EFFector Vol. 20, No. 29  July 24, 2007  editor@eff.org

A Publication of the Electronic Frontier Foundation
ISSN 1062-9424

In the 433rd Issue of EFFector:

• Action Alert: Keep Copyright Holders' Hands Off of Campus Networks
• Thursday Hearing on Secret Orders for Domestic Spying
• NSA Subpoena Deadline Looms -- What Happens Next?
• Ask.com Takes the Lead on Log Retention; Microsoft and Yahoo! Follow
• In This Edition of Privacy Theater, Google's Cookie Monster
• REAL ID Amendment Throws Good Money After Bad
• Innocent RIAA Defendant Fights Back, Wins $70,000 Fee Award
• Update on DRM in Music Radio Negotiations
• Public Interest Groups Respond to NBC on Mandatory ISP Filtering
• Harry Potter and the Deathly Digital Fingerprints
• Visit EFF at OSCON, DEFCON and LinuxWorld
• miniLinks (7): Google Policy Blog: "We're Putting Our Money Where Our Mouth Is"
• Administrivia

For more information on EFF activities & alerts:
 http://www.eff.org/

Make a donation and become an EFF member today!
 http://eff.org/support/

Tell a friend about EFF:
 http://action.eff.org/site/Ecard?ecard_id=1061

effector: n, Computer Sci. A device for producing a desired 
change.

: . : . : . : . : . : . : . : . : . : . : . : . : . : . :

* Action Alert: Keep Copyright Holders' Hands Off of Campus 
Networks

Major copyright holders are backing a legislative proposal 
to make colleges do their dirty work. The Higher Education 
Reauthorization Act is supposed to make going to college 
more affordable, but a last-minute amendment threatens to 
force certain schools to divert funds away from education 
and toward policing corporate copyrighted content on their 
campus networks. Twenty-five schools annually will be 
singled out and required to provide evidence to the 
Secretary of Education about their efforts to stop file 
sharing, including use of "technology-based deterrents" 
(read: network surveillance technologies).

This amendment is a moving target and may come up for a 
vote very soon, so it's critical that you call your 
Senators now and voice your opposition:
http://action.eff.org/site/Advocacy?id=306

Schools are already being forced to expend significant 
resources in the face of the RIAA's lawsuit campaign 
against students. More enforcement won't stop file sharing, 
as students will simply migrate towards other readily 
accessible sharing tools that can't be easily monitored. 
But it will chill academic freedom, as legitimate uses of 
the network will inevitably be stifled.

The federal government shouldn't be in charge of schools' 
network management decisions. Congress ought to reject this 
misguided proposal and take up real solutions that get 
artists paid and let students keep sharing. Please take 
action and call your Senators now:
http://action.eff.org/site/Advocacy?id=306

Thanks to EDUCAUSE for alerting us to this bill. Check out 
their site for more about the bill here:
http://connect.educause.edu/blog/hwachs/urgentcalltoaction/44790

Read EFF Senior Staff Attorney Fred von Lohmann's analysis, 
A Better Way Forward on University P2P:
http://www.eff.org/deeplinks/archives/005291.php

For this post and related links:
http://www.eff.org/deeplinks/archives/005372.php

: . : . : . : . : . : . : . : . : . : . : . : . : . : . :

* Thursday Hearing on Secret Orders for Domestic Spying

Justice Department Withholds Records on Electronic 
Surveillance

Washington, D.C. - On Thursday, July 26, at 11 a.m., the 
Electronic Frontier Foundation (EFF) will argue for the 
release of court orders that supposedly authorize the 
government's highly controversial electronic domestic 
surveillance program that intercepts and analyzes millions 
of Americans' communications.

The White House first acknowledged the surveillance 
program's existence in 2005, claiming that it could be 
conducted without warrants or judicial authorization of any 
kind. But in January of this year, Attorney General Alberto 
Gonzales announced that the Foreign Intelligence 
Surveillance Court (FISC) had authorized collection of some 
communications and that the surveillance program would now 
operate under its approval. EFF filed a Freedom of 
Information Act (FOIA) request with the Department of 
Justice (DOJ) for the FISC orders and other records 
concerning the purported changes in the program, but when 
the DOJ did not comply, EFF filed suit in federal court.

Thursday's hearing, before Chief Judge Thomas F. Hogan of 
the U.S. District Court for the District of Columbia, will 
include oral arguments from both EFF and the DOJ.

WHAT:
EFF v. Department of Justice

WHEN:
11 a.m.
Thursday, July 26

WHERE:
United States District Court for the District of Columbia
Courtroom 25A
333 Constitution Avenue, N.W.
Washington, D.C. 20001

For more on EFF's lawsuit:
http://www.eff.org/flag/07403TFH

For more information on EFF's FOIA Litigation for 
Accountable Government (FLAG) Project:
http://www.eff.org/flag/

Contact:

David Sobel
Senior Counsel
Electronic Frontier Foundation
sobel@eff.org

For this release:
http://www.eff.org/news/archives/2007_07.php#005373

: . : . : . : . : . : . : . : . : . : . : . : . : . : . :

* NSA Subpoena Deadline Looms -- What Happens Next?

The Senate Judiciary Committee has now issued subpoenas for 
documents related to the NSA spying program. But last 
Wednesday, the Judiciary Committee agreed to delay the 
deadline for the Administration to respond. What's going to 
happen next? Can the Executive branch ignore these 
committee subpoenas?

Disclosure of the requested documents could be a critical 
step toward revealing the full extent of the NSA's illegal 
spying and the role that telecommunications companies like 
AT&T played in it. The American public deserves to know the 
truth about the program, and Congress should, to the 
fullest extent, use its powers to make the Executive 
comply.

You can help, too, by showing your support for Congress' 
investigation now:
http://action.eff.org/site/Advocacy?id=270

For links to the four subpoenas:
http://leahy.senate.gov/press/200706/062707a.html

For this post and related links:
http://www.eff.org/deeplinks/archives/005364.php

: . : . : . : . : . : . : . : . : . : . : . : . : . : . :

* Ask.com Takes the Lead on Log Retention; Microsoft and 
Yahoo! Follow

We've often regretted that the most popular search engines 
have been keeping a dossier of everything you search for -- 
forever. It's easy to forget just how intrusive this kind 
of record can be until something like the AOL search 
history leak occurs and confronts users with even a portion 
of the search logs that track their everyday on-line 
activities.

Thus, it's exciting to hear that Ask.com plans to take a 
leap into the lead of search engine privacy by expressly 
allowing users to opt-out of tracking -- as the Associated 
Press and Ars Technica report, Ask has pledged to launch a 
service called AskEraser that allows users to decline to 
stop their search histories from being logged.

And now, it looks like our hope that other search engines 
would follow Ask's lead is becoming a reality, and faster 
than we expected: Microsoft announced over the weekend that 
it is now intending to offer users the ability to opt out 
of having their searches automatically associated with a 
single identifier. Meanwhile, Yahoo! is reportedly 
shortening its retention period to 13 months, so far the 
shortest such period amongst the major search engines.

Read the full post and see related links:
http://www.eff.org/deeplinks/archives/005370.php
 
: . : . : . : . : . : . : . : . : . : . : . : . : . : . :

* In This Edition of Privacy Theater, Google's Cookie 
Monster

Contrary to Google's recent statements, the company's new 
policy for issuing cookies won't meaningfully help protect 
users' privacy. Shorter cookie life spans can help limit a 
site's ability to track you, but Google's change doesn't 
amount to any practical difference.

To its credit, Google did decide in March to delete key 
identifying information in its search logs, including 
cookie ID numbers, after 18 months. As we said at the time, 
this is a good first step towards protecting users' 
privacy, but more is needed. Unfortunately, Google's new 
policy for issuing cookies doesn't move the ball forward.

If you actually want to limit how Google and other search 
engines can track you via cookies and other means, check 
out our white paper, Six Tips to Protect Your Online Search 
Privacy:
http://www.eff.org/Privacy/search/searchtips.php

Read Google's July 16 blog post, Cookies: expiring sooner 
to improve privacy:
http://googleblog.blogspot.com/2007/07/cookies-expiring-sooner-to-improve.html

For this post and related links:
http://www.eff.org/deeplinks/archives/005362.php

: . : . : . : . : . : . : . : . : . : . : . : . : . : . :

* REAL ID Amendment Throws Good Money After Bad

When we last left the REAL ID Act, members of Congress 
tried and failed to expand the reach of its privacy-
invasive national ID mandate. Now Congress is set to 
consider yet another desperate attempt to lock-in this 
awful law, with Senator Lamar Alexander proposing 300 
million dollars in additional federal funding as an 
amendment attached to the Department of Homeland Security 
Appropriations Bill.

This measly sum won't put a dent in the estimated 23 
billion dollar burden that states and taxpayers will have 
to bear. And it doesn't do anything to fix the fundamental 
flaws in the policy itself: standardizing drivers' licenses 
into a national ID will do little to improve national 
security, but it will imperil your privacy by exposing you 
to a wide range of tracking and surveillance activities.

The Alexander Amendment may be voted on this week, and the 
ACLU has set up an action alert so you can call your 
representatives and oppose it:
http://www.realnightmare.org/actioncenter/111/

You should also use EFF's Action Center and tell Congress 
to repeal REAL ID entirely:
http://action.eff.org/site/Advocacy?id=275

To learn more about what's wrong with REAL ID, see our 
issue page:
http://www.eff.org/Privacy/ID/RealID/

For this post:
http://www.eff.org/deeplinks/archives/005368.php

: . : . : . : . : . : . : . : . : . : . : . : . : . : . :

* Innocent RIAA Defendant Fights Back, Wins $70,000 Fee 
Award

After more than three years of litigation, a single mom who 
was improperly swept up in the RIAA's P2P litigation 
"driftnet" has finally been vindicated. An Oklahoma court 
has ordered the RIAA to pay nearly $70,000 in fees and 
costs to defendant Debra Foster. EFF, Public Citizen, the 
ACLU, and the American Association of Law Libraries filed 
an amicus brief in the case supporting Foster's motion for 
fees.

Last Tuesday, Judge West brought Foster's epic to an end at 
last and granted her compensation. The ruling sends a 
message to both RIAA defendants and the RIAA itself that 
the music companies can be held accountable when they bring 
improper claims based on inadequate information.

Read the amicus brief filed by EFF, Public Citizen, the 
ACLU, and the American Association of Law Libraries:
http://www.eff.org/legal/cases/Capitol_v_Foster/amicus_in_support_of_fees.pdf

For the full story:
http://www.eff.org/deeplinks/archives/005363.php

: . : . : . : . : . : . : . : . : . : . : . : . : . : . :

* Update on DRM in Music Radio Negotiations

As we reported in mid-July, the major label-backed 
licensing authority SoundExchange conditioned lower royalty 
rates for large commercial webcasters on implementing DRM. 
This issue is proving quite contentious, and it looks like 
the webcasters have refused the offer.

What's at stake here isn't just the implementation of DRM-
laden streaming formats like WMA but also whether the RIAA 
will get to dictate the sorts of technologies that 
webcasters use in the future. After all, while DRM would 
certainly frustrate certain tools that allow users to time-
shift, it won't make a lick of difference to software like 
Total Recorder and Audio Hijack that can record sound as 
it's outputted in unencrypted form to a sound card. You can 
bank on the RIAA coming back for more restrictions once it 
gets DRM in the door, as long as it can hold the threat of 
ridiculous royalty rates over webcasters' heads.

Check out Jon Healey's Los Angeles Times article:
http://opinion.latimes.com/bitplayer/2007/07/new-hiccup-in-w.html

Find out more at Wired's Listening Post:
http://blog.wired.com/music/2007/07/dima-and-sounde.html

For this post and related links:
http://www.eff.org/deeplinks/archives/005367.php

: . : . : . : . : . : . : . : . : . : . : . : . : . : . :

* Public Interest Groups Respond to NBC on Mandatory ISP 
Filtering

A few weeks ago, NBC submitted comments to the FCC asking 
it to adopt new rules declaring that "broadband service 
providers have an obligation to use readily available 
means" to stop copyright infringement. Basically, NBC wants 
the FCC to force ISPs to police their users and play 
copyright cop.

Public Knowledge and a coalition of public interest groups 
-- including EFF -- have filed a response, pointing out that 
a policy of this sort would be bad for free speech, bad for 
innovation, and wildly outside the FCC's mandate.

Download the coalition response:
http://www.publicknowledge.org/pdf/pk-etal-fcc-07-52-20070716.pdf

For this post and related links:
http://www.eff.org/deeplinks/archives/005369.php

: . : . : . : . : . : . : . : . : . : . : . : . : . : . :

* Harry Potter and the Deathly Digital Fingerprints

A few days before last Friday's release of Harry Potter and 
the Deathly Hallows, someone leaked a (genuine) copy of the 
book using file-sharing networks and photo-sharing web 
sites -- photographing every single page with a digital 
camera. The quality isn't great -- the leaker evidently 
didn't have a nifty Internet Archive Scribe station -- but 
the text is legible.

Perhaps the leaker didn't realize that the digital camera 
he or she used -- a Canon Rebel 300D -- left digital 
fingerprints behind in every image. We downloaded a copy of 
the leak and took a look at the images with the open-source 
ExifTool, one of dozens of programs capable of reading the 
industry-standard EXIF digital photo metadata format. As 
the press reported, the camera's serial number is in there, 
along with over 100 other facts including the date and time 
that the photos were taken and an assortment of photo-geek 
details about focus and lighting conditions.

Read EFF Staff Technologist Seth Schoen's complete post and 
find out what we discovered:
http://www.eff.org/deeplinks/archives/005371.php

Find out if your color laser printer is spying on you:
http://www.eff.org/Privacy/printers/

: . : . : . : . : . : . : . : . : . : . : . : . : . : . :

* Visit EFF at OSCON, DEFCON and LinuxWorld

EFF will be at the O'Reilly Open Source Convention (OSCON) 
in Portland, Oregon next this on Wednesday, July 25, and 
Thursday, July 26. Come visit us at booth #121 and grab 
some cool schwag:
http://conferences.oreillynet.com/os2007/

EFF will head down to DEFCON in Las Vegas, Nevada, on 
August 3-5. Along with hanging out at our booth, EFF 
staffers will present an "Ask EFF" Q&A panel discussion.  
Mark your calendar and bring your questions!
http://www.defcon.org/

"Ask EFF" panelists:
Kevin Bankston, EFF Staff Attorney
Marcia Hofmann, EFF Staff Attorney
Danny O'Brien, EFF International Outreach Coordinator
Kurt Opsahl, EFF Senior Staff Attorney
Matt Zimmerman, EFF Staff Attorney

EFF will also participate in the .org Pavilion at this 
year's LinuxWorld in San Francisco, California, on August 
7-9.  Come visit us at booth L.org 6 and grab some (more!) 
schwag:
http://www.linuxworldexpo.com/live/12/

: . : . : . : . : . : . : . : . : . : . : . : . : . : . :

* miniLinks
The week's noteworthy news, compressed.

~ Google Policy Blog: "We're Putting Our Money Where Our 
Mouth Is"
The search engine giant bids $4.6 billion to influence 
broadband debate.
http://googlepublicpolicy.blogspot.com/2007/07/our-commitment-to-open-broadband.html

~ Google Raises the Stakes Against Wireless Providers
Some analysis of what motivates Google to put that much 
money in its mouth.
http://news.com.com/Google+pushes+for+rules+to+aid+wireless+plans/2100-1036_3-6198063.html?tag=nefd.pop

~ When Mobile Phones Aren't Truly Mobile
NY Times: Wireless carriers view total control over 
customers as their inherited birthright.
http://www.nytimes.com/2007/07/22/business/yourmoney/22digi.html?ref=technology

~ Copyright Board of Canada Gives Thumbs-Up to "iPod Tax"
A ruling says that Canadians who buy digital music devices 
should pay an extra tax.
http://arstechnica.com/news.ars/post/20070720-copyright-board-of-canada-gives-thumbs-up-to-ipod-tax.html

~ Exploiting the iPhone
Security researchers have found the iPhone vulnerable to 
attack.
http://www.securityevaluators.com/iphone/

~ University of Kansas Adopts One-Strike Policy for 
Copyright Infringement
A new campus policy threatens to toss students off the 
residence network forever if they are caught downloading 
illegally.
http://arstechnica.com/news.ars/post/20070720-university-of-kansas-adopts-one-strike-policy-for-copyright-infringement.html

~ Is Blogging Hazardous to Your Career?
A study claims that nearly 10% of companies have fired 
bloggers.
http://blog.wired.com/27bstroke6/2007/07/nearly-ten-perc.html

: . : . : . : . : . : . : . : . : . : . : . : . : . : . :

* Administrivia

EFFector is published by:

The Electronic Frontier Foundation
454 Shotwell Street
San Francisco CA 94110-1914 USA
+1 415 436 9333 (voice)
+1 415 436 9993 (fax)
  http://www.eff.org/	

Editor:
Julie Lindner, Education Outreach Coordinator
 julie@eff.org	

Membership & donation queries:
 membership@eff.org

General EFF, legal, policy, or online resources queries:
 information@eff.org

Reproduction of this publication in electronic media is 
encouraged. Signed articles do not necessarily represent 
the views of EFF. To reproduce signed articles 
individually, please contact the authors for their express 
permission.
Press releases and EFF announcements & articles may be 
reproduced individually at will.

Current and back issues of EFFector are available via the 
Web at:
  http://www.eff.org/effector/

Click here to change your email address:
  http://action.eff.org/addresschange

This newsletter is printed on 100% recycled electrons.