minilinks for 2008-08-06

Posted by Hugh D'Andrade

• DHS Issues Policy on Laptop Seizures
  Rules released by Homeland Security say agents can seize laptops and their contents without suspicion of wrongdoing.
  
• Privacy Group Spies on Google
  The National Legal and Policy Center used Google's street view to virtually stalk a Google executive.
  
• CriminalSearches.com
  A new website allows users to search criminal databases for free, raising privacy concerns (log-in may be required).
  
• When Google Owns You
  Google user Nick Saber suddenly found himself locked out of all his Google accounts -- email, photos, storage. What rights does he have?
  
• Judge Hints at Mistrial in RIAA v. Thomas
  The federal judge in the first P2P copyright infringement trial has had second thoughts about the "making available" argument that convicted the defendant Jammie Thomas.
  
• TSA Halts Signups for "Clear" After Laptop Loss
  A laptop with the personal information of 33,000 people was lost in the San Francisco Airport, leading the TSA to stop signups for a service that speeds registered travelers through check-in.
  
• University Clears Tor Researchers of Misconduct
  Officials at the University of Colorado have found that a team of computer scientists did not violate US wiretapping laws in their research.
  

[Permalink]

Victory for DVRs in the Cloud

Posted by Michael Kwun

Twenty-four years ago in the Sony Betamax case, the Supreme Court declared that using a VCR to "time-shift" — to record a television program for viewing at a later time — was a fair use. Today, the Second Circuit rejected [PDF] an attempt by the content industry to change the rules of the game if your video recorder is stored "in the cloud" on the Internet.

In March 2006, Cablevision announced that it would be launching a "remote storage" DVR (RS-DVR) system that would operate much like a TiVo, except that the recordings would be stored on hard drives in Cablevision buildings rather than on a box under a consumer's television. A collection of studios and networks sued Cablevision, arguing that RS-DVRs would violate copyright.

Wait, doesn't the Sony Betamax case say that time-shifting is legal? Yes, but that's not what the plaintiffs complained about. Indeed, they carefully avoided attacking what the consumers would be doing. They instead argued that an RS-DVR is different, because Cablevision is making the copy, and that somehow makes all the difference.

Cablevision, supported by EFF and other amici, explained that this was the wrong way to think about things. When a consumer presses the record button on a remote control, it's the consumer who's making the copy, regardless of whether the copy is being stored on a hard drive a few feet away, or in a data center miles away. Although the district court agreed with the plaintiffs, the appellate court today resoundingly sided with Cablevision, EFF, and the other amici that supported Cablevision:

In the case of a VCR, it seems clear . . . that the operator of the VCR, the person who actually presses the button to make the recording, supplies the necessary element of volition, not the person who manufactures, maintains, or, if distinct from the operator, owns the machine. We do not believe that an RS-DVR customer is sufficiently distinguishable from a VCR user to impose liability as a direct infringer on a different party for copies that are made automatically upon that customer’s command.

This is exactly the right result. As we pointed out in our amicus brief, a rule holding Cablevision liable merely because it housed and maintained the servers in this case could imperil a wide variety of innovative business models that rely on the use of remote computing, ranging from examples like Internet-enabled self-service photo processing and printing, to cloud computing services offered by companies like Amazon, Apple and Google.

That's not all there was to cheer in the Cablevision decision. The court also reminded everyone that in order to be a "copy" for purposes of copyright law, a work must be "sufficiently permanent or stable to permit it to be . . . reproduced . . . for a period of more than transitory duration" (here, the court concluded that data in temporary buffers in the Cablevision system that would be overwritten in, at the longest, 1.2 seconds were of transitory duration). In the digital age, where routers and caches often make fleeting copies of bytes in the ordinary course, this was welcome news.

And, finally, the court rejected the plaintiffs' argument that Cablevision was engaging in unauthorized public performances. The way the Cablevision system was designed, every time a consumer decided to record a given show, Cablevision would store a separate copy of that program, and each of those copies could be played back only by the consumer who recorded it. The plaintiffs urged the court to hold that if 1000 copies of the season finale of Desperate Housewives are played back in 1000 households, that's a public performance. The court instead correctly concluded that each of those copies is playable in only one household, which means that we're talking about 1000 private viewings, not a public performance.

Just three years ago, in MGM v. Grokster, the Supreme Court proclaimed that copyright law should "leave breathing room for innovation and vigorous commerce," and today the Second Circuit has done just that.

[Permalink]

Congress Bows to Big Content, Scapegoats Higher Ed

Posted by Corynne McSherry

Last week, after months of intensive wrangling, the House and the Senate finally agreed on a final version of the Higher Education Act (HEA). Buried in this massive bill, which touches on virtually every aspect of education, is a little provision requiring campuses to develop “plans to effectively combat the unauthorized distribution of copyrighted material, including through the use of a variety of technology-based deterrents.” Those deterrent include bandwidth shaping and traffic monitoring, but also use of filtering technologies such as Audible Magic. “To the extent practicable,” colleges and universities must also offer legal alternatives for file-sharing, such as music services like Ruckus.

There are at least three major problems with this. First, at least some of the “technological deterrents” colleges are being pushed to adopt simply won’t work. The Common Solutions Group, a consortium of 25 educational institutions, looked at the leading “infringement suppression” technologies and concluded that they were expensive, not very effective, and could suppress legitimate as well as infringing traffic. The Association for Computing Machinery found that the mandatory use of these technological deterrents would “add to the costs of education and university research, introduce new security and privacy issues, degrade existing rights under copyright, and have little or no lasting impact on infringement of copyrighted works.”

Second, the students have little interest in the “alternatives” now on offer, such as Ruckus and cDigix. It’s not hard to see why. As Steve Worona of Educause notes, “Even when offered for free, students stayed away in droves. The selection of songs was too small or the music couldn't be downloaded to iPods or the content couldn't be moved from device to device.” Now, rather than ditching these unpopular services, colleges and universities will have to promote them.

Third, this legislation is based on two fundamentally flawed premises: that college networks are the central nodes of illegal file-sharing in the U.S., and that the managers of these networks aren’t doing much to stop it. In reality, there’s no evidence that students are any more or less guilty of illegal file-sharing that the general population. In fact, last year the MPAA finally admitted that its oft-repeated claim that students were responsible for 44% of MPAA members’ lost revenue due to file-sharing was just wrong. And colleges and universities already do much more than any commercial ISP to educate their customers (students) about the risks of illegal file-sharing, and to punish those who engage in it.

But maybe this lemon of a bill could be turned into lemonade. If Congress wants colleges and universities to cut down on illegal file-sharing, perhaps those educational institutions should propose a real alternative — voluntary collective licensing.

[Permalink]

Sapient and Explorologist Settle Lawsuit

Posted by Corynne McSherry

Explorologist Ltd. and an online critic have settled their legal battle over a YouTube video challenging Uri Geller's claims about his mental powers.

EFF and Schnader, Harrison, Segal & Lewis, LLP, represent Brian Sapient, who uploaded an excerpt from a documentary that critiqued Geller's performances and abilities to YouTube. Explorologist claimed the clip infringed its copyrights. More information about the case is available here.

The agreement should allow the healthy debate about the existence of 'supernatural powers' to continue without interference. As part of the legal settlement, Explorologist has agreed to license the disputed footage under a non-commercial Creative Commons license, preempting future legal battles over the fair use of the material. A monetary settlement was also reached.

[Permalink]

FCC Rules Against Comcast for BitTorrent Blocking

Posted by Fred von Lohmann

On Friday, the FCC voted, 3-2, to punish Comcast for its surreptitious interference with BitTorrent uploads (a practice that EFF helped uncover and document in October 2007). The Commission adopted an order (text of which hasn't been released yet) finding that Comcast violated the neutrality principles set out in the FCC's 2005 "Internet Policy Statement." According to the statement released by FCC Chairman Martin, the order will require Comcast to disclose its practices and stop discriminating against BitTorrent traffic (Comcast, for its part, has already announced that it will be moving to different mechanisms to throttle high-bandwidth users.)

We're pleased that the FCC recognized that Comcast's behavior violated the Internet Policy Statement and could not be excused as "reasonable network management" -- we said as much in our comments to the FCC. We are particularly encouraged that the Chairman Martin specifically took Comcast to task for not adequately disclosing what it was up to -- for the free market to work, customers needs to know what they are buying.

But it's important to recognize that this is just the beginning, not the end, of the fight. The Commission made it clear that it intends to police this frontier of net neutrality on a case-by-case basis, responding to specific consumer complaints. In order to bring these kinds of complaints, however, concerned Internet users need more and better tools to detect ISP misbehavior. That's why EFF today announced the release of the Switzerland network testing tool, the second tool released by EFF's "Test Your ISP" project.

There is one aspect of Friday's FCC ruling, however, that seriously troubles us. Consider how the FCC got here. In 2005, without any authority or guidance from Congress, the FCC announced a "policy statement." Now, in 2008, it decided that it has the power to enforce the policy statement and announced an "enforcement framework" that will be applied to future complaints. Again, all this without authority or guidance from Congress. As Commissioner McDowell put it in his dissent from the Comcast order, "Under the analysis set forth in the order, the Commission apparently can do anything [to regulate the Internet] so long as it frames its actions in terms of promoting the Internet or broadband deployment." Can the FCC be trusted with that kind of power? Remember, historically, the FCC has been subject to "regulatory capture" -- in other words, over time, they end up doing the bidding of the very telecom giants they are supposed to be regulating.

So while there is a great deal to like about the Internet Policy Statement, and today the FCC appears to have come to the right conclusions about Comcast's behavior, what if the next "policy statement" turns out to be a disaster for net neutrality? After all, a polar bear makes a great bodyguard, until it decides to eat you.

[Permalink]

minilinks for 2008-31-07

Posted by Hugh D'Andrade

• Kansas Sentator Outraged by Chinese Spying
  Senator Brownback objects to dragnet surveillance — when it is done by other countries.
  
• Networks Sue Redlasso
  Fox and NBC made good on a threat to sue Redlasso, the popular service that allows users to clip and post TV shows.
  
• Is the Air Force Immune to DMCA Suits?
  A DMCA suit against the US Air Force alleging copyright infringement and anti-circumvention violations was thrown out of federal court on the basis of "sovereign immunity."
  
• Pelosi's Revisionist FISA History
  The Speaker's version of events somehow overlooks her own cooperation in giving the President unprecedented spying powers.
  
• Bill to Ban Kids from Using Facebook in Libraries
  An Illinois Republican has submitted a bill that would ban children from using Facebook and other social networking tools on public library computers.
  
• ACTA: Canadian Public Left Out of Anti-Counterfeiting Trade Talks
  Michael Geist reports on the secret ACTA talks, and the Canadian government's "insider" group of government departments and industry lobbyists with special access to treaty discussions.
  
• The Ultimate Guide to Internet Law
  A great resource for summaries of court decisions in the growing field of Internet law.
  
• How the MPAA Wants to Break Your TV (Again)
  Public Knowledge has produced this nifty video explaining the problem with Selectable Output Controls.
  
• Location Monitors: Fun for the Whole Family!
  Sprint's Family Locator lets parents keep track of their kids' location using cell phones.
  

[Permalink]

Senators Announce New Intellectual Property Enforcement Bill

Posted by Richard Esguerra

Last week, members of the Senate Judiciary Committee introduced S. 3325, the "Enforcement of Intellectual Property Rights Act of 2008," a bill that proposes a number of alarming changes to copyright law. The bill is the Senate's gift to big content owners, creating new and powerful tools -- many of which will be paid for by your tax dollars -- for the entertainment industry to go after infringers. But it doesn’t offer a lick of protection for legitimate innovators and technology users that may be buried by the copyright juggernaut.

One of the bill's most disturbing changes would give the Attorney General new powers to sue individuals on behalf of rightsholders like the MPAA and the RIAA. Bill proponents claim that these new powers, which would allow the AG to bring "milder" civil as well as criminal actions, are necessary because some offenses don’t rise to the level of criminal conduct. This justification just doesn’t make sense. If it’s a low-level offense, why should our top cops pursue it? Traditionally, those types of offenses can and will be pursued by the parties who believe they have actually been harmed, namely the copyright owners. The real "problem" may be that some so-called "offenses" can’t be proven beyond a reasonable doubt, the standard for any crime. This new provision would allow the AG to sidestep that high burden of proof -- a burden that gives the average citizen an important measure of protection from the overwhelming power of the government.

The Attorney General of the United States surely has better things to do than serving as muscle for the entertainment industry, especially when that industry is clearly well-capable of enforcing its copyrights on its own.

The bill also seeks to create an Intellectual Property Enforcement Coordinator position in the Executive Office, with an advisory committee consisting of members from various government departments and agencies. Given the extraordinary budget pressures lawmakers now face, it is shocking that they would consider funding a new layer of federal bureaucracy. In fact, the DoJ itself has spoken out against similar Congressional efforts to rearrange its priorities with bureaucratic meddling.

There's more: another provision creates new categories of infringement at the border, suggesting that individuals need the permission of copyright holders to bring copies of music or movies with them overseas or even through the United States. If the bill is passed, something as simple as taking your iPod to Mexico could be considered an infringement of the copyright owners’ distribution right. The bill also proposes to lengthen the list of items that can be impounded as part of a civil copyright infringement suit, while broadening the list of articles that can be seized and destroyed by the government. (Meanwhile, the Anti-Counterfeiting Trade Agreement (ACTA) is being negotiated in secret by a number of countries, pairing this unprecedented public threat with a potentially catastrophic secret one.)

Whether or not you believe the entertainment industry’s claims about the extent of the piracy problem, there is no reason the American taxpayer should be picking up Hollywood’s legal costs while movie studios are celebrating record box office returns and record-breaking single-title revenues.

[Permalink]

In Memoriam: Ed Foster, 1949-2008

Posted by Fred von Lohmann

Ed Foster, the journalist and consumer advocate behind InfoWorld's GripeLine column and GripeLog blog, died of a heart attack this weekend. He was 59.

It's no exaggeration to say that Ed was one of the preeminent consumer rights activists of the digital age. During his more than 20 years as a "reader advocate" at InfoWorld, he was far ahead of his time, recognizing that in a world increasingly dominated by software and online services, the digital consumer needed a champion when squaring off against the likes of Microsoft, Adobe or AutoDesk. Following in the traditions of the best consumer reporters before him, Ed exposed software vendors and online service providers that treated their customers shabbily.

But it was in his tireless work against "sneakwraps" -- those "end user license agreements" (EULAs) and "terms of service" (TOS) that require our "agreement" -- that Ed was without peer. You may not be reading all those "agreements" before you click thru, but Ed was. He recognized earlier than most that sneakwraps were going to be the digital consumer's worst nemesis, the mechanism that stripped consumers of the legal protections they enjoy when buying a book, a chair, or an automobile. Long before most consumer groups were thinking about sneakwraps, Ed was covering and participating in efforts to block UCITA, a package of state laws pushed by large software vendors that would have stripped consumers of valuable protections under contract law (UCITA was ultimately adopted by only two states, VA and MD, and has since been abandoned). Ed also contributed his insights on DRM, product activation, and reverse engineering to groups like AFFECT (Americans For Fair Electronic Tranactions) and EFF, making sure we knew what consumers were dealing with in the trenches.

Ed will be sorely missed, both professionally and personally, by all who benefited from his wisdom. Here are a few of my personal favorites from among his remarkable output of columns and posts:

Embroidering on a Copyright Shakedown Theme -- casting the spotlight on the "Embroidery Software Protection Coalition" (ESPC) after it sent settlement demand letters to grandmothers who bought embroidery software on eBay. Based on Ed's tip, EFF stepped in to protect the interests of innocent purchasers.

Sneakwrap Files: McAfee Automatic Renewals -- a consumer advocate's classic, wherein Ed confronts McAfee over the "automatic renewal" provision buried in the fine print of their EULA. McAfee backs down and coughs up a refund.

The Lexmark Car -- an April Fool's post explaining what the world would be like if a car manufacturer tried to get away with the kinds of shenanigans practiced by Lexmark in connection with their laser toner cartridges.

Into the DMCA Groove -- in 2003, an eBay seller gets into hot water after trying to auction a promo CD given away at The Gap. Ed cries foul, predicting 5 years in advance the exact outcome of EFF's UMG v. Augusto case, where a court found that "promo use only" labels can't trump the first sale doctrine.

[Permalink]

Yahoo! Offers Refunds to Customers Who Bought DRM-Crippled Tunes

Posted by Hugh D'Andrade

Last week, Yahoo! faced a predictable backlash when they announced that they would be ending support for the DRM that came with music sold through its Yahoo Music service. EFF and others criticized the decision, saying Yahoo should either continue to support the DRM or compensate their customers with refunds and/or replacement mp3s. Now, Yahoo has happily chosen to do right by their customers and provide full refunds for any music sold through Yahoo Music that came wrapped in what is soon-to-be obsolete copy protection.

As many commentators have noted, this is not the first such DRM kerfuffle, and it won't be the last. DRM creates headaches, not just for the customers who find their use of their music restricted, but also for the companies that sell it, since they are required to ensure the DRM will continue to work under each new operating system change as time goes on. When companies try to phase out their DRM support — as MSN Music tried to do a few months ago — they face outraged customers who find the music they paid for will no longer play the next time they upgrade. (MSN decided to delay the decision by continuing support for DRM until 2011.)

Small wonder that so many online music retailers continue to move away from DRM and towards more user-friendly formats like MP3s. But this problem will continue to dog the companies that sold DRM music to customers in the past. Online music retailers like Yahoo, MSN Music, and Apple's iTunes have sold millions of tracks burdened with copyright protection that will require continued support if customers are to receive what they thought they paid for. Those customers handed over their hard-earned cash for music that they expect to be able to continue to enjoy now and in the future — just as we continue to enjoy the vinyl records and even 8-track tapes that were sold decades ago. Companies like Yahoo have an obligation to ensure that expectation is met.

Yahoo's decision sets a good precedent for when this problem inevitably arises again. Vendors that sold DRM-crippled music must either continue supporting tech that no one likes — as MSN Music chose to do — or take Yahoo's path and fairly compensate consumers with refunds. It's the right thing to do.

[Permalink]

Paper Catalog + Computer Database = Patent? Um, No.

Posted by Michael Kwun

Last week, the patent office agreed to reexamine a patent it granted in 1994 on a "Computer-assisted parts sales method." Orion IP (later renamed Clear with Computers) has filed many, many lawsuits asserting infringement of this and related patents by many, many defendants. Although EFF didn't file this request for reexamination, at one time the patent was owned by Firepond, just like one of the patents on our Patent Busting Project's Ten Most Wanted list.

So just what is this wonderful sales method? In a nutshell, the patent claims ownership over the idea of finding out what a customer wants, electronically finding out what you have that matches that customer's needs, electronically collecting information about the stuff you have to offer the customer, and putting that information into a pitch to the customer.

If you're thinking to yourself, "why that's no different than just looking things up in a catalog," you're not alone; while seeking a closely related patent, the very same applicant told the patent office, "The system essentially computerizes a parts book, with the exception that the system adds the unique element of customer benefits." (I tried, and failed, to figure out what the "unique element of customer benefits" refers to.)

Indeed, if you remove the word "electronically," the patent covers exactly what sales people have been doing for customers for ages. Unfortunately for the patent owner (and fortunately for the rest of us), saying "do it with a computer" does not an invention make.

(For those who want to look into this further, the patent being reexamined is Patent No. 5,367,627 and the control number for the reexamination is 90/010,185. And if you're curious what happens next in the reeexamination, take a look at the handy chart that appears as Appendix A to our white paper on improving patent quality via reexaminations.)

[Permalink]