Capitalist Lion Tamer’s Techdirt Profile


About Capitalist Lion TamerTechdirt Insider

List of blogs started with enthusiasm, which now mostly lie dormant:

[reserved for future use]

[recently retired]

[various side projects]

Posted on Techdirt - 3 August 2015 @ 3:57pm

Appeals Court Says Netflix Doesn't Violate Privacy By Displaying Viewing History To Anyone Using That Account

from the because-duh dept

The Ninth Circuit Appeals Court has upheld a win for Netflix in yet another privacy class-action lawsuit arising from the publication of then-Supreme Court nominee Robert Bork's rental history oh so many years ago. The Video Privacy Protection Act sprang into being in 1988 and was used to extract a settlement from Netflix over 20 years later.

The lawsuit Netflix settled featured one key difference: in that case, rental information -- in the form of "anonymized data" -- was released to third parties working on better suggestion algorithms in hopes of winning $1 million. In this case, no information was released in any form to third parties… at least not in this sense.

At the center of this lawsuit were complaints that Netflix exposed viewing history to certain third parties, i.e., anyone who used the same login as the account holder. This would include family, friends and guests at a person's residence. Since Netflix allows any number of devices to be allowed to access the account simultaneously (depending on how much you want to pay per month), one person's viewing history could theoretically be accessed by a great many people.

So, while there may be a privacy concern, it isn't a logical one. The information "exposed" to third parties is done so willingly by the account holder by sharing login info/logged-in devices with other viewers. Certainly the original account holder would like immediate access to recently viewed content. But this convenience also allows anyone using that login to see what's been viewed by that account. The plaintiffs claimed this convenient feature was actually a violation of the 27-year-old Video Privacy Protection Act.

The complaint alleges that upon setting up a Netflix account, personally identifiable information, by default, is only disclosed to a Netflix subscriber through her password-protected account. Under those circumstances, a subscriber’s queue or recommendation lists are only viewable by the subscriber. Netflix subscribers can then elect to display on their televisions what would otherwise be password-protected information by registering Netflix-ready devices in their accounts. Thereafter, Netflix automatically displays on a television what it displays on a subscriber’s computer: streamed instant videos, the subscriber’s queue, and video recommendations. This is plainly a disclosure “to the consumer” as contemplated by the VPPA. When Netflix displays a subscriber’s queue, viewing history, or recommendation lists in her online account, that is a disclosure directly to the consumer. The nature of that disclosure does not change when subscribers choose to display the same content on their television screens. The subscriber’s choice to do so does not trigger some new statutory duty on the part of Netflix.
Furthermore, the law (logically) does not demand that Netflix prevent things it can't possibly control.
The fact that a subscriber may permit third parties to access her account, thereby allowing third parties to view Netflix’s disclosures, does not alter the legal status of those disclosures. No matter the particular circumstances at a subscriber’s residence, Netflix’s actions remain the same: it transmits information automatically to the device that a subscriber connected to her Netflix account. The lawfulness of this disclosure cannot depend on circumstances outside of Netflix’s control.
The lawsuit also used California's civil code as a fallback option in case the VPPA claims failed, but the court finds the wording in that statute doesn't open Netflix up to any additional culpability.
While phrased in slightly different language than the VPPA, the California Civil Code plainly excludes liability for disclosures to a subscriber who is the subject of a record. Netflix’s disclosure of personal information was made to its subscribers and therefore it is not liable under section 1799.3.
That this case made it as far as the appeals court is simply the judicial system functioning as it should, rather than indicative of the lawsuit's strengths. Exhausting every available remedy is something the system grants to plaintiffs, even if the arguments made are incredibly weak.

The simple fact is that if someone don't want anyone but Netflix knowing what they watch, they should't let anyone but Netflix have access to the account. Additionally, the company now allows the account holder to remove recently-viewed titles at any point in time (exception: children's accounts). Granted, this feature didn't go into effect until after the lawsuit was filed, but its nonexistence at the point of filing (2011) didn't make the lawsuit any less misguided. Information pertinent and relevant to the account holder will obviously be displayed to any person using any device that is logged on to that account. Why anyone should expect anything else when they "log in" is baffling.

Read More | 5 Comments | Leave a Comment..

Posted on Techdirt - 3 August 2015 @ 2:52pm

Government Seizes Vehicles Worth $1 Million; Brings No Charges, Keeps The Cars

from the where-'due-process'-is-commonly-abbreviated-as-'GFY' dept

Asset forfeiture: drop the charges, keep the property. I guess the person behind Saeki Co., Ltd. should feel appreciative he actually was graced with charges, rather than just had his purchased vehicles seized and spirited away with a mumbled explanation and some dodgy paperwork.

Saeki Co. bought several luxury vehicles from a place called Texas Motors (which, oddly enough, is located in Florida) with the intent to sell them for a significant markup to wealthy Japanese citizens. This is possibly illegal, but not because of any explicit export ban. The only reason it verges on illegal is because resellers like Saeki ever-so-lightly tread on the toes of major manufacturers and their authorized dealers who do the same thing.

The true legality of the situation is undetermined. The feds behind the first seizures of soon-to-be-exported vehicles didn't seem to have a firm grasp on the matter. They certainly felt it was illegal, and this feeling resulted in plenty of seizures, but these agencies didn't have any crystal-clear guidance on the matter.

The crackdown was driven largely by agents with the Secret Service and the Department of Homeland Security, who questioned whether these small export companies were violating federal law by using straw buyers — people paid small sums to buy cars — to conceal that the vehicles were being bought by people who had no intention of keeping them and were using cash from other people to make the acquisitions. Federal authorities have argued that using straw buyers is a deceptive practice that potentially deprives American consumers of a chance to buy the luxury cars and limits the ability of automakers to keep tight control over sales to domestic dealers and to foreign countries.
It's not so much the American public losing a few opportunities to buy a luxury vehicle as it is the other thing: tight control of sales. The American public can't get many laws written in its favor, but large industries certainly can. This initial thrust led to lots and lots of partnerships with local law enforcement agencies conveniently located near shipping docks. And this led to lots and lots of luxury vehicles ending up in the hands of law enforcement.

Then, the government stopped the crackdown. It claimed to be making an effort to more tightly focus its forfeiture efforts as a result of Eric Holder's reform initiative. The appearance of being an errand boy for corporate interests certainly didn't help. Cases were dropped and charges dismissed. But the vehicles remained in the government's hands.

One person in Saeki Co.'s position spent two years fighting for the return of a seized vehicle and $125,000 in cash. This followed about a dozen similar settlements, most occuring after a legal battle with the agency(ies) holding the vehicles. In other cases, the prevailing parties still have yet to be fully recompensed. And others are still being prosecuted for violating a law the federal government isn't entirely clear on and has lost an interest in enforcing.

Saeki Co.'s story is the worst of the potential situations. It had eight vehicles worth nearly $900,000 seized at the Long Beach Seaport by customs agents. This happened January 3, 2013. Two months later, customs agents seized another of its vehicles (worth over $100,000) in Seattle. Two-and-a-half years later, the feds have abandoned everything about the case but Saeki's vehicles. And it simply doesn't want to talk about the seized property.
Despite the Government’s change in policy, Plaintiff has not received administrative relief from CBP nor any communication from the Government justifying its seizure of Plaintiff’s vehicles.
Other than the fact that it won't be bringing criminal charges.
In or about early 2014, Assistant United States Attorney David Lazarus advised Plaintiff’s counsel that the federal grand jury investigation undertaken in the Middle District of Florida had concluded without any criminal charge lodged against Plaintiff or any of its agents.
So, no criminal activity but the government still wants to keep the cars -- which were seized under a vague "felony interference of a business model" law.
Plaintiff’s vehicles were seized by CBP not because of any wrongdoing by Plaintiff, but because of an ill-conceived program by the Government to support a vehicle export monopoly at the expense of the Constitutional rights of Plaintiff and other vehicle exporters.
As the complaint points out, the government's unwillingness to respond to the plaintiff is swiftly rendering the vehicles worthless. Overseas purchasers willing to pay above US domestic retail for luxury vehicles are most likely going to want this year's model, not something that's been sitting around a government warehouse for almost three years. (And that's not taking into consideration the possibility the vehicles may have racked up miles as government agents' "work vehicles" or the occasional "drive it like you seized it" joyride.)

Then there's the simple fact that a newly-purchased vehicle starts leaking resale value the instant a purchaser drives it off the lot.
Using the generally accepted average vehicle depreciation rate of 20% in the first model year and 15% in subsequent years, the value of Plaintiff’s property has decreased in value by approximately $375,891.00 since their seizure. This measure increases every day that the Government fails to return the seized vehicles to Plaintiff.
Much of the filing details "conversations" with the government about the return of the vehicles, most of which went something like this.
SAEKI CO.: So, there's no criminal charges? This means we can have our cars back, right?
The lawsuit repeatedly makes claims about Saeki Co. being deprived of due process. Which it has been. But civil asset forfeiture isn't about due process. These statutes provide -- from the very start -- a way for the government to bypass the protections due process affords to citizens. The cases themselves indicate that clearly. It's not the government versus any named individual or company. It's the government against the seized property itself, which cannot advocate in its own defense and can only be spoken for if the government grants the request.

So, while the company is absolutely right about being deprived of this right, in terms of asset forfeiture, this right simply does not exist. This lawsuit may force a response from the government, but it's a step it doesn't consider to be "appropriate" in terms of disputing seizures.

What Saeki does have going for it is the government's ambivalence towards the "law" it claimed Saeki broke. If nothing else, a judge will be asking the government a few tough questions about how its ongoing non-prosecution has managed to tie up not-guilty vehicles for the better part of three years. Given the racket that asset forfeiture is, that's about the best that can be hoped for.

Read More | 23 Comments | Leave a Comment..

Posted on Techdirt - 3 August 2015 @ 1:44pm

Rightscorp's Settlement Site Blocked As 'Malware' By Respected Antivirus Software Provider

from the not-helping-with-the-whole-legitimacy-thing dept

The anti-piracy catastrophe that is Rightscorp continues its slide into disrespectability, albeit inadvertently. Currently facing lawsuits for robocall phone harassment and the realities of a business model that largely relies on the kindness of accused strangers, Rightscorp is barely upright.

Granted, this latest mini-debacle isn't necessarily its fault. At least, not directly or intentionally. But it is a problem nonetheless, especially if Rightscorp is still expecting alleged infringers to beat a path to its virtual doorstep to pay up for their illicit activities. Ernesto at TorrentFreak has more bad news for the trollish company.

For the past few days prominent anti-virus vendor Bitdefender has been blocking the company’s website after categorizing it as malware.

People who receive a notice from Rightcorp are welcomed with the following popover when they try to access the settlement page. The notice is limited to the settlement pages and doesn’t appear on the regular website.

This has led to some speculation as to how Rightscorp became malware, at least in the eyes of Bitdefender. While some antivirus programs kick out more false positives than a Total Wipes DMCA takedown request, Bitdefender doesn't appear to have that reputation.

Ernesto speculates this may be due to the large number of settlement emails all providing links back to Rightscorp's "secure" (it's a bit more secure now…) payment site. Sophisticated Jane Doe of Fight Copyright Trolls points out in the comments that the page itself is a joke, what with settlement screens still providing "share" links to a variety of social media services… except that they all link back to the notice screen itself.

It could be that Bitdefender views pages that demand credit card information without any sort of preamble (a "shopping cart" screen/an opening splash page informing purchasers that they've arrived at the right site, etc.) as potentially untrustworthy and better safe than sorry.

As of right now, this appears to be a fluke error on Bitdefender's part, as it is the only antivirus/malware service to have blocked the page. Maybe this "misunderstanding" will be cleared up in a few days. Or maybe Bitdefender users with settlement notices will continue to be steered clear by their AV software. Either way, it's hardly helpful that a respected antivirus service feels the site is questionable enough that it has constructed a tiny dam right in the middle of Rightscorp's trickling revenue stream.

6 Comments | Leave a Comment..

Posted on Techdirt - 3 August 2015 @ 11:38am

Github Nukes Repository Over Use Of The Word 'Retard'

from the stupidity-ensues dept

There's nothing censorious about a private company deciding what it does and doesn't want littering its platform. Let's just get that out of the way. However, things change a bit when you're considered to be a central repository of open-source projects, like Github is. Open-source generally conjures visions of freedom and a more "hands-off" approach. On top of this, would it kill these services that suddenly decide to crack down on one person to at least be consistent in their actions? (h/t Andre)

Currently, there's an all out gif-and-snark-war going on in this trainwreck of a thread over at Github, below a small change made in the fork of a repo. A change where the word "Retard" - "delay or hold back in terms of progress or development"- was removed and exchanged for the word "Git" - "an unpleasant or contemptible person". Why? Github wants to remove the word "retard" from code.
[A word of caution: further text and images quite possibly NSFW, so scroll yourself accordingly.]

That's "Dabitch' writing for Adland. The word "retard" has its legitimate uses, as noted above. It's also used in a pejorative sense far more frequently. It's insulting and terrible and generally Not Acceptable Usage, but it's still deployed in code instructions for idiots while idiot-proofing software.

The word is problematic in this context. So are Github's actions.
Github had already deleted the original repo, and suddenly all forks from this repo were affected, ie; also gone from public view and use on Github.
This is a problem because it affects more than the person who childishly decided to use the word "retard" in his/her code comments -- comments, it must be noted, that would probably be read by others who would be unoffended by this usage. But Github became its own heckler's veto. And in the laziest way -- by deferring to its terms of service.

This was ultra-lazy because the takedown came first and the notification second. So, not only did Github tank the repo and its forks, but it couldn't be bothered to ask nixxquality (the person behind the offensive code comments) to make the changes first before moving on to more drastic tactics.

Here's the post-facto explanation that was given to nixxquality. (Which, it must be noted, only came into being because nixxquality demanded to know what happened to the project.)
We may, but have no obligation to, remove Content and Accounts containing Content that we determine in our sole discretion are unlawful, offensive, threatening, libelous, defamatory, pornographic, obscene or otherwise objectionable or violates any party's intellectual property or these Terms of Service.

The content in question was the use of the words "retard" and "retarded." We'd like to give you 24 hours to remove or change the content in your own repository.
This being said after said content was already disabled made inaccessible.

The email went on to state that the content would be re-enabled after these words were removed. This seems to be the sort of thing that could have remained up while it was sorted out, with Github's email preceding the takedown, rather than vice versa.

So, nixxquality changed "retard" to "git." As in "Github." As in just another word for the sort of "retard" targeted by code notes meant to dissuade others from screwing things up.
Git is a mild pejorative with origins in British English for a silly, incompetent, stupid, annoying, senile, elderly or childish person. It is usually an insult, more severe than twit or idiot but less severe than wanker, arsehole or twat.
Github's email makes it clear it can arbitrarily enforce its code Code. Good for it. But inconsistent policing looks like laziness or hypocrisy. At its very best, it only looks incompetent. So, Nixx's "retard" was nixed (I apologize for nothing!) but hundreds of thousands of other occurrences live on -- some of which are far, far more offensive than nixxquality's.

The last one is part of an insult generator that pulls from the following list of words to ensure users are properly verbally smacked around.

Offensive/obscene/objectionable? You bet. And yet it lives on unaltered.

You want worse? Here are two more that I will only link to, rather than assault your eyeballs further. Search any offensive term you can think of and you'll find thousands of hits hosted at Github.

This would be a nightmare to police. And it would be equally pointless. So, why target one use of "retard" when the rest of Github is littered with absolute filth? Even if this inconsistency is forgiven, why take down first and notify later? That just exacerbates the problems of an arbitrarily-applied "policy." As it stands now, the only way anyone will truly know if they've run afoul of Github's content guidelines is when their project disappears.

As was stated at the opening of this post, Github can police its site however it wants to. It can be strict but fair. Or it can do this sort of thing. Neither option is wholly incorrect, although one option is far more correct than the other. The public has options. If it doesn't like Github's cherry-picking of projects to dump, it can take its "business" elsewhere. Except, in cases like these, there's sometimes not a lot of "elsewhere" available.
By doing this, Github risks alienating their core users, though at least one user in the trainwreck thread insists that they should all "shoo". As in "You all lose. Just leave. Go form your own git hosting service that'll wither and die. Shoo."
Not quite as easy to do when a single service has become a large, centralized repository (with its users' assistance, of course). When it comes time to talk or walk, the "walk" needs to be well-attended to be effective.
The thing is, the core users can literally do just that, and where would that leave Github the business? Will it be worth $2 billion after 224,477 repos are arbitrarily locked down or deleted?
This assumes Github will commit commercial suicide. It won't. Its enforcement of this policy indicates it knows better than to apply the rules in anything more than a haphazard fashion. You can't dump 224,000 repositories because they contain the word "retard." The manpower spent to sort out the legitimate uses would provide no ROI. Very few people are going to stop using Github because it has "failed" to eradicate slurs and insults. But a greater number will abandon the site when they see the so-called rules are whimsically applied, and not in the way an eccentric uncle with a flair for the amusingly dramatic does.

The problem is that Github has also become indispensable for so many people. Given this power, it can deploy its rules stupidly and capriciously and still get away with it. That's what pains users of large, centralized services the most. Smaller, agile platforms with multiple competitors need to carefully consider their terms of service and the consequences of arbitrary enforcement. Those with more power and market-share are far more likely to use supposedly strict rules as nothing more than guidelines subject to moderators' moods and shifts in the ideological winds. In doing so, they allow hecklers to control the veto power… even when the heckling is coming from inside the house office.

34 Comments | Leave a Comment..

Posted on Techdirt - 3 August 2015 @ 10:29am

TSA Decides Sorority Souvenir Book Carried By Dozens Of Travelers Probably A Bomb

from the some-sort-of-terrorist-convention...-even-the-letters-aren't-English dept

Hundreds of travelers attempting to fly out of Houston's Hobby Airport were delayed for hours as TSA agents confronted the massive security threat posed by a book. Actually, several books. Several identical books. Carried by several fliers leaving the same event. (via Lowering the Bar)

"We had a large group with a large number of bags to be checked and because of a certain item in those bags there was additional screening necessary," said Bill Begley with Hobby Airport.

A spokesman for the airport says the sorority members were apparently given thick booklets at the convention that could be mistaken for explosives when packed into checked bags. The booklets forced TSA officials to hand check most of the luggage.
Nice use of the word "forced." Even if the book appeared suspicious at first, perhaps the inference could have been drawn that other passengers wearing the sorority insignia on their almost-universally red clothing were carrying the same non-threatening book. Or does "Behavioral Detection" -- the TSA's mind-reading initiative that watches for suspicious patterns -- only detect suspicion, not the lack thereof?

Here's the "bomb," as displayed by one passenger during KHOU's televised report:

Better safe than sorry -- the TSA's strangulated way of thinking -- kept this from being pursued logically, as Kevin Underhill points out.
Of course, I suppose it's not impossible that ISIS coordinated an attack plan with the annual Delta Sigma Theta convention. But the chances of that are sufficiently close to zero that I'd feel safe waving these ladies through.
Maybe it wasn't ISIS. Maybe it was hundreds of "lone wolves," all wearing red and white clothing and all carrying the same bomb/book!

Instead of seeing this common element as something non-suspicious after the first thorough search, the TSA apparently treated every repeat "incident" as its own particularized threat. Flights were delayed, but not a single one was made any safer by these extra inspection efforts.

So far, the TSA has yet to comment on its actions, leaving that unenviable task to airport officials. Meanwhile, travelers continue to give the TSA more credit than it deserves.
"I'm sure they were doing their best that they could, but it just wasn't enough it wasn't enough," [sorority alumus Cassandra] Tomes said.
Their "best" is routinely terrible. And for all the talk about becoming a smarter, more responsive security agency, the TSA continues to brute force its way through the day-to-day business of keeping up appearances.

60 Comments | Leave a Comment..

Posted on Techdirt - 3 August 2015 @ 9:19am

Legislators Want Better Whistleblower Protections, Forget To Include Their Own Staff Members

from the Ohhh,-THOSE-unprotected-government-employees dept

This administration hasn't been big on protecting whistleblowers. It often talks about increasing transparency and accountability, but its actions have been the complete opposite. The same goes for the rest of the government. Agencies institute whistleblower protections, often in response to Inspector Generals' reports detailing violations of existing policies, but still remain much more interested in nabbing "insider threats" than protecting whistleblowers from retaliation.

Various bills have been introduced to strengthen protections for whistleblowers. But, as Marcy Wheeler (writing for Expose Facts) points out, legislators fighting for whistleblowers are leaving behind a lot of people very close to them.

When Congress passes good governance laws — most notably FOIA — they tend to exempt themselves.

They’ve done the same with a series of Whistleblower Protection laws. While they’ve amended the Whistleblower Protection Act and added protections to employees in the private finance industry, they have not offered the same protections to their employees.
Sadly, this seems to be the case far too often. Lawmakers tend to write laws for other people. But accountability shouldn't just apply to other entities. Congress needs whistleblowers just as much as the rest of the government does. In this case, however, it doesn't appear to be intentional. It appears to be that some of these legislators are simply unaware they're pushing for something they've already exempted themselves from having to follow.

Roll Call -- a DC-focused new site -- confronted some of the legislators who approved a resolution naming July 30th "Whistleblower Protection Day" about the unprotected potential whistleblowers working for them.
Asked about the [Whistleblower Protection Caucus] report, Sen. Charles E. Grassley, R-Iowa, one of the caucus’s founders, said federal workers are protected. When informed about the OOC report that stated protections did not extend to legislative branch workers, Grassley said, “We’ll take a look at it.”

Sen. Claire McCaskill, D-Mo., another of the caucus’s founding members, was shocked to learn congressional employees are not protected.

“They should [be protected],” McCaskill said. “I’ll go right back to the office and say, ‘Draft that legislation!'”

“Whistleblowers should be allowed to operate and have protections everywhere in our government,” McCaskill added. “Everywhere.”
Hindsight has been adjusted to roughly 20/20, give or take an ongoing blindspot. Now, instead of congratulating themselves on crafting healthier whistleblower protections while their respective staffs look on in concern, they'll be performing the civic duty of "getting right on that." Hopefully, this will result in the institution of the currently-missing protections. But it can just as easily result in this being yet another law Congress doesn't have to follow -- especially if the numerous legislators currently unconcerned with the lack of strong whistleblower protections decide their interests are more important than the public's.

A few legislators were aware of the missing protection, however. Senator Barbara Boxer is already working on legislation that will encompass federal employees not currently covered by existing laws, and Senator Ron Johnson has already set up his own whistleblower "hotline."
“I would say that is news to me,” said Sen. Ron Johnson, R-Wis., when told that legislative workers were not protected. “I think they should be. And certainly we’ve [set up] a website,, and I hope they would take advantage of that.”

“I’ll protect ‘em,” he added.
It's not clear how much protection Johnson can offer anyone not currently covered by whistleblower protections, but a senator's office likely offers a bit more of a shield than going it alone.

17 Comments | Leave a Comment..

Posted on Techdirt - 3 August 2015 @ 8:01am

Spanish Cops Use New Law To Fine Facebook Commenter For Calling Them 'Slackers'

from the bigger-men-than-this...-are-employed-elsewhere dept

On July 1st, the Spanish government enacted a set of laws designed to keep disruption within its borders to a minimum. In addition to making dissent illegal (criminal acts now include "public disruption" and "unauthorized protests"), Spanish legislators decided the nation's law enforcement officers should be above reproach. This doesn't mean Spanish cops will be behaving better. It just means the public will no longer be able to criticize them.

The new law forbids "showing a lack of respect" for police officers. Not showing respect can net a member of the public a hefty fine. According to James Badcock of The Telegraph, a local police force has already exercised its brand-new "right."

In his July 22 Facebook comment, Mr Díaz criticised the use of public resources on a brand new police station in the town of Güímar, stating that the local force was a “pack of slackers”. But local police officers wasted no time in reacting, ringing Mr Díaz’s doorbell six hours later to present him with the notification of a fine which will be set at between €100 and €600.
It appears the "slackers" in Eduardo Diaz's town can be proactive if properly motivated. With a fine approaching €100 a letter at the top end, the police force should soon feel properly insulated from the public's negative Facebook comments. Over here in the US, this would be protected free speech. In Spain, it's a criminal act and -- depending on how the local judge is feeling -- could net disgruntled commenters €600,000 for assaulting police officers with words.

I'm not sure how police officers in general feel about this new law, which also makes "unauthorized" photography of officers subject to similar fines. I would like to think they're not too happy with this and would rather earn respect rather than exist in an enforced criticism-free vacuum. But maybe not. Maybe these cops -- the ones that showed up all too quickly to serve Diaz with a summons -- enjoy a cowed populace. If so, they really have no business working in the public sector.

In truly Orwellian fashion, the government is claiming that a police state is a more liberated state.
Defending the new law, the PP government has said that “demonstrations will become freer because they will be protected from violent elements”.
It's assumed similar statements defending Spain's gag law will be issued from the Ministry of Love in the coming months as Twitter users and cell phone-wielding photographers are picked up by local law enforcement and made to pay for their unwillingness to let police officers do their jobs both uncriticized and unobserved.

64 Comments | Leave a Comment..

Posted on Techdirt - 31 July 2015 @ 8:53am

Of All The Ways The DMCA Takedown Process Can Be Responsibly Used, These Are None Of Them

from the Google:-bring-me-the-internet dept

The DMCA takedown notice is a powerful tool. With a minimum of effort, any person can ask for the removal of content or the delisting of a URL. Whether or not they succeed is based on two factors: the relative skill level of the person/bot making the request and the credulity/intestinal fortitude of the receiving intermediary.

In the interest of making the internet a slightly better place to be, here's some guidance of what not to do when submitting DMCA takedown notices.


Andromedical -- despite its name -- makes a device that has little to do with proven medical science. There's no need to fully describe the device's purpose, as the description of the allegedly-infringing content provided by the company in its takedown request fills in all the mental blanks.

The ilustrations of the penis with a device and the final results in numbers. The ilustration of the cellular multiplication. The photographies of the doctors Dr. Hellstrom or Dr. Moncada or Dr. Gontero or Dr. Gomez or other members of Andromedical Medical Committee. Chart of several parts of the Andropenis device.
The "photographies" and "ilustrations" Andromedical wishes to have removed probably contain some of these (totally SFW):

As you can see, it's highly unlikely anyone would expect these photographs to be owned by anyone other than ANDROMEDICAL. And yet, here we are, watching in fascination as Andromedical asks Google to take down Bing's search results.

Because Bing has yet to offer any sort of transparency on takedown requests, we can't cross-reference this to see if it was just issued to the wrong search engine. But it's not uncommon for people -- even legislators and lobbyists -- to believe that Google is the whole of the internet. Or if not that, then at least one of the only doors.


No one needs you to play Internet Batman and act as an anti-piracy vigilante squad. You're not just wasting your time, but you're wasting the time of others who could be assisting real rightsholders. You're accomplishing absolutely nothing.

You're not even making a dent in piracy, especially when your takedown requests veer suddenly from file lockers and torrent links to and The real rightsholders have automated scripts that can generate bogus hits thousands of times faster than this person can.


Meet Sean Gjerde. Convicted in 2013 of conspiring to commit mortgage fraud, he's now hoping to turn over a new leaf... by engaging in fraudulent behavior. In a DMCA takedown notice targeting multiple news articles about his conviction -- including the FBI's own press release -- Gjerde claims these news reports are actually excerpts from his upcoming novel.

Following the URL he provides, one is greeted by Sean Gjerde's inescapable name, a short bit of introductory material designed to throw off anyone trying to verify his takedown request and… entire articles pasted into the body of his single post -- which he is now claiming belong to him because he surrounded them with a few paragraphs he wrote himself. And the few paragraphs he did write portray him as the grammatically-challenged victim.
This is a excerpt from my new book "Grace Under Pressure" coming next sping as a Amazon exclusive for kindle.

I had always done what I thought was right. How could I have gotten caught up in all this. How is it possible that the Bar didn't see what I did, what I did for my client. I did what every attorney is supposed to do, keep quiet.

I kept my mouth shut, and my award was that they went after me. These people were supposed to protect me. I should be rewarded, not implicated.

Renee, she is my friend. They are accusing me of steeling from my friend. I took her to the movies and baseball games for heavens sake. I took care of her cats. I can't believe they would make this all up. I read the lies and could barely continue.

An Elk Grove lawyer already indicted in federal court for conspiracy to commit mail fraud was charged last month by the State Bar with 36 counts of misconduct in which his victims ranged from desperate clients seeking bankruptcy protection to a legal insurance provider.

SEAN PATRICK GJERDE (#217467), 35, misappropriated more than $80,000 from the beneficiary of a trust for which he served as trustee, engaged in a scheme to defraud a legal insurance provider, repeatedly violated a bankruptcy court order, performed incompetently, failed to return unearned fees, lied on court documents and even forged the names of his partner and a client, according to State Bar documents. Many of the charges involved moral turpitude, dishonesty or corruption.
Of course, his protestations of innocence and good intentions are largely undone by his stupid-ass attempt to fake his way into the "controlling rightsholder" position solely for the purpose of burying press coverage of his fraudulent behavior.

And, along those same lines, one more "don't" for DMCA takedowns.

This is the United States Secret Service Washington Field Office requesting removal of false report against a federal agency is a federal violation which could put Google company out of business if this report is not immediately removes revews complaint/complaint against the united states secret serive. If not remove within 24 hours of this notice all through out the internet should be removed from Google,Yahoo,,, and all other sites. You are under major violation of infringment rights against a federal agency name. US Secret Service is a Federal Angency and any misuse of the Agencies name for advertisement or for whatever purpose is not allowed at all on the internet or otherwise by Supreme Justice Court Order Remove This Article At Once from all searches or face court violation charges. US SECRET SERVICE/Attorney General Of Va./The House Of Representatives/US Supreme Court
It's well-known that Ripoff Report doesn't humor takedown requests. So, if you wish to be taken more seriously, I guess you escalate until maximum ridiculousness is achieved. Not only does this person claim to be a federal agent, but he also claims to have the weight of Congress and the Supreme Court behind his badly-written, poorly-spelled demands.

And, as if asking for the removal of this link from the entire internet (including Altavista!), "US Secret Service Agent Joe Morrison" does it three more times. One includes ALL CAPS so you know he means business.
These easy-to-follow rules should help keep rightsholders (or the severely-misguided, full-blown imposters, etc.) from embarassing themselves while simultaneously raising the estimation and visibility of the content they originally wanted removed. The takedown notice is a tool, not a toy.

(P.S. There is likely a far better way to let everyone know a certain former employee will no longer be welcome at company events/kids' birthday parties than sending a notice to Google, Inc.
Vincent Leahy no longer works for our company. He was arrested last year by the FBI on charges of possession and distribution of child pornography. His trial is underway. We do not want to be associated with this individual, as it may affect our business reputation and major losses could be incurred. The web site has already taken down his testimonial but it still appears on the Google search. Any assistance in correcting this problem asap would be greatly appreciated. Regards, Mike
[Note: this may not be an actual DMCA takedown notice. It's simply listed at Chilling Effects as "Other," which it certainly is.])

9 Comments | Leave a Comment..

Posted on Techdirt - 30 July 2015 @ 11:02pm

Feds Hand Out Funds To Be Used For 'Traffic Safety;' Local Agencies Buy License Plate Readers Instead

from the protective-non-custody dept

The National Highway Transportation Safety Association (NHTSA) is supposed to be focused on one thing: safety. For crying out loud, it's right in the middle of its cumbersome name. But the federal funding it hands out to state and local governments is being used for surveillance devices with no discernible "safety" purpose: automatic license plate readers.

The NHTSA is funding license plate readers for highway safety purposes only, but it’s far from clear how law enforcement agencies are interpreting this and whether they are using the funding to buy license plate readers for non-safety uses. The NHTSA should not be funding police technology for surveillance purposes and it should not let law enforcement apply for funding to decrease traffic fatalities and then turn around and use those funds to track people not suspected of any crime.
This is how things are supposed to run versus how things actually run. This funding dodge is pretty much indiscernible from law enforcement agencies obtaining DHS/DoD grants for Stingrays and Bearcats to combat "terrorism," and then using the equipment to do banal, routine policework, like tracking down drug dealers.

So, in the name of "safety," local agencies are asking for federal funding, and then using the subsidization to deploy new surveillance tech. Standard operating procedure. And the companies manufacturing this equipment clearly recognize these exploitable funding opportunities and target prospective purchasers accordingly.
Private license plate reader manufacturers have further facilitated NHTSA granting funds for license plate reader systems by connecting state and local law enforcement agencies with the funding streams. In one 2012 email exchange, an employee of an ALPR maker advises the Florida Department of Highway Safety and Motor Vehicles that “NHTSA funding is available for traffic safety” and provides contact information. Indeed, the company has a whole page of its website devoted to connecting law enforcement agencies with sources of funding.
In essence, the companies are telling agencies this equipment is pretty much free. And it is, as long as you don't think too hard about the original source of the funding: taxpayers. Exploiting this federal funding allows agencies to claim safety is a priority while not actually moving towards that goal. Instead, they get the location tracking technology they want and allow the public to pick up the tab. Then this equipment is turned around and pointed at the same people paying for it, sometimes literally as a tool of tax collection.

And it looks as if this broken, abused system will only get worse. The ACLU reports the NHTSA is soliciting bids for a study into the use of license plate readers to improve driver safety. That this obviously arrives well after NHTSA funds have been used to purchase plate readers is already problematic. Beyond that, any conclusions drawn from the report will simply provide law enforcement agencies with handy citations to use when requesting funding for equipment they have no interest in using for "public safety" reasons.

18 Comments | Leave a Comment..

Posted on Techdirt - 30 July 2015 @ 3:21pm

Court Shuts Down Police Union's Attempt To Bury Reporting On Sheriff's Dept.'s Hiring Of Bad Cops, Thieves And Sex Offenders

from the shut-up,-they-motioned dept

Late in 2013, the LA Times published information from applications processed by the Los Angeles Sheriff's Department that showed the agency was generally unconcerned by past misconduct and illegal behavior by applicants -- especially if those applicants were former police officers or prison guards. This is the government's other revolving door, one that ensures a bad cop won't stay jobless for long.

The local police union and members of the Sheriff's Department tried to get a court to agree to some prior restraint in hopes of preventing this information from being made public. According to the lawsuit, the documents were "stolen" and, as stolen property, the LA Times had no right to hold onto it, much less publish it.

Of course, this assertion is wrong on multiple levels, starting with the fact that it's not illegal for journalists to publish stolen documents. If it was, hundreds of journalists would be in jail. The law cited by the union only prevents law enforcement officers from stealing or disseminating this information. On top of that, while the lawsuit alleged the documents were stolen, no evidence was provided to back up this claim.

This attempt to prevent information of public interest from reaching the public was greeted with an anti-SLAPP motion from the LA Times. This was sustained by the lower court, which found the plaintiffs' arguments severely deficient.

The court noted the Doe declarations ALADS submitted “contain no personal details about the declarants that would relieve them of the obligation of identifying themselves, particularly when the declarations contain the hearsay statement of defendant Faturechi concerning when the article is going to be published and what it will contain -- the evidence most critical to the showing of irreparable harm or immediate danger that plaintiff must make to justify ex parte relief.” The court also observed, “The declarations are also very vague in their reference to the personal information that Faturechi told the declarants he would be publishing.” The court “decline[d] to issue a TRO imposing a prior restraint on defendants’ free speech based on the speculative hearsay testimony of anonymous witnesses.”

The court denied the application on the additional ground that ALADS -- by its own admission -- had known for weeks if not months that the Times had information from the OPS/LASD deputies’ files, that notwithstanding this knowledge it had not proceeded by noticed motion, and therefore that “any exigency appear[ed] to be of [ALADS’] own making . . . . ”
This, of course, led to an appeal.

The appeal, even if successful, would have been a lost cause. By the time it reached the California appeals court, the information had already been published. Once prior restraint was denied, the only thing left for the plaintiffs to do was find some way to punish the paper for its act of journalism.

The appeals court is similarly unmoved by the plaintiffs' post-publication arguments, which are pretty much mostly a repetition of its previous failed arguments, with the addition of the assertion that the LA Times shouldn't have been able to invoke anti-SLAPP laws because it was trafficking in "stolen" material. Again, the appeals court agrees with the finding of the lower court -- that the plaintiffs make a lot of accusations, but can't seem to be able to back them up.
ALADS asserts the trial court erred in finding the Times had met its burden on the first step of the analysis because the Times obtained the LASD files “through criminal means.” ALADS repeats the allegation from its complaint that the Times reporter “stole, received from someone else who stole, or otherwise unlawfully came into physical possession of the confidential background investigation files...” As the trial court correctly observed, ALADS has presented no admissible evidence that Faturechi or anyone else at the Times stole anything.
And even if the documents were indeed stolen, the LASD officers and police union can't seem to find anything that indicates a law was broken by the LA Times' publication of the material.
ALADS cites -- and miscites -- various statutes it contends are violated by Faturechi’s mere possession of the records. For example, ALADS asserts that section 6200 of the Government Code makes it a crime for “any person” to steal, remove, or secrete “official government documents.” But the statute does not say “any person.” It says “[e]very officer” who has custody of a record “deposited in any public office” shall not steal, remove, secrete, destroy, mutilate, deface, alter, or falsify the record or permit another person to do so. The section is entitled “Custodial officers; theft, destruction, alteration, falsification.” Similarly, ALADS claims Government Code section 3307.5 “makes it illegal, as a matter of law, for anyone” to release a photograph of a peace officer to the public. In fact, that statute concerns officers’ relationships with the agencies that employ them. It says officers shall not be “required as a condition of employment” to consent to the use of their photographs on the Internet.
The court also addresses the "privacy violation" arguments advanced by the police union and the anonymous Doe plaintiffs, finding them similarly weak.
The first problem with ALADS’ argument is that any privacy right in the information contained in deputies’ employment applications belongs to the deputies (and their employer, LASD), not to the deputies’ labor union. “It is well settled that the right of privacy is purely a personal one; it cannot be asserted by anyone other than the person whose privacy has been invaded, that is, plaintiff must plead and prove that his privacy has been invaded.”
Finally, the court takes on the union's claim that its attempted prior restraint wasn't really prior restraint.
[T]he injunction ALADS seeks would not be “content-neutral” at all. ALADS asks the court to enjoin the Times from publishing any article containing any information in 16 listed categories, including the names of any OPS/LASD deputies, their photographs, and their “non-public criminal history.”

In sum, ALADS has cited no case permitting the kind of injunction it seeks here, to restrain a newspaper from publishing news articles on a matter of public concern: the qualifications of applicants for jobs as law enforcement officers. ALADS has cited no case because there is no such case. For more than one hundred years, federal and state courts have refused to allow the subjects of potential news reports to stop journalists from publishing reports about them.
Which is all this actually is. The police union and the Doe officers, too concerned about their reputations to put their name on the lawsuit, wanted nothing more than to bury unflattering information. Neither the union nor the officers seemed to have any problem with former officers fired for misconduct or illegal behavior being allowed back into positions of authority and power, but they had a serious problem with the LA Times letting the public in on its dirty secrets. Fortunately, two consecutive courts refused to buy the plaintiffs' censorious, malformed arguments.

Read More | 9 Comments | Leave a Comment..

Posted on Techdirt - 30 July 2015 @ 3:17am

The Drug War Is Creating Problems Too Big To Fix

from the in-which-warning-signs-are-greeted-with-praise,-enthusiasm-and-blinders dept

David Colarusso, a public defender turned data scientist, has a fascinating post at Law Technology Today describing the many issues arising from the abusive activities of a single chemist at the Massachusetts state drug lab. The starting point of his post -- and his problems -- trace back a few years.

In 2012, it was discovered that a chemist working at the Massachusetts state drug lab in Jamaica Plain had been falsifying drug tests (e.g., claiming that samples contained narcotics without testing them and even adding cocaine to samples to get a positive result when prior testing came back negative). She had worked at the lab for nearly a decade, and these revelations called into question the outcomes in tens of thousands of cases.
Obviously, this sort of tampering means there are convictions waiting to be overturned. But two years later, little progress has been made. It isn't that the state is obstructing efforts to make the falsely-convicted whole again (there may be some of that, but Colarusso's post doesn't indicate there is), but that nearly a decade's-worth of bogus lab work potentially infects thousands of convictions. Narrowing down this list to those directly affected is an enormous task, one that Colarusso was tasked with making more manageable. Narrowing down "The List" to a single link in the evidence chain -- the drug receipt -- still returned far too many potential matches to be of use. Additional restrictions trimmed the possible matches a bit more, but still left far too many potential victims of the chemist's work.
Staff attorneys take only a small fraction of indigent cases. The majority are handled by private attorneys. So only a subset of defendants on The List would be in our client files. However, given The List contained nearly 40,000 names, this subset was still rather sizable. So we used some nice open source software to look for matches between our clients’ names and those found on the list (this involved some data wrangling in Python and Pandas along with the creation of a nice IPython Notebook or two). This gave us a rough list of clients on The List, and we used these names to create a list of their co-defendants.
The narrowing of the field only did so much. The List remained sizable, thanks to inconsistencies inherent in the system itself.
This gave us a rough list of clients on The List, and we used these names to create a list of their co-defendants. We then checked The List for the co-defendant names. Unfortunately, a lot of these were missing. If we assumed the same rate of missing names across all cases, it seemed The List was missing somewhere between 0 and 9,600 names. Wait, what? That’s right, thousands of potentially missing names. The uncertainty came from the fact that we had to match names. The List did not come with dates of birth, addresses, or Social Security Numbers—just names. So occasionally, we could not find a name we were looking for because the Commonwealth and CPCS disagreed on the spelling of a name or someone made a transcription error.
By this point in the investigation, the master list was still huge and it was obvious the list itself was missing hundreds of names, which meant hundreds of possibly wrongly-convicted citizens. The reality of this situation was this: to track down those missing names and to finally set the wheels of justice in motion, thousands of police reports would need to be read and cross-referenced against those on the master list. But who will do this? And with what funds? That's still unclear. It all depends on who feels justice should be served and who feels justice should be served, but only up to a certain dollar amount.

So, the problem -- which was one person in one lab falsifying thousands of test results -- has become something so unwieldy that it may never result in the exoneration of everyone chemist Annie Dookhan managed to wrongly put behind bars. The problem is too big to solve, and much of that has to do with the efficiency of drug prosecutions versus the much less efficient wheels of bureaucracy. Data wrangling helped determine the size of the problem and point a way towards a solution, but the solution is still hundreds, if not thousands, of hours away.

But Colarusso points to one aspect that should have been noticed and would have kept this from becoming a 40,000-file catastrophe (and that's without counting the undetermined number of omissions).
The real promise is in catching the next scandal early. This means listening to data and looking for patterns. The rogue chemist had a throughput three times that of the next “most productive” chemist. That should have been a red flag. Data science offers the promise of mining data for signals such as these and sounding the alarm.
But they weren't looking for a problem at the drug lab. They were looking for productivity. Dookhan's suspiciously-fast output wasn't greeted with suspicion. It was greeted with praise and an increased workload.
The report shows that the Hinton lab leaned heavily on Dookhan’s productivity. Supervisors lauded her work ethic and assigned her an increasing share of tests.

“From January 1, 2004, through December 31, 2011, Dookhan was assigned 25.3% of all analyses in the Drug Lab and completed 21.8% of all tests conducted by staff,” the report said.
There's a point when a problem is still manageable and there's a point when it becomes too big to correct within the confines of the system that helped create it. The drug lab itself pushed it from solvable to impossible. What happened here isn't an isolated incident. Similar abuses have occurred at the nation's top labs -- those belonging to the FBI. Results of forensic testing were overstated to prosecutors, who then put these experts on the stand to help convict hundreds of thousands of people using the questionable results. It's only because of outside pressure that the FBI and DOJ are even looking into this, and it's easy to imagine "The List" of possibly wrongly-convicted persons here far exceeds the 40,000+ Colarusso tangled with.

In addition to the problem begin ignored for two decades, the effort to right the FBI's wrong isn't being pursued with nearly the same enthusiasm as the bogus prosecutions. And yet, there were early warning signs that were ignored. Information about the FBI's evidence issues was passed on to prosecutors -- but this information, including exculpatory evidence, was never passed on to defense attorneys.

The time to handle a problem is before it negatively affects thousands by depriving them of their liberty. But the desire to fight a drug war led to the cover up of exculpatory evidence by US prosecutors working with the FBI and the opportunity to fake even more test results in Annie Dookhan's case. Caught in the middle of all of this are thousands who may never see justice done because the problem was ignored until it no longer could be.

80 Comments | Leave a Comment..

Posted on Techdirt - 29 July 2015 @ 3:18pm

Cop To Vet On Receiving End Of Bogus Raid: Investigating Things Beforehand Just Slows Us Down

from the the-innocent-will-just-have-to-live-with-the-reality-of-maximum-efficiency-polic dept

The "shoot first, ask for immunity later" mentality of today's law enforcement officers is perfectly highlighted in this story about a US military veteran finding himself on the receiving end of a military-style raid… all because a "helpful" neighbor reported him for being in the "wrong" apartment. (via Amy Alkon)

Alex Horton, an Iraq war veteran, was having some work done on his apartment. During the repairs, his landlord put him up in a "model unit." He fell asleep in an apartment otherwise known to be unoccupied. A passing neighbor apparently saw him in the apartment through the cracked door and reported this to the police. What happened next was standard operating procedure -- both for the US military and US law enforcement.

I got home from the bar and fell into bed soon after Saturday night bled into Sunday morning. I didn’t wake up until three police officers barged into my apartment, barking their presence at my door. They sped down the hallway to my bedroom, their service pistols drawn and leveled at me.

It was just past 9 a.m., and I was still under the covers. The only visible target was my head.

In the shouting and commotion, I felt an instant familiarity. I’d been here before. This was a raid.

I had done this a few dozen times myself, 6,000 miles away from my Alexandria, Va., apartment. As an Army infantryman in Iraq, I’d always been on the trigger side of the weapon. Now that I was on the barrel side, I recalled basic training’s most important firearm rule: Aim only at something you intend to kill.
The militarization of police goes far beyond simply arming them with the military's leftover vehicles and weapons. It also informs their tactics. But law enforcement only cherry-picks what it likes about the military. Horton's article for the Washington Post points out that law enforcement officers don't handle their weapons like military members do. Soldiers are taught that guns are deadly and should only be pointed at targets the soldier intends to kill. Police officers are taught to use their guns for intimidation, without nearly as much attention paid to drilling home the point that guns are deadly and should be respected -- especially by the ones wielding them.
[Erik] Rhoads, the Fairfax County police lieutenant, was upfront about this mind-set. He explained that it was standard procedure to point guns at suspects in many cases to protect the lives of police officers. Their firearm rules were different from mine; they aimed not to kill but to intimidate. According to reporting by The Washington Post, those rules are established in police training, which often emphasizes a violent response over deescalation. Recruits spend an average of eight hours learning how to neutralize tense situations; they spend more than seven times as many hours at the weapons range.
This is what turns a report of a squatter in an apartment into a fully-armed raid. It didn't have to be this way. This "situation" could have been defused at any point before the officers rushed into the apartment with weapons drawn. The security guard at the complex could have been asked about the person in the model apartment. The apartment's owner and management could have provided helpful information as well. But no one -- not even Shift Commander Erik Rhoads -- even considered arming police officers with additional information. They had guns and the authority to use them. That was enough.
When I later visited the Fairfax County police station to gather details about what went wrong, I met the shift commander, Lt. Erik Rhoads. I asked why his officers hadn’t contacted management before they raided the apartment. Why did they classify the incident as a forced entry, when the information they had suggested something innocuous? Why not evaluate the situation before escalating it?

Rhoads defended the procedure, calling the officers’ actions “on point.” It’s not standard to conduct investigations beforehand because that delays the apprehension of suspects, he told me.
It also delays the apprehension -- the violent apprehension, I might add -- of non-suspects, as was the case with Horton. It instead expedites the sort of stupidity that would be comical if it weren't so dangerous for everyone involved. The willful ignorance of situations, explained away by the "need" to swiftly apprehend criminals, leads to more death and violence. And not just for "suspects." It makes the situation more dangerous for cops as well. It's as if modern law enforcement agencies view the "fog of war" as a tactical advantage, even though nothing about the history of that terms suggests it has ever been viewed that way by actual combatants.

This is an astounding admission. Rhoads, a commanding officer, is willing to purposefully endanger his own officers in the pursuit of a few more busts. His officers, apparently, are more than willing to be abused in this fashion, as long as it means they can dress up in tactical gear and yell a lot while pointing guns at people. Beyond that, though, he's willing to willfully endanger the public by purposefully avoiding any information-gathering that might make these interactions safer for both his officers and those they seek.

Rhoads' statement explains why flashbang grenades get tossed into toddlers' cribs. In the haste to bust someone responsible for $50 worth of drug sales, facts were withheld and investigative reconnaissance of the residence kept to a minimum. It allowed the raiding officers to operate with a minimum of concern for the occupants. All they had to know was "no-knock" and "drug dealer." Everything else was irrelevant.

Deployed troops are put into extremely dangerous situations every day and yet they are expected to maintain relationships with the people in the areas they patrol and not assume every tense situation can only be defused by gunfire. Back in the US where the streets are infinitely safer, the opposite is true. Force and aggression are the favored tactics and an officer's life is valued above all others. This isn't how policing is supposed to work and it betrays the public these officers are supposed to serve.
I understood the risks of war when I enlisted as an infantryman. Police officers should understand the risks in their jobs when they enroll in the academy, as well. That means knowing that personal safety can’t always come first. That is why it’s service. That’s why it’s sacrifice.
Here in the US, it's the public that's expected to make these sacrifices. A "civilian" is expected to die before an officer does and collateral damage is not only to be expected, it's wholly encouraged by those with the same mentality as Lt. Erik Rhoads.

129 Comments | Leave a Comment..

Posted on Techdirt - 29 July 2015 @ 11:40am

Vizio Latest Manufacturer To Offer More Ways For TVs To Watch Purchasers

from the buy-our-things-so-we-can-sell-your-data! dept

Vizio is the latest consumer electronics manufacturer to announce -- publicly, but not, like, PR-onslaught publicly -- that its TVs will be watching purchasers as much as purchasers are watching them. The details of its strategy to generate the most ROI from each and every purchaser willing to blow past the fine print during setup are contained in the company's SEC filing for its debut as a public company. Engadget's Richard Lawler has the details. (h/t to Techdirt reader MarcAnthony)

According to the filing, Vizio has sold more than 15 million smart TVs, with about 61 percent of them connected as of the end of June. While viewers are benefiting from those connections, streaming over 3 billion hours of content, Vizio says it's watching them too, with Inscape software embedded in the screens that can track anything you're playing on it -- even if it's from cable TV, videogame systems and streaming devices.
Here's the potential shareholder-friendly description included in the S-1 filing:
Our Inscape data services capture, in real time, up to 100 billion anonymized viewing data points each day from our over 8 million VCUs. Inscape collects, aggregates and stores data regarding most content displayed on VCU television screens, including content from cable and satellite providers, streaming devices and gaming consoles. Inscape provides highly specific viewing behavior data on a massive scale with great accuracy, which can be used to generate intelligent insights for advertisers and media content providers and to drive their delivery of more relevant, personalized content through our VCUs.
And here's the grand plan, which is a slice of a multi-billion dollar data sales market:
We believe our business focus enables a self-reinforcing consumer use and engagement model that we expect to fuel our growth while driving revenue. Our connected entertainment products and discovery and engagement software increase usage of our platform, enabling Inscape to gather more anonymized data on viewing behaviors, which we can deliver to advertisers and media content providers. These companies in turn can deliver more relevant and personalized content for viewers, further enhancing the entertainment experience. We believe this self-reinforcing cycle will increase our brand awareness and enhance demand for our connected entertainment products.
What's curious about the wording isn't the gung ho appropriation of viewer data to sell to advertisers. What's curious is Vizio's claim that "anonymized data" will result in "more relevant and personalized content" for purchasers. There may be a certain level of anonymity involved, but Vizio still needs to provide enough defining demographic data to make this information worth purchasing. There is some value in general data like number of viewers of specific content at certain times, but Nielsen has done this sort of thing for years and it's a huge stretch to call anything about TV advertising "personal" or "relevant." So, there's something a bit off about the anonymization claims Vizio is making here.

The other issue is that while Vizio is being upfront with regulators about this aspect of its TV offerings, it's not being similarly explicit with purchasers. It is truly the rarest of customers that seeks out a television for its ability to offer "personalized content" in exchange for the sale of his or her viewing data to marketers.

Will users know Vizio is selling their viewing data, including that generated by third-party devices connected to a Vizio smart TV? Probably not. While Lawler noted on Twitter than the SEC filing contains 102 mentions of Inscape, the term fails to surface in searches of Vizio's website. There's also nothing referencing the service in its Privacy Policy.It's not as though this is a feature (which many purchasers would find closer to a bug) still in development. Vizio's own filing indicates this is already in use. While it may be proudly trumpeting its built-in spyware to potential shareholders, it seems a bit more reluctant to inform potential purchasers about the company's thirst for sellable data.

Far too many electronic device manufacturers are unwilling to honestly discuss this part of the business with paying customers, preferring pages and pages of legalese to do the talking for them -- a tactic that allows for both ass-coverage and obfuscation. Vizio does better than some by providing instructions on how to disable this on-by-default "interactivity" early on in its Privacy Policy, but that doesn't necessarily excuse yet another manufacturer that views paying customers as ongoing revenue streams long after they've collected the purchase price for the device. In today's electronics market, it's not enough to simply be a paying customer. You must also be the product as well.

67 Comments | Leave a Comment..

Posted on Techdirt - 29 July 2015 @ 5:00am

Australian Police Raid Bookseller Over Copies Of A Book First Published 24 Years Ago

from the thus-transferring-legitimacy-to-a-single-citizen's-complaint dept

Considering the sort of potentially-offensive content the average Internet holds, it's almost charmingly quaint when this sort of thing happens.

Mr Lake said the police were very gentle when they arrived and asked that the book be removed from the shelf.
Mr. Lake runs Imprints Booksellers in Adelaide, Australia. The book at the center of the "gentle" raid was originally published 24 years ago.
[American Psycho], by American author Bret Easton Ellis, has been classified R18 under national censorship legislation since its release in 1991, requiring it to be sold in plastic and only to those aged over 18.
So, what happened? Two things. First, a new edition was published featuring a foreword by Irvine Welsh -- someone who's no stranger to plumbing the depths of humanity. This edition -- which arrived roughly 24 years after the original classification and sans the sealed plastic covering -- was noticed by a local citizen, who then got her third-party outrage on.
He said the raid occurred because somebody complained to police after reading in a weekend newspaper column that the book was being sold by bookshops without plastic wrapping.

"I had a phone call from a lady on Tuesday who was quite aggressive and questioned why we were selling this classified product out of its wrapper," he said.
As per usual, it's the squeaky busybody that gets the grease, despite the book being a good couple of decades past the point of its original outrage and being surpassed in terms of graphic violence several times over, including in plenty of unwrapped books sold by the same booksellers.

Music (mostly) blog The Quietus has probably the best description of what likely went down in the this "gentle raid" over the most shocking novel of the early '90s.
Imprint Books in Adelaide (AUS) was ‘gently raided’ by – some apparently very polite, possibly even contrite, hopefully totally fucking embarrassed – police officers for displaying unsealed copies of Bret Easton Ellis’ 1991 satirical (adjective: sarcastic, critical, and mocking another's weaknesses) novel American Psycho.
Now, while Australia -- a nation of adults constantly being treated like children (and paying far too much for the "privilege"…) by their government -- has earned a reputation as a busybody in its own right, it's highly doubtful these police officers were very thrilled with this assignment. But ignoring the complaint was likely out of the question. Anyone sufficiently motivated to ring up both the bookshop and the cops because of something they read in the newspaper is the sort of person who won't let the issue go until it's been resolved to their satisfaction. So, rather than just blow off the misplaced concern, they apologetically and gently "raided" the bookseller. No doubt this was followed by a surreptitious reconnaissance mission by the complainer to verify that the complainee had been sufficiently cowed.

As for the bookseller, he made the sort of assumption anyone would make when the latest edition of a 24-year-old novel arrived without the protective R18 shrinkwrap.
"We just assumed the classification has been lifted," he said.
Because that would make sense. But no, the R18 is still in place and people with nothing better to do but read newspapers and make angry phone calls will continue to put local law enforcers in an unenviable position: Do you raid the bookshop and look foolish? Or do you answer call after call from aggrieved locals until you finally decide to raid the bookshop and look foolish? When your choices are this awful, the best course of action is to just get it over with.

34 Comments | Leave a Comment..

Posted on Techdirt - 29 July 2015 @ 3:01am

Wordpress Takes A Stand Against Abusive DMCA Takedown Notices; Others Should Pay Attention

from the platforms-shouldn't-just-be-takedown-remailers dept

Automattic, the company behind blogging platform Wordpress, continues to prove that just because the issuing of DMCA takedown notices has largely been handed over to automated processes, the response doesn't need to be similarly robotic.

Its latest transparency report shows it has rejected 43% of the DMCA notices it has received as either incomplete or abusive. Contrast this to almost any other platform where the initial response is to take down content/links first and work backwards from there. (Contrast this further to services like YouTube and Soundcloud, where content is subjected to automated pre-screening that seems to result in just as many illegitimate "removals.")

Automattic's DMCA process is anything but.

We carefully review each notice to ensure it’s formally complete, and includes all information required by the DMCA, before taking action. Notices that don’t meet the requirements of the statute are included in ‘notices rejected as incomplete.’

We also may decline to remove content if a notice is abusive. “Abusive” notices may be formally complete, but are directed at fair use of content, material that isn’t copyrightable, or content the complaining party misrepresents ownership of a copyright.
In an effort to keep the worst abusers "honest" (or at least warn others performing the same intermediary functions), Automattic continues to maintain a "Hall of Shame" highlighting issuers of bogus takedown notices.

So, there's at least one major platform that has its users' backs -- something it has taken as far as the filing of lawsuits against serial abusers. And it's one of the few that will actually try to determine whether or not the usage of the disputed content falls under fair use. Automattic seems to have learned from its past mistakes, and now it's attempting to hold rightsholders and their representatives to the same standard it applies to itself. If content is going to be removed, the person(s) making these demands need to hold up their end of the bargain.

DMCA abuse isn't likely to stop anytime soon. The process to issue notices continues to become more streamlined, which puts even more non-infringing content at risk. On top of that, the automated processes used to compile lists of "infringing" URLs continues to be error-prone. This wouldn't be an issue if the companies providing these services to rightsholders spent a little (or any) time giving the notices a once-over before sending them out. The failure to do so not only has the potential to remove non-infringing content, but also to screw the same people they're supposed to be protecting -- not just in terms of reputation, but also financially.

A brief perusal of DMCA notices issued to Google finds multiple examples of non-infringing content being targeted by flaky automated processes. It also shows rightsholders are being billed for largely useless takedown requests filled with URLs covered in previous requests by the same company.

This recent request by IFPI Latin America contains 237 URLs --- 236 of which were already delisted in response to earlier requests.

This is far from uncommon and pretty much amounts to double billing. Even in cases where rightsholders pay a monthly or yearly fee rather than per DMCA takedown, it's still wasted money. While it's obviously easier to let machines do the work and humans to collect the paychecks, nothing about an automated copyright takedown notice process contributes anything towards healthier respect for the idea itself, or the creations protected by it.

Automattic, on the other hand, will continue to gather respect from its users and potential customers around the world simply by refusing to lay out a WELCOME mat for our new DMCA robot overlords.

21 Comments | Leave a Comment..

Posted on Techdirt - 28 July 2015 @ 2:19pm

Audits Of Asset Forfeiture Program Uncover Funds Used To Pay Student Loans, Property Used As Rent-Free Housing

from the stealing-our-way-to-justice! dept

Student loan debt is a serious problem here in the US as the price of higher education continues to outpace every standard economic yard stick. Lots of people think the government should step in to do something about it. While the administration makes helpful noises and tries to figure out how it can effectively tell Americans it's alright to rack up debt and walk away from it without actually, you know, encouraging Americans to get deeply in debt and walk away from it, one government employee is taking the bold steps the US government won't to eradicate student loan debt… specifically, his.

In a 2014 audit of the DA’s office representing Washington and Nowata counties [Oklahoma], the State Auditor’s Office found that $5,000 in forfeiture funds had been used to make payments on an assistant district attorney’s student loans.
That's a pretty egregious abuse of seized funds, and that's even if you find the whole asset forfeiture system mostly abuse-free when it comes to seizing property. Unbelievably, the DA's office defended the use of the public's money to pay off personal student loans.
The report said the district attorney maintained the expense was justified because most of the cases the assistant DA prosecuted were drug cases.
Which means what? That he was involved in several drug prosecutions and therefore entitled to a percentage of the take for his own personal use?

But no need to worry about the misspent $5,000. The DA's office has already "repaid" it using money seized a bit more lawfully via taxation.
After the issue came to light, the Oklahoma District Attorneys Council reimbursed the $5,000 using funds from its own student-loan program, the State Auditor’s report states.
So, everything's cool now. Except:
A 2009 audit of the District Attorney’s Office that represents Beaver, Cimarron, Harper and Texas counties found that a Beaver County assistant district attorney began living rent-free in a house obtained in a 2004 forfeiture. A judge had ordered the house sold at an auction, but the prosecutor lived there through 2009.
A bold new opportunity in real estate! Open to law enforcement members only!

There's so much more.

Schroedinger's seized pickup truck -- listed as "sold" at an auction -- remains in a sold/unsold state as neither the pickup, the paperwork nor the cash generated from the sale can be located. One district further perverted the perverse incentives by spending seized money before it had even been processed by the courts. In other instances, the money made its way onto the ledgers as "seized," but forfeiture cases were never filed. (This is particularly evil because without a filing, there's almost no way to challenge the seizure.)

The violations found by these audits are the sort of thing everyone should have expected when they allowed law enforcement to start seizing property without bringing criminal charges. Guns, vehicles and cash go missing. Proceeds from auctions are used to pay court costs and fund retirement parties. The program basically allows officers to steal from people they've already dehumanized as "drug traffickers." So, if someone's property goes missing and ends up as an off-the-books personal use vehicle/gun for some cop, no one's going to spend too much time worrying about the supposed "criminal" whose property has been seized. That's why the accountability is so lax and that's why the laws granting officers these powers need to be -- at minimum -- rewritten, if not taken off the books entirely.

And, as is always the case when asset forfeiture is attacked by legislators and regulators, there's a caricature of law enforcement on hand to offer homespun words of wisdom in defense of the legalized theft:
“I know for a fact we all try to work very hard to rid this devil’s candy (drugs) off of our state. And for someone to try and push us back — sheriff’s departments, police departments — that’s how we continue our fight, is to take that money and go forward,” Stradley said. “That will set us back many, many, many years.”
Will it set you back to 1990? And put you right in the middle of the crack epidemic? Or will it take you back to the 1920's, when marijuana was making jazz music tolerable and turning non-Caucasian males into rapists? How many years exactly will forcing Oklahoma law enforcement to accompany seizures with criminal charges set back these agencies? We all want to know. Even those of us who swore off the devil's candy years ago or never made it past anything harder than devil's food cake.

40 Comments | Leave a Comment..

Posted on Techdirt - 28 July 2015 @ 11:01am

White House Vaguely Agrees Outdated ECPA Should Be Reformed But Only With An Eye On The Government's 'Interests'


The Obama administration must be doing a little housecleaning in preparation for the 2016 winner. After months of highly-sporadic and belated responses to We The People petitions, it's answered two big ones (that have been sitting around forever) in a single day. It's also issued a handful of other responses to open petitions, some of which are little more than "we decline to respond," accompanied by a link to the site's Terms of Participation.

It took on two big petitions today. The first was a response to a request to pardon Snowden, which it denied under its "No Good Whistleblowing Goes Unpunished" policy. The second asked for a long-delayed rewrite of an outdated law.

The Electronic Communications Privacy Act has been in need of reform for years. If nothing else, the law's misleading name needs to be changed. One of the more notorious aspects of the law is that it gives email less privacy protection than snail mail, which is already an exceedingly low bar.

The administration agrees that reform of this law -- which treats email older than six months as "abandoned" and thus easily-accessible by law enforcement -- is needed. However, it does so both belatedly, vaguely and disingenuously.

The We The People petition calling for ECPA reform was posted November, 12, 2013. It passed the 100,000-signature threshold roughly 30 days later. At that point, a response was "required." 593 days later, that response has finally arrived.

It's obvious that many -- and arguably, most -- Americans today use email as one of their primary means of communication. Particularly in an era where we keep so much of our lives online, the content housed there deserves strong privacy protections -- which is at the core of what ECPA was designed to do. But over time, technology has evolved.

Which is why our policy teams agree with you: ECPA is outdated, and it should be reformed.
This is good news. Or it would be if there were any particular plan to get something done. While the response agrees that the outdated law's take on email privacy protection is pretty much terrible, the administration doesn't seem too willing to push for any specific reform effort.
We know there are still important details being worked out across government and in the halls of Congress. We aren't going to endorse a single ECPA-reform bill at this time. As any given bill goes through committee and makes its way to the House and Senate floors, the draft is negotiated and modified to address concerns and strengthen the bill.
In other words, we like the idea of reform so much we're going to do nothing about it. While efforts have been made over the past few years, they've been stalled/gutted to appease law enforcement and (yes, really) regulatory agencies' interests. Very little forward motion has been made and without something stronger than "we'll probably support whatever actually makes its way to the President's desk" propelling this reform, it could still be several more years before the already-outdated law is rewritten to properly address a communication method that originated nearly 45 years ago.

Finally, the response sends a mixed message about reform in the very last sentence.
That said, we're encouraged by the strong bipartisan support for updating this legislation in both chambers of Congress, and are looking forward to seeing this law address today's technological realities while preserving the interests we must protect.
This seems to indicate it will be more supportive of a bill that has the backing law enforcement and other government agencies. A warrant requirement for emails older than six months isn't that much of an imposition, but so far, it's been a tough idea to sell. This last sentence shows the administration finds the government's "interests" worth protection. The privacy interests of millions of Americans? Not so much.

5 Comments | Leave a Comment..

Posted on Techdirt - 28 July 2015 @ 9:59am

White House Finally Answers Snowden Pardon Petition: The Only Good Whistleblowing Is Punished Whistleblowing

from the because-of-course-this-would-be-the-answer dept

The White House has finally responded -- more than two years later -- to a petition asking for a pardon of Edward Snowden. The petition surfaced soon after Snowden went public with his identity. Less than three weeks later -- June 25, 2013 -- it had passed the 100,000-signature threshold.

Understandably, the administration was in no hurry to respond to this petition. In the immediate aftermath of the first leaks, no entity was more unpopular than the NSA. Snowden, on the other hand, probably could have won a number of local elections as a write-in candidate at that point. So, the administration sat on it, as it has sat on a great many petitions not particularly aligned with its desires.

Unfortunately, the public's opinion hasn't shifted much. As other agencies have become more plaintive in their requests to undermine privacy and safety to keep criminals from "going dark," the public has become less and less enthusiastic about being forced to make more sacrifices in the interest of security. The NSA also hasn't become more popular in the interim. So buying time by cherry-picking We The People petitions to respond to hasn't made answering this petition any easier for the administration.

More than two years later -- 763 days past the point it became a viable petition -- the administration has answered. And the answer could have been written two years ago, as it refuses to acknowledge Snowden's contribution to recent surveillance reforms. The response was written by Lisa Monaco, the president's advisor on Homeland Security and Counterterrorism. Considering the source, the response is unsurprising. But it starts off with a lie:

Since taking office, President Obama has worked with Congress to secure appropriate reforms that balance the protection of civil liberties with the ability of national security professionals to secure information vital to keep Americans safe.
Wrong. The "appropriate reforms" have been forced into existence by leaked documents Snowden provided. This "conversation" the President keeps claiming he always wanted to have only took place because he could no longer ignore it. This opening sentence is worse than merely disingenuous. It's a complete rewrite of Obama's civil liberties legacy. Before the Snowden leaks, Obama's stance on surveillance was "whatever Bush did, only more."

Next, Monaco goes on to say that no matter how instrumental Snowden was in the recent surveillance reforms (without ever actually saying that), he's still a just a criminal and should be treated as one.
Instead of constructively addressing these issues, Mr. Snowden's dangerous decision to steal and disclose classified information had severe consequences for the security of our country and the people who work day in and day out to protect it.
Except that this administration is no friend to whistleblowers. Snowden knew this. Snowden also knew the "proper channels" were mostly there to ensure whistleblowers were silenced and punished. So he ran. This administration has prosecuted more whistleblowers than all other administrations combined. When Snowden took off, it was five years into Obama's presidency, plenty of time to gauge what sort of odds the "proper channels" offered.

From that point, Monaco goes on to claim that the only legitimate act of civil disobedience is a punished act of civil disobedience.
If he felt his actions were consistent with civil disobedience, then he should do what those who have taken issue with their own government do: Challenge it, speak out, engage in a constructive act of protest, and -- importantly -- accept the consequences of his actions. He should come home to the United States, and be judged by a jury of his peers -- not hide behind the cover of an authoritarian regime. Right now, he's running away from the consequences of his actions.
First off, this is wrong. As has been explained countless times, under the Espionage Act, which is what Snowden would be charged under, he is not allowed to present the evidence in his defense that he was blowing the whistle on an illegal program (and yes, it has been ruled illegal). Nor is he allowed to argue that the leak was in the public interest. In other words, the law is stacked such that he cannot present his argument fairly. The deck is stacked and Monaco knows the deck is stacked and ignores that -- which is exceptionally dishonest.

I would imagine Monaco -- and by extension, the administration -- would also feel that those who hacked Hacking Team are the real criminals here, not the company that sold surveillance software and zero-day exploits to governments known for widespread abuse of their citizens. "Look, we appreciate them highlighting these dubious and likely illegal contracts. But to move forward, we really need to put the hackers who obtained the documents on trial."

But, honestly, no one expected this response to go any other way. No one who holds the top office in the nation is going to sell out the rest of the government for a whistleblower. So, it could have saved everyone the trouble and posted this answer June 26, 2013.

77 Comments | Leave a Comment..

Posted on Techdirt - 28 July 2015 @ 8:51am

DOJ To Court: Hey, We're Shutting Down Section 215, So We Can Probably Stop Arguing About The Legality Of Bulk Collection

from the you-sort-of-won!-what-more-do-you-want? dept

Just as James Clapper's office was officially announcing the death of the bulk phone metadata program (ending November 29th, with three months of post-wind-down wind-down for data analysts), the DOJ was filing a motion in the Second Circuit Court of Appeals basically arguing that its finding that the program was illegal really doesn't matter anymore.

According to the DOJ, there really is no program -- at least if you don't count the six months the NSA has to make the move to the more targeted USA Freedom version. So this discussion about which program isn't authorized by which PATRIOT Act provision is… well, not completely moot, but like pretty much literally weeks away from moot, so why are we wasting our time here [EXASPERATED SIGH].

Plaintiffs’ claims will be moot when the bulk collection of telephony metadata under Section 215 ends on November 29, 2015, though they are not moot right now. On that date, the statutory authority for the Section 215 bulk telephony-metadata program will expire, and the data previously collected and held under that program will not be used in the future for intelligence-gathering or law-enforcement purposes. In the meantime, however, the Court should respect Congress’s decision to create an orderly transition away from the Section 215 bulk telephony-metadata program. Especially in light of Congress’s considered judgment that this program should continue for this limited period, plaintiffs are not entitled to any of the relief they request.
In support of its argument that the court should ignore its own findings and just listen to what the FISA Court said (and what legislators didn't say, but obviously intended), the government points to its own Tumblr post (certainly a historical moment in its own right) detailing the specifics of the end of Section 215.
On July 27, 2015, the Office of the Director of National Intelligence (ODNI) issued a public statement that the NSA has determined that “analytic access to that historical metadata collected under Section 215 . . . will cease on November 29, 2015,” at the end of the transition period. See Statement by ODNI on Retention of Data Collected Under Section 215 of the USA PATRIOT Act, available at http:// statement-by-the-odni-on-retention-of-data (ODNI July 27 Statement). Thus, after that date, no further bulk collection of telephony metadata will take place under the Section 215 program, and the historical telephony metadata will not be used for intelligence or law-enforcement purposes and will not be disseminated.
To sum up: these past abuses should no longer be of concern as the data is going to be flushed (for the most part) within the next nine months. To better enable said data flush, the Second Circuit Court might want to wrap up the ACLU's suit (and hasten the end of the EFF's) so that no data is still being "preserved" past the November 2015 dump point.

To that end, the DOJ constantly reminds the Second Circuit that the FISA Court really has a handle on these sort of things and why don't we just leave it to the pros.
The FISC was right that Congress authorized the Section 215 bulk telephony-metadata program to continue during the six-month transition period. [p. 6]

As the FISC correctly noted, Congress’s decision to delay that ban for six months is a powerful indication that it intended to permit bulk collection in the interim period. [p. 9]

The FISC was thus correct when it observed that “after lengthy public debate, and with crystal clear knowledge of the fact of ongoing bulk collection of call detail records” Congress “chose to allow a 180-day transitional period . . . .” June 29 FISC Op. at 11. This Court need not and should not determine whether Congress “ ‘ratif[ied] the FISA Court’s interpretation of ’ ” Section 215. [p. 11]
This filing, like its Tumblr statement announcing the official end of the collection, emphasizes the single aspect of the Section 215 bulk collections that has been the focus of this litigation and most legislative efforts: phone metadata. The authorization, even in its altered, post-USA Freedom Act form -- provides for much more than just this one type of collection. The DOJ goes so far as to call the USA Freedom Act a "ban" on bulk, untargeted collections, when it actually doesn't go quite that far.

Marcy Wheeler points out that the DOJ may be less interested in the outcome of this ruling as it is with the implications of the EFF's litigation. What could be uncovered if the NSA is forced to turn over relevant records from its bulk metadata collection is more illegal -- or at least unauthorized -- collection activity.
I believe both ACLU and EFF’s phone dragnet client Counsel on American Islamic Relations, had not only standing as clients of dragnetted companies, but probably got swept up in the two-degree dragnet. But CAIR probably has an even stronger case, because it is public that FISC approved a traditional FISA order against CAIR founder Nihad Awad. Any traditional FISA target has always been approved as a RAS seed to check the dragnet, and NSA almost certainly used that more back when Awad was tapped, which continued until 2008. In other words, CAIR has very good reason to suspect the entire organization has been swept up in the dragnet and subjected to all of NSA’s other analytical toys.

EFF, remember, is the one NGO that has a preservation order, which got extended from its earlier NSA lawsuits (like Jewel) to the current dragnet suit. So when I Con the Record says it can’t destroy all the data yet, it’s talking EFF, and by extension, CAIR. So this announcement — in addition to preparing whatever they’ll file to get the Second Circuit off its back — is likely an effort to moot that lawsuit, which in my opinion poses by far the biggest threat of real fireworks about the dragnet (not least because it would easily be shown to violate a prior SCOTUS decision prohibiting the mapping of organizations).
This announcement by Clapper's office, followed shortly thereafter on the same day by the filing of its response in the Second Circuit case, certainly gives the appearance that the NSA has lifted the corner of the rug and is just waiting for the signal to start sweeping any undiscovered abuses -- along with those previously exposed -- under it. That the expiration of the authority and the passage of the USA Freedom Act may have provided it with a better broom is unexpectedly fortuitous.

Read More | 25 Comments | Leave a Comment..

Posted on Techdirt - 28 July 2015 @ 7:35am

Director Of National Intelligence Hammers Final Official Nail Into Bulk Phone Records Program

from the will-still-need-six-to-nine-months-of-additional-hammering-though dept

The Office of the Director of National Intelligence has issued a statement addressing the inevitable shutdown of the Section 215 bulk phone metadata program.

NSA has determined that analytic access to that historical metadata collected under Section 215 (any data collected before November 29, 2015) will cease on November 29, 2015. However, solely for data integrity purposes to verify the records produced under the new targeted production authorized by the USA FREEDOM Act, NSA will allow technical personnel to continue to have access to the historical metadata for an additional three months.
Caveats apply. Data will still be held as required by a handful of ongoing lawsuits. With the "bulk" part of the bulk records program shut down (but not completely), the government is obviously hoping for a speedy end to the litigation resulting from the Snowden leaks. That's the other motivating factor behind this public statement that not only states an end date, but the additional restrictions past that point.

This is a pretty remarkable moment in the security v. privacy battle, but there are still reasons to be concerned. The bulk telephony metadata program has received a majority of the focus since Snowden's initial leak and the NSA, at times, has seemed almost too willing to let this program act as a scapegoat for its multiple privacy-violating surveillance programs.

Not that there haven't been seriously heated (and seriously misguided) arguments offered in support of this program, but if you take a close look at the history of the debate over Section 215, the most-spirited defenses have not been raised by the NSA, but by legislators and former intelligence officials. The program appears to have been sacrificed in order to prevent more intrusive surveillance programs from being subjected to more intense scrutiny.

And it's not even the totality of what can be collected under Section 215. The statement from the ODNI specifically addresses only one kind of "tangible thing."
The telephony metadata preserved solely because of preservation obligations in pending civil litigation will not be used or accessed for any other purpose, and, as soon as possible, NSA will destroy the Section 215 bulk telephony metadata upon expiration of its litigation preservation obligations.
We don't know what else is being collected in bulk under the PATRIOT Act provision -- the same authority that expired this year and was replaced with the stipulations of the USA Freedom Act -- but we know it's more than just "telephony metadata." "Tangible things" encompasses far more than phone metadata ("books, records, papers, documents, and other items"), but this statement -- as well as arguments it's made in court in support of the six-month wind-down period -- only address phone records.

The Second Circuit Court found that the bulk collection of records under Section 215 was likely illegal. That opinion called into question anything collected under this authority, but the government here (and in its recent filing in the Second Circuit Court) acts as though the "illegal" collection activity is limited solely to phone records.

Other NSA programs are going to be far more useful in gathering data and intelligence than the collection of phone records. Phone calls may never go away entirely, but the shift to mobile communications (followed shortly thereafter by the shift to feature phones and smartphones) has made phone calls the least used feature on these devices. Messaging programs and social media platforms now carry the bulk of everyday communications. And the NSA has programs in place to sweep up these as well, whether as content or metadata. So, all of this focus on "telephony" only serves to obscure what else it may still collect with the revamped program, as well as everything else it does under much more secretive legal authorities.

9 Comments | Leave a Comment..

More posts from Capitalist Lion Tamer >>