Mike Masnick’s Techdirt Profile


About Mike MasnickTechdirt Insider

Mike is the founder and CEO of Floor64 and editor of the Techdirt blog.

He can be found on Twitter at http://www.twitter.com/mmasnick

Posted on Techdirt - 9 October 2015 @ 10:36am

Inglewood Told To Pay $118k Of Taxpayer Money For Abusing Copyright Law To Silence A Critic

from the democracy! dept

Remember the City of Inglewood, California? The city where mayor James Butts was so annoyed that an online critic, Joseph Teixeira, had made some mocking videos using clips from city council meetings, that he allotted $50,000 of taxpayer money to fund a lawyer to file an absolutely bogus copyright lawsuit against Teixeira? This lawsuit alleged that Teixeira somehow infringed on the copyright of the City by adding commentary to these videos. There was so much wrong with the lawsuit that it was a total embarrassment for the city and the lawyer, Joanna Esty, who claims to be a "seasoned" lawyer with expertise in intellectual property law.

The court did not take long in dismissing the lawsuit and benchslapping the city for filing the lawsuit in the first place. The court allowed Teixeira to seek legal fees, and while the city pushed back, the court has now told the city to pay another $117,741 in legal fees to Teixeira's lawyers, noting that the entire lawsuit was "objectively unreasonable."

Judge Michael Fitzgerald has another opportunity to smack Inglewood around for filing such a bogus lawsuit in the first place, and notes that it's pretty damn clear that the entire purpose behind this lawsuit was to silence a critic, not because of any legitimate belief that a copyright was being infringed.

It is, of course, impossible to know with certainty what prompted the City to bring this lawsuit. The City avers that its only motivation was to enforce the rights it believed it had in the videos.... But the Court is not persuaded. As Defendant rightly notes, the main justification of the Copyright Act is “the protection of the commercial interest of the author.”... California law, however, prohibits the City from charging anything more than the “direct costs of duplication” when providing public records.... Pecuniary gain, therefore, could not have been the motivating factor in filing this action. As the Court made clear at the hearing, the City’s most plausible purpose was to stifle Defendant’s political speech after he harshly criticized the City’s elected officials. As such, this factor weighs heavily in favor of an attorneys’ fees award.

At the hearing, counsel for Plaintiff implied that this Court was basing its ruling on the reaction of the press or the academic community. The Court does not do so.
The judge also notes that he's worried that, if left unpunished, Inglewood or other cities might do this again:
The Court is also persuaded that a fee award is necessary to deter future meritless litigations of this kind. The City argues that the attorneys’ fees “will have absolutely no deterrent effect” on a municipality that intends to file no future copyright lawsuits.... Even if true, the Court notes that deterrence is a broad value that is not limited to the individual litigants here. Indeed, a reasonable award of fees will serve to deter other entities, whether public or private, that contemplate bringing unreasonable suits to pressure an individual into abandoning protected activity.
So, between the original $50,000 allotted and this $117,741, that's an awful lot of taxpayer money being spent just to try to stifle someone's First Amendment rights. It kind of makes you wonder what they're doing with the rest of the taxpayer funds they have access to.

Read More | 4 Comments | Leave a Comment..

Posted on Techdirt - 9 October 2015 @ 9:33am

Mother Jones Wins Ridiculous SLAPP Suit Filed By Billionaire... Who Still Claims Victory

from the silencing-the-press dept

Mother Jones, the well-known, politically-focused publication, has prevailed in a ridiculous SLAPP suit filed by billionaire Frank VanderSloot. VanderSloot was upset about a 2012 profile that Mother Jones published about him, his multi-level marketing, dietary supplement company Melaleuca, and the millions of dollars he was donating to Mitt Romney's presidential campaign. VanderSloot insisted that the article was defamatory, though you'll have to squint really hard to figure out where and how. You can read the link above, or the court's full ruling to get all of the background. In short, though, most of it came down to the question of whether or not VanderSloot engaged in "gay-bashing" in attacking a local Idaho reporter who had exposed some problematic behavior of the Boy Scouts, involving a local leader who was accused of molesting boys. The Mother Jones article used that incident as a key point in its story about VanderSloot, describing some advertisements VanderSloot had taken out, which attacked the earlier story about the Boy Scouts, as "gay bashing" because the ads focused on the fact that the reporter in those original articles, Peter Zuckerman, was gay.

The ruling even gets into a down-in-the-weeds discussion over whether or not anyone would take the term "gay bashing" to literally mean physically hitting someone, as opposed to the obviously colloquial notion of just verbally attacking someone (amusingly, the court points to at least some evidence that VanderSloot himself had referred to negative articles about himself as "Frank-bashing" suggesting that VanderSloot knows damn well what "bashing" means). Either way, it seemed pretty clear that this was a SLAPP suit -- a Strategic Lawsuit Against Public Participation. It appears that billionaires have a habit of filing such things against people who say not nice things about them. There are lots of indications that this was a SLAPP suit. Tellingly, VanderSloot's lawsuit claimed $74,999 in damages. That's exactly $1 less than the $75,000 amount that would qualify the lawsuit for "diversity," meaning that Mother Jones would likely be able to remove it from a local Idaho court (where VanderSloot's company is a major advertiser and employer) to a federal court (possibly in California -- where there's a strong anti-SLAPP statute).

You might have figured this out already, but Idaho has no anti-SLAPP statute.

Mother Jones and its insurance company ended up having to spend over $2 million defending against the lawsuit, and it seems pretty clear that VanderSloot was just trying to silence (or at least punish) reporters who criticized him. Partway through the lawsuit, he apparently added Zuckerman to the lawsuit (as noted above, he had been a reporter at the Idaho Post Register, where he'd written about a Boy Scout scandal). In response to those original articles, VanderSloot's company had taken out ads about Zuckerman in the paper, mentioning his sexuality and questioning his ability to fairly cover the Boy Scout story. However, the actions, once again, showed how someone with lots of money can file these lawsuits and really mess up the lives of people they just don't like:

At one point, Zuckerman was subjected to roughly 10 hours of grilling by VanderSloot's lawyers about every detail of the controversy in Idaho Falls, including the breakup with his boyfriend of five years. (VanderSloot also threatened to sue the ex-boyfriend, backing off only after he recanted statements he'd made about the Boy Scouts episode.) As the lawyers kept probing, Zuckerman broke down and cried as he testified that the time after the ads appeared was one of the darkest periods of his life. VanderSloot, who had flown to Portland for the occasion, sternly looked on. (His lawsuit against Zuckerman is ongoing.)
And then there were things like this:
And that wasn't the end of it. VanderSloot's legal team subpoenaed the Obama campaign, which had run ads naming him as a major Republican donor. Apparently they believed we had somehow fed the campaign that information—never mind that our article, and the Federal Election Commission data that prompted it—was on the internet for anyone to read.

When officials from the Obama campaign refused to turn over their records—offering to confirm under oath that there had been no communication between them and Mother Jones—VanderSloot's lawyers dragged them into court, resulting in the spectacle of a major GOP donor seeking access to the Democratic campaign's emails. His lawyers did the same thing to a political researcher who had gathered information on VanderSloot and who also had no connection to Mother Jones.
While the case against Zuckerman is still ongoing, the court totally dismissed the case against Mother Jones (and its CEO who had put up a snarky tweet linking to the article), properly noting that none of the statements in question come close to defamation, as they're all protected opinion or hyperbole.

At the end of the lawsuit -- for no clear reason -- the judge, Darla Williamson, makes it clear that even though she's tossing the defamation claims, she really does not like Mother Jones' brand of journalism. It's not at all clear what that has to do with anything, but she notes that she finds its "reporting styles, and indeed the general trend in political journalism, troubling." Bizarrely, based on this little aside, VanderSloot himself has claimed he's pleased with the judge's ruling, despite the fact that he lost on every count. He's also announced that he's creating a $1 million fund to sue other media outlets that he determines are siding with the "liberal" agenda and attacking conservatives. In fact, he's announced that the ruling has vindicated himself. That link also ridiculously claims that he only lost on "technicalities." That's true if "technicalities" means "filing defamation claims over non-defamatory statements."
In response to the decision, VanderSloot said, “I feel absolutely vindicated. The judge gave us much more than a jury could have ever given us. This case was never about money. Our attempt was to vindicate our good name and to point out what type of sleazy journalism that Mother Jones put out to attack conservative positions. In our case we made a large donation in support of Mitt Romney and so they attacked me to punish me for the donation. The judge made it clear that is what happened here and that Mother Jones has little regard for the truth in its attempts to smear people it disagrees with. This case will not need to go to a jury. We are happy with that. A jury could not have given us a bigger win. We got more than what we hoped for from the court.”

Tom Clare, one of VanderSloot’s lawyers, stated, “This case was never about financial damages. It was about setting the record straight. We were going to ask the jury to award only $1 in damages, but the Court’s conclusions regarding Mother Jones’ ‘skewed’ and ‘biased’ reporting about Mr. VanderSloot are far better than any $1 verdict. It is great to get this result. My client has been totally vindicated.”
All this seems to confirm that this was nothing but a SLAPP suit from the beginning. Note that he doesn't care that he's lost the actual lawsuit and that his claims of defamation were shown to be flat out wrong. He's still pleased, because the judge didn't like Mother Jones' style. It's likely he's also pleased that the company had to waste time, money and resources to fight this lawsuit. And now he's establishing a fund to help do the same sort of thing to others.

Once again, it's stories like these that demonstrate why we need a strong federal anti-SLAPP law as well as strong state-by-state anti-SLAPP laws that would allow those sued in these kinds of lawsuits to have them dismissed quickly, and to get back their legal fees.

Read More | 12 Comments | Leave a Comment..

Posted on Techdirt - 9 October 2015 @ 8:13am

White House Takes The Cowardly Option: Refuses To Say No To Encryption Backdoors, Will Quietly Ask Companies

from the ridiculous dept

Last month, we wrote about a document leaked to the Washington Post that showed the three "options" that the White House was considering for responding to the debate about backdooring encryption. The document made it clear that the White House knew that there was zero chance that any legislation mandating encryption backdoors would pass. But the question then was what to do about it: take a strong stand on the importance of freedom and privacy, and make it clear that the US would not mandate backdoors... or take the sleazy way out and say "no new legislation for now." As we said at the time, option 1 was the only real option. You take a stand. You talk about the importance of encryption in protecting the public.

However, it appears that the White House has taken the cowardly approach. Yesterday, the leading voice in favor of mandating encryption backdoors, FBI Director James Comey, announced that the administration would not push for legislation to mandate backdoors... for now. But it will still push for backdoors quietly behind doors with companies.

After months of deliberation, the Obama administration has made a long-awaited decision on the thorny issue of how to deal with encrypted communications: It will not — for now — call for legislation requiring companies to decode messages for law enforcement.

Rather, the administration will continue trying to persuade companies that have moved to encrypt their customers’ data to create a way for the government to still peer into people’s data when needed for criminal or terrorism investigations.

“The administration has decided not to seek a legislative remedy now, but it makes sense to continue the conversations with industry,” FBI Director James B. Comey said at a Senate hearing Thursday of the Homeland Security and Governmental Affairs Committee.
This is a totally bullshit response. Of course the administration isn't asking for legislation: because everyone knows (1) it couldn't pass and (2) it would be a really, really stupid thing to ask for. In that leaked document last month, the administration noted that with this option public interest groups "would likely see this outcome as a solid win." They're wrong. This option is bullshit. It's one notch up from literally "the least they could do." It doesn't help anyone. It provides cover to countries that do want to undermine the tech industry and mandate backdoors. It leaves open the ways to pressure tech companies to secretly include backdoors that undermine everyone's safety. And, worst of all, it takes away any and all "high ground" positions for the administration to point out that it doesn't want to undermine the safety and security of the American public.

In short, the administration didn't take the strong stand when the strong stand was the only feasible path. There are enough people within the administration who know this is the stupid choice, and yet they still took it. A very weak move from an administration that should know better (and does know better), just to please some technologically-clueless law enforcement folks.

13 Comments | Leave a Comment..

Posted on Techdirt - 9 October 2015 @ 3:19am

Important California Privacy Bill Signed Into Law: Police Need A Warrant To Look At Your Data

from the now-for-federal-reform dept

For a long time now, we've been talking about the need for ECPA reform. ECPA -- the Electronic Communications Privacy Act -- is a truly outdated piece of law that law enforcement regularly abuse to conduct warrantless searches on your digital information. There are a number of problems with it, but the most cited one is the fact that it considers emails to be "abandoned" if they've been on a server for 180 days, and thus no warrant is needed to read those emails. That may have made sense in the mid-1980s when the law passed and the few people who used email downloaded their emails from a server to a local disk, but it makes no sense at all in the cloud era. However, actually getting ECPA reform through Congress has proven difficult, in large part because some in law enforcement really like this ability to snoop on your emails.

Thankfully, here in California, Governor Jerry Brown has just signed a new bill, for CalECPA, which protects users' digital information here in California. Just like the federal ECPA should do, CalECPA requires a warrant for access to digital records, including emails and text messages -- and the same goes for geographical location information.

This is a big win for EFF and the ACLU, who have been pushing for this law to make it through the California Assembly and then have Governor Brown sign it. Now, if only we could do something similar at the federal level...

16 Comments | Leave a Comment..

Posted on Techdirt - 8 October 2015 @ 2:17pm

Once More: The TPP Agreement Is Not A Free Trade Agreement, It's A Protectionist Anti-Free Trade Agreement

from the get-your-story-straight dept

We've pointed out a few times in the past that while everyone refers to the Trans Pacific Partnership (TPP) agreement as a "free trade" agreement, the reality is that there's very little in there that's actually about free trade. If it were truly a free trade agreement, then there would be plenty of reasons to support it. But the details show it's not, and yet, time and time again, we see people supporting the TPP because "well, free trade is good." The Washington Post, for example, pushed out a ridiculous editorial arguing that the TPP is cause for celebration because it will "slash tariffs and harmonize regulatory regimes."

But it's that "harmonizing regulatory regimes" thing where the real nastiness lies, and where you quickly discover that most of the key factors in the TPP are not at all about free trade, but the opposite. It's about as protectionist as can be. That's mainly because of the really nasty corprorate sovereignty clauses in the agreement (which are officially called "investor state dispute settlement" or ISDS in an attempt to make it sound so boring you'll stop paying attention). Those clauses basically allow large incumbents to force the laws of countries to change to their will. Companies who feel that some country's regulation somehow takes away "expected profits" can convene a tribunal, and force a country to change its laws. Yes, technically a tribunal can only issue monetary sanctions against a country, but countries who wish to avoid such monetary payments will change their laws.

Remember how Eli Lilly is demanding $500 million from Canada after Canada rejected some Eli Lilly patents, noting that the new compound didn't actually do anything new and useful? Eli Lilly claims that using such a standard to reject patents unfairly attacks its expected future profits, and thus it can demand $500 million from Canadian taxpayers. Now, imagine that on all sorts of other systems.

And, add in a bunch of other rules that have absolutely nothing to do with free trade -- like granting more exclusivity on pharmaceuticals or extending copyright terms. As Tim Lee writes in a detailed report on the TPP, what's really happening here is empowering the elite incumbents:

As the opportunities for trade liberalization have dwindled, the nature of trade agreements has shifted. They're no longer just about removing barriers to trade. They've become a mechanism for setting global economic rules more generally.

This trend is alarming to Simon Lester, a free trader at the Cato Institute. "We've added in these new issues that I'm skeptical of," he says. "It's not clear what the benefits are, and they cause a lot of controversy."

And this system for setting global rules has some serious defects. We expect the laws that govern our economic lives will be made in a transparent, representative, and accountable fashion. The TPP negotiation process was none of these — it was secretive, it was dominated by powerful insiders, and it provided little opportunity for public input.

The Obama administration argues that it's important for TPP to succeed so that the United States — not China — gets to shape the rules that govern trade across the Pacific. But this argument only makes sense if you believe US negotiators have been taking positions that are in the broad interests of the American public. If, as critics contend, USTR's agenda is heavily tilted toward the interests of a few well-connected interest groups, then the deal may not be good for America at all.
Again, it's hard to see how this has anything to do with free trade. While it may have begun as a free trade process, the entire "trade agenda" has long since been almost entirely co-opted by special interests who realized that the easy way to pass legislation globally is to sneak it into a "trade agreement" behind closed doors with no public discussion or debate -- and then get it approved because it's under the banner of "free trade," even if the policies actually are protectionist for large industries.

It would almost be a clever move if it wasn't so destructive for competition and innovation.

So, remember, any time you see someone saying they support the TPP because they support "free trade," they're either lying or totally uninformed. The TPP is not about free trade. It's about the opposite. It's about locking in protectionist rules for incumbent providers, which is exactly the kind of thing free trade is supposed to take away.

41 Comments | Leave a Comment..

Posted on Techdirt - 8 October 2015 @ 1:00pm

Techdirt Reading List: Learning By Doing

from the don't-fear-innovation dept

We're back again with another in our weekly reading list posts of books we think our community will find interesting and thought provoking. Once again, buying the book via the Amazon links in this story also help support Techdirt.

If you pay attention, there's been a lot of talk lately about the pace of innovation today, the incentives for innovation and (perhaps most importantly), who benefits from innovation today (and correspondingly, who loses out). Some of this is driven by fear and worry -- concerns about the impact of innovation not being nearly as strong as people expected, or that innovation will reduce jobs, or maybe just benefit the ultra-rich. It's reasonable to be concerned about this, because, if true, that would be a real problem. James Bessen's most recent book, Learning by Doing: The Real Connection between Innovation, Wages, and Wealth, is an important entrant into that debate, presenting a ton of useful evidence and history to think about.

We've mentioned Bessen many times in the past here on Techdirt, as he's been one of the leading economists studying patents, innovation and the impact of patent trolls. This book just touches on patent stuff, and, rather, focuses on the nature of innovation, how people learn to adapt and properly use new technologies over time, so that the benefit to them often lags their initial introduction, and that leads people to overreact about the supposed "negative" impacts of technology. For years I used to talk about how in the late 90s people always whined that even though corporate America had finally embraced putting computers on everyone's desks, there was no clear productivity growth associated with it. A similar thing was seen in education. In both cases, however, the problem was that people didn't really know how to use those tools properly -- and it took a "generation" to figure it out. These days, it would be crazy to suggest that computers in the workplace haven't resulted in greater productivity.

Bessen's book is a great read and it takes this idea further -- suggesting that we shouldn't be so worried about new technologies destroying jobs, but rather how it's creating a skills gap that needs to be dealt with, so that more people can make better use of the technology that we have and the technology that is on the way. Check it out.

3 Comments | Leave a Comment..

Posted on Techdirt - 8 October 2015 @ 11:56am

Appeals Court: No You Can't Copyright Yoga

from the what's-that-got-to-do-with-software dept

We first wrote about this issue more than a decade ago, but there's been a ridiculous attempt by some yoga instructors to use intellectual property to lock up certain yoga poses. While most of the focus has been on copyright, other attempts have used other forms of intellectual property as well. But the most watched legal dispute was the one brought by Bikram Yoga and Bikram Choudhury against Evolution Yoga... and the 9th Circuit appeals court has now made it abundantly clear: you can't copyright yoga.

Though Choudhury emphasizes the aesthetic attributes of the Sequence’s “graceful flow,” at bottom, the Sequence is an idea, process, or system designed to improve health. Copyright protects only the expression of this idea—the words and pictures used to describe the Sequence—and not the idea of the Sequence itself. Because the Sequence is an unprotectible idea, it is also ineligible for copyright protection as a “compilation” or “choreographic work.”
In other words, the idea/expression dichotomy actually matters. And it matters in important ways:
Following Baker, and recognizing this vital distinction between ideas and expression, courts have routinely held that the copyright for a work describing how to perform a process does not extend to the process itself.
Um... that seems rather important in that question over the question on whether or not APIs are covered by copyright. Since an API is just describing how to perform a process, it does not mean the process itself is covered by copyright.

Bikram tried to argue that copyright should be allowed for his poses because they are beautiful, but as the court points out, that's got nothing to do with anything:
Choudhury contends that the Sequence’s arrangement of postures is “particularly beautiful and graceful.” But beauty is not a basis for copyright protection. The performance of many ideas, systems, or processes may be beautiful: a surgeon’s intricate movements, a book-keeper’s careful notations, or a baker’s kneading might each possess a certain grace for at least some viewers. Indeed, from Vermeer’s milkmaid to Lewis Hine’s power house mechanic, the individual engrossed in a process has long attracted artistic attention. But the beauty of the process does not permit one who describes it to gain, through copyright, the monopolistic power to exclude all others from practicing it. This is true even where, as here, the process was conceived with at least some aesthetic considerations in mind. Just as some steps in a recipe may reflect no more than the author’s belief that a particular ingredient is beautiful or that a particular cooking technique is impressive to watch and empowering to practice, some elements in Choudhury’s Sequence may reflect his aesthetic preferences. Yet just like the recipe, the Sequence remains unprotectible as a process the design of which primarily reflects function, not expression.
Again, this seems to suggest (yet again) how wrong the CAFC got the decision over APIs.

Separately, the court rejects Bikram's attempt to claim that his yoga sequence is a form of choreography which is (somewhat ridiculously) copyrightable.
The Sequence is not copyrightable as a choreographic work for the same reason that it is not copyrightable as a compilation: it is an idea, process, or system to which copyright protection may “[i]n no case” extend.
This also offers the court an opportunity to explain how important the idea/expression dichotomy is, and the problems that arise when courts (like CAFC) get it totally wrong.
Our day-to-day lives consist of many routinized physical movements, from brushing one’s teeth to pushing a lawnmower to shaking a Polaroid picture, that could be (and, in two of the preceding examples, have been) characterized as forms of dance. Without a proper understanding of the idea/expression dichotomy, one might obtain monopoly rights over these functional physical sequences by describing them in a tangible medium of expression and labeling them choreographic works. The idea/expression dichotomy thus ensures that expansive interpretations of the categories enumerated as proper subjects of copyright will, “[i]n no case,” extend copyright protection beyond its constitutional limits.
It's good to see the court get this right and to make it clear that there is no copyright in yoga poses. But it also highlights just how bad (and wrong) the decision in the Oracle v. Google case was by CAFC.

Read More | 16 Comments | Leave a Comment..

Posted on Techdirt - 8 October 2015 @ 9:46am

The Coming Collision Between EU Privacy Regulation And American Free Speech

from the this-won't-be-fun dept

Earlier this week, we wrote about the EU Court of Justice's decision that the NSA's surveillance of the internet meant that the EU-US data protection safe harbor was invalid. As we noted, there's a lot of mess in all of this, but losing that safe harbor would be tremendously problematic for the internet. And the impact could be that the NSA basically screwed things up royally for American internet companies by spying on European users. But, the issue actually goes much deeper. As that ruling recognized, the crux of the matter was dependent on the EU's Data Protection Directive. And that Data Protection Directive is about to be updated.

And the end result may be very, very bad for the internet.

That's the conclusion of Daphne Keller at Stanford's Center for Internet and Society, who is writing a series of blog posts detailing the problems with the current drafts. At the core of the issue, as Keller notes, the worlds of "privacy protection" and "free speech/intermediary liability protection" are two separate worlds -- and people on both sides don't seem to realize just how much the two can and do overlap.

Historically, many lawyers have not drawn a connection between data protection and the law of intermediary liability. The two fields use very different vocabularies, and are for the most part interpreted, enforced and litigated by different practitioners. A lawyer who views an issue through the lens of intermediary liability and one who views the same issue through the lens of data protection may have trouble even understanding each other's concerns.
Another way to look at it, though, is basically a European approach vs. an American approach. And this is something of a generalization, but the European approach values privacy above most other factors, while the American approach values free speech above most other factors. Both approaches have pros and cons, frankly. But when you don't realize where they conflict, problems can arise. There is no doubt that Europeans, generally speaking, are much more concerned about protecting the privacy of individuals, and are quite reasonably concerned about excesses done by either governments or companies that intrude on individual privacy. The US, by comparison, has very little in the way of regulations concerning privacy, but does have very strong protections for free expression.

But sometimes "free expression" and "privacy" can clash in big, big ways.

A perfect example of the conflict would be the right to be forgotten. The big ruling out of the EU Court of Justice last year was entirely about privacy. It felt that if there was old, out-dated, irrelevant information it should be "de-linked" from databases, in order to protect the "privacy" of those individuals. The "free speech" concerns didn't even really come into play at all. It was all about "data protection."

And that's where the new General Data Protection Regulation (GDPR) can present serious problems. First, it would expand what internet companies are likely covered by the regulations. Lots of American companies, which barely have any operations in Europe, have the potential of being impacted by these rules -- which would more or less lock in the right to be forgotten in a way that might even allow it to expand.
The GDPR asserts jurisdiction over entities that offer services to or “monitor” EU users. “Monitoring” seems to be defined broadly enough to include fairly standard web and app customization features, so the law reaches many online companies outside of the EU. In practice regulators presumably will not prioritize or dedicate limited resources to policing small and distant companies. But the GDPR will be an issue for companies with growing EU user bases and presence in Europe; and regulators can choose to enforce the law against many more entities around the world.
It could also wipe out further intermediary liability protections that have been so important to the internet and its success. While the US has strong intermediary protections in the form of CDA 230, Europe already had a much weaker form of intermediary liability based on the EU's E-commerce directive. The fear is that the new GDPR could more or less eat away at the existing protections, making more companies "liable" for content posted by users, if it's somehow deemed to violate some sort of privacy right.

And, as we've pointed out for years, when you don't have strong intermediary liability protections you tend to end up with widespread censorship and gatekeepers over expression. That's because no internet company wants to face a lawsuit just because some of its users are jerks. And the new rules are not at all clear -- and vagueness will create incentives for massive censorship:
For intermediaries processing third-party data, free expression is also relevant, though in ways that can be hard to pin down in practice. The legal basis for intermediaries’ processing in the first place is often that the processing serves “legitimate purposes.” ... When an intermediary declines to honor a removal request on free expression grounds, the GDPR provision invoked is one that references only “legitimate interests.”... While undefined, such legitimate purposes and interests clearly include expression and information rights. But the GDPR and existing law provide scant detail on how to assess these interests – this was one common critique of the Costeja ruling. And important questions about whose interests may be considered – which come up in litigation about content removal – are not always addressed well in GDPR drafts. For example, one draft provision allows controllers to decline to remove content based on “legitimate interests pursued by the controller, or by the third party or parties to whom the data are disclosed[.]” ... Under this formulation, the interests of the speaker – the user whose content is indexed, transmitted, or hosted – fall out of the analysis. Data protection law’s lack of detailed provisions for free expression made more sense in an era when regulated entities were assumed to be banks, employers, medical offices, and the like. Today, inattention to the unique role of Internet intermediaries in GDPR drafting will likely lead to more removals of lawful expression – and more litigation.
On top of this it would appear to expand the right to be forgotten even further, noting a general right to "erasure" as part of the data protection regulation -- which is a pretty damn Orwellian term in this context. Erasure is a tool that we should be very wary of, because as we've seen time and time again, when you give people the power to take content down, it gets abused massively by people trying to censor all kinds of content they don't want. Protecting privacy is one thing. "Erasing" public content people just don't like is another.

As someone who has strong beliefs about protecting both privacy and freedom of expression, it seems to me like it's fairly important to make sure that everyone's on the same page about what is private and what is not. This often seems to be where much confusion lies. In the EU's right to be forgotten case, it was basically decided that old but accurate information that was publicly released in newspapers, should be considered private when linked to a person's identity. Frankly, this approach seems nonsensical to me. If we're talking about actual private information -- i.e., information that was never publicly available in a perfectly legitimate form -- then perhaps there's a point. I can understand the arguments for potentially removing truly private information. But when "private information" is so broadly defined, and then internet platforms are suddenly liable for policing such content, you have a recipe for mass censorship, or even companies moving out of offering service in Europe altogether.

On top of that, as we've discussed at length, the idea of holding intermediaries liable for the actions/statements of their users is a really dangerous idea. It creates massive uncertainty that is only going to lead to greater censorship as internet companies start blocking content just to avoid any possibility of liability.

As Keller notes in this post, if this is to not create a massive mess for the internet around the globe, those who are concerned about privacy and those who are concerned about free speech (along with those who are concerned about the internet itself) need to get on the same page or in the same room to discuss these issues. Because, so far the discussions have been separate, and the end result may be a "data protection" regulation, put in place with truly good intentions by those who believe they're looking out for important privacy interests, but the end result is to whittle away at freedom of expression and at the keys to maintaining a free and healthy internet. Pretending that you can just focus on "privacy" without considering free expression or how the internet itself works is not only foolish and naive, but potentially dangerous for the internet.

45 Comments | Leave a Comment..

Posted on Techdirt - 8 October 2015 @ 7:00am

The Right Way To Stop Piracy

from the look-at-the-evidence dept

Read the new report from The Copia Institute,
The Carrot Or The Stick: Innovation vs. Anti-Piracy Enforcement »

Ever since the internet became a place where copyright infringement was rampant, we've seen the same basic playbook from the legacy entertainment industry: pass stricter anti-piracy laws. In the 30 years predating the big fight over SOPA in 2011-2012, the US had passed 15 separate anti-piracy laws. Countries around the globe (often under pressure from the US) have passed increasingly more draconian copyright laws designed to "stop piracy." And, when they can't pass laws directly, they resort to international trade agreements, like the TPP, whereby trade negotiators (who are directly influenced by the legacy entertainment industry) negotiate deals in back rooms that require stricter anti-piracy laws. And none of it works. Sure, when a new law first goes into effect there may be an initial, short-term decrease in piracy rates, but it doesn't last for more than a few months, as people quickly go back to finding ways to access the content they want.

So how about a different approach? One that actually does work. One that has been shown, time and time again, to actually reduce piracy rates? Enabling more innovation and allowing more services to legally deliver what consumers want.

The story in Sweden is somewhat famous. Sweden was home to the Pirate Bay and had sky high piracy rates. And then Spotify -- a company also born in Sweden -- launched at home. And piracy rates fell off a cliff. But only for music. Piracy for other products such as TV and movies remained high. Under pressure from the US, Sweden passed a strict anti-piracy law, IPRED. And, when it went into effect, there was a notable decline in piracy rates... but, within months, those rates rebounded to where they had been before, as people quickly figured out new ways to do what they were doing before. And then Netflix launched in Sweden. And piracy rates for TV and movies dropped.

This story made us wonder. So, over at the Copia Institute, we've been digging into similar situations around the globe, and this morning we're releasing our latest report: The Carrot or the Stick, in which we compare attempts to ratchet up anti-piracy enforcement against simply enabling more innovation, and the impact both have had on piracy rates in a bunch of different countries. Over and over again, we find the same basic story: anti-piracy laws have little to no long-term impact on piracy. Any impact is, at best, short term. However, when innovative services are allowed to thrive, and when there's real innovation, the public is more than willing to sign up in droves, often leaving their pirating ways behind.

Thus, if the entertainment industry is truly serious about decreasing piracy, why are they so resistant to the facts? Why do they fight tooth and nail against these services, demanding rates that are sure to bankrupt them, or putting ridiculous restrictions on them that limit their value to users? Why do they demand DRM or limit selection? It's difficult to make sense of this strategy.

And, yes, I know that some will claim that the two things (anti-piracy laws and innovation) go hand-in-hand -- and that the anti-piracy laws are necessary in order to make it possible for authorized services to thrive. Once again, however, our research showed that does not appear to be the case at all. In most countries we studied, the number of authorized services tended to rapidly expand before the introduction of new anti-piracy laws. And, in fact, sometimes we saw the number of services decline after these laws were in place, and after the "winners" in the market had already been established. In other words, entrepreneurs and users of these services saw no reason to wait for these laws, and the laws themselves don't appear to have done much to encourage more innovation in the field.

You can check out the full report over at the Copia site. Oh, and as a reminder, the White House's Intellectual Property Enforcement Coordinator is still asking for feedback on how to best use the federal government's resources on this issue. One would hope that learning what's in this new report would be helpful to him in crafting his new plan.

Read More | 65 Comments | Leave a Comment..

Posted on Techdirt - 8 October 2015 @ 5:09am

Purdue University Completely Freaks Out Because Bart Gellman's Speech Shows Classified Snowden Docs Already Seen By Millions

from the academia! dept

When Ed Snowden first gave his cache of documents to reporters, there were two sets handed out. Most famously, one set went to Glenn Greenwald, Laura Poitras and Ewan MacAskill, who went to Hong Kong on behalf of the Guardian. And the other set went to Bart Gellman, who wrote up reports on them (technically as a freelancer) for the Washington Post. Yesterday, Gellman wrote about a crazy story in which Purdue University absolutely freaked out, after it realized that Gellman gave a keynote speech -- for an event organized by the University President, and which Gellman had been specifically asked to give -- that showed some of the previously released Snowden documents during his presentation. Despite promising Gellman that the talk had been recorded and a link and a copy of the video would be sent to him, instead, Purdue ended up deleting the whole thing and basically stopped responding to him.

The reason? Apparently Purdue has a deal with the US government, in order to perform classified research on behalf of the government. To do this, the university had to get "facility security clearance." And, in order to keep that status, it has to abide by certain rules on "classified information spillage." Apparently, some at Purdue decided to overreact entirely, which Gellman discovered as soon as the Q&A section opened up:

If I had the spider sense that we journalists like to claim, I might have seen trouble coming. One of the first questions in the Q & A that followed my talk was:
"In the presentation you just gave, you were showing documents that were TS/SCI [top secret, sensitive compartmented information] and things like that. Since documents started to become published, has the NSA issued a declass order for that?"
I took the opportunity to explain the government’s dilemmas when classified information becomes available to anyone with an internet connection. I replied:
"These documents, by and large, are still classified. And in many cases, if you work for the government and you have clearance, you’re not allowed to go look at them…"

"Now, it’s perfectly rational for them to say, we’re not going to declassify everything that gets leaked because otherwise we’re letting someone else decide what’s classified and what’s not. But it gets them wound up in pretty bad knots."
By way of example, I mentioned that the NSA, CIA, and Office of the Director of National Intelligence “have steadfastly refused to give me a secure channel to communicate with them” about the Snowden leaks. Bound by rules against mingling classified and unclassified communications networks, they will not accept, for example, encrypted emails from me that discuss Top Secret material. In service of secrecy rules, they resort to elliptical conversation on open telephone lines.

My remarks did not answer the question precisely enough for one post-doctoral research engineer. He stood, politely, to nail the matter down.
“Were the documents you showed tonight unclassified?” he asked.

“No. They’re classified still,” I replied.

“Thank you,” he said, and resumed his seat.
And all of that apparently set off a chain reaction where some people freaked out and alerted Purdue's "Information Assurance Officer" who then told Purdue's representative at the Defense Security Service, leading to an escalation that resulted in a DELETE EVERYTHING FREAKOUT. Of course, once Gellman published his blog post making Purdue look silly, it quickly backtracked:
In an overreaction while attempting to comply with regulations, the video was ordered to be deleted instead of just blocking the piece of information in question. Just FYI: The conference organizers were not even aware that any of this had happened until well after the video was already gone.

I’m told we are attempting to recover the video, but I have not heard yet whether that is going to be possible. When I find out, I will let you know and we will, of course, provide a copy to you.
We've talked about this a few times before, and the head in sand approach the government takes to pretending that publicly available leaked classified information is still secret. Government employees are regularly told they cannot look at such documents even if those documents are splashed across the pages of the Washington Post, the NY Times or other news sources. The rationale for this is that it takes away at least some incentive for people to force declassification by leaking documents. But it doesn't really. It just makes everyone look foolish. In the business world, most standard non-disclosure agreements include a clause that says that if the material becomes public through other means, the agreement no longer applies. It's ridiculous that the same is not true for classified information as well.

Perhaps even more ridiculous is how the University responded to Gellman's questions prior to him posting the blog post about Purdue's overreaction:
I left word for Mitch Daniels, the former Indiana governor who became Purdue’s president two years ago. Daniels had introduced my talk and asked me to speak again for guests at a dinner he held that night. He was a delightful, well-read and open-minded host, but he has not returned my messages either. I sent one last note, detailing my main points here, to Purdue’s assistant vice president for strategic communications. I’ll update with her reply if she sends one.

The irony is that the Dawn or Doom colloquium was Daniels’s own personal project. Two of the organizers told me he is fascinated by the contradictory responses – from celebration to alarm – that tend to accompany big technological advances. He proposed to convene Purdue faculty members and leading national experts to explore the risks and promises of artificial intelligence, robotics, and Big Data surveillance, among other developments.

In his own view, Dawn or Doom is not a hard question. Daniels and I chatted about that theme as we stood in the wings off stage, shortly before my talk.

“The answer always turns out to be, it’s dawn,” he said.
Except when his own university overreacts. Gellman also notes that this suggests that this whole situation speaks ill of Purdue as an institute of higher learning:
Purdue has compromised its own independence and that of its students and faculty. It set an unhappy precedent, even if the people responsible thought they were merely following routine procedures.

Think of it as a classic case of mission creep. Purdue invited the secret-keepers of the Defense Security Service into one cloistered corner of campus (“a small but significant fraction” of research in certain fields, as the university counsel put it). The trustees accepted what may have seemed a limited burden, confined to the precincts of classified research.

Now the security apparatus claims jurisdiction over the campus (“facility”) at large. The university finds itself “sanitizing” a conference that has nothing to do with any government contract. Where does it stop? Suppose a professor wants to teach a network security course, or a student wants to write a foreign policy paper, that draws on the rich public record made available by Snowden and Chelsea Manning? Those cases will be hard to distinguish from mine.
The backtracking now that the university is embarrassed is better than ignoring the issue, but it's ridiculous that it got this far in the first place.

27 Comments | Leave a Comment..

Posted on Techdirt - 8 October 2015 @ 3:06am

Matthew Keys Found Guilty Of Criminal 'Hacking' For Sharing News Company Login

from the seems-extreme dept

Two and a half years ago, we wrote about former Reuters editor Matthew Keys being indicted based on charges that he'd shared the login information for the content management system to his former employer, the Tribune Company, in an online forum and then encouraged members of Anonymous in that forum to mess things up. Some people used that access to change a story on the LA Times website. Keys insists that he didn't do this and the feds have no direct evidence linking him to whoever leaked the login (he also claims at the time of the leak he no longer had access to the Tribune Company's systems).

As we noted at the time, if we accept the DOJ's version of what happened, what Keys did definitely was the wrong thing to do. But the result was little more than annoying vandalism -- and nothing Keys did should qualify as "criminal hacking." The changes to the LA Times were up for less than an hour and quickly reverted. There was little evidence that it created any real damage, and certainly no lasting damage. And yet, because this is a "computer crime," the feds came down on Keys as if he was part of some massive criminal conspiracy. In order to use the already problematic CFAA, it needed to show more than $5,000 worth of damage, which is crazy. Even crazier... is that the feds argued $929,977 worth of damage, based on some ridiculously exaggerated estimates of the amount of time people had to work on this issue.

And now a jury has convicted Keys on all three counts. Sentencing will be in January, and while lots of people are throwing around the statutory maximum of 25 years in jail, prosecutors have said they'll likely ask for "less than 5 years" according to Motherboard's Sarah Jeong, who was at the courthouse.

I think it's clear that Keys was in the wrong in handing out the login to the Tribune's systems, if he actually did it. But should that equate to criminal hacking charges and jailtime, because it resulted in a bit of online vandalism and some annoyance for a sys admin somewhere? That seems doubtful. As Keys himself points out in a pinned tweet in his Twitter feed, if sharing logins is a criminal act, all of you who share your HBO Go or Netflix logins may want to be careful.

The problem, once again, comes back to the ridiculous CFAA and the bogeyman of "computer hackers." It was wrong to give out the login, but the idea that it did even $5,000 in damage (as required by the CFAA), let alone nearly a million in damages, is ludicrous. It's even more ludicrous that this should be a criminal offense with any jailtime at stake. Go after him in a civil case for actual damages (of which there would be very little) and move on. Keys, for his part, has said the verdict is "bullshit" and he's planning to appeal.

It's way past time that we fixed the CFAA, and the Matthew Keys verdict is just yet another reminder that Congress needs to do something.

34 Comments | Leave a Comment..

Posted on Techdirt - 7 October 2015 @ 12:53pm

Australia Finally Rejects Gene Patents

from the big-win dept

Back in 2013, in a hugely important decision, the US Supreme Court rejected the idea of gene patents, in particular the patents held by Myriad Genetics for the BRCA1 and BRCA2 genes (that are genetic warning signs for breast cancer). A parallel case was happening down in Australia, where an Australian court went the other way last year, ruling that genes could be patented. As we noted, the case could still be appealed to the Australian High Court. And now... the High Court has finally rejected gene patents.

The High Court held that an isolated nucleic acid, coding for a BRCA1 protein, with specific variations from the norm that are indicative of susceptibility to breast cancer and ovarian cancer, was not a "patentable invention"...
Specifically, the court rejected the argument that isolating the gene represented a "manner of manufacture" as required by the law to be patentable.
The Court unanimously allowed the appeal, holding that the invention claimed did not fall within the concept of a manner of manufacture. The Court held that, having regard to the relevant factors, an isolated nucleic acid, coding for the BRCA1 protein, with specified variations, is not a manner of manufacture. While the invention claimed might be, in a formal sense, a product of human action, it was the existence of the information stored in the relevant sequences that was an essential element of the invention as claimed. A plurality of the Court considered that to attribute patentability to the invention as claimed would involve an extension of the concept of a manner of manufacture which was not appropriate for judicial determination.
That's a fairly complex way of saying you can't patent genes. It's always nice to see a little more common sense enter the patent system.

Read More | 5 Comments | Leave a Comment..

Posted on Techdirt - 7 October 2015 @ 11:46am

TPP Also Locks In Broken Anti-Circumvention Rules That Destroy Your Freedoms

from the sad-to-see dept

We already wrote about how New Zealand has released some of the details about the finalized TPP agreement before the official text is released. The one we discussed is forcing participants into a "life plus 70 years" copyright term, even as the US had been exploring going back towards a life plus 50 regime like much of the rest of the world. That won't be possible any more.

Another issue revealed in the New Zealand announcement is that the TPP will similarly lock in an anti-circumvention clause. In the US, we have a really problematic anti-circumvention law in Section 1201 of the DMCA, which says it's against the law to circumvent "technological protection measures" even if for reasons that are perfectly legal and non-infringing. This has created a huge mess that threatens innovation in all sorts of problematic ways. It takes away our freedom to tinker with devices that we own. It also makes it illegal to do things that pretty much everyone agrees should be perfectly legal.

Earlier this year, some in Congress introduced a bill to fix Section 1201. However, that may not be possible after the TPP is agreed to. Again, the details matter, but here's what New Zealand has to say about this issue:

New Zealand has, however, agreed to extend its existing laws on technological protection measures (TPMs), which control access to digital content like music, TV programmes, films and software. Circumventing TPMs will be prohibited but exceptions will apply to ensure that people can still circumvent them where there is no copyright issue (for example, playing region-coded DVDs purchased from overseas) or where there is an existing copyright exception (for example, converting a book to braille).
So, yes, it appears there will be certain exceptions allowed, but again that gets the equation entirely backwards. At best, circumvention should be considered legal as the default, and the problem should only come in if the circumvention was done for the purpose of actual infringement. Starting from the position of "no circumvention" and then backdooring in "exceptions" massively hinders innovation by requiring permission before certain innovations are allowed.

Given how important this kind of innovation has been for the tech sector, it's disappointing in the extreme that the USTR has decided to lock this in and block all kinds of important innovations from moving forward. Once again, the USTR seems focused on protecting legacy industries while hamstringing innovative industries.

Read More | 45 Comments | Leave a Comment..

Posted on Techdirt - 7 October 2015 @ 10:46am

Former NSA Directors Coming Out Strongly *Against* Backdooring Encryption

from the didn't-see-that-coming dept

Earlier this summer, we were taken a bit by surprise when both former NSA/CIA boss Michael Hayden, along with former DHS boss Michael Chertoff, came out fairly strongly against backdooring encryption at a time when their counterparts still in the government seemed to be leaning in the other direction and have been pushing proposals to mandate backdoors. And it appears they're not backing down. Hayden has now doubled down with further statements against backdooring encryption, according to Lorenzo Franceschi-Bicchierai at Vice's Motherboard.

Michael Hayden, the former head of the US top spy agencies, the CIA, and the NSA, thinks the US government should stop railing against encryption and should support strong crypto rather than asking for backdoors.

The US is “better served by stronger encryption, rather than baking in weaker encryption,” he said during a panel on Tuesday.
Later, he told Lorenzo that part of his thinking is that the intelligence community doesn't need such backdoors since it has other ways of getting that info:
“In retrospect, we mastered the problem we created by the lack of the Clipper Chip,” he said. “We were able to do a whole bunch of other things. Some of the other things were metadata, and bulk collection and so on.”
Hayden is being a bit snarky there. He knows that privacy advocates will take his words about backdooring encryption and celebrate them, so he's using it at the same time to argue in favor of the other problematic programs -- programs that Hayden is most closely associated with involving mass surveillance. He's also being disingenuous. The metadata and mass surveillance efforts generally give you access to a different kind of information. What Hayden leaves out, of course, is the real reason why backdoors usually aren't that important: because there are almost always ways to hack into encrypted data, though that also raises serious questions.

Meanwhile, another former NSA director, Mike McConnell, has joined with the other two Michaels in arguing against backdoors. This according to Kaveh Waddell at the National Journal:
“Don’t get in the way of pro­gress,” Mc­Con­nell said Thursday at a pan­el dur­ing an en­cryp­tion sum­mit hos­ted by The Wash­ing­ton Post. “Don’t get in the way of in­nov­a­tion and cre­ativ­ity, be­cause this is go­ing to hap­pen. Some­body’s go­ing to provide this en­cryp­tion.”

Mc­Con­nell’s po­s­i­tion is a com­plete de­par­ture from the per­spect­ive he rep­res­en­ted in gov­ern­ment, a shift he has pub­licly ac­know­ledged. When he ran the Na­tion­al Se­cur­ity Agency in the 1990s, Mc­Con­nell was a vo­cal sup­port­er of the Clip­per Chip, a device de­veloped by the NSA that al­lowed the gov­ern­ment to de­crypt elec­tron­ic com­mu­nic­a­tions.
Of course, what's mostly left out of this discussion is that both McConnell and Hayden are now in the private sector -- Hayden at the Chertoff Group with Michael Chertoff, and McConnell at defense contracting giant (and former Ed Snowden employer) Booz Allen Hamilton -- where both have economic reasons for supporting actual stronger security, rather than undermining such security. Either way, in this debate, it seems that those pushing for backdooring encryption are increasingly being marginalized entirely. Even their normally faithful supporters have moved on into the world of reality, where backdooring encryption only leads to trouble.

19 Comments | Leave a Comment..

Posted on Techdirt - 7 October 2015 @ 6:13am

New Zealand Confirms That TPP Would Extend Copyright Terms In Many Countries, Block US Plans To Reduce Terms

from the total-failure dept

Previously leaked reports and drafts of the TPP agreement had showed that the US and Australia were strongly pushing other countries to extend the minimum copyright terms to "life plus 70 years," up from the international norm of "life plus 50 years." Mexico was actually pushing for life plus 100 at one point. This seemed bizarre to us. It's hard to see how anyone could legitimately support extending copyright terms, but the USTR refused to back down. This made no sense, given that here in the US, as we undergo a major copyright reform effort, even the head of the US Copyright Office has admitted that perhaps it's time to start moving back towards life plus 50 years here in the US.

So, now with the TPP concluded and no one willing to release the actual text, New Zealand has at least admitted that it and Canada caved and agreed to put "life plus 70" into the TPP.

TPP requires New Zealand to move to 70 years as well, but allows for a transition to do this over time.

This change could benefit New Zealand artists in some cases, but the benefits are likely to be modest. Extending the copyright period also means New Zealand consumers and businesses will forego savings they otherwise would have made from books, music and films coming off copyright earlier. The net cost of extending New Zealand’s copyright term from 50 to 70 years will be small to begin with and increases gradually over 20 years, reaching a relatively constant level after that. Over the very long term, including the initial 20-year period, the average annual cost is estimated to be around $55 million.
This is hugely problematic and, once again, shows how even if the TPP doesn't directly require changes to current US law, at the very least it locks in a very dumb provision that the US has already expressed interest in changing. And now we won't be able to because an unelected bureaucrat, negotiating behind closed doors with help from the MPAA & RIAA, pushed through provisions like this one.

52 Comments | Leave a Comment..

Posted on Techdirt - 6 October 2015 @ 2:54pm

The TPP And The Tobacco Carve-out Bring Together Strange Bedfellows... While Highlighting The Problems Of The TPP

from the not-a-good-idea dept

It's been rumored for years, but reports out of Atlanta suggest that it's now confirmed that in order to finalize the Trans Pacific Partnership (TPP) agreement, everyone agreed to carve tobacco out of the corporate sovereignty system, better known as ISDS (investor state dispute settlement). These systems allow companies to sue countries for passing regulations that the companies feel harm their ability to profit -- and tobacco companies have already filed ISDS complaints in a few countries that have pushed to put health warnings on cigarette packages.

While some health activists have cheered on this carve out -- it appears that almost everyone else is pissed off. Not because they think that Big Tobacco should be shaking down countries that pass anti-smoking laws (though, there may be some of that), but because they recognize the problems that occur when governments can start to set up trade deals that "carve out" certain industries. It's opening up a huge can of worms. Even some supporters of corporate sovereignty/ISDS are worried about what it means when one particular industry can just be excluded entirely from the process. Two of the biggest supporters of ISDS and TPP in Congress, Senators Mitch McConnell and Orrin Hatch, have both warned that the US should not carve out tobacco. Here's McConnell a few months ago, standing up for those poor, poor tobacco farmers:

“It is essential as you work to finalize the TPP, you allow Kentucky tobacco to realize the same economic benefits and export potential other U.S. agricultural commodities will enjoy with a successful agreement.”
And here's Hatch actually making a fairly salient point about the carve out:
“Although I don’t support tobacco at all, I still think it was essential,” Hatch said. “It’ll cost us some votes. And every vote is essential. And there are other things I am very concerned about. I’ve committed to read the bill, and I will read it, but right now I’m leaning against it.”
That doesn't bode well for the agreement, given that Hatch was a huge supporter of the TPP. Another Senator, Thom Tillis, has pointed out that carving out one industry opens up the possibility of carving out others:
“I’ll not only vote against it, I’ll work hard to have it defeated if it goes in the final agreement.... Once you carve out someone from dispute settlement agreements, then who’s next?”
And the tobacco carve-out, believe it or not, seems to be one thing that both big business and big labor agree on, though for entirely different reasons. The US Chamber of Commerce and the National Association of Manufacturers are totally against it:
we ask all of the TPP governments to reject the exclusion of products from the coverage of the TPP and its enforcement mechanism.... Such exclusions are unnecessary and would be highly damaging to the international rules based trading system and the prospects for the TPP.
And here was the AFL-CIO opposing the entire ISDS mechanism, and noting that the tobacco carve-out just highlights the problems of ISDS. Whereas Senator Tillis worried about "who's next" to get carved out, the AFL-CIO is pointing out that maybe there should be a lot more.
Any industry-specific carve-out will not address the serious structural problems inherent in the system itself. Issues of broad public interest should not be viewed through the narrow lens of trade and investment at all, let alone decided by unaccountable private panels. Systems of justice should be transparent and accessible on an equal basis. ISDS is anything but: Only foreign investors can use it and there are no requirements that affected communities be allowed to participate or even have their view considered. In many cases, there often are not even requirements that hearings or decisions be made available to the public at all! Even in the case of clear legal error, it is almost impossible to reverse a decision.
Indeed, as Sean Flynn pointed out just last week, carving out tobacco really just enforces how dangerous corporate sovereignty really is:
The new exception validates, rather than assuages, the concerns of those who have been criticizing ISDS systems for many years. Without express carve outs, ISDS provisions do threaten common health and safety regulations.

The carve out does nothing to halt the disturbing recent trend of companies using ISDS provisions in trade agreements to enforce international intellectual property norms through ISDS tribunals. This is, indeed, the claim at the heart of the tobacco cases now being litigated in ISDS systems. The claim is that tobacco regulations requiring plain packaging violate the trademark rights of tobacco companies protected by the World Trade Organization agreement on Trade Related Aspects of Intellectual Property Rights (TRIPS). The pharmaceutical company Eli Lilly has also claimed that the denial of a new use patent on an old (off-patent) medicine violates rights granted by TRIPS and the North Atlantic Free Trade Agreement (NAFTA).
Meanwhile, US trade officials are, of course, trying to tap dance around the fact that basically everyone absolutely hates this. The USTR has tried to pretend this isn't a big deal because tobacco is "unique."
The U.S. Government seeks to include this language because tobacco is a unique product – it is highly addictive, always harmful to human health, and the single most preventable cause of death in the world. Recognizing these facts about tobacco through the TPP will represent an important step forward for public health in the international trade community.
It's true that tobacco can be a serious health concern, but shouldn't we be raising questions about why this procedure is no good for tobacco companies, but just dandy for every other industry -- including some that produce harmful products? Or those like pharmaceutical companies who are jacking up prices to keep necessary medicines out of the hands of the poor?

Oh, and then there are those who are in complete denial, who are insisting that there really isn't a carve-out for tobacco, even though there almost certainly is (we can't say for sure, of course, because the documents are secret):
“TPP will not discriminate against any agricultural commodity nor will it exclude tobacco. On the contrary, TPP will provide protections to ensure that governments can implement tobacco control measures, while guaranteeing that tobacco has the same legal status as any other product,” a U.S. official told CQ Roll Call last week.
In short, the whole tobacco carve-out situation is a microcosm of the problems with the TPP. You have a terrible idea (corporate sovereignty) mixed with a weak attempt to appease health activists (carve out tobacco), that basically fixes nothing and satisfies no one. And, now, the same Senators in Congress who demanded the fast track authority be granted, which ties their own arms behind their backs in terms of changing the agreement, are threatening to force this change, even though they've already given up the power to do so.

29 Comments | Leave a Comment..

Posted on Techdirt - 6 October 2015 @ 1:55pm

Happy Birthday And The Problem With The Copyright Office's 'Orphan Works' Plan

from the orphan-works-are-your-fault,-don't-blame-us dept

A few weeks ago, we wrote about the big ruling by Judge George King in a district court in California that Warner/Chappell does not hold a valid copyright in the song "Happy Birthday." The press ran with the story, with nearly all of the coverage falsely stating that the judge had declared Happy Birthday to be in the public domain. As we noted in our post, however, that was not the case. While the plaintiffs had urged just such a finding, Judge King noted that there were issues related to this that a jury would need to answer, and he would not go that far. Instead, he merely stated that Warner did not hold a valid copyright. Many people assume that this is good enough. The likelihood of some third party magically showing up after all of these years and not just claiming the copyright, but having enough evidence to prove it seems very slim. Glenn Fleishman has done a nice job writing up a detailed explanation of this copyright mess for Fast Company, in which he notes the "uncertainty is maddening."

It's worse than that. As we noted in our original post, technically, this makes "Happy Birthday" an orphan work -- i.e., a work where the exact copyright status or owner is "unknown." Orphan works have been a big problem that the Copyright Office has been studying for some time. However, the solution proposed by the Copyright Office is ridiculous, and the case of Happy Birthday should demonstrate pretty simply why the proposal is broken.

The plan says that anyone who wants to make use of an orphaned work would have to meet six criteria to avoid possible liability:

Users must: (1) if sued for infringement, prove to the court by a preponderance of the evidence that they performed a good faith, qualifying search to locate and identify the owner of the infringed copyright before the use of the work began; (2) file a Notice of Use with the Copyright Office; (3) provide attribution to the legal owner of the copyright, if reasonable under the circumstances; (4) include a to-be-determined "orphan works" symbol with any public distribution, display, or performance of the work; (5) assert eligibility for such limitations in the initial pleading in any civil action involving the infringed work; and (6) state with particularity the basis for eligibility for the limitations during initial discovery disclosures.
Now, let's look at this in terms of Happy Birthday. If you want to sing Happy Birthday, you would first have to conduct and document a "good faith, qualifying search to locate and identify the owner" of Happy Birthday before you sang it. You would then have to file a "notice of use" with the Copyright Office, telling the Copyright Office about this use of an orphaned work. Now, obviously, for most folks singing "happy birthday" at a birthday party, they're not going to do that -- and that's fine. After all, they ignored the copyright when many believed Warner/Chappell held a valid copyright.

But -- and here's the important point -- all of the "professional" situations where the song was used would almost certainly have to go through this process. Films that used the song wouldn't be able to get "errors and omissions" (E&O) insurance without first proving they made it through this process (and you need E&O insurance to ever get a movie released). Restaurants that wanted to sing Happy Birthday rather than their made up song would need to do the same thing. And they'd all likely have to hire lawyers in order to properly document the "search" and to file the notice with the Copyright Office. And very few people are going to want to go through that process. It may be slightly better than paying thousands of dollars to Warner/Chappell, but not much.

How is this solution possibly a "good compromise" on the issue of orphan works? How does adding such a burden, just so someone can sing Happy Birthday, possibly make sense?

Once again, the "problem" of orphan works is a self-made problem, created by copyright laws that automatically grant copyright to all new fixed works, rather than requiring registration in the first place. If it required registration, there would be some sort of record and paper trail of who owned the copyright and when it was valid. But in a world where everything gets copyright protection, we get a world with millions upon millions of orphaned works -- and if anyone who ever wanted to do anything with it had to go through the convoluted mess just to do something like sing Happy Birthday, the "answer" is no answer at all. It's just making a bad problem worse.

The way to fix orphan works is not to increase the burden, it's to fix a broken copyright system, and to require registration in the first place.

Bonus content: This doesn't fit directly into this post about orphan works, but this video by Vi Hart about the copyright on Happy Birthday is totally worth watching, presenting the issue from the perspective of someone knowledgeable about music theory, rather than copyright law, and showing yet another way in which the idea that Happy Birthday ever deserved copyright is a ridiculous idea.

50 Comments | Leave a Comment..

Posted on Techdirt - 6 October 2015 @ 10:44am

Apple Punishes iFixit For Doing A Tear Down On Apple TV

from the really-now? dept

The past two Techdirt podcasts had special guest Kyle Wiens, the CEO of iFixit, discussing both the DMCA's anti-circumvention review process and the more general importance of the freedom to tinker. In those podcasts, Wiens talked a bit about some companies being more willing than others to support iFixit's efforts to help people repair or modify products they had purchased.

Apple, apparently, is not a fan.

The company, which is famous for its somewhat arbitrary decisions to reject certain apps from appearing in its iTunes store, has now pulled iFixit's app entirely. Though, this time it's not necessarily for "arbitrary" reasons, but because Apple is pissed that iFixit took the Apple TV device that Apple sent the company, and did a teardown on it.

Of course, that makes you wonder what the hell Apple expected iFixit to do, since teardowns are kind of its thing.

Not too long ago, we tore down the Apple TV and Siri Remote. The developer unit we disassembled was sent to us by Apple. Evidently, they didn’t intend for us to take it apart. But we’re a teardown and repair company; teardowns are in our DNA—and nothing makes us happier than figuring out what makes these gadgets tick. We weighed the risks, blithely tossed those risks over our shoulder, and tore down the Apple TV anyway.

A few days later, we got an email from Apple informing us that we violated their terms and conditions—and the offending developer account had been banned. Unfortunately, iFixit’s app was tied to that same account, so Apple pulled the app as well. Their justification was that we had taken “actions that may hinder the performance or intended use of the App Store, B2B Program, or the Program.”

Live and learn.
iFixit notes that it's not too concerned about this. Its Android app still works, and it's been improving its mobile site so you don't really need an app in the first place. And also, iFixit offers open APIs that would allow others to make their own apps that use iFixit data (though whether or not Apple would approve such an app is another question).

But, still, in this age where so much of what we buy is computerized and a complete black box, one of the key points of last week's podcast was the importance of learning what's really inside these boxes. Given that Apple's earliest roots come from Steve Wozniak hacking around devices and building something better, it seems like a real shame that Apple is not only not supporting such activities with its own equipment, but it's actively punishing those who do so.

72 Comments | Leave a Comment..

Posted on Techdirt - 6 October 2015 @ 8:21am

NSA Screws Up Another Thing: EU Court Of Justice Throws The Internet For A Loop In Ending Safe Harbor

from the well,-now-what? dept

A couple of weeks ago we wrote about the fact that it appeared that the EU Court of Justice was likely to throw out the EU-US data protection safe harbor as invalid, following a case brought over the NSA's snooping on US tech companies -- and now it has happened. The "the EU-US data protection safe harbor" may sound boring, but it's actually been fairly important in making sure that US internet companies can operate in Europe. It's been under attack for some time from those who feel that these American companies don't take European privacy interests seriously enough, but it's really the NSA and its idiotic "collect it all" mentality that has brought the whole structure crashing down. Many will celebrate this, but probably for the wrong reasons. As it stands right now, this result is undoubtedly bad for the internet. What happens next is key. If you want to blame anyone... blame the NSA. And if the US wants to fix this mess, it needs to stop mass surveillance.

The case was brought by Max Schrems, an Austrian privacy activist who argued that the NSA's PRISM surveillance program (a program that resulted from Section 702 of the FISA Amendments Act, and enables the NSA to request certain information from internet companies, once approved by the FISA Court) violates the safe harbor. The safe harbor itself was established back in 2000 in order to allow internet companies to transfer data from Europe back to the US, with a promise that the privacy of that data would be kept at a similar level as if it were in Europe. The process for getting such safe harbor protections is something of a joke (we've gone through it here at Techdirt), and mostly involves throwing money at an organization that takes money to make sure your policies comply with the safe harbor requirements. Like so many regulations, it really seems to only serve to shift money to those who make sure you comply.

Still, losing those safe harbors can really shake up the internet -- and not necessarily in a good way. While I'm sure some (probably short-sighted) privacy advocates will cheer on this result, it's going to make a mess of things for the time being. Europe has been working on a new data protection directive to update the old one (which the safe harbor is based on) and early indications are that it will be a mess, and potentially hazardous to free speech rights. In addition, the US and EU have been trying to negotiate a new data protection safe harbor anyway, and that hasn't been going smoothly, and this will continue to throw a wrench into things.

Big companies will likely be able to negotiate their way around this, but there will likely be some legal flareups in one or two countries, creating a mishmash of jurisdictional confusion over privacy rights. Smaller internet companies will now face much greater threats in doing business in Europe. Even worse, some are going to use this as an opportunity to try to fragment the internet, demanding companies keep data locally within country borders -- which actually will create more targets for mass surveillance, rather than fewer. Chances are that little will change in the immediate future -- as many companies will just keep right on doing what they're doing and hoping no one really cares. But the potential for people to bring lawsuits could shake things up.

In the specific case here, the Court of Justice found that the safe harbor was invalid, and thus it did not stop Irish officials from considering Schrems' complaint that Facebook violated his rights in making data available to the NSA. So that specific case still needs to move forward and should be interesting to watch.

In short, though, this is yet more damage directly done by the NSA and the US's ridiculous attitude towards mass surveillance, without any concern at all to the economic costs that such mass surveillance creates for US companies. As the EFF notes in its response to the news, the US brought this on itself with its idiotic mass surveillance efforts. This end result is a mess that could lead to greater fragmentation of the internet, which won't do anything to better protect people's privacy (and, actually, might make it more exposed). The only logical way forward is to move away from mass surveillance and towards a more comprehensive view of privacy that takes into account the public's rights -- including the right to free expression. Danny O'Brien at EFF sums it up nicely:

That would certainly force the companies to re-think and re-engineer how they manage the vast amount of data they collect. It will not, however, protect their customers from mass surveillance. The geographic siloing of data is of little practical help against mass surveillance if each and every country feels that ordinary customer data is a legitimate target for signals intelligence. If governments continue to permit intelligence agencies to indiscriminately scoop up data, then they will find a way to do that, wherever that data may be kept. Keep your data in Ireland, and GCHQ may well target it, and pass it onto the Americans. Keep your data in your own country, and you'll find the NSA—or other European states, or even your own government— breaking into those systems to extract it.

What will change the equation is for states, including and especially the United States, to realize that dragnet surveillance undermines their national security and the global security of our data. It has economic consequences, as regulators, companies and individuals lose trust in Internet companies and services. It has political consequences as nations vie to keep data out of the hands of other countries, while seeking to keep it trackable by their own intelligence services.

There's only one way forward to end this battle in a way that keeps the Internet open and preserves everyone's privacy. Countries have to make clear that mass surveillance of innocent citizens is a violation of human rights law, whether it is conducted inside their borders or outside, upon foreigners or residents. They have to bring their surveillance programs, foreign and domestic, back under control.
The ruling today is not a win for privacy. It creates a bigger mess, but it's one that needs to be cleaned up at the source, and that's where governments (and not just the US government) are going with mass surveillance. Unfortunately, there doesn't seem to be any indication that this is what's going to happen. Instead, expect the US and EU to try to paper over this by coming up with a new safe harbor plan that won't change anything, but which may just be more expensive for companies. That's a mistake. There's a way to fix this mess and it's to stop mass surveillance.

Read More | 45 Comments | Leave a Comment..

Posted on Techdirt - 5 October 2015 @ 12:43pm

The Stagnation Of eBooks Due To Closed Platforms And DRM

from the open-it-all-up dept

Craig Mod has a fascinating article for Aeon, talking about the unfortunate stagnation in digital books. He spent years reading books almost exclusively in ebook form, but has gradually moved back to physical books, and the article is a long and detailed exploration into the limits of ebooks today -- nearly all of which are not due to actual limitations of the medium, but deliberate choices by the platform providers (mainly Amazon, obviously) to create closed, limited, DRM-laden platforms for ebooks.

When new platform innovations come along, the standard progression is that they take the old thing -- whatever it is they're "replacing" -- and create a new version of it in the new media. Early TV was just radio plays where you could see the people, for example. The true innovation starts to show up when people realize that you can do something new with the new media that simply wasn't possible before. But, with ebooks, it seems like we've never really reached that stage. It's just replicated books... and that's it. The innovations on top of that are fairly small. Yes, you can suddenly get any book you want, from just about anywhere and start reading it almost immediately. And, yes, you can take notes that are backed up. Those are nice. But it still just feels like a book moved from paper to digital. It takes almost no advantage of both the ability to expand and change the canvas, or the fact that you're now a part of a world-connected network where information can be shared.

While I don't think (as some have argued) that Amazon has some sort of dangerous "monopoly" on ebooks, Mod is correct that there's been very little pressure on Amazon to continue to innovate and improve the platform. And, he argues (quite reasonably), if Amazon were to open up its platform and let others innovate on top of it, the whole thing could become much more valuable:

It seems as though Amazon has been disincentivised to stake out bold explorations by effectively winning a monopoly (deservedly, in many ways) on the market. And worse still, the digital book ‘stack’ – the collection of technology upon which our digital book ecosystems are built – is mostly closed, keeping external innovators away.

To understand how the closed nature of digital book ecosystems hurts designers and readers, it’s useful to look at how the open nature of print ecosystems stimulates us. ‘Open’ means that publishers and designers are bound to no single option at most steps of the production process. Nobody owns any single piece of a ‘book’. For example, a basic physical book stack might include TextEdit for writing; InDesign for layout; OpenType for fonts; the printers; the paper‑makers; the distribution centres; and, finally, the bookstores that stock and sell the hardcopy books.
And, on top of this, people creating "ebooks" are limited to the options given to them by Amazon and Apple and Google. And then it all gets locked down:
Designers working within this closed ecosystem are, most critically, limited in typographic and layout options. Amazon and Apple are the paper‑makers, the typographers, the printers, the binders and the distributors: if they don’t make a style of paper you like, too bad. The boundaries of digital book design are beholden to their whim.
The fact that all of these platforms rely on DRM -- often at the demands of short-sighted publishers -- only makes the problem worse:
The potential power of digital is that it can take the ponderous and isolated nature of physical things and make them light and movable. Physical things are difficult to copy at scale, while digital things in open environments can replicate effortlessly. Physical is largely immutable, digital can be malleable. Physical is isolated, digital is networked. This is where digital rights management (DRM) – a closed, proprietary layer of many digital reading stacks – hurts books most and undermines almost all that latent value proposition in digital. It artificially imposes the heaviness and isolation of physical books on their digital counterparts, which should be loose, networked objects. DRM constraints over our rights as readers make it feel like we’re renting our digital books, not owning them.
If ebook platforms and technology were more open, it's quite conceivable that we'd be experiencing a different kind of ebook revolution right now. People could be much more creative in taking the best of what books provide and leveraging the best of what a giant, connected digital network provides -- creating wonderful new works of powerful art that go beyond the standard paper book. But we don't have that. We have a few different walled gardens, locked tight, and a weak recreation of the paper book in digital form.

It's difficult to mourn for lost culture that we never actually had, but it's not difficult to recognize that we've probably lost a tremendous amount of culture and creativity by not allowing such things to thrive.

89 Comments | Leave a Comment..

More posts from Mike Masnick >>