Mike Masnick’s Techdirt Profile

mmasnick

About Mike MasnickTechdirt Insider

Mike is the founder and CEO of Floor64 and editor of the Techdirt blog.

He can be found on Twitter at http://www.twitter.com/mmasnick



Posted on Techdirt - 29 July 2016 @ 4:02pm

Clinton Friend, Virginia Governor Terry McAuliffe Now Pretends Hillary Never Supported TPP

from the that's-just-wrong dept

The whole silliness around Hillary Clinton at the Trans Pacific Partnership (TPP) agreement just keeps getting sillier. She should admit what pretty much everyone already recognizes: she supports the deal. She could then explain why she supports it and perhaps the public could have an honest and open conversation about the nature of these agreements. As we've noted more than once, we tend to support free trade here at Techdirt, but the TPP agreement is barely about free trade. It's mostly about investment and creating other regulatory/protectionist barriers. But Clinton's constant flip flopping on the issue is silly. Back in 2012, she declared the TPP to be "the gold standard" in trade agreements. It was only last fall, after she started facing primary pressure from Bernie Sanders, who was against the agreement, that she flip flopped and said:

“As of today, I am not in favor of what I have learned about it,” Clinton said, later adding, “I don’t believe it’s going to meet the high bar I have set.”
It got so ridiculous that Clinton deleted the section of her memoir where she talks about her support of the TPP. That's just literally trying to rewrite history.

Meanwhile, pretty much everyone has assumed that after the election, she'd flip flop right back into supporting the TPP. Back in February, the head of the US Chamber of Commerce, Tom Donohue, made it clear that he fully expected she'd flip back and this week a US Chamber of Commerce employee who spoke at the Democratic Convention (officially as a member of "Republican Women for Hillary" has also said she expects Hillary to flip back and support the agreement.

But, of course the bigger headlines came when the Clinton's close family friend and advisor, current Virginia governor Terry McAuliffe, admitted that he fully expected she'd support the TPP after the election. As we noted, this resulted in a bunch of other Clinton supporters to scream loudly about how this was crazy and Hillary was never going to support TPP. Apparently the message got back to McAuliffe, who when approached at a bar late at night by a Gawker reporter now claims not only that Hillary will never support the agreement, but that she never did in the past either.
She’s wrong. I support it. She doesn’t. She never supported it. I create jobs in Virginia, I always supported it. We’re best friends. She has never supported it.
Except, of course, she has supported it, quite clearly in the past. And almost certainly still is. I understand the political calculations here. Historically, Democrats (especially the progressive wing) have generally been against free trade. So these agreements (even when they're actually good!) are usually a tough sell to Democratic voters. But this is a weird year. Because while these agreements have almost universally been supported by Republicans, this year Donald Trump suddenly hates them -- not for all the legitimate reasons to hate them, but mainly because he doesn't understand how international trade works.

But wouldn't it be nice if Clinton could just come out and say what she really thought about the TPP and have an open conversation about it, rather than playing this "wink wink nod nod" game where basically everyone knows her true position, but she won't say it?

1 Comments | Leave a Comment..

Posted on Techdirt - 29 July 2016 @ 12:57pm

How California's Identity Fraud Law Has Been Interpreted To Criminalize Defamation, Publicity Rights Violations And More

from the yikes dept

Eugene Volokh has a somewhat terrifying look at how very broad interpretations of California's identity fraud law, California Penal Code § 530.5(a) has been so broadly interpreted by the courts that it, in effect, creates a crime out of things that were normally considered, at best, civil offenses. This includes defamation, publicity rights infringements and disclosure of private facts. He discusses a few cases, but focuses on a key one that we've mentioned: the state of California's recent legal win over Kevin Bollaert, a revenge porn creep. In our writeup, we were mainly concerned with how the ruling seemed to run against Section 230's protections, but as Volokh makes clear, it's much, much worse than that.

As Volokh notes, among the charges that Bollaert was found guilty over, there was the § 502.5(a) claim of identity theft. And, he points out, nothing in the ruling limited it to revenge porn or extortion. It was just "identifying information" for the purpose of committing a tort, which suddenly becomes a criminal offense:

But nothing in Bollaert’s § 530.5 discussion was limited to revenge porn, or to extortion.

Say, for instance, that Kendra Schmollaert, Kevin Bollaert’s second cousin, has a blog with a couple of thousand readers. She publishes a blog post that mentioned an acquaintance’s formerly private sex scandal (or medical problem) and gives the acquaintance’s name. That may well constitute the tort of disclosure of private facts, and maybe Schmollaert should be liable for that. (I think the tort is too broad and vague to be constitutional, but most courts disagree with me on that.) But, to her surprise — and, I suspect, to the surprise of most media lawyers — a prosecutor decides to charge Schmollaert criminally. Guilty!

  1. Schmollaert willfully published the aquaintance’s “identifying information” — the full name, and possibly some indication of location (e.g., if Schmollaert says the acquaintance is Schmollaert’s neighbor).
  2. Schmollaert did so with the purpose of committing a tort, namely the disclosure of private facts. (True, Schmollaert wasn’t doing this just for the sake of committing a tort, but neither was Bollaert — Schmollaert wanted to tell an interesting story, or maybe expose an acquaintance whom Schmollaert disliked, while Bollaert wanted to make money, and both purposefully used people’s identifying information as a means of accomplishing that goal.)
  3. Schmollaert didn’t reveal any nude photographs — but nothing in § 530.5(a) says anything whatever about nudity, or about photographs; as the courts have interpreted the statute, tortious disclosure of private facts is enough.
  4. Schmollaert also wasn’t impersonating anyone — but neither was Bollaert.

Or say that Schmollaert instead starts selling T-shirts that depict photographs of celebrities, with captions that give the celebrities’ names. Under California law, that’s a tort, both statutory and common-law, and might lead to liability. But again Schmollaert also turns out to be guilty of a crime:

  1. She willfully published the celebrities’ “personal identifying information” (“full names, … as well as the … photographs themselves.”
  2. She did so with the purpose of infringing the celebrities’ right of publicity.
That's... crazy. Criminalizing defamation and publicity rights infringement by broadly interpreting an identity fraud law seems very, very problematic. As Volokh notes again, it seems extra troubling that this seems to have happened without any real legislative discussion or deliberation. Again, these things may be civil offenses, but to turn them into criminal offenses is a situation that can and will be abused. Not many people will cry for Kevin Bollaert, but the precedent this sets is potentially terrifying:
I don’t think the California Legislature was trying, with § 530.5, to so broadly criminalize tortious speech. But that’s how California courts have interpreted the statute.

And this also helps show why many commentators — myself included — criticize proposed statutes based on the possible scope of their broad and vague language, rather than just focusing on the particular problem that led to the proposal. Once a statute is enacted, prosecutors will often push them to the limits of the language, especially when the defendants are bad people doing bad things (e.g., Bollaert’s revenge porn blackmail racket). And courts will often (not always, but often) read the language broadly. The story of § 530.5 is a classic example.
It remains to be seen how widely this gets abused, but it is certainly a big concern.

7 Comments | Leave a Comment..

Posted on Techdirt - 29 July 2016 @ 11:43am

Irony: Sony Pictures Sued For Failing To Stop Piracy

from the shoes-on-the-other-foot dept

For many years now, the MPAA and the various studios that make it up have filed various lawsuits against various internet platforms for not waving a magic wand and making piracy disappear. This also appears to be their big complaint against Google, which has bent over backwards trying to appease the industry and it's still not enough (of course, that may be because what the industry really wants from Google is money, not stopping piracy). But now the shoe is somewhat on the other foot as Sony Pictures is being sued for failing to stop piracy. Really.

The case stems from the infamous Sony hack from a year and a half ago, where all of Sony Pictures' emails were released onto the internet. Possibility Pictures is suing Sony claiming the hack created a breach of contract in its failure to stop piracy of its film, To Write Love On Her Arms (TWLOHA), a 2012 movie starring Kat Dennings, based on the true story of the struggles a woman went through leading to the founding of her charity (which goes by the same name as the movie). While most people focus on the emails from the hack, it should be noted that before those emails were released, the hackers released some pre-release films... including TWLOHA. And that, Possibility claims, is a breach of Sony's contract.

Reading through the full filing, the key breach appears to be of Section 16.7 of the contract, which includes an "anti-piracy authorization" stating:

So that's kind of amusing, since the clause is clearly designed to give Sony the power to send out threat letters and takedowns and use DRM and other such stuff -- but Possibility is basically turning it around on Sony and arguing that its failure to stop piracy shows that it did not use "appropriate technical measures." I'm not sure a court will go for this kind of judo move in flipping the anti-piracy authorization clause around to suggest that it puts certain contractual requirements on Sony Pictures, rather than simply authorizing it to do certain things as the language is clearly designed to do.

The lawsuit goes on and on about all of the great marketing plans Possibility had for the film (Justin Bieber's mother was going to tweet about it!), but apparently that was all ruined when the hackers, whoever they were, leaked the film. It also highlights Sony's earlier security problems, focused on the famed PSN hack, even though that's an entirely separate subsidiary from Sony Pictures. And then it spends a lot of time pointing to reporters who pointed out that Sony Pictures' computer security was abysmal. That's true... but it's not clear that's against the law. Basically, this lawsuit is mostly "Sony incompetent" and then "because of that our contract was breached."

Possibility then tries to show damages from the leak of the film.
The direct and proximate result of the foreseeable and avoidable Data Breach just four months prior SPWA's planned release of the Picture was an extreme dilution of the otherwise viable market for Plaintiff's Picture. The November 2014 Data Breach resulted in the unauthorized release of the Picture on multiple sites worldwide and destroyed the audience demand for the Picture. Following the Data Breach and worldwide pirated release of the Picture, SPWA abandoned the social marketing plans and lost all interest in promoting and marketing the Picture since it was otherwise available for free as a result of its failure to maintain adequate security of the Network. As an isolated sample of the damage caused the anticipated video-on-demand ("VOD") revenue stream of the Picture, note that in the first six days alone following the Data Breach, the stolen Picture master was downloaded-for-free a reported 19,949 times (an average rate of over 3300 illegal, revenue-free downloads per day).
So... a few things on this. First, downloads don't equate to lost sales, generally speaking, so the attempt to suggest that here without further evidence is pretty silly. Second, less than 20,000 downloads is... kinda weak. It certainly suggests there wasn't much interest in the film in the first place. Third, the idea that there's no market for a movie that's available for free online is easily debunked by the numerous movies that do quite well at the box office and in the home video market despite also being pirated online.

However, the more interesting bit is that this puts Sony Pictures in the fairly awkward position of potentially having to argue that piracy isn't really that damaging to a picture. I'm guessing that Sony Pictures and the MPAA want no part of that argument ever being filed in a court, because it will boomerang back to hurt them.

Either way, the filmmakers are demanding almost $9 million:
The amount of that revenue for which we seek payment, less amounts paid to date, is $8,738,331...
For a movie that not that many people seemed interested in?

Separately, Possibility notes that Sony pointed out that there's a binding arbitration clause in their contract, and Sony has already said that if there's a dispute it must be handled by such an arbitration setup. Possibility tries to get around this, but (unfortunately!) courts have tended to accept these binding arbitration clauses as valid.

If I had to put odds on it, I wouldn't give this lawsuit much of a chance of surviving. The attempt to turn an anti-piracy authorization clause into some sort of requirement to block piracy is a massive stretch. The mandatory arbitration clause is also a problem. Plus, the overall lawsuit is pretty weak. The claim itself is not very well backed up. Chances are Sony can get this tossed out quickly -- but it will be amusing to see if it has to argue that piracy isn't really that damaging. That would be fun.

Read More | 24 Comments | Leave a Comment..

Posted on Techdirt - 29 July 2016 @ 10:46am

Democratic National Committee Claims That Wikileaks Has 'Malware Embedded Throughout The Site'

from the say-what-now? dept

We've long been supporters of the concept of Wikileaks around here, though we've had some concerns about some of the decisions it has made. Generally speaking, though, we find the accusations and conspiracy theories around Wikileaks to be somewhat ridiculous. The latest comes buried in a Politico article about the massive amount of dysfunction within the Democratic National Committee. Apparently since Wikileaks released a bunch of DNC emails, leading to chair Debbie Wasserman Schultz stepping down, it has freed up a bunch of people to bitch and whine about her (lack of) leadership and what a mess the whole DNC has been recently.

But, buried deep within that article is this wacky tidbit:

Staff members were briefed in a Tuesday afternoon meeting in Washington that their personal data was part of the hack, as were Social Security numbers and other information for donors, according to people who attended. Don’t search WikiLeaks, they were told — malware is embedded throughout the site, and they’re looking for more data.
We've seen various organizations impacted by Wikileaks come up with all sorts of excuses and claims about why people shouldn't use the site, but "the site is embedded with malware" is a new one. It also seems hellishly unlikely. It's the kind of thing that someone would discover and it would destroy whatever credibility Wikileaks has left. I guess anything is possible, but this sounds like the DNC freaking out over the leaks and trying to spread bogus rumors in the hopes that it will get people to stop looking at their leaked files.

22 Comments | Leave a Comment..

Posted on Techdirt - 29 July 2016 @ 8:32am

The Selfie-Taking Monkey Who Has No Idea He Has Lawyers Has Appealed His Copyright Lawsuit

from the satire-is-dead dept

Welp. Here we go again. For many, many years, we've been tracking the insane legal situation of the selfie-taking monkey, whose name we were told only recently is "Naruto." Early on in this saga, back in 2011, our focus was on how the photographer whose camera was used, David Slater, had no legitimate claim to the copyright in the image, in large part because the copyright goes to whoever took the photo, and the copyright cannot go to a monkey, because copyright law is limited to "persons." Every so often Slater would pop up somewhere or somehow and yell about this -- twice representatives of his even threatened us with completely bogus legal action.

However, things took a turn for the even more bizarre a year ago when PETA, an organization that sometimes appears to focus more on professional trolling rather than on the "ethical treatment of animals" as its name suggests, claimed to represent the monkey (Naruto!) and sued Slater himself for falsely claiming the copyright. While we agree that Slater doesn't hold the copyright, neither does the monkey, because no one holds the copyright.

Amazingly, PETA, claiming to represent the interests of an Indonesian monkey, somehow secured the services of a really big name law firm, Irell & Manella, whose name should always be associated with the fact that it took this insane case. Irell & Manella (again, somehow, this is considered a respected law firm) took the nutty position that there must be a copyright in the image, and thus the monkey deserves to get it. It completely ignores the fact that not everything gets a copyright. It's as if the lawyers at Irell & Manella don't even understand how copyright law works.

The judge in the case made quick work of this and confirmed, as pretty much everyone already recognized, that a monkey can't have copyright. But, this is PETA, and PETA won't give up until the trolling has completed its course. So it appealed and it has now filed its opening brief.

I have no idea if David Schwartz at Irell & Manella is doing this pro bono or actually wasting PETA's money here, but if I were a PETA supporter/donor, I'd be pissed off that this is the way the organization is burning money:

The Constitution authorizes Congress “[t]o promote the Progress of Science and useful Arts, by securing for limited Times to Authors and Inventors the exclusive Right to their respective Writings and Discoveries.” U.S. CONST. art. I, § 8, cl. 8. Neither the Copyright Clause nor the Copyright Act contains on its face a limitation solely to authors with human attributes or characteristics. The district court erred in carving out such an exemption here. It is not necessary—indeed it is antithetical to the purpose of the Copyright Act—to specify who can be an author, as that question is determined by looking at the attributes of the work sought to be protected. The Copyright Act protects “original works of authorship,” not works of “human authors.” See 17 U.S.C. § 102. Moreover, the Monkey Selfies have all the attributes required for protection under the Copyright Act. To exempt them from protection on the sole ground that Congress did not specify that animals can be authors assumes erroneously that such specification would have been necessary.
This is pure nuttiness. The monkey selfies do not have all the attributes required for protection, because protection only goes to human beings. Why? Because copyright is supposed to act as an incentive to create. The monkey has no fucking clue about the copyright, and it had nothing to do with the incentive to create. Because it's a monkey. In Indonesia. Named Naruto. Who has no idea that some ridiculous lawyers are now in an appeals court in California pretending to represent its "interests."
Since enacting the Copyright Act of 1790, Congress and the Supreme Court have instructed that the copyright laws should be interpreted liberally in order to safeguard the “general benefits derived by the public” from works of authorship. Sony Corp. of Am. v. Universal City Studios, 464 U.S. 417, 429 (1984). Because copyright protection exists primarily to advance society’s interest in increasing creative output, it follows that the protection under the Copyright Act does not depend on the humanity of the author, but on the originality of the work itself. The Copyright Act was intended to be broadly applied and to gradually expand to include new forms of expression unknown at the time it was enacted. Congress and the courts have explained that copyright protection is critical to ensuring the general public has access to works of authorship. The public places value in these works—and, self-evidently, so do the Defendants.
I cannot believe that lawyers are actually using the case that legalized the VCR (Sony v. Universal Studios) as the basis for arguing a monkey gets copyright. And copyright protection for a monkey is in no way critical for "ensuring the general public has access to works of authorship." It is not as if the monkey having or not having the copyright changes, in any way, the monkey's incentive to click buttons on cameras left on the ground.

The lawyers pretending to represent Naruto go on to claim that even though there's pretty clear 9th Circuit precedent saying that animals lack standing to sue unless expressly granted in the law, that doesn't apply to copyright law, because copyright law is just so awesome. And they continue to claim that copyright is necessary because the work is so valuable -- which is, you know, not how copyright law works:
Yet if animals cannot be authors, there is no copyright protection for their works.... This is fundamentally at odds with the fact that “[c]opyright protection extends to all ‘original works of authorship fixed in any tangible medium’ of expression.” ... It is also antithetical to the public interest, and hence, the stated purpose of the Copyright Clause. There is no doubt that the general public has an interest in works of art, regardless of their authors’ characteristics or attributes. The tremendous interest in Naruto’s work and Defendants’ attempts to exploit that interest (and to bar others from doing so) only buttresses this conclusion.
The idea that the lawyers at Irell and Manella are literally arguing that the public domain is "antithetical to the public interest" should mark them as complete numbskulls on copyright law.

One hopes that the 9th Circuit will make quick work of this case and toss it out. But, of course, there is the fear that the 9th Circuit will do what it does all too often in copyright cases... and come out with some nutty decision. Remember, this is the circuit that (thankfully, only for a short while before it reconsidered) decided that there was a brand new separate copyright for every actor's performance in a film -- so you could see the case come out with some totally ridiculous result. So, stay tuned. Plenty of us will be, though I can assure you that a certain macaque monkey in Indonesia could not care any less about these proceedings, even if he's officially the plaintiff in the case.

Read More | 39 Comments | Leave a Comment..

Posted on Techdirt - 29 July 2016 @ 6:54am

Bruce Schneier Sounds The Alarm: If You're Worried About Russians Hacking, Maybe Help Fix Voting Machine Security

from the wake-up-call dept

We've been writing about the lack of security (and accountability) in electronic voting machines almost since Techdirt began. Our very first post on the subject, way back in 2000, declared that e-voting is not safe. Of course, over the years, we've seen more and more examples of this, from the Diebold debacle to Sequoia's security disaster. Basically e-voting is a complete clusterfuck. The machines have long been easily hackable, and the companies behind them don't really seem to care much. They frequently don't do common security practices, such as allowing for outside testing of their machines (or, even better, open sourcing their code for security testing). Instead, it's a big "trust us" and any time security researchers have gotten their hands on these things, they've discovered that the trust is totally and completely misplaced. The machines are a disaster.

Along the way, this has created significant distrust among the electorate. Not an election goes by where we don't see someone accuse the election of having been "rigged" in some manner or another, with people pointing to the insecure voting machines as the mechanism. While nothing nefarious has been proven, just the fact that this has created massive levels of distrust in one of the basic practices necessary for democracy to work is concerning.

Now, combine this with the ongoing claims of Russia hacking the DNC's computer systems (which some experts are still disputing). Whether or not it's true, Bruce Schneier is noting that this should be a very loud wakeup call for fixing the security of voting machines:

But while computer security experts like me have sounded the alarm for many years, states have largely ignored the threat, and the machine manufacturers have thrown up enough obfuscating babble that election officials are largely mollified.

We no longer have time for that. We must ignore the machine manufacturers’ spurious claims of security, create tiger teams to test the machines’ and systems’ resistance to attack, drastically increase their cyber-defenses and take them offline if we can’t guarantee their security online.

Longer term, we need to return to election systems that are secure from manipulation. This means voting machines with voter-verified paper audit trails, and no Internet voting. I know it’s slower and less convenient to stick to the old-fashioned way, but the security risks are simply too great.

As he notes, "election security is now a national security issue," but it doesn't seem like anyone in the political realm has realized this yet. Hopefully, it doesn't take the discovery of a hacked election to make the point clear.

67 Comments | Leave a Comment..

Posted on Techdirt - 28 July 2016 @ 1:11pm

Techdirt's DMCA Takedown T-Shirt, Going Fast

from the don't-miss-it dept

If you haven't yet, check out our latest t-shirt, the awesome Takedown T-shirt and hoodie -- offered in a variety of colors. These shirts (and hoodies) have been selling a lot more than we initially expected, so we wanted to make sure no one missed them.

The T-shirts are only $20 and the hoodies are a steal at $35. Personally, I've found them to be great conversation starters, and they look pretty awesome in the different colors (I bought myself a green one, which, so far, is the least popular one for reasons I don't understand).

And here's the important part: since we're doing this as a Teespring campaign, they're only available until August 1st and then the campaign ends (if there's enough demand, campaigns may reopen in the future, but there's no guarantee...). So get yours now.

1 Comments | Leave a Comment..

Posted on Techdirt - 28 July 2016 @ 10:44am

Intellectual Property Fun: Is Comedy Central Claiming It Owns The Character Stephen Colbert?

from the stephen-colbert-stephen-colbert-stephen-colbert dept

For years, when Stephen Colbert was on Comedy Central, he actually would discuss intellectual property issues with surprising frequency, including taking on SOPA back when it was a thing. Perhaps this is because he has a brother who is an intellectual property lawyer (who apparently works for the Olympics, which is not very encouraging). So it's interesting to see that Colbert is now claiming that a lawyer from Comedy Central or Viacom (he's not entirely clear) has contacted CBS to say that it holds the rights to the "character" of Stephen Colbert.

If you're not at all familiar with Colbert, this will take some unpacking. For many years, Colbert hosted a TV show on Comedy Central (owned by Viacom) called The Colbert Report, in which he played a pompous/clueless TV news blowhard... also named Stephen Colbert. A big part of the conceit was that this was a character, quite different than the actual Stephen Colbert in real life. More recently, Colbert ended that show, to move to network TV to take over David Letterman's old slot, where it's now the Late Show with Stephen Colbert. Importantly, on the Late Show, Colbert insisted that he was leaving "the character" of Stephen Colbert behind and would actually be himself, Stephen Colbert. Got that?

In the last few months, however, there have been some concerns that this new network non-character Colbert wasn't performing well in the ratings -- and part of the blame placed on that was the fact that he was no longer using the character of Stephen Colbert from the Colbert Report.

“Late Show” has had trouble finding the funny. That’s not surprising, given how reliant his Comedy Central show was on the character he played: a smug, self-absorbed conservative talk host. That character is gone now, and now the hunt is on for what works with the “real Stephen.” Some of the standing bits toss off some good one-liners, including a fake confessional booth where Colbert admits to nonsensical sins. But too many set-ups fall flat. The “cold open” at the start of the show could develop into a keeper but at the moment it feels forced and ends abruptly, rather than naturally flowing into the title sequence.
Perhaps because of this, and as an attempt to boost ratings, last week at the Republican Convention, Colbert did two things -- he brought Jon Stewart on to return to the main desk to do a story on Donald Trump... and he brought back the Stephen Colbert character:
Except... according to (not a character... we think...) Colbert, some bigwig lawyer, at Viacom or Comedy Central has called up the lawyers at CBS to say they can't do that any more.
I'm almost surprised that Colbert didn't have his brother on to talk about this, but perhaps his brother is busy sending nastygrams to companies telling them they can't tweet about the Olympics. Either way, Colbert's "solution" to this issue is to say that the character of Stephen Colbert from the Colbert Report will no longer appear on his show... but instead, there will be a character named Stephen Colbert who is the other (character) Stephen Colbert's "identical twin cousin." You can see it all in the video above, which also concludes with Colbert bringing back one of his popular Colbert Report segments "The Word," which is now rebranded as "The Werd."

Of course, with Colbert, it's never entirely clear how much of what he says is serious or not, so it's possible that this is all a ploy to boost the ratings. However, usually when he does these things, they're at least based on a kernel of truth. And, if that's the case, it'll be interesting to see if the Viacom/Comedy Central lawyers take exception to this workaround. It would certainly be a fun lawsuit to see them arguing over which forms of Stephen Colbert Stephen Colbert can use...

27 Comments | Leave a Comment..

Posted on Techdirt - 28 July 2016 @ 9:37am

United Arab Emirates Makes Using A VPN A Crime... To Protect The Local Telcos From VoIP Competition

from the also-helps-with-surveillance dept

A few years ago, the United Arab Emirates (UAE) seriously clamped down on the internet, with new regulations designed to silence criticism on the internet. There have also been efforts there to ban the use of BlackBerries and other devices that offer encryption. So, perhaps it's of little surprise that the UAE has expanded a law that had originally been designed to block VoIP usage, to ban any use of a VPN or proxy that changes your IP address, and makes it all a crime that can get you jail time:

Article 1 provides for replacing the text of Article 9 of Federal Law No. 9/2012 as follows:

Whoever uses a fraudulent computer network protocol address (IP address) by using a false address or a third-party address by any other means for the purpose of committing a crime or preventing its discovery, shall be punished by temporary imprisonment and a fine of no less than Dh500,000 and not exceeding Dh2,000,000, or either of these two penalties.
Now, you could argue that there's a condition here: that the use needs to be "for the purpose of committing a crime or preventing its discovery," but, again, remember that lots of things are a crime in the UAE, including using a VoIP provider. As the folks at Private Internet Access explain, this is a pretty big expansion of the law:
Previously, the understanding of UAE internet law was that VPN or proxy use would be prosecuted under the Telecom Law only if it was used in connection to another crime – this is now going to be set law with a set fee and mandatory jail time. Now, with President Khalifa’s newest proclaimed laws, it is OK for the UAE police to go after individual VPN users for any criminal infraction. Currently, such crimes include accessing blocked services or websites, which can only be done with a VPN or proxy, use that the UAE considers fraudulent use of an IP address. That means watching pornography (a worry for tourists) and calling home on unlicensed VoIP services (a worry for most UAE residents) such as WhatsApp, FaceTime, or SnapChat. Internet users in the UAE, especially the large masses of immigrant labor, use VPN services to get past this geographical VoIP ban to talk to relatives and friends back home.
The PIA article does point out that there is an "approved" VPN from the two state approved telcos, Etisiat and du, but that it blocks lots of services itself and is prohibitively expensive. And while the natural assumption about any attempt to ban VPNs is that it's for surveillance purposes, that may just be a side benefit here. The key focus does appear to be very much about blocking access to VoIP services to prop up the two official telcos. In other countries, the concern about net neutrality was always that telcos would do things like block VoIP. In the UAE, the government goes so far as to not just support such blocking, but actively work to criminalize the use of a VPN to get around such blocks.

19 Comments | Leave a Comment..

Posted on Techdirt - 28 July 2016 @ 8:34am

Photographer Sues Getty Images For $1 Billion For Claiming Copyright On Photos She Donated To The Public

from the one-billion dept

Getty Images has a bit of a well-deserved reputation as a giant copyright troll, sending all kinds of nasty threat letters to people who use the images that Getty licenses. And even though it's showed some signs of adapting to the modern internet world, it hasn't given up on its standard trolling practices. It's also famously bad at it, often sending absolutely ridiculous threat letters.

But it may have sent one so stupid that it could potentially cost Getty itself a lot of money. That's because it sent a threat letter to famed photographer Carol Highsmith... demanding she pay up for posting her own damn photo. That would be bad enough on its own... but it's actually much, much worse. You see, Highsmith is such a wonderful person that she donated a massive collection of her photographs to the Library of Congress -- over 100,000 of them, for them to be released royalty free for the public to use. She didn't put them fully into the public domain, though, instead saying that anyone could use them so long as they gave credit back to her. It was basically a very early kind of version of what's now known as the Creative Commons Attribution License (which didn't exist at the time she made that agreement with the Library of Congress).

And, so here was Getty Images claiming that it held the copyright on these photos, demanding that Carol Highsmith pay up for using her own photograph, which she had deliberately donated to be used freely.

That's... not legal.

So Highsmith is now suing Getty Images for violating Section 1202 of the DMCA (part of the DMCA that doesn't get nearly as much attention) for falsifying copyright management information.

The Defendants have apparently misappropriated Ms. Highsmith’s generous gift to the American people. The Defendants are not only unlawfully charging licensing fees to people and organizations who were already authorized to reproduce and display the donated photographs for free, but are falsely and fraudulently holding themselves out as the exclusive copyright owner (or agents thereof), and threatening individuals and companies with copyright infringement lawsuits that the Defendants could not actually lawfully pursue.

As described further herein below, the conduct of the Defendants runs afoul of the DMCA’s provisions proscribing the removal, modification and falsification of “copyright management information,” unlawful conduct that has injured Ms. Highsmith, thereby entitling Ms. Highsmith to the relief sought herein.
The lawsuit notes that despite informing Getty that it was in the wrong, the company continued to demand money from other people making use of her photographs. She also notes that this is not the first time Getty was found to be violating DMCA 1202, and that justifies a much larger monetary punishment.
Getty has committed at least 18,755 separate violations of 17 U.S.C. § 1202, one count for each of the 18,755 Highsmith Photos appearing on Getty’s website. Thus, Ms. Highsmith is entitled to recover, among other things, and if she so elects, aggregate statutory damages against Getty of not less than forty-six million, eight hundred eighty-seven thousand five hundred dollars ($46,887,500) and not more than four hundred sixty-eight million, eight hundred seventy-five thousand dollars ($468,875,000).

The unlawful conduct complained of herein is not Getty’s first violation of the DMCA, codified at 17 U.S.C. § 1202.

Getty was found by this Court to have violated 17 U.S.C. § 1202 within the last 3 years, and ordered to pay over $1 million in damages.

Because Getty has already had a final judgment entered against it by this Court under 17 U.S.C. § 1202 in the past three years, this Court may treble the statutory damages in this case against Getty.

Getty must therefore account for well over one billion dollars ($1B) in statutory copyright damages in this case.
The $1 billion number is a bit extreme, but it is true that Getty doesn't seem to care at all, and has been shaking down people for ages, sometimes over rights it does not hold. As the lawsuit notes, since Getty doesn't seem interested in changing its practices, perhaps a more stringent award is necessary.

If you're wondering about the previous case mentioned above, it's another one that we covered -- the weird and wacky case involving photos from Daniel Morel that were taken in Haiti, leading to a mess of a lawsuit (where almost everyone was totally confused at the beginning) that ended in Getty having to pay up for distributing a photo with incorrect attribution.

The lawsuit also goes after a smaller Getty competitor, Alamy, that is doing the same thing, and some Getty subsidiaries, LCS and Piscount, who, again, are doing the same thing (in fact, the threat letters Highsmith received were from Piscount and LCS). To make matters even more confusing, even though Alamy is a Getty competitor, it uses a Getty subsidiary, LCS, to send out threat letters demanding cash. The lawsuit explains that Highsmith called up LCS and had to talk with them for half an hour convincing them that she was the photographer, she holds the copyright and the images are all available royalty free for anyone to use (with credit back to Highsmith). LCS then informed her that the case against her "was closed" but... continued to shake down others using her images. That makes things look even worse for Getty in this lawsuit, because she can show at least some level of knowledge that they were making fraudulent copyright claims.

This should certainly be an interesting case to follow...

Read More | 52 Comments | Leave a Comment..

Posted on Techdirt - 27 July 2016 @ 3:49pm

'Wish I Had The Power' To Hack Enemies' Emails, Says Man Very Close To Having Such Power

from the maybe-time-to-pull-back-nsa-powers dept

This weird presidential election continues to get weirder. Donald Trump, perhaps upset about being overshadowed this week by the Democratic Convention, held a press conference on Wednesday morning where he said a whole bunch of completely nutty stuff. A lot of the attention is being placed on his weird possibly half-joking request that Russia hack into Hillary Clinton's emails and reveal the 33,000 that were deleted (or maybe just give them to the FBI, as he later said in a tweet). That was bizarre on a number of levels, including coming right after denying he had any connection to Russia and the possibility that they had hacked the Democratic National Committee's computer system.

But it was his follow up comment that should be a hell of a lot more terrifying. He claimed that he "wished" he had the power to hack her emails:

"Honestly, I wish I had that power," Trump responded. "I’d love to have that power."
Now, again, there's an argument that this comment was sarcastic in the same manner as the "please, Russia" comment that everyone's been focusing on.

But here's the thing: in just a few months he very well might have that power. The NSA certainly has the ability to hack into just about anyone's emails should they want to. And no matter what we feel about whether or not the NSA has or is currently abusing that power, at the very least the level of abuses aren't nearly as bad as they could be in the hands of someone who just doesn't seem to give a fuck about the Constitution or the law.

As we noted a few months ago, surveillance powers should be designed as if the person you least trust in the world had control over the systems. Whether -- to you -- that's Donald Trump, Hillary Clinton or someone else entirely doesn't really matter. It's a pretty clear reason that we should be massively curtailing the surveillance powers granted by the US government to both the intelligence community and the law enforcement community.

Here we have the nominated presidential candidate joking that he'd make use of the power -- which he'd have -- to hack into the communications of political enemies. And while some will argue this is yet another on the long checklist of reasons why Trump is not fit for the job, it's even more a condemnation of our surveillance powers today. Whatever people think of the candidates, it seems like the one thing we should agree on is vastly limiting the surveillance powers.

126 Comments | Leave a Comment..

Posted on Techdirt - 27 July 2016 @ 11:50am

Russian Copyright Law Allows Entire News Site To Be Shut Down Over A Single Copied Article

from the funny-how-that-works dept

We've noted for a long time now that copyright laws are regularly used as a tool for censorship. In Russia, abusing copyright law for censorship and to harass political opponents has become standard. Remember how the Russian government teamed up with Microsoft to use questionable copyright claims to intimidate government critics? And then how the MPAA gleefully got into bed with Russia's media censor to celebrate copyright? Of course, Russia also expanded its ability to use copyright to censor the internet, following pressure from short-sighted US diplomats, demanding that Russia better "respect" copyright laws.

And now it's resulting in the taking down of an entire news site. As TorrentFreak reports, news site Story-media.ru does appear to have copied a full article from a popular Russian news site Gazeta. That's certainly an issue, but because of that single copied article, combined with the use of anonymizing the WHOIS record, a Moscow court has ordered the entire site blocked. Think about that for a second and recognize how copyright can be used to shut down an entire publication. Now some will argue that they wouldn't have any problem if they hadn't copied that article, but copyright is one of those things that basically everyone infringes on eventually. If you don't expect this process to be abused to shut down press that powerful individuals in Russia don't like, then you haven't been paying much attention.

3 Comments | Leave a Comment..

Posted on Techdirt - 27 July 2016 @ 10:43am

Clinton Friend Admits What Everyone Knows Is True: Clinton Still Supports TPP & Will Back It

from the but-of-course dept

If you've followed the whole TPP (Trans Pacific Partnership) thing at all, and/or the Presidential election this year, you probably already know that Hillary Clinton famously flip-flopped on TPP. She was for it, before she was against it (and tried to rewrite history to hide her support of it). Of course, basically everyone recognized that her newfound concerns about TPP were made up, as a response to (at the time) surging support for Bernie Sanders, who was vocally against the agreement. But, of course, as tons of people have been saying all along, everyone expects that after the election she'll magically flip flop back to supporting TPP.

But, of course, because we're doing this big elaborate stage play called an election, no one's supposed to admit that's what's happening. Someone apparently forgot to tell that to Terry McAuliffe, current Virginia governor and long term best buddies with the Clintons. On Tuesday, he said what everyone already knows: Clinton will absolutely support the TPP after the election:

“I worry that if we don’t do TPP, at some point China’s going to break the rules -- but Hillary understands this,” he said in an interview after his speech on the main stage at the Democratic National Convention. “Once the election’s over, and we sit down on trade, people understand a couple things we want to fix on it but going forward we got to build a global economy.”

Pressed on whether Clinton would turn around and support the trade deal she opposed during the heat of the primary fight against Bernie Sanders, McAuliffe said: “Yes. Listen, she was in support of it. There were specific things in it she wants fixed.”
And, of course, her Vice Presidential pick Tim Kaine did an even faster flip flop. Last Thursday, before he was announced as the running mate, he spoke out in support of TPP.
"I am having discussions with a lot of groups around Virginia about the treaty itself. I see much in it to like,” Kaine said Thursday during a series of roundtable events in suburban northern Virginia. “I think it's an upgrade of labor standards, I think it's an upgrade of environmental standards. I think it's an upgrade of intellectual property protections."
The very next day he was named the VP pick, and suddenly he's against TPP:
Sen. Tim Kaine, Hillary Clinton's running mate, has gone on record saying he cannot support the Trans-Pacific Partnership in its current form— a stance calculated to make him more appealing to supporters of Bernie Sanders who revile the deal.

Kaine spokeswoman Amy Dudley said Saturday that the Virginia Democrat shared his negative views on the trade deal with Clinton this week, confirming a report by The Washington Post. “He agreed with her judgment that it fell short” when it came to protecting wages and national security, a Clinton aide reportedly told the newspaper.
Of course, now that McAuliffe blabbed the not-very-secret strategy of the Democratic Presidential and Vice Presidential candidates flat out lying... the Clinton campaign went into damage control mode and insisted "nuh-uh, she really is against TPP." They trotted out an "adviser," Gene Sperling to insist there's no flip flop planned:
“What she has said is she is against it now, she is against in the lame duck and she’s against it afterwards, and I do believe that when she starts her administration, she is going to want to be focused on unifying Democrats,” he said.
Then, Clinton campaign chair John Podesta also stepped up to insist that Clinton would not flip flop after the election:
Keep those links handy, folks, because after the election they may be useful. I'm posting that Podesta tweet as a screenshot, in case it magically disappears from Twitter...

Of course, the truly amazing thing here? For the longest time, it's been the Republicans who were the driving force on agreements like the TPP, and there was only pressure on getting enough Democrats to support those agreements. Now we have a Republican Presidential candidate who seems to be vehemently against the TPP (though for thoroughly clueless reasons) and a Democratic Presidential candidate who is secretly supporting it. This election season is topsy turvy.

60 Comments | Leave a Comment..

Posted on Techdirt - 26 July 2016 @ 11:59pm

EU Data Protection Official Says Revised Privacy Laws Should Ban Backdooring Encryption

from the sounds-like-a-plan dept

The EU's "Cookie Law" is a complete joke and waste of time. An attempt to regulate privacy in the EU, all it's really served to do is annoy millions of internet users with little pop up notices about cookie practices that everyone just clicks through to get to the content they want to read. The EU at least recognizes some of the problems with the law and is working on a rewrite... and apparently there's an interesting element that may be included in it: banning encryption backdoors. That's via a new report from European Data Protection Supervisor (EDPS) Giovanni Buttarelli, who was put in charge of reviewing the EU's ePrivacy Directive to make it comply with the new General Data Protection Regulation (GDPR) that is set to go into effect in May of 2018. The key bit:

The new rules should also clearly allow users to use end-to-end encryption (without 'backdoors') to protect their electronic communications.

Decryption, reverse engineering or monitoring of communications protected by encryption should be prohibited.

In addition, the use of end-to-end encryption should also be encouraged and when necessary, mandated, in accordance with the principle of data protection by design.
To be clear, this actually seems like it may go too far. There are plenty of situations where it seems completely reasonable for law enforcement to use other means to figure out ways to decrypt encrypted communications. Arguing that it should be completely outlawed seems a bit extreme. But blocking backdoors does seem like a good idea. The report also says that the use of end-to-end encryption should be encouraged to the point of being mandated in some cases:
In addition, the use of end-to-end encryption should also be encouraged and when necessary, mandated, in accordance with the principle of data protection by design. In this context the EDPS also recommends that the Commission consider measures to encourage development of technical standards on encryption, also in support of the revised security requirements in the GDPR.

The EDPS further recommends that the new legal instrument for ePrivacy specifically prohibit encryption providers, communications service providers and all other organisations (at all levels of the supply chain) from allowing or facilitating 'back-doors'.
Conceptually, this sounds good, but the implementation matters. Mandating encryption seems to be going a bit far. While I tend to think it makes sense for much more widespread use of encryption, it's not clear why the government needs to get involved here at all. And that includes in the development of such standards. In fact, as we've seen in the past, when the government gets involved in creating encryption standards, that seems to be where the intelligence community can slip in their backdoors.

Still, this is certainly an interesting development. Of course, it would also conflict with the UK's Snooper's Charter ("Investigatory Powers Act") which mandates backdoors for encryption. Though, to be fair, by the time the new rules go into practice, perhaps the UK will no longer be a part of the EU.

17 Comments | Leave a Comment..

Posted on Techdirt - 26 July 2016 @ 4:14pm

MIT Media Lab Launched Disobedience Award, Funded By Reid Hoffman

from the this-is-cool dept

Last week, Joi Ito, director of the MIT Media Lab (and a very sharp thinker on a variety of topics related to innovation) announced a really cool new award that the lab was putting together: a Rewarding Disobedience award, for $250,000, funded by LinkedIn founder Reid Hoffman:

This prize is a one-time experiment that, if successful, we will consider repeating in the future. It will go to a person or group engaged in what we believe is excellent disobedience for the benefit of society. The disobedience that we would like to call out is the kind that seeks to change society in a positive way, and is consistent with a set of key principles. The principles include non-violence, creativity, courage, and taking responsibility for one’s actions. The disobedience can be in — but is not limited to — the fields of scientific research, civil rights, freedom of speech, human rights, and the freedom to innovate.
That's a pretty cool idea for a prize. And I particularly like Michael Petricone's suggestion that the award should be named after Aaron Swartz, who of course was engaged in a great number of civil disobedience projects. And, unfortunately, one of them involved MIT turning on him, leading him to getting arrested and charged with a variety of ridiculous charges. Since then, there has been a struggle among many at MIT to figure out how that happened and what the university should do to prevent similar things in the future. Naming this kind of award after him would be a great start.

We recently wrote about the book The Idealist, about Swartz and the world of free culture (and had the author, Justin Peters, appear on our podcast for an excellent two-part discussion about the book). One things that becomes clear from the book was the absolute disbelief by Swartz and his family of the fact that MIT refused to support Swartz after his arrest. The university basically turned its back on him completely. It's something that the university still ought to do something about, and naming this award after Swartz would be a step in the right direction.

12 Comments | Leave a Comment..

Posted on Techdirt - 26 July 2016 @ 11:53am

Those Viral Trump Supporting Singing, Dancing 'Freedom Kids' Now Plan To Sue Trump Campaign

from the how-these-things-always-end dept

Remember the little girls singing a song for Trump called the USA Freedom Kids? We wrote about it earlier this year after the performance was taken down due to a copyright dispute (of course). The video of the song went viral for a week or two and then died out:

Now, the Washington Post is reporting that the group is preparing to sue the Trump campaign and are no longer sure they support him as a Presidential candidate. The details are a little confusing and no actual lawsuit has been filed, so perhaps take this with a large grain of salt. Jeff Popick, who wrote the song, and is the father of the little girl in front, is claiming that the campaign violated the agreement it had with the group. Except, it wasn't a written agreement, just a verbal one:
"This is not a billion-dollar lawsuit," Popick said. "I'm doing this because I think they have to do the right thing. And if this means having to go through the court system to enforce them doing the right thing, then that's what I have to do. I'm not looking to do battle with the Trump campaign, but I have to show my girls that this is the right thing."
Now, to be clear, a verbal agreement is just as binding under the law as a written down contract, but it's still a lot harder to enforce, because you can't point back to the actual wording of the agreement and people can obviously dispute what was actually agreed upon. In this case, the handshake agreement itself seems fairly fuzzy -- and seems to involve Popick arguing that because the campaign changed its mind on a Freedom Kids performance, it now owes them... something, including a potential performance at the RNC convention (which obviously did not happen):
When Popick first reached out to the Trump campaign about performing, he spoke with various people including former campaign manager Corey Lewandowski. His understanding from the campaign was that the Kids would make two appearances in Florida, where Popick lives. The first event didn't come to fruition, and Popick says he asked for $2,500 in payment for the second performance, in Pensacola. The campaign made a counter-offer: How about a table where the group could presell albums? Popick took the deal.

When they arrived at the venue, though, there was no table, Popick says. The result was "complete chaos," he said. "They clearly had made no provisions for that."
The campaign offered another performance, and Popick and the girls flew to that event, but upon landing were told that plans had changed.
It wasn't to be. When the plane landed, Popick had a message from the campaign staffer indicating that there was a change of plan. The campaign invited the performers to attend the rally, which they did, in their outfits. The campaign asked Popick not to talk to the media, he says, but then gave them seats within arm's length of the press. "They just were constantly coming over, wanting pictures," Popick said of the news media. "They wanted to take pictures, they wanted to ask questions — and I had to be a real jerk." The cost of the flights, rental car and hotel were all absorbed by Popick.

After that, he kept reaching out "again and again and again and again," without luck. He was passed around between staffers; calls went unreturned even after calls were promised. Emails Popick sent to the campaign (which he shared with The Post) detail the interaction between himself and the campaign and his ultimate request. "We are now asking and DEMANDING for what has been promised to us and is now long-overdue (and has been rightly earned by us); that is, a performance at the convention," an email dated July 9 reads. "Or, be made whole."
The fact that no lawsuit has yet been filed suggests that going public first is the latest method by which Popick is hoping to get paid by the campaign. Unless there are more details here, I'm not sure how much success Popick is likely to have with a lawsuit. It seems like a stretch from a legal angle. Without a written agreement, and with any verbal agreement sounding fuzzy at best, with Popick adding his own after-the-fact requirements for alternative compensation, I doubt any legal dispute stands much of a chance. Of course, it still doesn't look good for the Trump campaign, which had a (somewhat ridiculous) viral sensation in their camp and appears to have squandered it:
"At this point, my position is that I have no position, really," Popick said. "What he's done to my group or what he's not done for my group doesn't necessarily make him the best candidate, it doesn't make him the worst candidate. I still have to mull that over. He might still be the best candidate as president of the United States — or not."

"What I think I've learned," Popick added, "is that I'm not qualified to be a political commentator."
Of course, as the Washington Post article notes, Trump has a fairly long history of screwing over small businesses that he hires and then refuses to pay. So perhaps this is just the latest in a long line.

11 Comments | Leave a Comment..

Posted on Techdirt - 26 July 2016 @ 10:46am

But Wait: Copyright Law Is So Screwed Up, Perhaps The Rolling Stones Are Right That Donald Trump Needed Their Permission

from the stupid-pre-1972-sound-recordings dept

So for years and years and years, every time a musician or a group whined about politicians using their music at an event, we'd point out that they have no legal basis to complain. Assuming either the venue or the campaign (or both) had the proper blanket licenses from ASCAP/BMI/SESAC no other permission was needed. That's actually part of the point of the structure of those blanket performance licenses. Everyone recognizes that it would be virtually impossible to play music publicly without such a blanket license structure. And so, every time a musician complains that the use was "unauthorized," they're almost certainly wrong. In fact, we pointed that out (again) for the nth time earlier this week. Now, as we've said all along, we still think smart politicians and smart campaigns should first seek out musicians who don't mind (or, better yet, who endorse the candidate), because otherwise they're just giving someone famous an easy platform to slam them. But, from a legal standpoint, we've always pointed out that there's basically no legitimate argument here, and people who toss around non-copyright theories like publicity rights and Lanham Act arguments are generally wrong.

But... we forgot about one thing. Copyright law is so screwed up that there actually may be a case where the law does require permission. And it has to do with pre-1972 sound recordings. If you've been reading Techdirt for any length of time, you know that we've discussed this issue many times in the past. Historically, while compositions were covered by copyright, under the 1909 Copyright Act sound recordings were not. This resulted in a patchwork of state laws (and state commonlaw) that created special forms of copyright at the state level. Eventually, sound recordings were put under federal copyright law, but it only applied to works recorded after February 14, 1972. Works recorded before that are not under federal copyright law, but remain basically the only things under those state copyright laws (the 1976 Copyright Act basically wiped out state copyright laws for everything but that one tiny thing).

In the last few years, this has created a bit of a mess and a whole bunch of lawsuits. Why did these lawsuits just start recently? In large part because the recording industry is desperate for new revenue streams, having failed to adapt to a changing market. So they've focused an exorbitant amount of attention on using pre-1972 sound recordings as a wedge against internet platforms. We've covered various stories on this, with many siding with the labels, but a few going the other way.

Needless to say, the law around pre-1972 sound recordings is still a bit of a mess, and arguably a work in progress, and the courts struggle to sort it all out. And that brings us back to the issue of blanket licenses. The always excellent reporter Eriq Gardner has a fantastic story noting that thanks to this mess with pre-1972 sound recordings and what copyright regime they fall under, it's possible that the Rolling Stones may have a legitimate legal gripe against Donald Trump and the Republican convention, while Queen... would not. Under modern copyright law, songs recorded on or after February 15th, 1972 require an ASCAP/BMI/SESAC license for the performance rights. But performance rights for sound recordings was basically a new concept at the time, and it's unclear how they apply to pre-1972 sound recordings.

The issue is not that simple, because nothing around this particular issue is simple. However, based on at least some of the rulings in pre-1972 sound recording copyright cases, federal copyright law doesn't apply at all to those songs (other court opinions have come out otherwise). And thus, there's an argument that the requirements involving blanket licenses for pre-1972 sound recordings may not apply, because the use of the sound recording may require a special public performance license from the copyright holder:

To sum up where we're at: An ASCAP license covers the public performance of songwriting, but not the sound recording. A sound recording authored before 1972 like "You Can't Always Get What You Want" might require special permission to be performed in public. Whomever owns that song — whether it's the Rolling Stones or their record label — could bring a lawsuit asserting misappropriation.
But... it depends. In this case, it depends on the specific state copyright laws in Ohio and how a judge interpreted it. Of course, it's still tremendously unclear because, (as we noted at the time), the big ruling on pre-1972 sound recording copyrights for Flo & Eddie basically upset decades of settled law on whether or not "public performance" rights applied under state copyright law. For decades, it was strongly believed that those state copyright laws applied to things like reproduction and distribution but not public performance rights. It's only through rewriting history (and confusing some judges) that suddenly public performance rights have been shoehorned back into those mostly obsolete state copyright laws.

As Gardner points out, one of the most famous cases involving performance rights actually involves Ohio state law. It's the somewhat infamous Zacchini v. Scripps-Howard involving a question around a TV station broadcasting an "entire" human cannonball act. In a ruling that is still troubling, the Supreme Court turned performance rights into a quasi-copyright. But that ruling could be used if the Rolling Stones tried to argue that the performance violated Ohio state copyright laws on public performances. It would be a nutty case, and a risky one, but it's possible that it might work. I'm guessing the Rolling Stones aren't actually interested in following through on any actual legal threat, but this is yet one more example of just how screwed up copyright law is today.

38 Comments | Leave a Comment..

Posted on Techdirt - 26 July 2016 @ 9:32am

Declaring Cyberwar On Russia Because Of The DNC Hack Is A Bad Idea

from the calm-the-fuck-down dept

There's been plenty of talk, of course, about whether or not Russia did the hack that exposed various Democratic National Committee emails and other documents. While we've already pointed out that this shouldn't impact the newsworthy nature of the material leaked, it's still an interesting story. We've highlighted some reasons to be skeptical of the claims attributing the hack to Russia, but it does appear that more and more evidence is pointing in that direction. Thomas Rid, over at Vice, has a pretty good analysis of why much of the evidence points to Russia as being behind the attack, and the FBI is now apparently on board with that as well. While I'd still prefer more evidence, at least at this point, it should be admitted that there's quite a lot of evidence pointing in Russia's direction making it, at the very least, the most likely suspect.

But, then, of course, there's the question about what it means and what should be done about it. And we're seeing some hysterical responses. Over at Ars Technica, they have a "guest editorial" from a cybersecurity firm CEO, Dave Aitel, (who also is, of course, ex-NSA), more or less arguing that we should declare cyberwar on Russia over this:

What occurred with the recently disclosed breach of the Democratic National Committee servers, and the dumping of stolen data on a WordPress site, is more than an act of cyber espionage or harmless mischief. It meets the definition of an act of cyberwar, and the US government should respond as such.
This is insane for a variety of reasons, and hopefully no one is seriously listening to this. First of all, hacking happens all the time. In fact, as Ed Snowden points out, revealed documents show that the US itself has authorized the hacking of foreign political parties. So if Russian hackers possibly doing that to us is a "cyberwar attack" and it's the kind of thing we need to hit back on, then, uh, haven't we been committing "cyberwar" on tons of other parties via the NSA -- for which we, too, deserve retaliation?

Second, the idea that hacking into a political party's servers is "cyberwar" is a ludicrous exaggeration -- especially when their own security practices were suspect. As the ACLU's Chris Soghoian reminds us, it wasn't that long ago that our very own CIA director John Brennan found his personal email hacked by a 16-year-old. Was that a "cyberwar attack" as well? People are going to get hacked. It happens. Sometimes because they have weak security, and sometimes because the hackers are persistent and determined (no system is completely secure). That, alone, should never make it something that escalates to the level of "war."

Finally, beware of so-called "cybersecurity" firms continuing to beat this drum. Their entire business relies on keeping people freaked out about this stuff, including the idea that "nation state" hackers are trying to break into everything. They have lots of incentive to play up attacks and get people worked up about "war." "Cyberwar" (whatever the hell that means) is good for business for cybersecurity companies. In fact, some of those companies admit that the lessening of "cyber" tensions between the US and other countries is bad for their business:
None of this is to deny that nation state-level hacks may very well be happening. But let's keep things in perspective. Even if something like a "cyberwar" (again, whatever that means) happens, it's likely to be a lot less bloody than an actual war, and so much of the talk about this seems to be driven entirely by people who have a vested interest in promoting greater fear -- with little reason to suggest that, perhaps, this isn't a huge deal. In fact, perhaps a lot of this could be helped by simply employing better security practices and more encryption. But, you know, those kinds of solutions don't make headlines. "Cyberwar" does.

38 Comments | Leave a Comment..

Posted on Techdirt - 26 July 2016 @ 7:04am

Russian Censor Bans Comodo... Doesn't Realize Its Own Security Certificate Is From Comodo

from the ow!-my-foot!-shot-it-right-off! dept

The Russian government's state censorship organization, Roskomnadzor (technically its telecom regulator) has been especially busy lately as the government has continued to crack down on websites it doesn't like. However, as pointed out by Fight Copyright Trolls, it appears that Roskomnadzor may have gone a bit overboard recently, in response to a court ruling that had a massive list of sites to be banned (over a thousand pages). Apparently, as part of that, various sites associated with Comodo were all banned. That's pretty bad for a variety of reasons, starting with the fact that Comodo remains one of the most popular issuers of secure certificates for HTTPS.

In fact, as many quickly noted, Roskomnadzor's own website happens to be secured with a certificate from... Comodo:

It's not entirely clear the impact of this, but the Rublacklist site appears to be implying (via my attempt at understanding Google translate's translation...) that this also means that sites that rely on Roskomnadzor's registry of sites to block... may be blocked from accessing the list. Because its own site is effectively blocked by the list. Oops.

19 Comments | Leave a Comment..

Posted on Techdirt - 26 July 2016 @ 4:06am

Will The FTC Investigate People & Companies Paid By Facebook To Use Facebook Live?

from the seems-to-violate-their-standards dept

In the last few months, Facebook Live has certainly become "a thing." Launched just recently, it was suddenly everywhere -- from the pure (but very viral) joy of Candace Payne and her Chewbacca mask to the live streaming of the tragic aftermath of Philando Castile being shot by a police officer in Minnesota. Of course, it appears that part of the reason why Facebook Live is getting so much usage isn't necessarily that it's a better product than its competitors, but rather that Facebook has been generously throwing around cash to all sorts of people and companies to get them to use the platform. Last month, it was reported that Facebook was paying many millions of dollars to big media players in exchange for them promising to broadcast via Facebook Live:

According to a document recently obtained by the Wall Street Journal, the social networking giant has signed as many as 140 contracts worth a total of $50 million.

The list of media outlets being paid by Facebook includes traditional players such as CNN and the New York Times, the Journal says, as well as digital-only publishers like Vox, Mashable, and BuzzFeed. The celebrities who are being compensated for creating live video include comedian Kevin Hart and chef Gordon Ramsay.

Some contracts are worth smaller amounts, while 17 of the deals Facebook has signed are worth more than $1 million, according to the document obtained by the Journal. Two media outlets are getting paid more than $3 million to create live video—BuzzFeed and the New York Times, and CNN is not far behind, with a reported payment of $2.5 million.
Later in that article, it notes that BuzzFeed is getting $250,000 per month, for 20 Facebook Live videos each month. Good money if you can get it!

Then, a few weeks later, another report came out, noting that Facebook was trying to buy successful YouTubers and Vine users away from those platforms by giving them cash to use the platform as well:

For example, the Journal says it has seen documents that show Facebook is paying Vine star John Paul Piques $119,000 to post at least five videos on its live-streaming service over the next two months. That’s the equivalent of $24,000 per video. And he is just one of about two dozen other Internet celebrities and video stars who have signed similar deals.

The newspaper says the highest-paid independent video performer appears to be Ray William Johnson, who developed a following for a YouTube show called “The Equals Three Show,” in which he makes fun of viral videos. He could make as much as $224,000 over the next six months.

This kind of thing doesn't always work well, for a variety of reasons, but it appears that maybe it's actually succeeding this time. It'll be worth watching to see how well things go after the money runs out.

Still, there's another question that is raised by these stories: are Facebook and all of these other companies and individuals running afoul of the FTC's social media guidelines? And might the FTC crack down? Now, to be clear, I'm skeptical about the FTC's rules because they create free speech questions. So far, the FTC's enforcement over its own guidelines has been, well, haphazard and seemingly arbitrary at best. However, the FTC did update its guidelines last year, and it seems like not disclosing these payments could create some problems, if the FTC decided to step in.

The guidelines themselves seem more focused on "endorsements," but the question here is whether or not merely using the platform to post new videos is considered an "endorsement." Under the current guidelines, the FTC has a fairly loose standard of how the situation impacts the credibility given to the person or company by their audience:
The question you need to ask is whether knowing about that gift or incentive would affect the weight or credibility your readers give to your recommendation. If it could, then it should be disclosed.
They also note that merely using a product could be seen as an endorsement:
Simply posting a picture of a product in social media, such as on Pinterest, or a video of you using it could convey that you like and approve of the product. If it does, it’s an endorsement.

You don’t necessarily have to use words to convey a positive message. If your audience thinks that what you say or otherwise communicate about a product reflects your opinions or beliefs about the product, and you have a relationship with the company marketing the product, it’s an endorsement subject to the FTC Act.
While it's not a direct parallel, you could see how this is pretty close to the situation at hand. People viewing these videos are getting the message that these media companies and individuals approve of Facebook Live -- and yet many have not disclosed that they have a strong financial incentive to use the product. It seems like they may be in trouble if the FTC ever decides to take a look.

The question, then, is whether or not the FTC will bother?

17 Comments | Leave a Comment..

More posts from Mike Masnick >>