EFFector Vol. 15, No. 23 August 3, 2002 ren@eff.org A Publication of the Electronic Frontier Foundation ISSN 1062-9424 In the 223rd Issue of EFFector: * Action Alert: Copyright Holders Want to Hack Your PC! * Court Grants Access to Net Regulatory Corp Records * The Berman P2P Bill: Vigilantism Unbound * EFF Releases Comments on the Cyber Security Enhancement Act * Administrivia For more information on EFF activities & alerts: http://www.eff.org/ To join EFF or make an additional donation: http://www.eff.org/support/ EFF is a member-supported nonprofit. Please sign up as a member today! -------------------------------------------------------------------- **Copyright Holders Want to Hack Your PC! Electronic Frontier Foundation Action Alert (Issued: August 2, 2002) Representative Howard Berman has introduced legislation that would grant copyright holders near-immunity from the law while attacking a citizen's computer. The bill protects copyright holders from legal action stemming from denial-of-service attacks on people whom they suspect of using material in an unauthorized way on a peer-to-peer (P2P) network. In a ridiculously vague caveat, Berman's bill graciously says that the availability of your other files may not be impaired unless "reasonably necessary." Exempting a single industry from civil and criminal penalties is unprecedented. This kind of vigilantism is explicitly prohibited by law; Rep. Berman wants to make sure that the law doesn't apply to copyright holders. Don't let him get away with it! Your voice makes a difference! Tell Congress that this legislation is ridiculous; here's what you can do: * Take action by sending a letter to your representatives in Congress with the EFF Action Center: http://action.eff.org * Join EFF! Your financial support helps us fight legislation like the Berman bill and defend your other rights on the electronic frontier. Become a member by visiting: http://www.eff.org/perl/join - end - -------------------------------------------------------------------- **The Berman P2P Bill: Vigilantism Unbound On July 25, 2002, Representative Howard Berman (D-Cal.) introduced a bill in the House of Representatives that would give copyright owners the right to violate the law in their efforts to stop the unauthorized circulation of their works on peer-to-peer networks. EFF opposes the bill as drastically misguided and overbroad. The EFF agrees with Rep. Berman that, like the rest of us, copyright owners are entitled, within the bounds of the law, to use technological self-help measures to protect their assets. No legislation is necessary for that. What the Berman P2P Bill does is permit copyright owners to go further and violate the law. This unprecedented power has never been granted even to law enforcement, much less to a single industry. The proposed law amounts to government-sanctioned vigilantism -- copyright owners are given the power to ignore the law in pursuit of those that they decide are guilty. There is no warrant requirement, no trial, no prior notice to the targets, no due process, and very little recourse for innocent bystanders caught in the cross-fire. While the bill attempts to put some limits on this vigilante right, the limitations are a poor substitute for the thousands of laws that it sweeps aside. The Berman P2P Bill is not a sensible solution to the digital copyright dilemma. If passed, it will result in anarchy on the Internet and will harm innocent bystanders. The Bill's Provisions Rep. Berman claims that his proposal is narrowly tailored and intended to give copyright owners relief from "anti-hacking" laws as they try to stop copyright infringement on P2P networks. The actual language of the proposal tells a different story. The Berman P2P Bill grants copyright owners and their agents the right to break any law, state or federal, civil or criminal, in the course of "disabling, interfering with, blocking, diverting, or otherwise impairing" the availability of his or her copyrighted works on a public peer-to-peer (P2P) file trading network. This power may be used to stop any unauthorized P2P activity, even if the activity does not violate copyright laws. This unprecedented power is limited by only 5 conditions: *the attacker may not "alter, delete, or otherwise impair the integrity of any computer file or data" on the targeted computer (in other words, the bill authorizes only "denial of service" (DoS) and other attacks against the availability of files, rather than attacks that damage files and data); *the attacker must not impair the availability of files on a targeted computer other than the works that the attacker owns, except as "reasonably necessary"; *the attacker may not cause "economic loss" (but is free to cause any other kind of loss) to any person other than the targeted file trader; *the attacker may not cause "economic loss of more than $50 per impairment" to the targeted file trader; and *the attacker must notify the Attorney General seven days before deploying the "impairment technology" for the first time, but need not notify a targeted person before launching an attack. Innocent Bystanders Caught in the Cross-Fire So long as the copyright owner and its agents stay within these vague limits, they are completely immune from liability under any and all laws. So, for example, if you use a cable modem, you might end up as collateral damage in the copyright wars. Most cable modem users are on a shared connection with their neighbors. So if the RIAA launches a denial of service (DoS) attack on the teenager next door, it may also impair your access to the Internet. Even the police would be powerless to stop the RIAA's attack, unless you can show that you suffered "economic loss" or that the RIAA attack went beyond what was "reasonably necessary." ISPs, network administrators, and Internet users generally will also suffer under the Berman P2P Bill, as the Internet is flooded with an ever-changing hailstorm of legally encouraged "attacks." The vigilante right created by this bill would extend to any copyright owner. Accordingly, every hacker who happened to be an photographer, musician, software vendor or author would be entitled to deploy his or her own homebrew "impairment technology" seven days after posting a note to the Attorney General. As with most efforts to substitute vigilantism for the rule of law, this is a recipe for anarchy. Conclusion EFF opposes the Berman Bill, and encourages all Internet users to contact their Representatives and Senators to express their own opposition to the measure. - end - -------------------------------------------------------------------- **Court Grants Access to Net Regulatory Corp Records Director Successful in Challenge to ICANN's Obstruction Electronic Frontier Foundation Media Release For Immediate Release: Saturday, August 3, 2002 Los Angeles - Internet Corporation for Assigned Names and Numbers (ICANN) Director Karl Auerbach recently prevailed in his lawsuit against ICANN, gaining access to records management had improperly withheld for more than 18 months. Rejecting ICANN's claim that it could impose vague and broad restrictions on Auerbach's access, Judge Dzintra Janavs ordered ICANN to provide the records within a week. "I'm pleased that I will finally be able to do what I was elected to do - to oversee ICANN's activities," said Auerbach, who the Electronic Frontier Foundation (EFF) represented. Auerbach began asking for corporate records in November 2000, shortly after he was voted as the North American Elected Director of ICANN. After ICANN management delayed for nine months, it granted Auerbach conditional access to corporate records if he signed a "policy" -- which the Board of Directors had not ratified -- that placed his ability to access and copy the records at ICANN's sole discretion. "California law is clear that directors must oversee the operations of a non-profit corporation," explained Auerbach's lead attorney, James Tyre. "We are pleased the judge recognized that ICANN was essentially trying to deny Mr. Auerbach his rightful access under the law." The court's tentative ruling stated that ICANN's inspection procedures "unreasonably restrict directors' access to corporate records and deprive directors of inspection rights afforded them by law." "Auerbach's intent to reform ICANN is not a legitimate basis for limiting his role as director," said EFF Legal Director Cindy Cohn. "Today's headlines exposing rampant corporate fraud demonstrate the need for careful oversight by directors." For this release: http://www.eff.org/Cases/Auerbach_v_ICANN/20020729_eff_icann_pr.html For the court's ruling: http://www.eff.org/Cases/Auerbach_v_ICANN/20020729_superior_court _ruling .html Documents related to the Auerbach v. ICANN case: http://www.eff.org/Cases/Auerbach_v_ICANN/ - end - -------------------------------------------------------------------- **EFF Releases Comments on the Cyber Security Enhancement Act On July 15, 2002, the House of Representative passed the Cyber Security Enhancement Act in a vote of 385 to 3. The bill makes several important changes to current law. For instance, the bill: * Reduces the amount of privacy in stored communication. CSEA would allow an ISP to disclose private information to government agent, not just law enforcement officials, if the ISP has a 'good faith' belief that the information concerns a serious crime. * Authorizes life sentences for individuals who knowingly or recklessly commit a computer crime that results in death. Authorizes 20-year sentences for individuals who knowingly or recklessly commit a computer crime that results in serious bodily injury. * Increases penalties for first-time interceptors of cellular phone traffic to five years in prison and a larger fine. This eliminates a 'safe harbor' that radio hobbyists had traditionally enjoyed. For a detailed analysis of these and other provisions of the CSEA, please visit: http://www.eff.org/Privacy/Surveillance/20020802_eff_csea_analysis. html - end - -------------------------------------------------------------------- **Administrivia EFFector is published by: The Electronic Frontier Foundation 454 Shotwell Street San Francisco CA 94110-1914 USA +1 415 436 9333 (voice) +1 415 436 9993 (fax) http://www.eff.org/ Editor: Ren Bucholz, Activist ren@eff.org To Join EFF online, or make an additional donation, go to: http://www.eff.org/support/ Membership & donation queries: membership@eff.org General EFF, legal, policy or online resources queries: ask@eff.org Reproduction of this publication in electronic media is encouraged. Signed articles do not necessarily represent the views of EFF. To reproduce signed articles individually, please contact the authors for their express permission. Press releases and EFF announcements & articles may be reproduced individually at will. To change your address, plese visit http://action.eff.org/subscribe/. From there, you can update all your information. If you have already subscribed to the EFF Action Center, please visit http://action.eff.org/action/login.asp. Back issues are available at: http://www.eff.org/effector To get the latest issue, send any message to effector-reflector@eff.org (or er@eff.org), and it will be mailed to you automatically. You can also get it via the Web at: http://www.eff.org/pub/EFF/Newsletters/EFFector/current.html ++++++++++++++++++++++++ You received this message because pberry@mac.com is a member of the mailing list originating from alerts@action.eff.org. To unsubscribe from all mailing lists originating from alerts@action.eff.org, send an email to alerts@action.eff.org with "Remove" in the subject line.