Mike Masnick’s Techdirt Profile

mmasnick

About Mike MasnickTechdirt Insider

Mike is the founder and CEO of Floor64 and editor of the Techdirt blog.

He can be found on Twitter at http://www.twitter.com/mmasnick



Posted on Techdirt - 2 December 2016 @ 4:47pm

Court Rubber Stamps IRS's Demand To Get All Coinbase User Data

from the um... dept

A couple weeks back, we wrote about a ridiculous and massively overbroad demand from the IRS that virtual currency exchange/online wallet host Coinbase turn over basically all info on basically all Coinbase users. They did this because they saw evidence of a single person using Bitcoin to avoid paying taxes. Coinbase expressed concern over this, but Judge Jacqueline Scott Corley didn't seem too concerned, and has granted the IRS's request by literally rubber stamping the DOJ's request. I know it's not all that uncommon for judges to accept "proposed orders" but it's still a bit disturbing to see it happen on something with potentially massive consequences.

Coinbase has indicated that they're going to push back on this legally, but it's still quite unfortunate that the judge didn't seem all that concerned about this. While Coinbase says it expected the court to grant this order, and that "we look forward to opposing the DOJ's request in court," it's unfortunate how quick judges are to agree to these kinds of orders. Either way, this is going to be a case to follow.

Read More | 5 Comments | Leave a Comment..

Posted on Techdirt - 2 December 2016 @ 10:42am

Every Website Needs To Re-register With The Copyright Office, Who Can't Build A Functioning System

from the are-you-serious? dept

As we mentioned last month, the Copyright Office -- despite being warned this was a bad idea -- has decided to implement a brand new system for websites to register DMCA agents, and has done so in a way that will undoubtedly fuck over many websites. It's already ridiculous enough that in order to be fully protected under the DMCA's safe harbor rules (that say you're not liable if someone posts infringing material to your website), you need to register a designated "DMCA agent" with the Copyright Office. The idea behind this is that by registering an agent, copyright holders will be able to look up who to send a takedown notice to. And, sure, that makes sense, but remember that this is the same Copyright Office that supports not requiring copyright holders to register their works, meaning that there may not be any legitimate way to contact copyright holders back.

The reason for the new system is that the old system was just ridiculous -- on that everyone can agree. You had to fill out a paper form, sign it, and send it in. The Copyright Office has been way behind on digitizing everything, so moving to a web based system is a good thing. Also, the old system required payment of over $100, while the new one is just $6. That's all good. The problem is twofold: first, the Copyright Office has said that it is throwing out all the old registrations, and if you want to retain your safe harbors, you need to re-register. There's a grace period through the end of next year, but plenty of sites who don't follow the Copyright Office's every move are going to miss this, and will no longer have an officially registered agent with the Copyright Office (it's possible that, should this issue go to court, a platform could reasonably argue that it still did meet the statutory requirements in the original registration, but why force site owners through that hoop in the first place). The second problem, is that this new system will toss out records every three years, so if you forget to renew, you once again can lose your legal safe harbors. This puts tons of websites at serious risk, removing key protections and opening them up to lawsuits from copyright trolls.

Either way, the Copyright Office opened the doors on the new system yesterday, and so I went ahead and re-registered Techdirt. And, let's just say, the Copyright Office has a reputation for being technically clueless, and boy, does it live up to that reputation with its new system -- though, to be fair, as the Copyright Office's General Counsel reminded me on Twitter, it's actually the Library of Congress that built the system. First off, to register a new agent, you need to first register with the Copyright Office's system. As Eric Goldman points out, the system is not designed for individuals or sole proprietorships, even though those people should be able to get DMCA safe harbor protections as well. Specifically, to register, it requires an organization name and a "second contact" name and information. I'm not sure what individuals should do, other than maybe make something up -- though, before you even get started, the system pops up a warning suggesting that you may face criminal charges under the CFAA if you do anything wrong (while it means if you try to hack the system, the wording may confuse many people not familiar with the law). Nice touch.

Oh, and then there's the password system. Like many people, I use a password manager, which also will generate strong passwords for you. I went through the process of filling out my info, and generated a strong password... and I got back an error message. It seems that the Copyright Office has taken what used to be considered best practices, and then took it to an insane extreme:

First of all, the US government, in the form of NIST, recently released new guidelines for password policies for any US government websites. And the Copyright Office ignores them, because whoever designed the new DMCA system seems to not give a shit and not be even remotely aware of good security practices these days. Here's what the new rules say:
No composition rules. What this means is, no more rules that force you to use particular characters or combinations, like those daunting conditions on some password reset pages that say, “Your password must contain one lowercase letter, one uppercase letter, one number, four symbols but not &%#@_, and the surname of at least one astronaut.”

Let people choose freely, and encourage longer phrases instead of hard-to-remember passwords or illusory complexity such as pA55w+rd.
So, yeah, nice job Copyright Office for ignoring what you're supposed to do. Second, even if those rules did make sense, by lumping together all of them, and then adding the absolutely ridiculous and bad security practice of saying "must not have any repeated letters, numbers, or special characters," you actually reduce randomness and make passwords less secure. This is just bad security.

To deal with this rule, I generated a much longer password, and then manually went through and removed any repeated letters, numbers or special characters, and made sure that all of the other rules were met. They were. I hit submit. The system rejected it, and gave me the exact same error message. I tried again. Same problem. I kept trying things for about 20 minutes until I figured out what the problem was. You see above, where it says "and special character "!@#$%^&*()""? Well, in my first attempt at a password I had two special characters: ? and >. I incorrectly assumed that when they say "special character" they mean any special character on the keyboard, and not just those limited to the ones above the number line on your keyboard. Once I realized that might be the issue, I still had a problem. And that's because my new password had " as a special character. I incorrectly assumed that was okay because it's in that list above, right? Except, no, it's not. It's just put around those symbols for no reason at all except to fool people. It would be nice if the error message actually told you that you could only use those characters and that the " wasn't included. Would have saved me a lot of time.

Once I finally finished that, the system sent me a confirmation/validation email (good), which I used to confirm my email and log into the system... only to discover that everything I had just done... was not actually registering a DMCA agent. It was just to register your account to use the Copyright Office's DMCA system. So I had to then go and fill out another form to register our DMCA agent (and I won't even get into the fact that once you've activated your account, the message telling you to "click here" to login to designate an agent makes it so that it's not at all where to actually click -- great design guys!).

Finally, once I'm all registered, and despite the fact that I'm very clearly registered in the United States, the system says I'm in Canada. Because, apparently, the genius IT staff thinks that the "CA", which everywhere else means California, means Canada in their own system. Because whatever, nothing matters.
So, yes, I eventually paid my $6 and got registered, but lots of people won't and lots of sites are now going to expose themselves to bogus lawsuits. And for those who do get through this process, you may end up in Canada. So anyway, off we go to this new era, in which websites are much more at risk of losing their safe harbor protections, and to make it more fun, the system you need to use to register yourself is buggy as hell with a bunch of bad design practices. It's almost as if they want websites to lose their safe harbors. Considering that the key role of the Copyright Office is to register stuff (the boss of the office is literally called "The Register"), it seems fairly ridiculous that they make it so difficult to register DMCA agents, and then force renewal every three years (while at the same time insisting that any renewal requirement for copyright holders would go against the natural order of things and bring famine and pestilence upon the land).

41 Comments | Leave a Comment..

Posted on Techdirt - 2 December 2016 @ 8:31am

Intelligence Committee Senators Call On Obama To Declassify Evidence Of Russian Election Interference

from the that-would-be-interesting dept

We've been a lot more skeptical than most about all the claims of "Russian interference" with the US Presidential election this year. While I don't doubt there was some effort to do something, Russia is such an easy scapegoat. Still, plenty of people insist that it's true, including those who at least should have a fair bit of insight into what actually happened. To me, the bigger issue is that attribution in many of these things is a lot more difficult than most people make it out to be.

Either way, it's quite noteworthy that seven Senators on the Senate Intelligence Committee have asked President Obama to declassify the evidence pointing to Russia and detailing what Russia actually did to attempt to interfere with the election. The Senators sent a very simple letter, which was released publicly, noting that a classified letter with a lot more details was also sent. Here's the entire text of the publicly released letter:

Dear Mr. President:

We believe there is additional information concerning the Russian Government and the U.S. election that should be declassified and released to the public. We are conveying specifics through classified channels.

Thank you for your attention to this important matter.
Of course, it needs to be noted that this will clearly be seen as a partisan effort. Of the seven Senators who signed on to the letter, six are Democrats, and the other, Senator Angus King, is an Independent who caucuses with the Democrats. Basically it's all of the Democrats on the Senate Intelligence Committee except for Dianne Feinstein and Harry Reid. So, it's easy for some to spin this as a case of sour grapes about the Democrats not winning the election, and that they're now clinging to stories of Russian interference to explain what happened.

But... that spin holds somewhat less weight when you look at the details. First off, the letter itself was put together by Senator Ron Wyden. And, yes, his name comes up a lot around here, but that's because he has a pretty long history of being right on lots and lots of stuff. And that's been especially true when Wyden says that there's some secret info that the public deserves to know about. He's been right on that every single time he's said it. So the track record is there. When Wyden says the public deserves to know something, pay attention.

The second thing that provides more confidence here is that this isn't just random conspiracy theories about "rigged" voting or whatever that some have been spewing. This is a specific request for more transparency by asking for specific information to be released to the public -- specific information that the Senate Intelligence Committee members have seen.

Given that, it seems worth paying attention to -- and at least asking why the President won't declassify such information? If there really is such strong evidence, why not reveal it? So far, all of the evidence pointing to Russia has been fairly weak, and it feels a bit like groupthink that everyone just insists it's true. But it's entirely possible (and perhaps now, probable) that the intelligence community has some more serious evidence. And, if that's the case, it seems worth sharing with the public even if you were happy with the outcome of the election. If Russia really did "interfere" somehow in the election, the public deserves to know the details of it.

Read More | 26 Comments | Leave a Comment..

Posted on Techdirt - 2 December 2016 @ 6:31am

Senator Feinstein Asks President Obama To Declassify Senate's CIA Torture Report

from the last-chance dept

Could President Obama actually declassify and release the full 6,800 page report on the massive failures of the CIA's torture program from a decade ago? While it seems unlikely, Senator Dianne Feinstein is urging the President to release the document, fearing that the massive report may disappear into the memory hole soon.

Some background: While Feinstein has been historically awful on basically anything having to do with reining in the US intelligence community, the one area that really seemed to get her attention and raise concerns was the CIA's torture regime. She assigned Senate Intelligence Committee staffers to work on a massive and detailed report on the CIA's torture program after it came out that a key official involved in the program had deliberately deleted videotape evidence about the program. The research and writing of the report went on for years and cost millions of dollars, and then resulted in another big fight over releasing a heavily redacted version of just the executive summary of the report (not to mention that the CIA also broke into the staffers' computers after it realized it had accidentally given the staffers a really damning document). The fight over releasing the paper was really, really ridiculous.

There were fights over what ridiculous things to redact, and then the White House put on a full court press against releasing the document, insisting that publicly releasing even a heavily redacted executive summary would inspire terrorist attacks. Even after an agreement was reached on the redactions, John Kerry still tried to block the release, again warning of potential attacks in response.

Eventually the heavily redacted executive summary was released, revealing what many had suspected: the CIA's torture program was a complete waste, providing nothing in terms of valuable intelligence, and also involved the CIA lying to Congress. Since then, though, there have been ongoing battles over the report. Also revealed: what a bunch of bullshit the claims were that the release of the report would inspire new attacks. It's been two years and there's no evidence the report inspired any hatred beyond what was already present.

While Feinstein made sure copies of the full report were delivered to various parts of the executive branch, insisting that the report should be read so that we don't repeat the mistakes of the past, most of them claim they never read it and also that there was nothing to learn from it. Then, after Senator Richard Burr took over the Senate Intelligence Committee he began to demand that the various copies of the report all be returned so they could be completely destroyed, erasing all of that evidence and reporting on the CIA's torture program. The CIA claims it "accidentally" deleted one of its own copies.

The ACLU tried to FOIA the full document but was rejected... and the courts refused to force the government to release the document.

There's every indication that a President Trump would have zero interest in releasing such a report, and probably would support the destruction of the remaining copies. And, because of that, it appears that Senator Feinstein is calling on the President to declassify the whole thing.

I think people need to see the full facts of the report. I believe they stand on their own. And I think it's very important, particularly since there is discussion or talk or allegations about - well, we're going to resume waterboarding, and, yes, we can torture people.
As the report at NPR notes, during the campaign, Trump eagerly endorsed bringing back the torture program, specifically calling out waterboarding and suggesting going even further than that.

Once again, here's an opportunity for President Obama to actually do something that would make a powerful statement before handing over the White House. Not only would it help provide tremendous transparency into a shameful episode in our very recent history -- a shameful episode that is at great risk of being repeated -- it would also prevent the report from being totally destroyed. As the NPR piece notes, Senator Burr is still fighting to get back the document to destroy it. That means there's a very good chance that if President Obama doesn't get the full torture report declassified, it will disappear forever. Of course, given the White House's (ridiculous) attempts to block the release of the exec summary, combined with Obama's terrible track record in letting the intelligence community get away with all sorts of stuff, I wouldn't hold my breath.

19 Comments | Leave a Comment..

Posted on Techdirt Podcast - 30 November 2016 @ 9:40am

Please Support Our Patreon Campaign... And Listen To Our Conversation With Patreon's Founder Jack Conte

from the techdirt-podcast-episode-100 dept

For this week's podcast -- our 100th episode -- we have both a special guest and an announcement. On the podcast, we have Jack Conte, the founder and CEO of Patreon, a fascinating company that we've written about a few times, for providing a really compelling platform for connecting content creators and fans, and giving those fans a way to support the creators. And with that conversation, we're also launching a Techdirt Patreon page and asking for folks to support our continued efforts to make great content. The Patreon campaign is focused on the podcast, but you can use it to support Techdirt as a whole if you'd like. If you don't actually listen to the podcast, there's still a good reason to support it: if we get enough support via Patreon, we'll use it to fund transcripts of the podcasts, so those of you who would prefer to read it can do so.

As we've discussed a few times recently, the online advertising market has seen the bottom fall out of it. And that means we need to rely on other forms of support much more regularly -- including affiliate sales and direct crowdfunding. Frankly, direct crowdfunding is certainly the most pure of these options. It builds a stronger connection between us and our community and removes any whiff of third party interference in that relationship. In the past, we've done time-limited campaigns, and we may do that again as well, but I've been writing about Patreon since it launched (and Jack Conte since long before that), and have been impressed with how the platform has grown and changed over time -- and am also impressed with Jack's vision for where the company can continue to go (some of which you can hear in the podcast discussion).

Anyway, I hope many of you will agree to support us via Patreon. We have a variety of perks we're offering -- some of which we've offered directly in our Insider Shop for years, but some of which are new and unique to the podcast -- including a special backers' only episode that we'll be releasing in January. We have lots of stuff we'd love to do, with both the podcast and the website, and plenty of great stories to tell, but we need your help to do it. Please support our efforts.

Follow the Techdirt Podcast on Soundcloud, subscribe via iTunes or Google Play, or grab the RSS feed. You can also keep up with all the latest episodes right here on Techdirt.

7 Comments | Leave a Comment..

Posted on Techdirt - 30 November 2016 @ 8:27am

Key Congressional Staffers Who Helped Rein In Surveillance Overreach In The 1970s Ask Obama To Pardon Snowden

from the make-it-so dept

While it seems pretty darn clear that President Obama has no interest in issuing a pardon for Ed Snowden -- despite the well-organized campaign in support of such a pardon -- more and more people are stepping up to argue why Obama should change his mind on this. The latest is a big one: fifteen members of the Church Committee have sent President Obama and Attorney General Loretta Lynch a memo outlining the reasons why Snowden deserves a pardon.

The Church Committee, of course, was the Senate Committee that investigated excessive surveillance efforts by the CIA, NSA and FBI in the 1970s, and eventually led to a series of sweeping reforms that helped to rein in many of the worst abuses. Of course, after 2001, many of the restrictions were watered down, which gets us to where we are today. It's also notable, of course, that the Church Committee eventually morphed into the Senate Select Committee on Intelligence, better known today as the Senate Intelligence Committee. Yes, if you're a bit confused, the committee that was created to stop intelligence community surveillance abuses changed over the years into becoming the intelligence community's biggest defenders, rather than overseers. Today's Intelligence Committee (minus a few members) seems 100% focused on whining about Snowden. So it's fairly telling that the members who made up some of the key staff positions on the original committee are now speaking out.

The letter was put together by Frederick Schwartz, who was the Chief Counsel of the Church Committee and William Miller, who was its Staff Director (i.e., these weren't lowly staffers -- these were the guys who ran the show). And they're pretty damn concerned. The full letter is worth reading, but here's just a small excerpt:

Without Snowden, it would have been decades, if ever, until Americans learned what intelligence agencies acting in our name had been up to. We know first hand that lack of disclosure can cause just as many, if not more, harms to the nation than disclosure. When intelligence agencies operate in the dark, they often have gone too far in trampling on the legitimate rights of law-abiding Americans and damaging our reputation internationally. We saw this repeated time and time again when serving as staff members for the U.S. Senate Select Committee, known as the Church Committee, that in 1975-76 conducted the most extensive bipartisan investigation of a government’s secret activities ever, in this country or elsewhere.
They also point out the hypocrisy of Obama and his administration ignoring or granting leniency towards others who abused positions of power in the surveillance state, and who did so not to benefit the public, as Snowden did:
Some oppose leniency for Snowden because he violated the law. But many in the national security establishment who committed serious crimes have received little or no punishment. President Obama’s decision to “look forward, not backward” absolved from liability the officials who designed and implemented the torture and extraordinary rendition programs at the CIA and Defense Department during the George W. Bush Administration. It also meant that those who destroyed evidence of these crimes and misled Congress about illegal torture and surveillance would never face charges.

In addition, the government has also been lenient to high-level officials who made illegal disclosures or destroyed classified information. Examples are cases involving National Security Advisor Sandy Berger and CIA Directors David Petraeus and John Deutch.

CIA Director David Petraeus, who also had been a top general, violated the law and his obligation to protect national security information when he provided his biographer, who was also his close friend, with voluminous notebooks documenting Top Secret military and intelligence operations, as well as sharing classified information with reporters. He also made false statements to the FBI to avoid accountability for his actions. Yet he was allowed to plead guilty to just one misdemeanor for which he received no jail time. Former National Security Advisor Sandy Berger broke the law when he removed several highly classified documents sought by the 9/11 Commission from the National Archives and then destroyed them. He too was allowed to plead guilty to a misdemeanor and received a fine and probation. President Bill Clinton pardoned former CIA Director John Deutch before the Justice Department filed a misdemeanor charge against him for improperly taking hundreds of files containing highly classified information and storing them on an unprotected home computer. In all these cases, recognition of the public service the individuals had provided weighed against strict enforcement of the law, to come to a fair and just result.

There are, of course, differences between these cases and Snowden’s. But the crucial point is that only in Snowden’s case was the motivation behind his illegal activity to benefit America. The three others involved efforts to gain glory or avoid criticism, or simple convenience and simple disregard for the law that put our security at risk. Yet the perpetrators were treated leniently.
The memo goes on to explain why people claiming Snowden should have gone through "the proper channels" don't know what they're talking about, by pointing to the examples of those who did follow those channels, only to have their lives ruined with bogus Espionage Act cases. Of course, I'm not sure how that will appeal to Obama, since he supported those cases.

Still, it's good to see these individuals, who know perhaps better than anyone what happens when you have a surveillance state run amok, explaining to the President why what Snowden did was so important, and why he deserves a pardon.

Read More | 23 Comments | Leave a Comment..

Posted on Techdirt - 30 November 2016 @ 6:26am

In His Final Days, Obama Quietly Expands War Powers Before Handing Them Off To Trump

from the hey-that's-a-big-deal dept

While we knew it was impossible for President Obama to truly rein in the massive executive powers that he helped expand (following on the massive expansions from previous administrations) concerning national surveillance and war -- we had still hoped that maybe his concern about a President Trump would let him do a few small things to limit some of the most egregious powers. Instead, it appears that President Obama is doing the opposite, and expanding his war powers, just as he's about to hand them to someone that he, himself, has loudly criticized as being unfit for the Presidency.

For years now, we've written about how the Obama administration has regularly rewritten the dictionary in order to pretend that the Authorization to Use Military Force (AUMF) hastily granted by Congress in the wake of 9/11 enabled him to go to war with basically anyone. If you don't recall, the AUMF granted the President the power to use "all necessary and appropriate force" to go after those who "planned, authorized, committed or aided the terrorist attacks that occurred on September 11, 2001." That's already fairly broad, but over the years basically our entire government has pretended that (1) the AUMF included the ability to also target "associated forces" (even though it does not) and (2) it allowed the President to simply lump in anyone he wanted as an "associated force" allowing him to bomb them without any Congressional authorization. This is how you get a war without end, in which the explicit authorization to go after Al Qaeda is now being used on a surprisingly long list of groups that didn't even exist in 2001.

And, just a few days ago, President Obama expanded the list yet again, allowing himself to go after yet another group: Shabab. Now, no one is trying to claim that Shabab, or ISIS or any other group that has been added to the list aren't out to do serious harm to the US. But, this seems to go way beyond the basic functions of the office of the President and the simple Constitutional requirement for Congress to declare war. As Trevor Timm notes at the Guardian, this is a big deal:

Council on Foreign Relations senior fellow Micah Zenko didn’t mince words in the Times when describing what the Obama administration is doing: “It’s crazy,” he said of the administration’s redefining the law out of existence. “This administration leaves the Trump administration with tremendously expanded capabilities and authorities.”

Make no mistake: Trump will have a free hand to use the law meant for the perpetrators of 9/11 to wage war around the world, fashioning it to different enemies at his command, and he will be able to point to precedent set by the Obama administration as he does it.

Per usual, all the White House’s decisions are being made under the veil of official secrecy. The only reason we know about it is not because the administration announced it, but because the New York Times reported it after unnamed officials leaked it to them.

And that's not all. The Obama administration has also given more powers to the Joint Special Operations Command (JSOC) -- the organization that helped find and kill Osama bin Laden. And, again, people are raising concerns about how this power will be used by the next President. As Timm notes:
Trump is now coming into office with ever expanding war powers, and they’re being served to him on a silver platter by the same people who told the American public two months ago that Trump was so unstable and thin-skinned that he couldn’t be trusted with the nuclear codes.
This isn't about which President or which party you support. It seems like we should all be concerned with the ever growing power of the executive branch in general, and especially its willingness to grant itself more powers to go around and kill people.

94 Comments | Leave a Comment..

Posted on Techdirt - 28 November 2016 @ 9:37am

Media Critic Calls On Journalists To Be Obedient Stenographers

from the wtf? dept

Media critic Michael Wolff has a fairly long history of being hilariously wrong about just about everything. It's sort of his thing. He also has a history of being a ridiculously bad journalist in those rare moments when he tries to do journalism. We normally ignore him, but last week he said something so ridiculous and so crazy, that it deserved calling out. He called on journalists to be stenographers to those in power. Literally.

I think what’s required is for the media to do its job. I feel deeply the media hasn’t done its job. It’s abdicated its responsibility, has lost itself somewhere. Right now it’s an interesting moment where the media looks at Donald Trump as a threat instead of a story, possibly the biggest story of our time. Certainly a story that needs to be told in rather conventional ways. Who are these people, what motivates them, where are they from, where are they going — just basic storytelling.

I thought these people have won an election, so now is the time to go in and say who are you and what do you think. We are not in an oppositional moment right now; that has passed. I actually asked very few questions. I said tell me who you are. He talked and I took notes. Yes, you do want to be stenographers. That’s a very significant piece of journalism. We don’t want to hear [the reporter]. Write it down. You’re there to literally convey what someone in power says, and you bring it to people who want to know. Journalism is now a profession filled with people who are not journalists. They’re all under 25, talking to people under the age of 25. Let me send the message: stenographer is what you’re supposed to be.

[The move against normalizing Trump actions and language] are just institutional biases. This is formally saying we are biased and want to be biased, we are judge and jury.
This is wrong and idiotic on so many levels. First of all, a big part of the problem is that journalists have been stenographers for way too long. Their ridiculous "view from nowhere" where "person A says X, but person B says Y" journalism, without ever delving which is correct between X & Y, is a huge part of the problem. Calling bullshit on bullshit is not "bias." It's called accurately informing people. But Wolff apparently thinks we've had enough of that.

For years, calling journalists "stenographers" was a punchline to highlight how feckless many journalists had become, where they looked to pull punches to retain "access." There's a reason you have lots of articles online mocking journalists because they became stenographers. There's a reason that Stephen Colbert got such big laughs by calling White House correspondents stenographers. Because it was all too accurate:
Let's review the rules. Here's how it works. The President makes decisions. He's the decider. The Press Secretary announces the decisions. And you people of the press type those decisions down. Make. Announce. Type. Just put 'em through a spell check and go home. Get to know your family again. Make love to your wife. Write that novel you've got kicking around in your head. You know the one about the intrepid Washington reporter with the courage to stand up to the administration. You know: fiction.
Back when he performed that, it was satire. Now here's Wolff saying the same thing seriously. This is how far we've come.

The good thing about this election was that it finally shocked some reporters out of this mode, and it's insane to argue that that was the mistake. There is some truth in the fact that reporters got too focused on Trump, the person, as opposed to focusing on actual issues and policies, but to argue that they should just be stenographers is insane. Politicians thrive on misleading the press and Trump is an expert at it. He's the king of "hey, look over there" whenever any legitimate story against him comes out. He plays the press like a banjo. And, while I'm not convinced they'll figure out how to counter that and to do what the real press should do -- which is hold Trump accountable -- the idea that their role should be stenographers is insane.

56 Comments | Leave a Comment..

Posted on Techdirt - 28 November 2016 @ 8:26am

Somehow Everyone Comes Out Looking Terrible In The Effort For Election Recounts

from the you're-not-helping dept

I didn't quite think it was possible, but it seems that the fight over some potential election recounts has served to basically make everyone look petty and awful. American politics continues to be a dumpster fire. Here is the latest, in three acts.

Act One: Jill Stein to the rescue?

Last week, there was a bit of a fuss, starting with a mostly detail-free article from NY Mag suggesting that some well-respected voting researchers had found some abnormalities, and were suggesting that the Clinton campaign seek a full recount in three key states (Wisconsin, Pennsylvania, and Michigan). After that started to get some buzz, the key e-voting researcher named in the article, Alex Halderman clarified that he didn't actually think there was any foul play, but that, since we all recognize there are security problems with e-voting machines, this could serve as a useful check. As we noted at the time, there was really no way for the Clinton campaign to take this on without much more realistic evidence of fraud, or else it would look incredibly petty and ridiculous -- especially given the concerns the Clinton campaign raised about Donald Trump potentially contesting the election results.

But, into the breach stepped Green Party candidate Jill Stein, who set up a crowdfunding page to see if people would donate to pay for the recounts in those three states (if a candidate requests a recount, they have to fund it). Stein claimed that she wasn't doing this to help Clinton, but as part of the Green Party's support for "election integrity." And, sure, yeah, we're all for election integrity, but Stein's crowdfunding campaign is a bit of a scam. She's preying on false hopes of Clinton supporters to raise a ton of money -- likely approximating twice as much as she raised during her actual campaign. And, for what? No one's entirely sure. Yes, some of the money will go towards demanding recounts, but those recounts might not happen. Instead, the Stein campaign can put in an official request for one, but that's no guarantee. And the Stein campaign just says that if it ends up with more money than it needs, it will "also go toward election integrity efforts and to promote voting system reform." But, without details, it's not at all clear what people are really donating to -- other than building a massive list for the Green Party of potential people to hit up for money in the future.

On Friday, Stein filed the first of these recount requests in Wisconsin, in which her campaign alleges "evidence of voting irregularities" even though there really isn't any. It's basically a made-up request that tosses in a dose or two of conspiracy theory about "foreign interference" in the election. Again, while I'm all for election integrity and am concerned about e-voting machines, alleging fraud without any real evidence is just conspiracy theory mongering.

Act Two: Hillary Clinton: well, okay, if we must...

After the money started flowing to Stein, the Clinton campaign, in the form of a Medium post from the campaign's top lawyer, Marc Elias, said that the campaign would somewhat reluctantly get involved in any recount effort. This is after admitting that the campaign found no evidence on its own of fraud and hadn't intended to ask for such a recount at all, despite a multi-pronged approach to review voting information to see if anything looked fishy. But, now, Elias claims that since Stein got the ball rolling, the Clinton campaign will get involved "just to be represented" in any effort:

Because we had not uncovered any actionable evidence of hacking or outside attempts to alter the voting technology, we had not planned to exercise this option ourselves, but now that a recount has been initiated in Wisconsin, we intend to participate in order to ensure the process proceeds in a manner that is fair to all sides. If Jill Stein follows through as she has promised and pursues recounts in Pennsylvania and Michigan, we will take the same approach in those states as well. We do so fully aware that the number of votes separating Donald Trump and Hillary Clinton in the closest of these states — Michigan — well exceeds the largest margin ever overcome in a recount. But regardless of the potential to change the outcome in any of the states, we feel it is important, on principle, to ensure our campaign is legally represented in any court proceedings and represented on the ground in order to monitor the recount process itself.
Which, okay, fair enough, but it still looks a bit silly overall, and a waste of money since they don't seem to think any recount effort will have any impact anyway.

Act Three: Donald Trump: meeeeeeeeee! this must be about meeeeeeeeee!

At this point, any reasonable President-elect in the same scenario would sit back, chuckle at the absurdity of the efforts discussed above and maybe focus on finishing up his planned cabinet appointments. But not Donald Trump. First, he mocked the Clinton campaign for joining in this effort. To some extent, you can understand this bit of gloating, after the lengths Clinton and her supporters went to in mocking Trump's own claims that he might contest the results of the election:
Of course, this still looks kind of petty, especially given that Trump himself had made it quite clear that he would have actively contested the results had he lost. It's a bit silly to then mock the Democrats for doing what he would have done, even if they played this silly game of pretending to get involved reluctantly.

But, in true Trump fashion, he just can't leave things like this alone. The potential recount seemed to be getting too much attention, so he decided to roll out his bullshit "voter fraud against me" claims anyway, first arguing that he would have won the popular vote, if it weren't for 3 million illegal votes for Clinton.
This seems partly in response to the fact that reporters are covering the fact that Clinton's lead in the popular vote keeps growing, and surpassed 2 million votes. Of course, who won the popular vote is effectively meaningless, but it seems to make Trump antsy. The whole "millions of people who voted illegally" thing is conspiracy theory bullshit, pushed by a former Texas official based on absolutely nothing -- but picked up by the crackpots at Infowars.

Let's be clear here: the claim is absolutely hogwash, yet is being repeated by our President-elect, who already won but seems insecure with the fact that he lost the popular vote. I thought that in this effort, both Jill Stein and Hillary Clinton would come out of this process looking like sketchy sore losers. What I didn't expect (though probably should have) is that Trump would come out of it looking even worse. Not only is he a sore winner, but he's reinforced the fact that he's willing to buy into complete crackpot conspiracy theories if they support his ego. That's insane, and incredibly dangerous.

He followed that up with yet another tweet, claiming that the media is ignoring "serious voter fraud" in Virginia, New Hampshire and California:
This is also ridiculous. If there were any actual evidence of voter fraud, the press would be all over it -- even those that people want to insist supported Clinton. Even if the mainstream media were hopelessly in the tank for Clinton, getting a big story like evidence of widespread "serious voter fraud" would overwhelm that. But the fact is that there's no such evidence. Our President-elect is either making stuff up entirely, or repeating crackpot theories. Also, by falsely claiming that there's widespread voter fraud, Trump seems to be undermining his own message that there shouldn't be recounts going on. If he's really so concerned about widespread voter fraud (again, which didn't actually happen), why isn't he embracing the calls for recounts too?

If you want some actual facts: there's been almost no evidence of voter fraud, other than a few small attempts here or there. ProPublica has the best analysis of this, noting the many ways in which it has reviewed the data, looking for evidence of voter fraud and finding none at all. Here's a sampling of what ProPublica had to say:








So, yeah. Everyone comes out of this looking absolutely terrible. Voting machines are terrible and prone to serious security problems, and should be done away with -- especially in their current form. But even with the security concerns, the idea that there was serious voter fraud due to those machines, or from other factors, is complete hogwash, and everyone should just stop it.

Read More | 177 Comments | Leave a Comment..

Posted on Techdirt - 23 November 2016 @ 7:39pm

Facebook, China, Fake News And The Slippery Slope Of Censorship

from the be-careful-what-you-wish-for dept

Well, I guess it's time to complete the circle. Last week, we were warning that the rush to demonize Facebook for allowing "fake news" to be distributed and shared via its platform would lead to calls to suppress and censor certain view points. And then, this week came the news that China is strategically and opportunistically using the hubbub over "fake news" to push for greater censorship of the internet -- claiming it's necessary to stop fake news and keep people "better" informed (rather than the opposite).

And to top all of that off, comes a story from the NY Times about how Facebook has been working on a tool to allow the Chinese government to censor stories on Facebook as a condition of entering the market. It's no secret that Facebook has been trying for a really long time to figure out a way to get into China. There are over a billion potential users there that Facebook really wants on its platform. And that's not a bad thing. But, of course, China has a heavily censored internet. And while Facebook has been mostly blocked in China, there have already been reports from last year of stories being suppressed to appease the Chinese government.

And now comes "the tool."

The social network has quietly developed software to suppress posts from appearing in people’s news feeds in specific geographic areas, according to three current and former Facebook employees, who asked for anonymity because the tool is confidential. The feature was created to help Facebook get into China, a market where the social network has been blocked, these people said. Mr. Zuckerberg has supported and defended the effort, the people added.

Facebook has restricted content in other countries before, such as Pakistan, Russia and Turkey, in keeping with the typical practice of American internet companies that generally comply with government requests to block certain content after it is posted. Facebook blocked roughly 55,000 pieces of content in about 20 countries between July 2015 and December 2015, for example. But the new feature takes that a step further by preventing content from appearing in feeds in China in the first place.

Facebook does not intend to suppress the posts itself. Instead, it would offer the software to enable a third party — in this case, most likely a partner Chinese company — to monitor popular stories and topics that bubble up as users share them across the social network, the people said. Facebook’s partner would then have full control to decide whether those posts should show up in users’ feeds.
To be clear, the story notes that while this software has been developed, it's not yet in use, and may never be in use. It's there as a sort of "break glass, in case it's needed" offering. And, not surprisingly, it's also quite controversial within the company:
Over the summer, several Facebook employees who were working on the suppression tool left the company, the current and former employees said. Internally, so many employees asked about the project and its ambitions on an internal forum that, in July, it became a topic at one of Facebook’s weekly Friday afternoon question-and-answer sessions.

Mr. Zuckerberg was at the event and answered a question from the audience about the tool. He told the gathering that Facebook’s China plans were nascent. But he also struck a pragmatic tone about the future, according to employees who attended the session.

“It’s better for Facebook to be a part of enabling conversation, even if it’s not yet the full conversation,” Mr. Zuckerberg said, according to employees.
In many ways, this is similar to the struggle that Google faced with China as well, concerning whether or not to locate operations there, and how to deal with demands for both censorship and surveillance from the Chinese government. And, in both cases, there is a reasonable argument for providing some tools to connect the Chinese to the rest of the world. But there's also a quite reasonable fear of what a slippery slope this is and where it's likely to end up.

But the timing of this story coming out seems particularly ridiculous. Just as Facebook has quite reasonably pushed back on the calls from people in the US to censor the newsfeed over "fake news," for it to come out that it has a working tool to censor "real news" seems... kind of ridiculous. And, I've seen some people now pointing to this NY Times article as evidence that Facebook could block fake news if it wanted to. But that's silly and misguided. It's also implicitly arguing that Chinese-style censorship is the proper approach for the US. That's not a good idea.

34 Comments | Leave a Comment..

Posted on Techdirt - 23 November 2016 @ 11:48am

Alex Halderman Clarifies: Not Sure If Election Was Hacked, But, Uh, Shouldn't Someone Be Checking To Make Sure?

from the that's-a-good-point dept

So lots of people have been discussing the story claiming that some e-voting experts believe the Clinton campaign should be asking for a recount in certain battleground states, where it's possible there were some e-voting irregularities. As we noted in our post, the story would barely be worth mentioning if one of the people involved wasn't Alex Halderman, a computer science professor we've been talking about for nearly a decade and a half, going back to when he was a student. Halderman is basically the expert on e-voting security -- so when he says something, it's worth paying attention.

Halderman has now posted something of a follow-up to the NY Magazine article clarifying his views and what he's suggesting. He's not saying there's evidence of a hack, but basically saying that no one knows if there was a hack or not, and because of that, there should be a recount as a way to audit the results to see if there were any irregularities.

After the election, human beings can examine the paper to make sure the results from the voting machines accurately determined who won. Just as you want the brakes in your car to keep working even if the car’s computer goes haywire, accurate vote counts must remain available even if the machines are malfunctioning or attacked. In both cases, common sense tells us we need some kind of physical backup system. I and other election security experts have been advocating for paper ballots for years, and today, about 70% of American voters live in jurisdictions that keep a paper record of every vote.

There’s just one problem, and it might come as a surprise even to many security experts: no state is planning to actually check the paper in a way that would reliably detect that the computer-based outcome was wrong. About half the states have no laws that require a manual examination of paper ballots, and most other states perform only superficial spot checks. If nobody looks at the paper, it might as well not be there. A clever attacker would exploit this.

There’s still one way that some of this year’s paper ballots could be examined. In many states, candidates can petition for a recount.
So, in effect, Halderman isn't saying that he's got evidence of e-voting fraud, but is simply arguing that if no one checks, no one will ever know. So we should check in order to be sure that there wasn't hacking. That's... pretty sensible.
Examining the physical evidence in these states — even if it finds nothing amiss — will help allay doubt and give voters justified confidence that the results are accurate. It will also set a precedent for routinely examining paper ballots, which will provide an important deterrent against cyberattacks on future elections. Recounting the ballots now can only lead to strengthened electoral integrity, but the window for candidates to act is closing fast.
Basically, the only way we can actually get an effective audit to see if there were any voting irregularities is to ask for a recount. The problem, of course, is a political one. If the Clinton campaign does call for a recount, it will immediately be seen as a political play, and lead to a ton of negative publicity. My guess is that the campaign won't want to go there. If we lived in a time where people were intellectually honest, the campaign could present it exactly the way Halderman has framed it -- not as a claim that they believe fraud happened, but rather as a way to ensure that the e-voting machines were accurate and not manipulated -- but does anyone think that the press (either those that supported or those that opposed Clinton) would treat it that way? It would become a complete mess in about two-and-a-half seconds.

And, that's unfortunate. Because as Halderman points out (and, like us, has been pointing out for over a decade), it absolutely is possible to hack most e-voting machines. Especially if the attacker is determined enough to do so:
Here’s one possible scenario. First, the attackers would probe election offices well in advance in order to find ways to break into their computers. Closer to the election, when it was clear from polling data which states would have close electoral margins, the attackers might spread malware into voting machines in some of these states, rigging the machines to shift a few percent of the vote to favor their desired candidate. This malware would likely be designed to remain inactive during pre-election tests, do its dirty business during the election, then erase itself when the polls close. A skilled attacker’s work might leave no visible signs — though the country might be surprised when results in several close states were off from pre-election polls.

Could anyone be brazen enough to try such an attack? A few years ago, I might have said that sounds like science fiction, but 2016 has seen unprecedented cyberattacks aimed at interfering with the election. This summer, attackers broke into the email system of the Democratic National Committee and, separately, into the email account of John Podesta, Hillary Clinton’s campaign chairman, and leaked private messages. Attackers infiltrated the voter registration systems of two states, Illinois and Arizona, and stole voter data. And there’s evidence that hackers attempted to breach election offices in several other states.

In all these cases, Federal agencies publicly asserted that senior officials in the Russian government commissioned these attacks. Russia has sophisticated cyber-offensive capabilities, and has shown a willingness to use them to hack elections. In 2014, during the presidential election in Ukraine, attackers linked to Russia sabotaged the country’s vote-counting infrastructure and, according to published reports, Ukrainian officials succeeded only at the last minute in defusing vote-stealing malware that was primed to cause the wrong winner to be announced. Russia is not the only country with the ability to pull off such an attack on American systems — most of the world’s military powers now have sophisticated cyberwarfare capabilities.

So, yes, it would be good if the votes here were reviewed, if only as an opportunity to explore the potential problems of e-voting machines, rather than as a political ploy. The only problem is that everyone would see it as a political ploy and with political ploys comes general dumpster fires of idiocy.

96 Comments | Leave a Comment..

Posted on Techdirt - 23 November 2016 @ 3:23am

After All That, E-Voting Experts Suggest Voting Machines May Have Been Hacked For Trump

from the just...-no dept

In this topsy-turvy world where nothing makes any sense at all any more, Donald Trump spent months and months spinning stories about how the election was "rigged" and e-voting machines were going to be hacked in favor of Hillary Clinton. While we've spent nearly two decades pointing out problems with e-voting machines, and urged governments to do away with them, it still seemed unlikely that a hack would be sustainable on a large scale -- in part because our election system is such a mess and is handled differently from state to state. And, as Ed Snowden himself pointed out, hiding such a hack would be quite difficult. But with Trump refusing to say if he would concede, and talking up how the vote would be rigged, combined with false stories that made the rounds incorrectly claiming that George Soros owned a company that was making millions of e-voting machines, it seemed like a recipe for disaster if Trump lost and his supporters started insisting that the voting machines were hacked.

But, of course, everything is upside down this year. Trump won... and now suddenly some Clinton supporters are arguing that e-voting machines may have been hacked. Now, to be clear, I wouldn't even bring up this story at all under most circumstances. Even as I don't trust e-voting machines, stories of actual hacked elections tend to be the kind of thing that conspiracy theory kooks pass around, rather than anything substantiated in any real way. What's giving some people pause this time around, is that one of the people claiming that the votes in some states may have been hacked is J. Alex Halderman.

Halderman is legit. He's basically the guy who studies how hackable e-voting machines are. We've been writing about Halderman since he was just a Princeton student, and hacking DRM systems. But he's been hacking e-voting machines for almost as long. And he's really, really good at it. Remember the story of the e-voting machine that was reprogrammed to play Pac-Man? That was Alex Halderman.

That said... this story still seems unlikely. The NY Mag story on it is woefully lacking in detail:

The academics presented findings showing that in Wisconsin, Clinton received 7 percent fewer votes in counties that relied on electronic-voting machines compared with counties that used optical scanners and paper ballots. Based on this statistical analysis, Clinton may have been denied as many as 30,000 votes; she lost Wisconsin by 27,000. While it’s important to note the group has not found proof of hacking or manipulation, they are arguing to the campaign that the suspicious pattern merits an independent review — especially in light of the fact that the Obama White House has accused the Russian government of hacking the Democratic National Committee.
But... it's not clear this holds up under much scrutiny. Perhaps Halderman and voting rights expert John Bonifaz have more details on what they found, but as Nate Silver noted, a more rigorous statistical look at the data -- controlling for education and race -- seems to make the statistical anomaly disappear.
A big claim of actual vote rigging via e-voting machines would need a tremendous amount of evidence to be believable, no matter who won. So far, it doesn't seem like there's enough proof here, even if someone as respected as Halderman is involved in making these claims. But the fact that he is involved at least makes it worthy of further scrutiny.

But... either way, can we please finally get people to realize that e-voting machines without a verifiable paper trail are a disaster and should have no place in any election system? We'd all be better off if there wasn't even a question of hacked voter machines.

128 Comments | Leave a Comment..

Posted on Techdirt - 22 November 2016 @ 8:43am

Ridiculous Hot News And Copyright Battles As World Chess Seeks To Block Others From Broadcasting Moves

from the that's-ridiculous dept

A few years back, we had a few stories about ridiculous situations in which the Bulgarian Chess Federation was trying to claim copyright on chess moves and had even sued a website for copyright infringement for broadcasting the moves. Of course, chess moves are not just factual information, but they're historically written down and shared widely, because that's part of how people learn to play chess (and get better at it). Studying the moves in various games is part of how people practice chess, and no one is expected to claim "ownership" over the chess moves, because they can't.

And yet... we've just come across two separate cases, involving one particular organizer of chess tournaments, trying to abuse the law to block reporting on chess moves -- in both Russia and the US. Both cases are ridiculous, and thankfully, both have failed so far. The Moscow case actually kicked off back in the spring, when the organization Agon, which runs World Chess Championships and the website WorldChess.com, sued some websites, including Chess24, for posting the chess moves of live events. Thankfully, the Commercial Court of the City of Moscow rejected the lawsuit a few weeks ago, though Agon has said it will appeal. There are a number of reasons why Agon lost the case, but the key one:

Art. 14.7 of the Competition Act does not apply in particular since the Plaintiff did not establish a regime of commercial secrecy for the information about the chess moves. On the contrary, this information was in the public domain (as the Plaintiff himself admits on page 6 of the statement of claim). Consequently, information about the chess moves is not a trade secret and is not protected by law. Accordingly, the Defendant did not receive, use or disclose information that was a trade or other secret protected by law i.e. he did not violate Art. 14.7 of the Competition Act.
Then, just days after that ruling in Moscow, a very similar case was filed in the US by World Chess -- which is owned by Agon. And, it also targeted Chess24, one of the same companies it had sued in Moscow. In the US, it's clear that there's no copyright claim to be made in chess moves -- too many cases clearly preclude trying to claim a copyright in factual data, especially factual data about sports/competitions. Instead, World Chess focused on the pretty much dead and discredited "hot news" claims against a few other chess sites. The entire complaint can basically be summarized as "but... wah... it's not fair!"
Defendants have made a pattern and practice of copying and redistributing in real time the chess moves from tournaments covered byWorld Chess shortly after the moves appear on World Chess’s website, and unless restrained by this Court will do the same with respect the November 2016 Championship.
World Chess not only asked for an injunction against Chess24 -- but also demanded that the court order the domains of the defendants be transferred over to World Chess. The defendants hit back with a detailed explanation of how ridiculous World Chess's lawsuit was:
By its Application for a Temporary Restraining Order and Preliminary Injunction, Plaintiffs World Chess US, Inc. and World Chess Events Ltd. (collectively, “Plaintiffs”) seek to prevent legitimate chess-oriented websites from reporting on, discussing, and analyzing one of the major chess matches of the year – even though the information Chess24 seeks to report on will already be readily available to the public. Plaintiffs attempt to do so by claiming that because they are the organizers and promoters of the chess match they have an intangible, enforceable property right in the facts surrounding that match, and therefore have the exclusive right to publish and report on what the players are doing. The claims made by Plaintiffs run contrary to the well-established law of this Circuit and public policy.
Chess24 points out that World Chess is clearly just trying to do an endrun around well-established copyright law, and that's a big no-no.
Plaintiffs know that the moves made by professional chess players are precisely the type of factual material that is not protectable by copyright law. But it also cannot be protected under theories of common law misappropriation. The law is absolutely clear in this Circuit that state law claims for misappropriation of unprotectable facts – including live sports plays – are preempted by Section 301 of the Copyright Act. In an effort to avoid preemption, Plaintiffs have relied on an extremely narrow exception for so-called “hot news misappropriation.” That exception plainly does not apply here. In fact, Plaintiffs almost completely ignore the dispositive case in this area -- NBA v. Motorola, 105 F.3d 841, 846 (2d Cir. 1996). In Motorola, the Second Circuit expressly rejected the exact same claim that Plaintiffs attempt to argue here, involving almost the exact same factual circumstances. Specifically, that case held that the NBA could not prevent Motorola from attending and watching basketball games and selling play-by-play accounts of the game to its mobile customers. In contrast to this dispositive case law, Plaintiffs are unable to cite even a single case upholding an injunction like the one sought by Plaintiffs in even remotely similar circumstances.
Oh, and also, Chess24 points out to the court that (1) Agon/World Chess just lost a nearly identical case in Moscow and (2) it waited until just days before the tournament in question started to try to force a quick injunction:
Even more telling is the fact that although Plaintiffs have been in litigation with Chess24 in Moscow since March (Plaintiffs recently lost that case), they waited until just four days before the start of the WCC to bring this motion. Plaintiffs’ decision to file their lengthy motion at the eleventh hour is not just sharp tactics; it confirms that there is no actual irreparable injury in need of remediation.
There was a hearing in court, and the judge, Victor Marrero, rejected World Chess/Agon's request for an injunction. As of writing this, the court has only posted the short order without the full explanation, which is expected to be published later. But, given the facts here, it seems fairly obvious why the court rejected the case -- and it's all of the many reasons that Chess24 laid out in its brief.

Hopefully, these companies can finally get it through their heads that you can't copyright chess.

Read More | 22 Comments | Leave a Comment..

Posted on Techdirt - 21 November 2016 @ 5:13pm

Theranos's Insane Campaign To Punish Whistleblower, Who Happened To Be Famous Boardmember's Grandson

from the holy-crap dept

We haven't really written much about the insane Theranos scandal, though we discussed it on our podcast. The whole story is pretty crazy -- involving a heavily hyped up company that appeared to basically be flat out lying to everyone about what it could do. The company still exists, but barely. The company's founder and CEO, who was plastered across magazine covers and compared frequently to Steve Jobs, has been banned from running a lab for two years, and the company is now facing a $140 million lawsuit from its biggest partner, Walgreens, who claims that Theranos repeatedly lied to Walgreens.

All the while, Walgreens alleges that Theranos: actively misled the company; didn’t live up to the quality and regulatory promises; kept Walgreens in the dark about problems; refused to answer questions as media reports came out about those problems; accused Walgreens of leaking information to the press; and asserted that Walgreens was the one that had breached their agreement.
One thing that became clear as the whole scandal broke, was that the company continued to aggressively deny wrongdoing, even as it became more and more obvious that almost everything that Theranos was saying publicly, allowing the company to be valued around $9 billion, was completely bogus. One of the most striking stories that came out a few months ago, was a report on the almost cult-like response from Theranos after the very first of a series of articles exposing the fraud came to light. The reporter who did an amazing job in exposing Theranos was the Wall Street Journal's John Carreyrou. And according to a thorough recounting in Vanity Fair, after Carreyou's first article, rather than honestly addressing the allegations, this happened:
By the time she returned to Palo Alto, the consensus was that it was time, at last, for Holmes to address her hundreds of employees. A company-wide e-mail instructed technicians in lab coats, programmers in T-shirts and jeans, and a slew of support staff to meet in the cafeteria. There, Holmes, with Balwani at her side, began an eloquent speech in her typical baritone, explaining to her loyal colleagues that they were changing the world. As she continued, Holmes grew more impassioned. The Journal, she said, had gotten the story wrong. Carreyrou, she insisted, with a tinge of fury, was simply picking a fight. She handed the stage to Balwani, who echoed her sentiments.

After he wrapped up, the leaders of Theranos stood before their employees and surveyed the room. Then a chant erupted. “Fuck you . . .,” employees began yelling in unison, “Carreyrou.” It began to grow louder still. “Fuck you, Carreyrou!” Soon men and women in lab coats, and programmers in T-shirts and jeans, joined in. They were chanting with fervor: “Fuck you, Carreyrou!,” they cried out. “Fuck you, Carreyrou! Fuck. You. Carrey-rou!”
That same Vanity Fair article notes that the company's lawyer, David Boies, threatened employees for talking to journalists. Boies, you may recall, made a name for himself for taking on Microsoft in the 1990s, but since then has been involved in a series of... well... bad decisions. You may recall him sending out bullshit letters threatening media companies for reporting on the leaked Sony emails a couple years ago. Boies also represented Oracle against Google in the fight over copyrighting APIs, and also represented SCO, back during that company's ridiculous legal fight against IBM over Linux. In this case, Boies wasn't just a lawyer for Theranos, but on their board as well:
Meanwhile, Theranos had its lawyers send a letter to Rochelle Gibbons’s attorney, threatening legal action for talking to a reporter. “It has been the Company’s desire not to pursue legal action against Mrs. Gibbons,” a lawyer for Boies, Schiller & Flexner wrote. “Unless she immediately ceases these actions, she will leave the Company no other option but to pursue litigation to definitively put an end [to] these actions once and for all.”
It turns out that's not the only people Theranos went after. The same reporter who exposed the fraud and was the subject of those chants recently had another story detailing the ridiculous lengths that Theranos has gone to in an effort to silence one of the whistleblowers who revealed the problems at the company. The story is quite incredible (though, possibly blocked by the WSJ's paywall). The whistleblower was a guy named Tyler Schultz -- who just happened to be the grandson of well known former Reagan Secretary of State George Schultz... who also was on Theranos' board (the board was stocked with famous political people, and few with any actual experience in Theranos' field). The younger Schultz apparently had emailed Elizabeth Holmes pointing out how the company was doctoring research and received a lecture instead:
After working at Theranos Inc. for eight months, Tyler Shultz decided he had seen enough. On April 11, 2014, he emailed company founder Elizabeth Holmes to complain that Theranos had doctored research and ignored failed quality-control checks.

The reply was withering. Ms. Holmes forwarded the email to Theranos President Sunny Balwani, who belittled Mr. Shultz’s grasp of basic mathematics and his knowledge of laboratory science, and then took a swipe at his relationship with George Shultz, the former secretary of state and a Theranos director.

“The only reason I have taken so much time away from work to address this personally is because you are Mr. Shultz’s grandson,” wrote Mr. Balwani to his employee in an email, a copy of which was reviewed by The Wall Street Journal.
The rest of the story is pretty incredible. Schultz, smartly, quit that same day, and then reached out to regulators in NY to blow the whistle on misrepresentations by Theranos, helping lead to the eventual unraveling of the company. And, again, rather than deal with the actual problems, the company just targeted the younger Schultz (and, incredibly, the grandfather sided with the company).
In the past year and a half, the grandson and grandfather have rarely spoken or seen one another, communicating mainly through lawyers, says Tyler Shultz. He and his parents have spent more than $400,000 on legal fees, he says. He didn’t attend his grandfather’s 95th birthday celebration in December. Ms. Holmes did.

“Fraud is not a trade secret,” says Mr. Shultz, who hoped his grandfather would cut ties with Theranos once the company’s practices became known. “I refuse to allow bullying, intimidation and threat of legal action to take away my First Amendment right to speak out against wrongdoing.”
First of all, kudos to Tyler Schultz for standing up to this bullying. And, second, what the hell is wrong with Theranos that they seemed so focused on attacking anyone who questions them, rather than focusing on actually fixing the problem. I get that there's this view of Silicon Valley companies where there's something of a "fake it, until you make it" attitude, but there are limits.

There's much more in the WSJ story that is really quite incredible. It suggests a level of closing ranks to protect the reputation of Theranos, rather than actually dealing with the fact that their stuff didn't work the way they said it would.

22 Comments | Leave a Comment..

Posted on Techdirt - 21 November 2016 @ 1:10pm

Woman Sues Google Because SEO Guy Wrote A Mean Blog About Her Company

from the that's-not-how-this-works dept

I'm still baffled about how there are lawyers out there who seem oblivious to Section 230 of the CDA and how you can't just sue a platform because of something a user did. Apparently lawyer Harry J. Jordan from Washington DC is either unaware of the law, or simply decided to ignore it, in filing a silly lawsuit against Google asking for $8 million on behalf of Dawn Bennett and the "sports apparel" firm she runs called DJ Bennett. The story is a fairly familiar one. A guy named Scott Pierson claimed to be a Search Engine Optimization (SEO) expert, and convinced Bennett to pay a large sum of money to improve the performance of DJ Bennett's website. Things didn't work out, there was an exchange of words, some threats to negatively harm the website and an agreement on final payment (and also something about a lost check that was eventually rectified). Bennett claims that after all of this Pierson set up a blog on Google's blogging platform that made a bunch of negative remarks about DJ Bennett, some of which may very well be defamatory.

But, do me a favor, and look at the caption on the lawsuit, and tell me where Scott Pierson is as a party to the lawsuit?

Hmm. No Scott Pierson? Instead, there's just a giant corporation that didn't do anything here? Yup. This has all the hallmarks of a Steve Dallas lawsuit where a marginally connected big company is sued because "Hey, they've got the money." The rationale for Google being the defendant is just as ridiculous as you'd expect:
Google continued to carry Pierson’s blog after plaintiffs’ counsel repeatedly alerted it of the factual distortions and malicious intent of Pierson’s blog and his abuse of the internet process to distort public interest in his blog. Google therefore shares in the responsibility with Pierson in plaintiffs’ financial damages.

Plaintiffs will show at trial that they have lost more than $3 million in actual and potential business revenue because of Google’s publication of Pierson’s blog, and separately, Dawn Bennett has suffered several times that amount in damages to her business and professional reputation.
Right, see, that's not how this works. Just because Google hosts a blog, it doesn't make it liable for anything posted on it. And that's true even if you alert Google to not liking content. Hell, it's even true if the content has been proven defamatory in court (though Google tends to take things down upon receipt of such a ruling).

I can understand why Bennett is upset. But if the content is truly defamatory, then sue Pierson, who is responsible for it. And the lawyer -- Harry Jordan -- should let her know that Pierson is the only one she can sue over this, and should know that any attempt to sue Google will get tossed out of court super fast. But instead, he pushes forward with this lawsuit -- and doesn't even make the slightest attempt to get around Section 230, suggesting he may not even be aware of it.

Hell, it's not even clear that Jordan understands defamation law. Unlike most lawsuits of this nature, it doesn't cite the law in question. Instead, it makes claims about what is defamatory that are simply not accurate. Here's what the lawsuit says:
A defamatory statement is one which tends to expose a person to public scorn, hatred, contempt or ridicule, thereby encouraging others in the community from having a good opinion of, or from associating or dealing with that person. To determine whether Pierson’s blog meets this standard, consideration must be given to what was stated, what was intended by the statement, and how it was likely to have been understood by those to whom it was communicated.
That's uh... not what defamation is. Notice that critically missing here is any question of whether the statements are false. A mere statement that exposes someone to public scorn, hatred, contempt or ridicule (assuming it doesn't reach the actual tests for defamation) is clearly protected speech. Just for reference, Washington DC's actual defamation law requires a very different standard, including (as it must) that the statements be false and defamatory. Furthermore, corporations are considered public figures, meaning that the test also must include the "actual malice" standard (which, for all we know, could be shown), but it would still need to be shown against the right defendant. And that's not Google.

The lawsuit makes similar and equally problematic claims about "tortious interference" and "intentional infliction of emotional distress." Those are also clearly inappropriate under Section 230. And again, the link to Google is exceptionally tenuous.
As Google was aware of plaintiffs’ complaints that Pierson’s blog was factually false and a malicious vendetta against them and meant to cause crippling financial damages, it is therefore equally responsible and liable for the damages plaintiffs’ have suffered.
Nah, that's not how it works.

Read More | 38 Comments | Leave a Comment..

Posted on Techdirt - 21 November 2016 @ 9:34am

Burlington Police Insist Someone Is Pretending To Abuse Copyright Law To Censor News Stories About Arrests

from the copyright-as-censorship dept

Last week, we wrote about some bizarre DMCA claims made by a guy named "Mike Ferrell" who claimed to represent the Burlington, Massachusetts Police Department, demanding that Google remove a bunch of stories because it violated the copyright the police department held on certain mugshots. We pointed out how crazy this was -- and also questioned whether or not "Ferrell" really represented the police department, because the language used in the takedown was a word salad of nothingness. In case you didn't remember:

Good afternoon My name is Mike Ferrell. I am the agent legal from the Burlington Police Department (Intellectual Property, Piracy, Copyright/DMCA) located in Massachusetts. I inform you that the infringing content in question awarded or issued previously are infringing our Copyright since these photographs/images are our property, is fully belonging to us. We are the properties, authors or creators of the content that previously indicated content and request of immediate actions appropriate or respective. We need it more soon as possible relevant/correct actions/measures are taken as more before possible, or otherwise we proceed to take action on our own. Thanks circumvention content: http://www.burlingtonpolice.org/Arrest-of-two-men-in-death-of-woman.html http://www.burlingtonpolice.org/Three-man-arrested-in-connection-with-string-of-store-jewelry-robberies.html http://www.burlingtonpolice.org/Nine-arrested-in-sting-operation.html http://www.burlingtonpolice.org/Teens-arrested-in-mosque-vandalism-incident.html http://www.burlingtonpolice.org/Eight-arrested-in-prostitution-sweep.html http://www.burlingtonpolice.org/Seven-johns-charged-in-reverse-prostitution-sting.html circumvention mechanism: Providing photographies/images protected for us.
Mike Kent, the Chief of Police in Burlington reached out to us over the weekend to let us know that whoever sent the notices, it was not his department. He says they have no one working for them by the name of Mike Ferrell, and that the Burlington PD "has no issues whatsoever with these mugshots being used."

So... that leaves open the question of just who is impersonating the Burlington Police Department, and filing completely bogus DMCA notices in an attempt to censor news stories. It would seem that the most obvious options are those who were featured in those stories about arrests in Burlington. The very first notice that Ferrell sent, focused on stories about a particular prostitution sting, and named the nine men who were arrested, along with mugshots. It would seem that perhaps one (or more!) of those nine men would have pretty strong incentives to seek to have those stories deleted from Google.

Either way, we've been pointing out for years that copyright is an easy tool for censorship -- and here's yet another example. If you want something censored, just try to work out a copyright conneciton of some sort. In this case, it appears to have failed, but mostly because whoever filed it wasn't very good at pretending to work for the police.

26 Comments | Leave a Comment..

Posted on Techdirt - 21 November 2016 @ 8:28am

NSA Leaked More Hacking Tools, Leading To Calls To Fire Its Director... Who Ran To Trump For Support

from the wait,-what? dept

Since Admiral Michael Rogers took over for previous NSA boss, General Keith Alexander, a couple of years ago, he's mostly stayed out of the public eye. While Alexander became the face of excessive NSA surveillance exposed by Ed Snowden, Rogers seemed to want to present himself as the face of a cleaned up NSA. On Friday, it was even reported that Rogers was the "top candidate" to take over as Director of National Intelligence from retiring James Clapper. That is, he was in line for a big promotion (though, oddly, another report released at the same time noted that Trump was considering getting rid of the role of "Director of National Intelligence" and moving back to a pre-9/11 setup where the various intelligence agencies have no one coordinating their actions.

But, over the weekend, a bizarre story broke in the Washington Post, detailing how both Clapper and Defense Department boss Ash Carter had been strongly recommending that President Obama fire Rogers for a variety of problematic actions. The most shocking -- though buried in the article -- is that the NSA has had multiple breaches revealing its most powerful hacking tools. We already know about the whole Shadow Brokers thing, revealing some powerful hacking tools, and that an NSA contractor named Harold Martin was arrested a few months ago for apparently hoarding all sorts of classified info. As we noted at the time, the fact that Martin was doing so years after Snowden, raised serious questions about how well the NSA could really keep its secrets.

And the Washington Post revealed that it's even worse:

But there was a second, previously undisclosed breach of cybertools, discovered in the summer of 2015, which was also carried out by a TAO employee, one official said. That individual also has been arrested, but his case has not been made public. The individual is not believed to have shared the material with another country, the official said.

Rogers was put on notice by his two bosses — Clapper and Carter — that he had to get control of internal security and improve his leadership style. There have been persistent complaints from NSA personnel that Rogers is aloof, frequently absent and does not listen to staff input. The NSA is an intelligence agency but part of the Defense Department, hence the two overseers.

FBI agents investigating the Martin breach were appalled at how lax security was at the TAO, officials said. “[Rogers] is a guy who has been at the helm of the NSA at the time of some of the most egregious security breaches, most recently Hal Martin,” a senior administration official said. “Clearly it’s a sprawling bureaucracy . . . but I think there’s a compelling case that can be made that some of the safeguards that should have been put in place were either not fully put in place or not implemented properly.”
The WaPo story also notes that there may be some turf battle issues going on here as well. We've long highlighted the serious problems of the NSA also running the US Cyber Command, noting that this creates a tremendous conflict of interest, since it makes the NSA more willing to not reveal vulnerabilities it discovers, since they may be more useful offensively as well. Apparently many in the administration agree, and the plan was to split the NSA and US Cyber Command, and get rid of Rogers at the same time. But, Senator John McCain apparently freaked out and insisted that the NSA and Cyber Command had to remain stuck together, or he would block any new nominees to head the NSA. At the same time, the reason Carter is upset with Rogers is that he feels he's done a poor job in mounting cyberattacks against ISIS (for what it's worth, in his own weird way, this was also a point that Trump would make during the campaign when asked about cybersecurity -- meaning that it's a bit odd he'd now consider promoting the guy who was responsible for what he'd been making fun of during the campaign...).

There's another oddity in the story: Rogers meeting with Trump was done without telling his superiors -- a massive breach of protocol for a military official:
In a move apparently unprecedented for a military officer, Rogers, without notifying superiors, traveled to New York to meet with Trump on Thursday at Trump Tower. That caused consternation at senior levels of the administration, according to the officials, who spoke on the condition of anonymity to discuss internal personnel matters
This made some wonder if Rogers did this as a last gasp effort to save his job. For what it's worth, when asked about the story, Rogers said he's "accountable" for his actions:
"I'm not going to go down that road," Rogers said, interrupting a journalist who asked about The Washington Post story during a forum where the admiral was speaking.

He added, "I'm accountable for my actions."
No matter what, at the very least, we're left (once again!) wondering what the hell is going on with the NSA. This is yet another example of how the organization is a mess that can't seem to keep track of its most powerful secrets and hacking tools. And they want us to "trust" them not to abuse those tools? They can't even keep track of them. And, the guy who's been in charge for the last two and a half years may now be getting a promotion (with a brief "being fired" thrown in between).

28 Comments | Leave a Comment..

Posted on Techdirt - 21 November 2016 @ 6:25am

IRS Demands All Info On All Coinbase Customers

from the slow-down,-skippy dept

There have always been questions about the tax implications of cryptocurrencies like Bitcoin. A few years ago, the IRS came out with some guidelines, declaring cryptocurrencies to be property, rather than currency, and then taxed more like equity. But late last week, the IRS went to court to basically demand Coinbase turn over all info it has on everyone. Coinbase is one of, if not the, leading online cryptocurrency exchanges and places where many people store their cryptocurrency in an online wallet. It's a company that has bent over backwards to comply with the laws. But, no matter, the IRS basically thinks everyone who uses it is a tax cheat. Here's what the IRS demanded:

All records of account/wallet/vault activity including transaction logs or other records identifying the date, amount, and type of transaction (purchase/sale/exchange), the post transaction balance, the names or other identifiers of counterparties to the transaction; requests or instructions to send or receive bitcoin; and, where counterparties transact through their own Coinbase accounts/wallets/vaults, all available information identifying the users of such accounts and their contact information.
Uh, yeah, that's not very limited. It's not limited at all. The IRS literally wants everything. Why? Because, according to the IRS, it's investigating one single tax cheat. In a declaration, IRS agent David Utzke, talks about a single tax cheat, and says this gives him a basis for requesting all info.
After using a traditional abusive offshore arrangement for approximately 5 years, Taxpayer 1 became fatigued with the effort required to manage his offshore accounts, attorneys, and applicable regulations, and discovered virtual currency while conducting internet research on the topic. Taxpayer 1 began testing the use of virtual currency and eventually abandoned the use of his offshore structure. Taxpayer 1 was able to use virtual currency to repatriate his assets without governmental detection.

For example, Taxpayer 1 originally worked with a foreign promoter who set up a controlled foreign shell company which diverted his income to a foreign brokerage account, then to a foreign bank account, and lastly back to Taxpayer 1 through the use of an automated teller machine (ATM). Once Taxpayer 1 abandoned the use of his offshore structure in favor of using virtual currency, the steps described above were the same until his income reached his foreign bank account. Once there, instead of repatriating his income from an ATM in the form of cash, Taxpayer 1 diverted his income to a bank which works with a virtual currency exchanger to convert his income to virtual currency. Once converted to virtual currency, Taxpayer 1’s income was placed into a virtual currency account until Taxpayer 1 used it to purchase goods and services. Taxpayer 1 failed to report this income to the IRS.
Utzke also mentions two other taxpayers, which were companies, not individuals, but which used Coinbase. He notes that others are laundering money and thus likely to be using cryptocurrencies. That may be true, but it seems like a pretty big stretch to argue that means Coinbase should cough up all details on all transactions.

In the IRS's memorandum of support, it insists that it's just trying to find all the tax cheats, so it should get to look at all the records.
Since 2009, the use of virtual currency has increased exponentially. Some users value the relatively high degree of anonymity associated with virtual currency transactions because only a transaction in virtual currency, such as buying goods or services, is public and not the identities of the parties to the transaction. Because of that, virtual currency transactions are subject to fewer third-party reporting requirements than transactions in conventional forms of payment. However, due to this anonymity and lack of third-party reporting, the IRS is concerned that U.S. taxpayers are underreporting taxable income from transactions in virtual currencies. Further, because the IRS considers virtual currencies to be property, United States taxpayers can realize a taxable gain from buying, selling, or trading in virtual currencies. There is a likelihood that United States taxpayers are failing to properly determine and report any taxable gain from such transactions.

.... The issuance of the summons is warranted here because (i) the summons relates to an ascertainable group or class of persons; (ii) there is a reasonable basis for believing these U.S. taxpayers failed to comply with internal revenue laws; and (iii) information sufficient to establish these U.S. taxpayers’ identities is not readily available to the IRS from other sources.
Coinbase posted a short blog post Friday evening expressing concern over this while exploring the issues:
Our customers may be aware that the U.S. government filed a civil petition yesterday in federal court seeking disclosure of all Coinbase U.S. customers' records over a three year period. The government has not alleged any wrongdoing on the part of Coinbase and its petition is predicated on sweeping statements that taxpayers may use virtual currency to evade taxes.

Although Coinbase's general practice is to cooperate with properly targeted law enforcement inquiries, we are extremely concerned with the indiscriminate breadth of the government's request. Our customers’ privacy rights are important to us and our legal team is in the process of examining the government's petition. In its current form, we will oppose the government’s petition in court. We will continue to keep our customers informed on developments in this matter.
What happens here is going to be a big, big deal in the cryptocurrency world. The IRS had to know that this was going to get attention, and perhaps that's the intent. But this seems like a massive overreach.

Read More | 43 Comments | Leave a Comment..

Posted on Techdirt - 18 November 2016 @ 7:39pm

President Obama Claims He Cannot Pardon Snowden; He's Wrong

from the yes-you-can dept

In a big interview with the German media outlet Der Spiegel, President Obama was asked about his interest in pardoning Ed Snowden in response to the big campaign to get him pardoned. Obama's response was that he could not, since Snowden has not been convicted yet:

ARD/SPIEGEL: Are you going to pardon Edward Snowden?

Obama: I can't pardon somebody who hasn't gone before a court and presented themselves, so that's not something that I would comment on at this point. I think that Mr. Snowden raised some legitimate concerns. How he did it was something that did not follow the procedures and practices of our intelligence community. If everybody took the approach that I make my own decisions about these issues, then it would be very hard to have an organized government or any kind of national security system.

At the point at which Mr. Snowden wants to present himself before the legal authorities and make his arguments or have his lawyers make his arguments, then I think those issues come into play. Until that time, what I've tried to suggest -- both to the American people, but also to the world -- is that we do have to balance this issue of privacy and security. Those who pretend that there's no balance that has to be struck and think we can take a 100-percent absolutist approach to protecting privacy don't recognize that governments are going to be under an enormous burden to prevent the kinds of terrorist acts that not only harm individuals, but also can distort our society and our politics in very dangerous ways.

And those who think that security is the only thing and don't care about privacy also have it wrong.
This is simply incorrect -- as is known to anyone who remembers the fact that Gerald Ford pardoned Richard Nixon before he had been indicted.

And it appears that the President knows this. Because, as the Pardon Snowden campaign points out, Obama pardoned three Iranian Americans who had not yet stood trial. That happened this year. So for him to say it's impossible to pardon someone who hasn't gone before the court is simply, factually, historically wrong.

And there's a Supreme Court ruling that makes this abundantly clear. 150 years ago, in the ruling on Ex Parte Garland, the Supreme Court stated:
The power of pardon conferred by the Constitution upon the President is unlimited except in cases of impeachment. It extends to every offence known to the law, and may be exercised at any time after its commission, either before legal proceedings are taken or during their pendency, or after conviction and judgment. The power is not subject to legislative control.

A pardon reaches the punishment prescribed for an offence and the guilt of the offender. If granted before conviction, it prevents any of the penalties and disabilities consequent upon conviction from attaching; if granted after conviction, it removes the penalties and disabilities and restores him to all his civil rights. It gives him a new credit and capacity. There is only this limitation to its operation: it does not restore offices forfeited, or property of interests vested in others in consequence of the conviction and judgment.
Separately, the argument that if Snowden goes to court he can "make his arguments" is also wrong. And President Obama also knows this. The Espionage Act, under which Snowden is charged, does not allow any sort of whistleblower or public interest defense at all.

As Snowden’s lawyer, the ACLU’s Ben Wizner has explained, this isn’t hypothetical. When Daniel Ellsberg stood trial under the Espionage Act, his attorney asked him why he decided to leak the Pentagon Papers to journalists. The prosecution objected to the mere question, and the judge sustained the objection. No matter the egregiousness of the government’s actions, a whistleblower’s motivation has no place in an Espionage Act trial.

That means that Snowden wouldn’t be able to explain why he felt the public should know what the NSA was doing, he wouldn’t be able to point to the federal courts that ruled against the NSA in the aftermath of the disclosures, and he wouldn’t be able to cite subsequent advances to cybersecurity. His conviction and severe punishment would be a foregone conclusion.

There may be reasons why the President doesn't wish to grant a pardon to Snowden, but his stated reasons are completely bogus.

158 Comments | Leave a Comment..

Posted on Techdirt - 18 November 2016 @ 4:43pm

Trump's Picks For AG & CIA Happy To Undermine Civil Liberties, Increase Surveillance

from the this-is-a-bad-start dept

This is (unfortunately) not a huge surprise, but it appears that a Trump administration is going to be much worse for civil liberties and surveillance. Earlier today, Donald Trump named his choices to head the CIA -- Rep. Mike Pompeo -- and to be the next Attorney General -- Senator Jeff Sessions -- and both have terrible records on surveillance, civil liberties and whistleblowing. They also are problematic in other areas, but in the areas where we cover, it's not looking good.

Let's start with Pompeo. In an op-ed piece for the Wall Street Journal back in January of this year, Pompeo called for expanding surveillance powers rather than limiting them. He criticized the USA Freedom Act and any other attempt to even moderately cut back on surveillance and said we had to go the other direction, claiming "What’s needed is a fundamental upgrade to America’s surveillance capabilities."

Congress should pass a law re-establishing collection of all metadata, and combining it with publicly available financial and lifestyle information into a comprehensive, searchable database. Legal and bureaucratic impediments to surveillance should be removed. That includes Presidential Policy Directive-28, which bestows privacy rights on foreigners and imposes burdensome requirements to justify data collection.
While (at least) that same editorial did say that a backdoor on encrypted products "would do little good," he's no fan of encryption. He just thinks that if you use it, it should be considered a "red flag" that you're up to no good:
There has been much debate about whether providers of communications hardware and software in the U.S. should be obliged to give the government backdoor access. Such a mandate would do little good, since terrorists would simply switch to foreign or home-built encryption. New technologies can cloak messages in background noise, rendering them difficult to detect.

Forcing terrorists into encrypted channels, however, impedes their operational effectiveness by constraining the amount of data they can send and complicating transmission protocols, a phenomenon known in military parlance as virtual attrition. Moreover, the use of strong encryption in personal communications may itself be a red flag.
In another opinion piece for the National Review, he attacks reformers and those who support Ed Snowden while announcing his own bill to give the NSA greater surveillance powers:
Those who today suggest that the USA FREEDOM Act, which gutted the National Security Agency’s (NSA) metadata program, enables the intelligence community to better prevent and investigate threats against the U.S. are lying. I use that word intentionally, because these candidates know better. Less intelligence capacity equals less safety. To share Edward Snowden’s vision of America as the problem is to come down on the side of President Obama’s diminishing willingness to collect intelligence on jihadis. No Republican candidate who does that is worthy of our vote.

I have just introduced the Liberty through Strength Act II in the House of Representatives to restore the NSA’s tools. We cannot expect our intelligence professionals to prevent terrorist attacks while handcuffing them at the same time.
Just to be extra clear: Pompeo doesn't just dislike Ed Snowden, he has declared him a traitor who should be "given a death sentence."
It's absolutely the case that we have not been able to secure all the American information that we needed to, and that we've had the traitor Edward Snowden steal that information. He should be brought back from Russia and given due process, and I think the proper outcome would be that he would be given a death sentence for having put friends of mine, friends of yours, who served in the military today, at enormous risk, because of the information he stole and then released to foreign powers.
Pompeo has also defended the CIA's torture program against critics:
“These men and women are not torturers, they are patriots,” and, “The programs being used were within the law, within the constitution.”
There's also the fact that Pompeo has basically no experience in the intelligence community. He was an Army officer and a businessman, only entering Congress a few years ago. In that link, Motherboard quotes someone from the intelligence community questioning how Pompeo is qualified to run the CIA:
“None of us believe that a couple of years in the Army followed by sitting on a committee in Congress qualifies anyone for any position in the CIA, much less as the Director,” a former military officer who also worked in the intelligence community told Motherboard on condition of anonymity. “We believe that the ongoing nepotism used to select unqualified and in some cases, dangerous people for leadership in these key positions may well lead to a catastrophic failure for the United States.”
So, yes, here's someone with little actual experience in intelligence, but who is absolutely sure the answer is greater surveillance of Americans, and who supports programs that have been declared to be torture. And they're putting him in charge of the CIA.

On to Sessions. He's also a huge supporter of increased surveillance, and not a fan of civil liberties. Going back a decade ago, Sessions very publicly supported President George W. Bush's surveillance programs that included warrantless wiretapping of Americans.
“This is a reasonable assertion of executive power, and it’s more than an academic discussion,” Sessions said. “There are 3,000 Americans who have no civil rights today because they were killed as a result of communications from foreign terrorist organizations who called in to sleeper cells who then carried out the catastrophic 9/11 attacks. President Bush’s surveillance program authorizes only an intercept of an international call or email in which one of the parties is connected to al Qaeda. I think the terrorist surveillance program is a reasonable response.”
For what it's worth, Sessions is wrong here. The surveillance program -- as we later learned -- enabled much, much, much more than that, and included mass surveillance on the communications data of millions of Americans. And the "connection to Al Qaeda" was expanded to include many hops away, and much more than Al Qaeda. But as far as I can tell, Sessions never admitted that his statement was wrong or changed his views on Presidential surveillance powers. Just this year, Sessions spoke out against encryption on mobile phones in discussing the legal fights between Apple and the FBI:
Senator Jeff Sessions of Alabama questioned Cook’s position. "Coming from a law enforcement background, I believe this is a more serious issue than Tim Cook understands," Sessions said. He said accessing phones is critical to law enforcement.

"In a criminal case, or could be a life and death terrorist case, accessing a phone means the case is over. Time and time again, that kind of information results in an immediate guilty plea, case over," Sessions said. He added that the ability for government to access a phone should not be abused.
He's also spoken out vehemently against NSA reform that limits surveillance, complaining about the very modest changes in the USA Freedom Act.
In 2006, the National Security Agency transitioned the bulk telephone-metadata acquisition program authorized under the president’s Terrorist Surveillance Program to the business-records court-order authority of Section 215. Since shortly after 9/11, this program has been helping to keep Americans safe by acquiring non-content call records, i.e., telephone numbers and the date, time, and duration of a call. This program has yielded invaluable intelligence that has helped prevent attacks and uncovered terrorist plots. Nevertheless, the Obama administration has built up unnecessary barriers that sacrifice the fragile operational efficiency of the program without actually accomplishing anything in terms of data security.
He claimed this despite the fact that this article was published years after it had been revealed that the government had never relied on the Section 215 data to save lives, and even where it was used, other means were used to stop any kind of attack.

On top of that, just recently, Sessions tried to massively expand the surveillance powers of the Justice Department, in an amendment he tried to attach to ECPA (Electronic Communications Privacy Act) Reform. We've been calling for ECPA Reform for many, many years, but to stop warrantless surveillance and data collection. But Sessions' plan was to make it even easier for law enforcement to get data, so long as they "declared it was an emergency."
A provider of electronic communication service or remote computing service shall disclose to a governmental entity a wire or electronic communication (including the contents of the communication) and a record or other information pertaining to a subscriber or customer if a representative of the governmental entity reasonably certifies under penalty of perjury that an emergency involving the danger of death or serious physical injury requires disclosure without delay.
And, the thing is, many companies will help out law enforcement voluntarily in such situations. But Sessions was trying to make it mandatory, which would be massively abused.

And that doesn't even touch on Session's horrific history concerning civil rights, which generally doesn't bode well for his views on related civil liberties.

I know that we'd heard from some Trump supporters telling us that they believed he wouldn't be as bad on surveillance as Obama or Bush. But, so far, it certainly looks like he's worse, given who he is planning to appoint.

57 Comments | Leave a Comment..

More posts from Mike Masnick >>