EFFector Vol. 18, No. 26 August 5, 2005
A Publication of the Electronic Frontier Foundation ISSN 1062-9424
In the 343rd Issue of EFFector:
- CA Alert - Tell Your Reps to Oppose RFIDs in CA IDs!
- FBI's "National Security Letters" Threaten Online Speech and Privacy
- Secret Documents About Indymedia Server Disappearance Unsealed
- Blogger Critic Has the Right to Anonymity
- Exporting Bad Ideas: House Approves CAFTA
- Defcon - A Slam "Dunk" for Freedom
- miniLinks (10): Granick on "Ciscogate"
- Administrivia
CA Alert - Keep the Momentum Going - Tell Your Reps to Oppose RFID in California IDs!
RFID tags are small embedded chips in documents and objects that respond to remote requests with identifying data. Originally conceived as a way to identify and track objects, RFID tags are increasingly being used to tag and "authenticate" human beings. That's a different world entirely: if RFID tags are included in California IDs without safeguards for your privacy, your personal information could be scanned without your knowledge or permission, exposing you to the risk of tracking, stalking, and identity theft.
The Identity Information Protection Act (SB 682), authored by Senator Joe Simitian (D-Palo Alto), would prohibit RFID tags in the IDs we use every day - like driver's licenses, K-12 student ID cards, medical benefits cards, and library cards - for three years, until there are safeguards in place to protect privacy. It would also ensure that most other state-issued cards that contain RFID tags would use strong encryption and authentication, and broadcast very little personal information.
EFF, the ACLU, and Privacy Rights Clearinghouse (PRC) all support SB 682. This sensible bill has already passed in the California Senate, but many in the RFID industry are working very hard to kill it.
We need your help to take SB 682 past the final hurdle of the California Assembly and onto Governor Schwarzenegger's desk. Send a message to your representative today!
Take action:
http://action.eff.org/site/Advocacy?id=125
Detailed fact sheet on SB 682:
http://www.eff.org/Privacy/Surveillance/RFID/sb682_fact_sheet.php
More about the privacy risks posed by RFIDs:
http://www.eff.org/Privacy/Surveillance/RFID/
FBI's "National Security Letters" Threaten Online Speech and Privacy
EFF Urges Appeals Court to Find Secret Subpoena Power Unconstitutional
New York - EFF, joined by several civil liberties organizations and online service providers, filed a friend-of-the-court brief this week in the case of Doe v. Gonzales arguing that National Security Letters (NSLs) are unconstitutional. NSLs are secret subpoenas for communications logs, issued directly by the FBI without any judicial oversight. These secret subpoenas allow the FBI to demand that online service providers produce records of where their customers go on the Web, as well as what they read and with whom they exchange email. The FBI can easily issue NSLs for information about people who haven't committed any crimes.
A federal district court has already found NSLs unconstitutional, and the government is now appealing the case. In its brief to the Second Circuit Court of Appeals, EFF argues that these secret subpoenas imperil free speech by allowing the FBI to track people's online activities. In addition, NSLs violate the First and Fourth Amendment rights of the service providers who receive the secret government demands. EFF and fellow amici argue that NSLs for Internet logs should be subject to the same strict judicial scrutiny applied to other subpoenas that may reveal information about the identities of anonymous speakers - or their private reading habits and personal associations.
Yet NSLs are practically immune to judicial review. They are accompanied by gag orders that allow no exception for talking to lawyers and provide no effective opportunity for the recipients to challenge them in court. This secret subpoena authority, which was expanded by the USA PATRIOT Act, could be applied to nearly any online service provider for practically any type of record, without a court ever knowing.
"The Constitution does not allow the FBI to secretly demand logs about Internet users' web browsing and email history based on vague claims of national security," said Kevin Bankston, EFF attorney and Equal Justice Works/Bruce J. Ennis Fellow. "The district court's decision that National Security Letters are unconstitutional should have been a wake-up call to the House of Representatives, which just voted to renew the PATRIOT Act without adding new checks against abuse."
Although such protections are lacking in the PATRIOT renewal bill that the House of Representatives recently passed, they are included in the Senate bill. It is not yet clear whether those protections will be included in the final bill when it reaches the President's desk.
EFF was joined on the brief by the Center for Constitutional Rights, the Center for Democracy and Technology, the Online Policy Group, Salon Media Group, Inc., Six Apart, Ltd., the US Internet Industry Association, and ZipLip, Inc.
For this release:
http://www.eff.org/news/archives/2005_08.php#003872
For the amicus brief:
http://www.eff.org/patriot/NSL_EFF_brief.pdf
More about NSLs:
http://www.eff.org/patriot/sunset/505.php
Secret Documents About Indymedia Server Disappearance Unsealed
Government Order Demanded Only Logs; Web Host Rackspace Handed Over Server
San Antonio, TX - EFF last week won a motion allowing it to access sealed court documents about the mysterious disappearance of two web servers used to host news websites for Indymedia, a global collective of Independent Media Centers (IMCs) and thousands of journalists. After six months of secret litigation, EFF obtained a copy of the federal court order that resulted in the October 2004 handover of copies of Indymedia servers to the government by Indymedia's web host. That handover resulted in the silencing of more than 20 news websites and radio feeds for nearly a week.
However, the unsealed documents reveal that the government never officially demanded the computer servers - the subpoena to Rackspace only requested server log files. This contradicts previous statements by the web host that it took the servers offline because the government had demanded the hardware. The documents also contradict Rackspace's claim that it had been ordered by the court not to discuss publicly the government's demand. It cannot be determined from the unsealed documents whether or not the government informally pressured Rackspace to turn over the servers.
By giving the government more data than it requested, the company not only violated the privacy of Indymedia journalists whose information was housed on the servers, but also undermined the free flow of information by taking Indymedia's websites offline. Moreover, the logs that the government requested didn't exist, so Rackspace should never have given the government anything at all.
"When Rackspace received a government demand to examine logs that didn't exist, it had a responsibility to the customer and to the principles of freedom of the press to fight the order and resolve this without taking more than 20 news sites off the Internet," said EFF Staff Attorney Kurt Opsahl.
The court order served on San Antonio-based Rackspace Managed Hosting was issued based on a treaty request from the Italian government as part of an ongoing criminal investigation in that country.
EFF was assisted in this case by James A. Hemphill and W. Reid Whittliff with Graves, Dougherty, Hearon & Moody in Austin, Texas.
For the full press release:
http://www.eff.org/news/archives/2005_08.php#003862
The Register: "US Court Files Reveal Italian Link to
Indymedia Server Grab":
http://www.theregister.co.uk/2005/08/03/indymedia_texas_docs_unsealed/
More about the Indymedia server takedown:
http://www.eff.org/Censorship/Indymedia/
Blogger Critic Has the Right to Anonymity
EFF this week joined a coalition of national public-interest groups in an effort to shield the identity of a blogger who posted allegedly defamatory statements about a local town council member in Smyrna, Delaware.
In a joint friend-of-the-court brief filed with the Delaware Supreme Court on Monday, EFF, Public Citizen, the ACLU, and the ACLU's Delaware affiliate argued that unmasking the blogger, identified as "Proud Citizen" and "John Doe # 1," would violate the online critic's First Amendment rights. The anonymous blogger is the target of a libel lawsuit by Smyrna City Councilman Patrick Cahill.
"The blog postings at issue here contained standard criticism of a public official's job performance - not defamatory statements - and it was well within John Doe No. 1's right to make the comments," said Public Citizen attorney Paul Levy. "We urge the court to rule that this Internet critic has a First Amendment right to speak anonymously on the Internet."
Public Citizen press release:
http://www.citizen.org/pressroom/release.cfm?ID=2010
EFF's Legal Guide for Bloggers - FAQ on Defamation: http://www.eff.org/bloggers/lg/faq-defamation.php
More about bloggers' rights:
http://www.eff.org/bloggers/
Exporting Bad Ideas: House Approves CAFTA
Last week the US continued to bully the world into adopting the very worst aspects of American intellectual property and Internet law, with the House of Representatives approving the US - Dominican Republic - Central America Free Trade Agreement (a.k.a. "CAFTA"). The agreement obligates countries to enact dangerous policies that go far beyond their obligations under international agreements, including WTO-TRIPS.
In a move endorsed by Hollywood and special-interest software lobbyists, the treaty requires countries to enact laws modeled after the Digital Millennium Copyright Act (DMCA). That means that the signatories will suffer the same harm to innovation and consumer rights that the US has suffered. (See "Unintended Consequences: Five Years Under the DMCA" http://www.eff.org/IP/DMCA/unintended_consequences.php.)
CAFTA will also require signatories to extend copyright protection to 70 years after the death of the author, permit software patents, and eliminate anonymity for website domain names owners. The last is especially pernicious: in countries with histories of repression, taking away online speakers' anonymity means people with pro-democracy or anti-corruption messages will be vulnerable.
It's clear that a treaty like this isn't in best interests of Latin American countries, but negotiators don't have much of a choice. The countries desperately need the increased access to US markets that the treaty promises. As it has repeatedly done before, the US is leveraging its disproportionate bargaining power in this regional agreement to force bad policies down other countries' throats.
CAFTA will hurt US citizens, too. Now US technology manufacturers have another set of countries in which they are forced to beg copyright holders' permission to innovate.
El Salvador, Guatemala, and Honduras have approved the agreement, while Nicaragua, Costa Rica, and the Dominican Republic have yet to vote on it. EFF continues to offer assistance to countries around the world to evaluate and resist the US export of these kinds of harmful laws.
For this piece online:
http://www.eff.org/deeplinks/archives/003874.php#003874
CNET: "Copyright Lobbyists Strike Again":
http://news.com.com/2010-1071_3-5811025.html
More about free trade agreements:
http://www.eff.org/IP/FTAA/
Defcon - A Slam "Dunk" for Freedom
A big THANK YOU to the folks at Defcon and everyone who
participated last week in the dunk tank, parties, and
other shenanigans that raised $13,000 for EFF! In
addition, huge thanks to Landon Fuller and the Bacula
Project for helping to raise money for EFF:
http://article.gmane.org/gmane.comp.sysutils.backup.bacula.announce/63
Grassroots fundraising efforts like these give EFF the energy (and funds!) to keep on fighting the good fight - defending free speech, fair use, innovation, and privacy on the electronic frontier. By supporting EFF, you help carry the banner to protect digital civil liberties.
If you're coming to LinuxWorld next week, we encourage you to stop by the EFF booth and give till you feel good - every penny goes toward keeping the Internet safe and free!
LinuxWorld Conference & Expo:
http://www.linuxworldexpo.com/live/12/
Donate to EFF and become a member today! http://secure.eff.org/support
Post script: Speaking of banners, we appear to be missing the very large EFF banner that was at Defcon (see http://flickr.com/photos/wseltzer/29426343/). If you have the banner, we would appreciate its return - or, at least, photos of its travels!
miniLinks
miniLinks features noteworthy news items from around the Internet.
Granick on "Ciscogate"
The talented criminal law attorney who has been helping
Michael Lynn defend himself from legal threats for sharing
information about Cisco's security problems provides
an eye-opening look at the range of legal tools that can be
leveraged to silence people:
http://www.eff.org/cgi/tiny?urlID=527
(The Shout)
Risks Digest Celebrates 20 Years of Publication
From the Strategic Defense Initiative to RFIDs in social
security cards, Peter Neumann's newsletter keeps spotting
the flaws:
http://catless.ncl.ac.uk/Risks/23.96.html
Coloc-lateral damage
When ISP Telus blocked its customers from viewing the website
of the labor union it was fighting, it also blocked 766
other sites using the same IP address - including a
breast cancer charity:
http://www.opennetinitiative.net/bulletins/010/
A Big List Against a Bigger List
Activists are gathering names in an EU-wide petition
launched this week to protest planned data-retention
regulations:
http://www.dataretentionisnosolution.com/
Copycrime
...while the European Parliament considers *criminal*
prosecution for copyright infringement. Is it Europe's
turn for crazy laws this week?
http://www.groklaw.net/article.php?story=20050801162431352
Battle Brewing Over Network Neutrality
Susan Crawford provides a short history of "acromonious
acronyms" in the copyfight - bad laws like the notorious
"Hollings bill" (or CBDTPA) - and proposes adding another
to the list: the "Broadband Investment and Consumer
Choice Act" (or BICCA):
http://scrawford.blogware.com/blog/_archives/2005/7/29/1089499.html
Skilled in the Art of Push Polls
Screenshots of a curious poll by Microsoft regarding
pursuing Red Hat for alleged patent violations:
http://www.mit.edu/~mherdeg/pushpoll/
By Reading This License You Agree to Get Scared
Sun engineer reads his own company's license terms, gets
freaked enough to persuade Sun lawyers to drop it:
http://weblogs.java.net/blog/timboudreau/archive/2005/07/when_engineers.html
Solution to Government Inefficiency: More Red Tape
Senator Ensign introduces a bill that would make municipal
broadband more, not less, complicated to get right:
http://www.ipdemocracy.com/archives/2005/07/31/index.php#000270
Why Bill Gates Wants 3,000 New Patents
Historian Randal Stross on Microsoft's fresh hunger for
patents - IP protection "so powerful that Thomas Jefferson
believed that it should be granted in only a few select
cases":
http://www.nytimes.com/2005/07/31/business/yourmoney/31digi.html
(Registration unfortunately required.)
Administrivia
EFFector is published by:
The Electronic Frontier Foundation
454 Shotwell Street
San Francisco CA 94110-1914 USA
+1 415 436 9333 (voice)
+1 415 436 9993 (fax)
http://www.eff.org/
Editor:
Donna Wentworth, Web Writer/Activist
donna@eff.org
Membership & donation queries:
membership@eff.org
General EFF, legal, policy, or online resources queries:
information@eff.org
Reproduction of this publication in electronic media is encouraged. Signed articles do not necessarily represent the views of EFF. To reproduce signed articles individually, please contact the authors for their express permission. Press releases and EFF announcements & articles may be reproduced individually at will.
Current and back issues of EFFector are available via the Web at:
http://www.eff.org/effector/