ElectronicFrontierFoundation
Latest
EFF looks at rules controlling NSA surveillance, sees big risks for Americans
While The Guardian undoubtedly garnered attention when it posted court papers detailing data collection rules for the NSA, it also provided a lot of detail that isn't easy to digest. The Electronic Frontier Foundation is more than willing to break down those rules, however -- and it doesn't like what it sees. It's concerned that there are too many exceptions letting the NSA store and transmit private information, with little oversight preventing investigators from seeing more US data than they should. Allegedly, the rules could defy American rights to anonymous speech; they may also violate attorney-client privileges both inside and outside of the US. We have a hunch that the NSA might disagree with this interpretation of its authority, but you can see all the points of contention for yourself at the link below. [Image credit: David Drexler, Flickr]
The Engadget Interview: EFF's Julie Samuels talks patents, podcasting and the SHIELD Act
We've heard it shouted from the mountaintops more times than we'd care to mention: the patent system is fundamentally broken. But that manner of righteous indignation can often fail to make an impression on those attempting to live their lives unaffected on the sidelines, as hardware behemoths level a seemingly endless string of suits based on often overly broad language. One's perspective shifts easily, however, when targets change and the defendants themselves are no longer aggressively litigious corporations with an arsenal of filing cabinets spilling over with intellectual property, as was the case when one company used a recently granted patent to go after a number of podcasting networks. When we wanted to get to the bottom of this latest example in a long line of arguably questionable patent litigation, we phoned up Julie Samuels, a staff attorney at the Electronic Frontier Foundation who has also been designated the organization's Mark Cuban Chair to Eliminate Stupid Patents. Samuels has been fighting the battle against dangerously broad patents for some time now, recently traveling to DC to support passage of the SHIELD Act (Saving High-tech Innovators from Egregious Legal Disputes), a congressional bill that would impose heavy fines against so-called patent trolls. We spoke to Samuels about supposed trolls, podcasts, SHIELD and how those with microphones can make their voices heard. Note: The owner of the podcasting patent in question declined to comment on the matter.
Live from the Engadget CES Stage: an interview with the EFF's Julie Samuels (update: video embedded)
The topic no one wants to talk about at CES? Yep, it's gonna be a half-hour of frank patent litigation talk with the Electronic Frontier Foundation's Julie Samuels. If you care at all about legal kerfuffles, you're not gonna want to miss this one. January 9, 2013 5:30 PM EST Check out our full CES 2013 stage schedule here! Update: video embedded
Time Warner Cable and Verizon plan to redirect, throttle internet users accused of piracy (video)
We've been wondering what major American internet providers would do to thwart supposed pirates beyond nag them senseless; other than leaks surrounding AT&T's reeducation process, we've mostly been left in the dark. There's a better picture of the consequences now that Time Warner Cable and Verizon have unveiled their strategies at an Internet Society conference. Verizon's approach is an attempt to straddle the line between angry media studios and the basic need to communicate: if copyright complaints reach the fifth or sixth notice, Verizon will throttle the connection for two to three days without instituting outright blocks. TWC's method may be tougher to ignore -- the cable provider will redirect claimed infringers to a custom page and restrict what they can visit. While it's not clear just how limited access will be, it's doubtful anyone will want to find out. Not surprisingly, critics like the Electronic Frontier Foundation aren't happy with the restrictions as a whole, and point to the Center for Copyright Information allegedly going back on its vows of impartiality -- it notes that the anti-piracy initiative's reviewer is a previous RIAA lobbying firm, and that many of the real technical details are partially censored despite promises of transparency. The Center hasn't responded to those challenges, but we're somewhat comforted when it claims there won't be draconian attempts to catch everyone, at least not in the foreseeable future. We'd still be sure to lock down any WiFi hotspots to avoid false accusations; ignoring any ISP warnings could soon lead to more than just a sternly-worded message.
DMCA update shuts down new phone unlocking next year, allows rooting (but not for tablets)
And so it passed that Congress didst layeth its blessing on the jailbreaking and rooting of all manner of devices; the hacking community saw the miracle and rejoiced. But that amendment to the DMCA two years ago was just a temporary exemption and the Electronic Frontier Foundation has been vigorously lobbying to get it reinstated. The Library of Congress has now done just that through a new three year extension, but with some serious caveats: After 90 days, unlocking of new phones will be verboten and all tablet mods will still be illegal. This differs from the 2010 decision which did allow unlocking, because the Librarian decided that a recent copyright ruling means fair use rules no longer apply to a handset's OS. It also said the exception isn't needed anymore because carrier rules regarding unlocking are now more liberal -- although the lawmaker may be confounding chicken with egg by that reasoning.
Federal appeals court says warrantless wiretapping is legal
A federal appeals court has ruled today that the US government can tap into Americans' communications without worrying over frivolous things like "being sued" by its people. In what most sane civilians will probably see as a depressing loss of protection, a three-judge panel of the 9th US Circuit Court of Appeals ruled that citizens can sue the United States for damages stemming from the use of information collected via wiretap, but not for the collection of information itself. In typical pass-the-buck fashion, Wired reports that Judge Michael Daly Hawkins and Judge Harry Pregerson added the following: "Although such a structure may seem anomalous and even unfair, the policy judgment is one for Congress, not the courts." Alrighty. For those unaware, the back and forth surrounding this issue extends back to Congress' authorization of the Bush spy program in 2008, and more specifically, a pair of US lawyers and the now-defunct al-Haramain Islamic Foundation -- a group that was granted over $2.5 million combined in legal fees after proving that they were spied on sans warrants. The full report can be found in the PDF below.
MPAA may let Megaupload users retrieve non-infringing files, does it for the Armed Forces
Megaupload's still immersed in hot water, but there are signs the legal temperature could be cooling... slightly. Don't breathe a sigh of relief just yet though, as a significant portion of that confiscated cache of cloud-stored files remains somewhat indefinitely under lock and key. A minor reprieve may be on the way, however, owing to a much more "sympathetic" MPAA which has asked the court to consider releasing non-illegally obtained content to previous users. And lest your evil eye be trained too heavily upon the Hollywood group behind the shutdown, the association's made it quite clear that, under the site's TOS, users were never guaranteed continued access to uploaded content anyway. The change of heart comes in response to a motion filed by the Electronic Frontier Foundation, on behalf of a member of the U.S. military, petitioning the return of personal, non-IP infringing files. According to the now-defunct site's founder Kim Dotcom, that group of "legitimate" users comprised nearly 16,000 accounts utilized primarily to share photos and video with far away family and friends. Of course, should this retrieval request be granted, a requisite procedure will need to be put in place to filter out copyrighted media -- a system that's sure to pose countless headaches for those involved. Nothing's yet been decided so, for now, the fate of your lost files rests firmly in the court's hands. Such are the perils of the cloud.
Explicit consent becomes mandatory with latest 'do not track' proposal, backs Microsoft into the corner
Remember how Microsoft said it'd enable the "do not track" feature by default for all users of Internet Explorer 10? Well, it's not likely to happen -- at least from the looks of things. The move caused more than an uproar in the advertising industry, which had agreed to abide by these preferences only if users could, indeed, choose for themselves. With Microsoft's bullish decision to go forward and make this setting default, advertisers argued they'd be left with no choice but to bust the deal wide open and ignore these preferences. In attempt to make sure the whole "do not track" effort isn't derailed, the latest compromise proposal -- authored by the EFF, Mozilla and Jonathan Mayer of Stanford University -- now includes a specific provision that requires users to provide explicit consent before any tracking preferences can be transmitted. The same document acknowledges that the proposal has yet to be extensively discussed with stakeholders, but from the looks of things, "do not track" by default seems headed for a quick death. It's too bad we didn't have the time to get better acquainted with Microsoft's heavy lash against advertisers, but we've a feeling that you can decide this one for yourselves, right? [Image credit: Tomas Fano, Flickr]
FBI reportedly pressing for backdoor access to Facebook, Google
Investigators at the FBI supposedly aren't happy that social networks like Facebook or Google+ don't have the same kind of facility for wiretaps that phones have had for decades. If claimed industry contacts for CNET are right, senior staff at the bureau have floated a proposed amendment to the 1994-era Communications Assistance for Law Enforcement Act (CALEA) that would require that communication-based websites with large user bases include a backdoor for federal agents to snoop on suspects. It would still include the same requirement for a court order as for phone calls, even if US carriers currently enjoy immunity for cooperating with any warrantless wiretapping. As might be expected, technology firms and civil liberties advocates like the Electronic Frontier Foundation object to deepening CALEA's reach any further, and Apple is thought to be preemptively lobbying against another definition of the law that might require a government back channel for audiovisual chat services like FaceTime or Skype. The FBI didn't explicitly confirm the proposal when asked, but it did say it was worried it might be "going dark" and couldn't enforce wiretaps. [Image credit: David Drexler, Flickr]
Carpathia wants to delete orphaned Megaupload data, pay the bills
The Federal shut down of Megaupload did more than jail its founders, scare its competitors and worry its users -- it also left Carpathia Hosting footing a $9,000 a day bill. The outfit previously agreed to preserve Megaupload's frozen data, but now that the service's unpaid bills are piling up, it's ready to change its tune. In a emergency motion filed with the U.S. Federal Court in Virginia, Carpathia asked the court to either take the data off its hands, pay it for retaining the data or else allow it to delete the data altogether after allowing users to reclaim their files. The hosting service won't take action on its own, it says, as that might "risk a claim by a party with an interest in the data," such as the Motion Picture Association of America. With any luck, the matter will be settled in a court hearing next month. If not? Well, we'll just take it as a lesson: back up locally, you never know when your files might get wrapped up in the legal system.
Last chance to clear out Google Web History before the great data convergence
The end is nigh! For about 59 different Google ToS documents at least. After today, the new consolidated privacy policy will go into effect on March 1st, which will also consolidate much of your data across Google's properties. That means this is a your last chance to clear out El Goog's "you archives" before the great convergence of 2012. If you're not keen on Google sharing your information between its various products (though, you seemed to be okay with it being collected in the first place) today is the day to go and delete it all. Of particular concern for some is Web History, which collects your searches and sites visited and has, until now, been walled off from the rest of the Google empire. For complete instructions for how to clear out your Google Web History hit up the source link.Update: The EFF has clarified, and we feel it necessary to follow suit, that disabling your web history does not stop Google from collecting data about you. What it does mean is that after 18 months that information is partially anonymized and that certain features, like custom search results, will not be enabled. Just as importantly, we mistakenly said that Wednesday, February 22nd was your last chance to turn off the feature. The new ToS does not go into effect until March 1st.
The Engadget Interview: the EFF's Mitch Stoltz talks the legality of jailbreaking
The work of a non-profit advocacy group is never done. It seems like just yesterday that the Electronic Frontier Foundation was waging a battle to put jailbreaking rights into the hands of consumers, much to the chagrin of manufacturers intent on maintaining control over their devices after they leave store shelves. With the looming expiration of an exemption to the Digital Millennium Copyright Act that has made such hacks legal, the organization is once again taking up the cause. And this time, it's added tablets and gaming consoles to its proposal. We sat down with EFF staff attorney Mitch Stoltz to discuss the state of the law and how users can help in the fight.
Megaupload co-founder's bail appeal rejected
While users housing content on the troubled Megaupload site were given a two-week reprieve, one of its co-founders is having less luck. Kim Dotcom has lost his appeal for bail, with prosecutors fearing that he would flee from New Zealand and return to his native Germany, possibly making him safe from extradition. According to the BBC, the prosecution alleged that Dotcom -- formerly Kim Schmitz -- had multiple passports and bank accounts, and "a history of fleeing criminal charges." His next court appearance his scheduled for February 22nd.
Megaupload users' data to be kept another two weeks, EFF to help folks retrieve it
Megaupload's digital doors may have been closed due to the presence of pirated materials, but there's still the matter of all that legal content residing on its servers. Naturally, folks want their files back, but now that the government's gotten what it needs, the hosting companies no longer need to keep the data around because Megaupload's no longer paying them to do so. Carpathia Hosting and Cogent Communications, however, have decided to preserve the data for another two weeks while a deal is brokered with the DOJ for its release. In the meantime, the Electronic Frontier Foundation (EFF) has teamed up with Carpathia to create a website that puts folks in touch with EFF attorneys so users can try to retrieve their data. No word as to what legal wrangling the EFF can do to make it happen, but those affected can get the wheels of justice started at the source below.
Jailbreaking exemption to DMCA is about to expire, EFF would rather it didn't
Back in 2010, the US Copyright Office added a set of anti-circumvention exemptions to the DMCA, effectively making it legal for smartphone users to jailbreak and/or root their devices. These exemptions, however, were never made permanent and now, they're about to expire. The EFF doesn't want this to happen, which is why it's decided to launch a campaign dedicated to the jailbreaking cause. With this initiative, the EFF is hoping to convince the Copyright Office to renew its exemptions and expand them to a wider range of devices, including tablets and videogame consoles. To achieve this, the organization is calling upon programmers and other jailbreaking enthusiasts to contact the Copyright Office directly, explaining why the ability to freely modify software is so vital to their lives or livelihoods. As the EFF argues, "Concrete examples will help show the Copyright Office why they should renew and expand the exemptions for jailbreaking." If you're interested in getting involved, you can contact the Copyright Office at the coverage link below, though all comments are due by February 5th. Hit up the source link for more details on the EFF's involvement.
EFF takes the fight to Carrier IQ, requests reinforcements
If we didn't love the EFF already, we'd be proposing marriage now that it's managed to reverse-engineer Carrier IQ's pernicious monitoring software. CIQ exists in phones in three parts, the app itself, a configuration file and a database -- where your keystrokes and coded "metrics" are logged before being sent to the company. Volunteer Jared Wierzbicki cracked the configuration profile and produced IQIQ, an Android app that reveals what parts of your activity are being monitored. Now the Foundation is posting an open call for people to share their data using the app in order to decipher what personal data was collected and hopefully decrypt the rest of the software. Hopefully, our thoughts can soon turn to who's gonna play the part of Trevor Eckhart in the All the Presidents Men-style biopic.
EFF takes on Lodsys patent controversy
Julie Samuels, a Staff Attorney at the Electronic Frontier Foundation (EFF), said Apple should join forces with its developers to dispute patent infringement complaints Lodsys, LLC sent to several independent iOS app-makers last week. On May 13, a number of iOS developers reported being told their apps, by using the in-app purchase mechanism built into Apple's development kit, infringed on intellectual property owned by Lodsys, a patent holding company based in Texas. According to Lodsys, their patent specifically covers technology that allows end users to upgrade "light" editions of software to fully functional apps. Lodsys claims that Apple, Google, and Microsoft already pay to license the technology for themselves (possibly through investments in the patent portfolio of Intellectual Ventures), but licensing agreements with these tech giants do not extend to third party developers. Unfortunately, Apple requires developers to use the in-app purchase mechanism it provides, and the Cupertino company's developer agreement does nothing to protect app creators from patent infringement claims against technology it builds into iOS. Samuels argues this is a "misallocation of burden" onto individual developers who often don't have the resources needed to combat infringement suits. Even if a developer does explore the patent universe for possible pitfalls, it's unlikely he or she would look into any of Apple's technologies since most reasonable people (including lawyers) would expect the company to avoid exposing its app-makers to additional liability. App sellers already surrender 30% of the revenue from each sale to Apple; adding the threat of patent lawsuits or additional licensing fees may deter new and existing developers from choosing to create software for iOS. Last we heard, Apple was "actively investigating" the Lodsys patent infringement claims. It's still not clear what actions the company will take next, but Samuels says, "by putting the burden on those least able to shoulder it, both Apple and Lodsys are harming not just developers but also the consumers who will see fewer apps and less innovation." She hopes Apple will "do what's right and stand up for their developers and help teach the patent trolls a lesson."
EFF releases iPhone developer license agreement
In a step towards transparency, the Electronic Frontier Foundation has made the entire iPhone Developer Program License Agreement available for the general public. This is the document that all iPhone developers must agree to when they become part of the iPhone developer program. As EFF points out, public copies of the license agreement are pretty scarce thanks to developers being locked under a non-disclosure agreement as part of the contract. EFF used the Freedom of Information Act to get its copy from NASA, which is the version from approximately a year ago (Rev. 3-17-09). The agreement has been updated since then. The EFF characterizes the agreement as "a very one-sided contract, favoring Apple at every turn," and that's not an overstatement. Some of the clauses and conditions in the Apple developer agreement do smack of "our field, our ball, our rules" thinking from Cupertino. Highlights from the 28-page document include: A ban prohibiting developers from making public statements about the license agreement; however the contract itself is not considered "Apple Confidential Information." Apps developed from Apple's SDK are only allowed to be sold through the App Store. You can't push it anywhere else (Cydia, etc.), even if Apple has rejected the app for any reason. Developers are forbidden to tinker with any Apple products, not just the iPhone. This includes jailbreaking. Apple is not liable for more than $50 in damages in case something happens on their end to your app. This is laughable, and I'm honestly surprised that Apple has not had a legal challenge over this yet. Devices used for testing purposes could be locked into a "testing mode," and may not be able to be restored to their original condition. That is one way to brick your device. I discussed the EFF's post with Mike Rose, and he offered some editorial comment; read on for more.
E-reader privacy policies compared: Big Kindle is watching you
It's definitely shaping up to be the year of e-book readers: the Amazon Kindle is flying off (virtual) shelves, and we'd expect the Barnes & Noble Nook to start moving at a decent clip once the kinks get worked out. But any device with an always-on 3G connection to a central server raises some privacy questions, especially when it can broadcast granular, specific data about what you're reading -- data that's subject to a wide spectrum of privacy laws and regulations when it comes to real books and libraries, but much less so in the digital realm. We'd say it's going to take a while for all the privacy implications of e-books to be dealt with by formal policy, but in the meantime the best solution is to be informed -- which is where this handy chart from our friends at the Electronic Frontier Foundation comes in. As you'd expect, the more reading you do online, the more you can be tracked -- and Google Books, the Kindle, and the Nook all log a ton of data that can be shared with law enforcement and various other third parties if required. Of course, we doubt the cops are too interested in your Twilight reading habits, but honestly, we'd rather users weren't tracked at all. Check the full chart and more at the read link. [Thanks, Tom]
Apple: Jailbreaking encourages cell tower terrorism, "catastrophic results"
If trashing your push messaging wasn't enough to steer you clear of using your iPhone in unauthorized ways, this next bit of news might have you back on the straight and narrow. According to Wired, Apple's latest salvo in the fight over jailbreaking is a claim that pernicious, iPhone wielding techno-hackers at home or abroad could modify the baseband and use it to attack cellphone towers, "rendering the tower entirely inoperable to process calls or transmit data." Of course, the idea that this would become more likely if the legal status of jailbreaking changes is totally absurd, but why let that stand in the way of a legal argument?In a related note, one of our editors (whose jailbroken iPhone shall remain nameless) got a strange baseband pop-up error this morning -- the very same morning that AT&T is suffering a "massive connectivity outage" throughout the northeast and midwest. Coincidence? Yeah, probably.Read - iPhone Jailbreaking Could Crash Cellphone Towers, Apple ClaimsRead - Anyone Experience the AT&T Outage?
