direct support for SESTA remain very troubling. These organizations have experience with intermediary liability laws and know how important they are, and how weakening them gets abused. Wyden knows that too.

In some ways, this reminds me of a similar situation, almost exactly seven years ago, when Wyden blocked COICA, an alarmist censorship bill pushed by Hollywood, which eventually morphed into SOPA and PIPA. As with SESTA, COICA was seen as an "easy" win for Congress and passed out of Committee with a unanimous vote. Wyden put a public hold on it and forced Senators to go back to the drawing board -- and eventually the entire bill was killed.

39 Comments | Leave a Comment..

Posted on Techdirt - 8 November 2017 @ 11:59am

David Boies Accused Of Running Horrifying Spy Operation Against Harvey Weinstein's Accusers

from the and-reporters dept

David Boies is one of the highest profile lawyers in the country. I first became aware of him when he (as outside counsel) represented the Justice Department in the overreaching antitrust case against Microsoft in the 1990s. However, I think most people became aware of him when he represented Al Gore in Bush v. Gore. Since then, nearly every time he's popped up in Techdirt, it's been doing really, really sketchy things. He was the lawyer for SCO in that company's insane "set open source on fire" lawsuit against IBM over Linux. He represented Oracle in its ridiculous lawsuit against Google over whether APIs are covered by copyright*. He represented Sony Pictures after its email was hacked and threatened lots of journalists -- including us! -- for publishing stories based on those leaked emails (we told him "go pound sand.") And, honestly, until earlier this week, I thought the most egregious efforts by Boies had been his connection to Theranos, the disgraced medical devices company, where Boies wasn't just a lawyer for the company, but on the board, and participated in terrible and far-reaching attempts to punish whistleblowers at the company.

But, it turns out that Boies' activity in trying to stifle whistlebowers and reporters regarding Theranos and Sony Pictures were just the warm up act for a truly horrifying bit of business revealed by Ronan Farrow in the New Yorker this week. It was widely reported that Boies was a key player on Harvey Weinstein's legal team, responding to the claims of sexual harassment and assault, but the Farrow article shows just how deep the campaign went, with Boies allegedly orchestrating an "army of spies" to try to trick Weinstein's accusers and reporters working on the story to reveal what they knew. The whole article is incredible, but here's just a snippet, involving one of Weinstein's most outspoken victims, Rose McGowan:

In May, 2017, McGowan received an e-mail from a literary agency introducing her to a woman who identified herself as Diana Filip, the deputy head of sustainable and responsible investments at Reuben Capital Partners, a London-based wealth-management firm. Filip told McGowan that she was launching an initiative to combat discrimination against women in the workplace, and asked McGowan, a vocal women’s-rights advocate, to speak at a gala kickoff event later that year. Filip offered McGowan a fee of sixty thousand dollars. “I understand that we have a lot in common,” Filip wrote to McGowan before their first meeting, in May, at the Peninsula Hotel in Beverly Hills. Filip had a U.K. cell-phone number, and she spoke with what McGowan took to be a German accent. Over the following months, the two women met at least three more times at hotel bars in Los Angeles and New York and other locations. “I took her to the Venice boardwalk and we had ice cream while we strolled,” McGowan told me, adding that Filip was “very kind.” The two talked at length about issues relating to women’s empowerment. Filip also repeatedly told McGowan that she wanted to make a significant investment in McGowan’s production company.

Filip was persistent. In one e-mail, she suggested meeting in Los Angeles and then, when McGowan said she would be in New York, Filip said she could meet there just as easily. She also began pressing McGowan for information. In a conversation in July, McGowan revealed to Filip that she had spoken to me as part of my reporting on Weinstein. A week later, I received an e-mail from Filip asking for a meeting and suggesting that I join her campaign to end professional discrimination against women. “I am very impressed with your work as a male advocate for gender equality, and believe that you would make an invaluable addition to our activities,” she wrote, using her wealth-management firm’s e-mail address. Unsure of who she was, I did not respond.

Filip continued to meet with McGowan. In one meeting in September, Filip was joined by another Black Cube operative, who used the name Paul and claimed to be a colleague at Reuben Capital Partners. The goal, according to two sources with knowledge of the effort, was to pass McGowan to another operative to extract more information. On October 10th, the day The New Yorker published my story about Weinstein, Filip reached out to McGowan in an e-mail. “Hi Love,” she wrote. “How are you feeling? . . . Just wanted to tell you how brave I think you are.” She signed off with an “xx.” Filip e-mailed McGowan as recently as October 23rd.

In fact, “Diana Filip” was an alias for a former officer in the Israeli Defense Forces who originally hailed from Eastern Europe and was working for Black Cube, according to three individuals with knowledge of the situation. When I sent McGowan photos of the Black Cube agent, she recognized her instantly. “Oh my God,” she wrote back. “Reuben Capital. Diana Filip. No fucking way.”

And, yes, apparently it was Boies who signed the contract that made all this possible:

Boies personally signed the contract directing Black Cube to attempt to uncover information that would stop the publication of a Times story about Weinstein’s abuses....

Oh, and the latter part of that sentence is fairly stunning as well:

... while his firm was also representing the Times, including in a libel case.

That seems like a pretty massive conflict of interest, which Boies denied:

Boies confirmed that his firm contracted with and paid two of the agencies and that investigators from one of them sent him reports, which were then passed on to Weinstein. He said that he did not select the firms or direct the investigators’ work. He also denied that the work regarding the Times story represented a conflict of interest.

You know who did think it was a pretty bad conflict of interest? The NY Times. Boy, was the NY Times pissed off:

We learned today that the law firm of Boies Schiller and Flexner secretly worked to stop our reporting on Harvey Weinstein at the same time as the firm's lawyers were representing us in other matters. We consider this intolerable conduct, a grave betrayal of trust, and a breach of the basic professional standards that all lawyers are required to observe. It is inexcusable and we will be pursuing appropriate remedies.

And, by Tuesday night the Times had fired Boies:

Like other large firms, the Boies firm asked us to waive certain conflicts in advance. We understood that to mean that it could openly bring actions that may be adverse to our interests and we would be free to terminate our relationship with the firm if we felt the new representation posed a serious conflict. We never contemplated that the law firm would contract with an intelligence firm to conduct a secret spying operation aimed at our reporting and our reporters. Such an operation is reprehensible, and the Boies firm must have known that its existence would have been material in our decision whether to continue using the firm. Whatever legalistic arguments and justifications can be made, we should have been treated better by a firm that we trusted.

Boies is now trying to salvage his reputation by apologizing:

“I regret having done this. It was a mistake to contract with, and pay on behalf of a client, investigators who we did not select and did not control. I would never knowingly participate in an effort to intimidate or silence women or anyone else, including the conduct described in the New Yorker article. That is not who I am.”

Let's be clear though: this is absolute bullshit by David Boies. It is who he is. Again, he's threatened plenty of media properties in the past -- including us -- with bogus threats attempting to stifle a free press and to intimidate reporters into not covering his big name clients. He did it with Theranos. He did it with Sony Pictures. And it certainly appears that he did much more than that for Harvey Weinstein under significantly more shocking circumstances.

So isn't it about time that people took Boies down off the pedestal he's been on for many years? He may be famous, but he's been doing horrible things for the rich and powerful, often attacking and threatening a free press for years. Hiring spies for Harvey Weinstein is just the latest -- and perhaps most horrific -- example.

* Boies "representation" of Oracle in that case resulted in what remains a truly classic benchslap from Judge William Alsup for Boies making downright silly claims about programming.

JUDGE ALSUP: All right. I have -- I was not good -- I couldn't have told you the first thing about Java before this trial. But, I have done and still do a lot of programming myself in other languages. I have written blocks of code like rangeCheck a hundred times or more. I could do it. You could do it. It is so simple. The idea that somebody copied that in order to get to market faster, when it would be just as fast to write it out, it was an accident that that thing got in there. There was no way that you could say that that was speeding them along to the marketplace. That is not a good argument.

MR. BOIES: Your Honor --

JUDGE ALSUP: You're one of the best lawyers in America. How can you even make that argument? You know, maybe the answer is because you are so good it sounds legit. But it is not legit. That is not a good argument.

MR. BOIES: Your Honor, let me approach it this way, first, okay. I want to come back to rangeCheck. All right.

JUDGE ALSUP: RangeCheck. All it does is it makes sure that the numbers you're inputting are within a range. And if they're not, they give it some kind of exceptional treatment. It is so -- that witness, when he said a high school student would do this, is absolutely right.

MR. BOIES: He didn't say a high school student would do it in an hour, all right.

JUDGE ALSUP: Less than -- in five minutes, Mr. Boies.

MR. BOIES: Well, Your Honor --

JUDGE ALSUP: If you know the language. Once you know the language, it is a five-minute proposition.

And, on an additional note, if you haven't yet, you should read Sarah Jeong's absolutely delightful profile of Judge Alsup and his coding hobby.

75 Comments | Leave a Comment..

Posted on Techdirt - 8 November 2017 @ 10:44am

Will Sheryl Sandberg And Facebook Help Small Websites Threatened By SESTA?

from the disappointing dept

Earlier today, the Senate Commerce Committee had its markup on SESTA -- the deeply flawed bill that claims to be about stopping sex trafficking, but which will do little on that front. Instead, it will create massive problems for lots and lots of small internet sites. The bill sailed through the markup, getting approved via a voice vote with no discussion or debate. As expected, last week's decision by the Internet Association -- the trade group representing all of the large internet companies -- ensured that the bill would sail through the markup. Supporters of the bill are now wrongly insisting that "tech" now supports the bill.

However, as we've detailed, while the giant companies like Facebook and Google can handle whatever fallout there is from this bill, smaller sites and even users of those big sites will be at risk. So it was extra depressing to see Facebook's Sheryl Sandberg post her glowing, but factually inaccurate, support for SESTA.

I care deeply about ending the suffering that comes from sex trafficking and sexual exploitation on the internet – and we at Facebook are committed to fighting it every way we can. That’s why we’re grateful that members of Congress have reached an agreement on the Stop Enabling Sex Traffickers Act. This important piece of legislation allows platforms to fight sex trafficking while giving victims the chance to seek justice against companies that don’t.

Thank you to lawmakers in both parties – particularly Senators Portman and Blumenthal – and to the dedicated anti-trafficking advocates for all their hard work. As this moves through the Senate and the House, we’re here to support it – and to make sure that the internet becomes a safer place for all vulnerable girls, children, women, and men who deserve to be protected.

Lots of us care deeply about ending the suffering from sex trafficking. As we've discussed repeatedly, it's a horrible, horrible crime. But, there is nothing in SESTA that targets ending sex trafficking. Its sole focus is on punishing the tools that sex traffickers use, in the bizarre and misguided belief that criminalizing the tools will somehow stop the traffickers. There is no evidence to support this. There is plenty of evidence that traffickers will just move around to other services -- and some of those services are even less likely to be willing to work with law enforcement to track down actual traffickers. The whole approach behind SESTA is to try to bury the problem instead of deal with the actual problems of sex trafficking. We just wrote about a recent study showing how pushing this activity away from sites where it can be tracked puts the victims of sex trafficking at MORE risk.

Sandberg's support, then, is doubly troubling. SESTA will cause more harm to victims of sex trafficking, while at the same time cementing Facebook's dominant position, by putting smaller companies at significant risk. The cynical among you may suggest this latter part explains Facebook's decision here, though I'd argue that's almost certainly not true. It's much more likely that with all the criticism Facebook has been receiving lately over supposed Russian interference, it had to "give up" something, and it's easy to toe the misleading line that all of the politicians are following by saying this bill is about sex trafficking and it will magically help end sex trafficking. The fact that it may harm smaller sites and Facebook's own users? That's just gravy.

Yesterday I asked if the authors of SESTA, Senators Blumenthal and Portman, could explain to smaller sites like ours how to stay on the right side of the law. Now I'd like to make a similar ask of Facebook: considering its support of SESTA is what allowed it to sail through the markup this morning, will Facebook commit to funding the defense of small sites that face legal jeopardy because of SESTA? Will Facebook commit to creating a fund to pay for lawyers to help smaller sites comply with SESTA? Will Facebook commit to funding defense of bogus grandstanding attacks by state AGs using SESTA?

Facebook's support of SESTA may be a political necessity for the company, but it will make things worse of victims of sex trafficking and for tons of non-Facebook companies on the internet.

22 Comments | Leave a Comment..

Posted on Techdirt - 8 November 2017 @ 9:34am

Why Does SESTA Allow State Attorneys General To File Civil Claims?

from the please-someone-explain dept

So we've already talked a lot about the problems of the "knowledge" standard in the amended version of SESTA, in that it's way too broad, and leaves smaller sites completely adrift in figuring out if they're on the right side of the law. But there were other changes in the amended version of SESTA as well -- some good, and some bad. Law professor Eric Goldman has an excellent post detailing the changes, but I want to focus on one really perplexing one.

For reasons that are totally unclear, SESTA now allows states Attorneys General to file civil charges against websites for violating sex trafficking laws. That's... weird. One good change in the new SESTA was the removal of letting state AGs go after sites for just violating state trafficking laws by requiring "conduct that violated a Federal criminal" trafficking law. That was important, because state laws are a hodgepodge of rules, and can change (often in weird ways) making it next to impossible for many websites to make sure they're magically in compliance with every state's laws on this issue. But perhaps to keep the state AGs happy, this was added instead:

In any case in which the attorney general of a State has reason to believe that an interest of the residents of that State has been threatened or adversely affected by any person who violates section 1591, the attorney general of the State, as parens patriae, may bring a civil action against such person on behalf of the residents of the State in an appropriate district court of the United States to obtain appropriate relief.

As Goldman notes, this makes no sense at all:

I don’t understand this provision and why it’s needed, given that SESTA separately loosens the constraints on state AG enforcement of their state crimes. The scope of civil enforcement is still tied to the federal crime, which is good, but giving state AGs a second option to enforce the law is puzzling. I know the bill proponents feel like much of the sex trafficking enforcement work is done at the state and local level, so unleashing the state AGs from Section 230 will put more “cops on the beat.” However, why do they also need a civil action to do that work?

This change is significantly more troubling if you're at all familiar with the fairly recent history of state Attorneys General and their grandstanding against technology. We've written about this on Techdirt for the better part of a decade, but I'll point you to two "must read" articles on other sites to get a sense of how trusting state AGs with such a massive power is going to backfire badly. The first is Topix CEO Chris Tolles' horrifying account of having State AGs gang up on his company with no legal basis, just because they didn't like the way Topix dealt with what were deemed "abusive" comments. Notably, one of the state AGs leading the charge: Richard Blumenthal -- then in the middle of a campaign to become Senator for Connecticut (which he won) and now... the co-author of SESTA. Hmm.

From that first hand account:

After my lawyers reconfirmed that we weren’t being accused of breaking any specific laws, I decided to take a pretty open stance with these guys and give them the background on what we did, and how we did it, figuring that if they knew what we were doing, and in particular, if they knew that the paid expedition of reviews was only about 1% of all of our feedback, that we would be able to clear this up pretty easily. (I was wrong about this).

The call with these guys was actually pretty cordial. We walked them through how we ran feedback at Topix, that how in January 2010, we posted 3.6M comments, had our Artificial Intelligence systems remove 390k worth before they were ever even put up, and how we had over 28k feedback emails and 210k user flags, resulting in over 45k posts being removed from the system. When we went through the various issues with them, we ended up coming to what I thought was a set of offers to resolve the issues at hand. The folks on the phone indicated that these were good steps, and that they would circle back with their respective Attorneys’ General and get back to us.

No good deed goes unpunished

So, after opening the kimono and giving these guys a whole lot of info on how we ran things, how big we were and that we dedicated 20% of our staff on these issues, what was the response. (You could probably see this one coming.)

That’s right. Another press release. This time from 23 states’ Attorney’s General.

This pile-on took much of what we had told them, and turned it against us. We had mentioned that we required three separate people to flag something before we would take action (mainly to prevent individuals from easily spiking things that they didn’t like). That was called out as a particular sin to be cleansed from our site. They also asked us to drop the priority review program in its entirety, drop the time it takes us to review posts from 7 days to 3 and “immediately revamp our AI technology to block more violative posts” amongst other things.

I don't want to all stereotype state Attorneys General, but there's a reputation that the state AG position is a stepping stone to higher office -- generally state Governor or Senator. And, thus, there's a fairly long history of state AGs using their platform for regular grandstanding, getting themselves in headlines. And one good way to do that is to pick a hot topic that will create headlines, totally misrepresent it, and then jump in front of the press. That's what happened to Topix, but we've highlighted numerous other such cases, from Andrew Cuomo (when he was NY's Attorney General, before going on to be Governor) getting ISPs to cut off Usenet access to then South Carolina AG Henry McMaster (then AG, now Governor) threatening to throw Craigslist execs in jail to Pennsylvania's Tom Corbett (then AG, and soon after Governor -- sense a pattern yet?) demanding Twitter reveal anonymous critics to Mississippi Attorney General Jim Hood blaming everything bad on the internet on Google. In each of these cases, with no legal basis, state AGs attack big California tech companies. Because it generates headlines. As Tolles wrote in his piece:

The States’ Attorneys General are the place that complaints about your company will probably end up. This is especially true if you host a social or community based site where people can post things that others may dislike. And, there’s no downside to attacking a company based in California for these guys (MyScape, Facebook, Craigslist have all been targets in the past couple of years). Taking complaints from your citizenry and turning them into political capital is simply too good an opportunity for these guys to pass up.

And SESTA now provides them with a big weapon: a civil lawsuit. Back during the one hearing the Senate held on SESTA, California's AG, Xavier Becerra insisted that there was little chance of SESTA being abused, because he had to prove beyond a reasonable doubt that a site was facilitating sex trafficking. But, in opening up civil claims to state AGs in the new bill, that's no longer true. Now we're talking about a "preponderance of the evidence" which is a much lower standard -- i.e., one that will be much, much easier for state AGs to abuse to shakedown tech companies.

And here's where this gets potentially much, much worse. We've already discussed the problematic nature of the "knowledge" standard directly within SESTA, but this new portion allowing civil cases by state AGs may make the problem drastically worse. Note that the text quoted above, opening up civil claims to state AGs, technically would amend 18 USC 1595 to add that paragraph above. But when you put it into context, you realize that 1595(a) notes that civil actions can be brought against anyone who "knew or should have known" was violating sex trafficking laws. So, suddenly, we're beyond the already problematic "knowledge" standard directly in SESTA, and now opening up civil claims from already aggressive state AGs, who can now argue that the standard is that a site "should have known" about the facilitation of sex trafficking on the site. That is, there's no more "knowledge" requirement at all.

That's... really bad.

And now we get to the second off-site article that's worth reading to understand why this is so problematic. Three years ago, Eric Lipton wrote a bombshell of an article in the NY Times, entitled Lobbyists, Bearing Gifts, Pursue Attorneys General, all about how lobbyists were focusing a tremendous amount of attention on state AGs to do their bidding for them, including attacking companies they don't like.

Attorneys general are now the object of aggressive pursuit by lobbyists and lawyers who use campaign contributions, personal appeals at lavish corporate-sponsored conferences and other means to push them to drop investigations, change policies, negotiate favorable settlements or pressure federal regulators, an investigation by The New York Times has found.

Among the many, many shocking things in that article, is the suggestion that some of the "investigations" by state AGs have something of a "profit" motive, rather than a public interest one:

Executives from the company that distributes 5-Hour Energy, for example, have contributed more than $280,000 through related corporate entities in the last two years to political funds of attorneys general.

Company executives wrote those checks after the investigation into false claims and deceptive marketing, which initially involved 33 states, opened in January 2013. Requests started to come in for contributions, including a phone call this year directly from Mr. Ferguson of Washington State, whose staff was involved in the inquiry.

In a statement after the company was sued by three states in July, the company strongly denied the allegations and compared being solicited for contributions to being pressured to pay “ransom.” It asked, “Is it appropriate for an attorney general to ask for money from a company they plan to sue?”

And, if SESTA passes, these same state AGs will suddenly be able to bring civil suits against companies -- potentially using a "should have known" standard, in which the end result may be a monetary settlement.

That Lipton article lays out example after example after example of companies making big donations to try to influence state AGs, and sometimes doing the legal legwork for them. And if you think this won't be used by certain companies to get state AGs to attack tech companies on their behalf, you haven't been paying attention. Remember, thanks to the Sony Pictures email leak, we know that the MPAA was literally passing around that Lipton article about influencing state AGs, and discussing how they needed to get in on that as part of "Project Goliath" -- their plan to harm Google -- which eventually led to the sketchy subpoena from Mississippi AG Jim Hood. Remember, the letter that Hood sent Google was actually written by the MPAA's outside lawyers.

So, once again, the question needs to be asked: why do state Attorneys General need the ability to file civil lawsuits under this bill, with a much lower standard to bring those suits?

22 Comments | Leave a Comment..

More posts from Mike Masnick >>