EFFector Vol. 23, No. 04  February 3, 2010  editor@eff.org

A Publication of the Electronic Frontier Foundation
ISSN 1062-9424

: . : . : . : . : . : . : . : . : . : . : . : . : . : . :

In our 527th issue:

Come Celebrate EFF's 20th Birthday with Adam Savage and Friends on
February 10!

Join TV geek Adam Savage and a cast of EFF legends and luminaries
at EFF's 20th birthday party! Our birthday fundraiser on February
10th will celebrate two decades of digital freedom-fighting in San
Francisco's world-famous DNA Lounge.

Adam will present a unique look back and forward to EFF's founding
and the future of digital rights. DJs Adrian & the Mysterious D, the
duo that founded the seminal, globe-trotting mashup party "Bootie," will
get people moving with their genre-mashing blend of tracks, with
guest DJs dropping sets throughout the evening. It's a once-in-a-
lifetime event for those who love freedom, technology, and
celebration!

Doors open at 8 p.m. We'll be asking for a $30 donation at the door to
fund our work defending your digital freedom.

WHAT: EFF's 20th Birthday Fundraiser with Adam Savage and Surprise
Special Guests!

WHEN: Wednesday February 10, 2010
Doors open at 8 pm
Tickets are $30

WHERE: DNA Lounge
375 Eleventh Street
San Francisco, CA 94103

Please RSVP to events@eff.org. This is an all ages event.

For more information:
http://www.eff.org/birthday

Advance ticket purchase is available at:
http://www.dnalounge.com/calendar/2010/02.html#10

* VIP Event with Adam Savage, John Perry Barlow, Mitch Kapor,
John Gilmore, Mark Klein, Steve Jackson and more!

Join EFF for a special VIP event with Adam Savage and EFF founders
and luminaries! For a special donation of $250, you're invited to
attend our VIP event before the birthday party, where you can meet
many of the amazing people who helped EFF reach this historic
milestone. Special VIP donors receive free admission to the
birthday party, which starts immediately afterwards, as well as a
commemorative EFF 20th Anniversary poster. The VIP event begins at
7pm.

For more information: http://secure.eff.org/happybirthday
Please also RSVP to events@eff.org

: . : . : . : . : . : . : . : . : . : . : . : . : . : . :

~ Seven "Corporations of Interest" in Selling Surveillance Tools to
China
Secretary of State Hillary Clinton's announcement of a new U.S. policy
on global Internet Freedom included a bold new statement about the
responsibilities of American technology companies:

"We are urging U.S. media companies to take a proactive role in
challenging foreign governments' demands for censorship and
surveillance. The private sector has a shared responsibility to help
safeguard free expression. And when their business dealings threaten
to undermine this freedom, they need to consider what's right, not
simply what's a quick profit."

While Clinton focuses on Internet media companies like Google, Yahoo!
and Microsoft, there are plenty of other companies deserving scrutiny.
Many other U.S. and multinational technology companies may be
knowingly selling Chinese authorities the surveillance equipment used
to commit or facilitate human rights abuses.

https://www.eff.org/deeplinks/2010/01/selling-china-surveillance

~ Blogging ACTA Across the Globe: Lessons From Korea
If there's one country that might have insight into what a post-ACTA
future may look like, it's the Republic of Korea. Korea is known as
having one of the most advanced networks in the world, but more
recently it has also been the recipient of some of the strongest
foreign pressure to ramp up its IP laws. Heesob Nam is a member (and
former Chair) of IPLeft, a Korean digital rights activist group
founded in 1999 to critique the increasingly maximalist IP rights
agenda in that country and to research and present alternative policy
proposals. He writes of the impact on Korea of Anti-Counterfeiting
Trade Agreement (ACTA) and other international IP agreements.

https://www.eff.org/deeplinks/2010/01/acta-and-korea

~ Blogging ACTA Across the Globe: The View from France
La Quadrature Du Net is a French advocacy group formed to promote
digital rights and online freedom. Its name comes by analogy between
the unsolvable mathematical problem of "squaring the circle", and
similarly impossible attempts to "effectively control the flow of
information in the digital age by the law and the technology without
harming public freedoms, and damaging economic and social
development." In our ongoing series of perspectives on ACTA from
around the globe, Jérémie Zimmermann and Félix
Tréguer of La Quadrature du Net describe how the trade
agreement undermines democratic challenges to IP policies in France
and beyond.

https://www.eff.org/deeplinks/2010/01/acta-and-france

~ Obama Reverses Position on Disclosing Lobbyist Contacts
In his State of the Union Address, President Obama made another
important commitment to openness and transparency in government: "It's
time to require lobbyists to disclose each contact they make on behalf
of a client with my Administration or Congress."
This is welcome news. For the past few years, EFF has been litigating
a Freedom of Information Act (FOIA) case against the government,
seeking the identities of lobbyists who contacted the Department of
Justice and the Office of the Director of National Intelligence on
behalf of their telecommunications company clients in order to push
for telecom immunity. With the help of lobbyists from AT&T,
Verizon, and Sprint, the FISA Amendments Act passed with an
unconstitutional provision to retroactively grant immunity to the
telecoms for collaborating with the warrantless wiretapping program.

https://www.eff.org/deeplinks/2010/01/obama-reverses-position-disclosing-lobbyist-contac

~ FCC's Net Neutrality Plan Would Permit Blocking of BitTorrent
Remember what put the debate over net neutrality into high gear? In
2007, EFF and the Associated Press confirmed suspicions that Comcast
was clandestinely blocking BitTorrent traffic. It was one of the first
clear demonstrations that ISPs are technologically capable of
interfering with your Internet connection and that they may not even
tell you about it. After receiving numerous complaints, the FCC in
2008 stepped in and threw the book at Comcast, requiring the company
to stop blocking BitTorrent. The Comcast-BitTorrent experience put net
neutrality at the top of the FCC agenda.
Yet now that the FCC has formally issued draft net neutrality
regulations, they include a huge copyright loophole -- a loophole that
would theoretically permit Comcast to block BitTorrent just like it
did in 2007 simply by claiming that it was "reasonable network
management" intended to "prevent the unlawful transfer of content."

https://www.eff.org/deeplinks/2010/01/net-neutrality-plan-would-permit-blocking-bittorrent

~ Help EFF Research Web Browser Tracking
What fingerprints does your browser leave behind as you surf the web?
Traditionally, people assume they can prevent a website from
identifying them by disabling cookies on their web browser.
Unfortunately, this is not the whole story.
When you visit a website, you are allowing that site to access a lot
of information about your computer's configuration. Combined, this
information can create a kind of fingerprint --  a signature that
could be used to identify you and your computer. But how effective
would this kind of online tracking be?
EFF is running an experiment to find out. Our new Panopticlick website
will anonymously log the configuration and version information from
your operating system, your browser, and your plug-ins, and compare it
to our database of five million other configurations. Then, it will
give you a uniqueness score -- letting you see how easily identifiable
you might be as you surf the web.

https://panopticlick.eff.org/

https://www.eff.org/deeplinks/2010/01/help-eff-research-web-browser-tracking

~ A Primer on Information Theory and Privacy
If we ask whether a fact about a person identifies that person, it
turns out that the answer isn't simply yes or no. If all I know about
a person is their ZIP code, I don't know who they are. If all I know
is their date of birth, I don't know who they are. If all I know is
their gender, I don't know who they are. But it turns out that if I
know these three things about a person, I could probably deduce their
identity! Each of the facts is partially identifying.
There is a mathematical quantity that allows us to measure how close a
fact comes to revealing somebody's identity uniquely. That quantity is
called entropy, and it's often measured in bits. Intuitively you can
think of entropy being generalization of the number of different
possibilities there are for a random variable: if there are two
possibilities, there is 1 bit of entropy; if there are four
possibilities, there are 2 bits of entropy, etc. Adding one more bit
of entropy doubles the number of possibilities.

https://www.eff.org/deeplinks/2010/01/primer-information-theory-and-privacy

~ Browser Versions Carry An Average of 10.5 Bits of Identifying
Information
Whenever you visit a web page, your browser sends a "User Agent"
header to the website saying precisely which operating system and web
browser you are using. This information could help distinguish
Internet users from one another because these versions differ, often
considerably, from person to person. We recently ran an experiment to
see to what extent this information could be used to track people (for
instance, if someone deletes their browser cookies, would the User
Agent, alone or in combination with some other detail, be unique
enough to let a site recognize them and re-create their old cookie?).
Our experiment to date has shown that the browser User Agent string
usually carries 5-15 bits of identifying information (about 10.5 bits
on average). That means that on average, only one person in about
1,500 (210.5) will have the same User Agent as you. On its own, that
isn't enough to recreate cookies and track people perfectly, but in
combination with another detail like geolocation to a particular ZIP
code or having an uncommon browser plugin installed, the User Agent
string becomes a real privacy problem.

https://www.eff.org/deeplinks/2010/01/tracking-by-user-agent

~ Blogging ACTA Across the Globe: FFII's Ante Wessels on Exporting
Europe's Flaws
Every major country in the ACTA negotiations claims that its own laws
will remain unchanged by the treaty. But without changing a word of
domestic law, ACTA can still be dangerous to a country's or a
continent's economy. We asked guest bloggers from around the world to
give their perspective on the trade agreement. Giving the view from
the heart of the European Union is Ante Wessels, analyst for the
Foundation for a Free Information Infrastructure, a group best known
for its work in Europe's debate over software patents.

https://www.eff.org/deeplinks/2010/01/blogging-acta-across-globe-ffiis-ante-wessels-expo

~ Terms of (Ab)Use: US and UK Consumers Dance to Different iTunes
Too often, online services draft their "Terms of Service" (TOS)
agreements in ways that are one-sided and overreaching. In Europe,
however, regulators are beginning to step in to protect consumers. In
late November, the U.K.'s Office of Fair Trading (OFT) announced that
Apple, Inc., agreed to change the terms and conditions for its popular
iTunes online music store in the United Kingdom. In particular,
according to the statement from the OFT, the changes would make the
iTunes terms "clear, fair and easy to understand," and, more
importantly, give consumers "clear and accurate information about
their rights in case things go wrong." The OFT took action following a
similar intervention by the Norwegian Consumer Council.

https://www.eff.org/deeplinks/2010/01/terms-ab-use-dancing-different-itunes-differences

~ HOWTO: Thrive as a Musician Without Suing Your Fans
TechDirt's Mike Masnick put together a fantastic memo to the
International Association of Entertainment Lawyers: The Future Of
Music Business Models (And Those Who Are Already There).
Masnick writes that the mainstream entertainment industry's formula
for contending with the Internet  desperately trying to invent "new
copyright laws or new licensing schemes or new DRM or new lawsuits or
new ways to shut down file sharing" is counterproductive. He lists a
dozen artists who've done well for themselves through various
permutations of this model. Everyone knows about the efforts of big
names like Trent Reznor and Radiohead, but Mike also draws attention
to less-famous success stories like Josh Freese, Jill Sobule, Corey
Smith, Jonathan Coulton, Moto Boy, Amanda Palmer, Matthew Ebel,
Moldover and K-Os.

https://www.eff.org/deeplinks/2010/01/howto-thrive-musician-without-suing-your-fans

~ Clinton on Internet Freedom, and Principled Stands
Secretary Clinton’s speech on Internet Freedom was an important
step in bringing online free expression and privacy to the forefront
of the United States' foreign policy agenda.
But for all the strong language, it was also a speech of caveats:
powerful statements like "we stand for a single Internet where all of
humanity has equal access to knowledge and ideas" sat close to hedges
about the dangers of anonymous speech and how it might be used to
distribute "stolen intellectual property." Clinton expressed concern
at those who "violate the privacy of citizens who engage in
non-violent political speech," but she also spoke of "redoubl[ing]
efforts" similar to the Convention on Cybercrime, a document that
provides scant protections for the privacy of anyone being
investigated by a foreign government.

https://www.eff.org/deeplinks/2010/01/clinton-internet-freedom-and-principled-stands

~ Over-Redaction in Audit of FBI’s Use of Illegal Exigent
Letters
The DOJ's Inspector General issued a heavily redacted report about the
FBI's Communications Analysis Unit (CAU), which found "shocking"
violations, including embedded telecom employees providing customer
phone records in response to post-it notes.
While the underlying violations are egregious enough, the report
itself is problematic because it redacts huge swaths of information
that is already publicly known.
The report cryptically refers to AT&T, Verizon and MCI as Company
A, B and C. Yet, the source that identified the telecoms embedded with
the CAU was none other than FBI General Counsel Valerie Caproni, in
sworn testimony before Congress. Moreover, information in the IG
report combined with letters to Congress from the telecoms themselves
shows that Company A is AT&T.

https://www.eff.org/deeplinks/2010/01/over-redaction-audit-fbi-s-use-illegal-exigent-let

: . : . : . : . : . : . : . : . : . : . : . : . : . : . :

miniLinks

~ The Case Against The iPad
Timothy B. Lee says the iPad is part of Apple's attempt to roll back
the trend towards open computing platforms.
http://timothyblee.com/?p=2169

~ 3-Strikes Is Not Mainstream
Michael Geist says 3-strikes provisions in different countries have
proven unpopular, expensive and controversial.
http://www.thestar.com/business/article/755443--geist-three-strikes-and-you-re-out-system-draw-cries-of-foul-from-governments

~ ArsTechnica on EFF's Panopticlick
Even without cookies, a browser leaves a trail of crumbs.
http://arstechnica.com/tech-policy/news/2010/01/even-without-cookies-a-browser-leaves-a-trail-of-crumbs.ars
: . : . : . : . : . : . : . : . : . : . : . : . : . : . :

Announcements

* Help EFF Go to SCaLE!

EFF is looking for donations of airline miles, flight vouchers, and
hotel points for the Southern California Linux Expo, as well as other
conferences and speaking engagements. If you have enough airline miles
for a free ticket and would like to send an EFF staffer to a
conference, let us know, and we will help you with the process of
making the reservation. Please note that at this time we are unable to
combine miles from multiple individuals.  We are also looking for
hotel rewards points to help reduce our overall travel costs.

As a thanks for your donation, we can offer a free membership and a
mention in EFFector (if you'd like). Please contact aaron@eff.org if
you can help!

*EFF at ShmooCon in DC!

EFF will have a booth at the 2010 ShmooCon from February 5-7. East
Coast hackers unite! Come by and say hello!

Location:
Wardman Park Marriott
2660 Woodley Road Northwest
Washington, DC 20008
(202) 328-2000

Exhibition Hours:
Friday, February 5:    12:30-8 PM
Saturday, February 6:  9:30-8 PM
Sunday, February 7:    9:30-2 PM

For More Information:
http://www.shmoocon.org
: . : . : . : . : . : . : . : . : . : . : . : . : . : . :

Administrivia

EFFector is published by:
The Electronic Frontier Foundation
http://www.eff.org/about

Editor:
Eva Galperin, Referral Coordinator
eva@eff.org

Membership & donation queries:
membership@eff.org

To support EFF:
http://links.eff.org/emaildonate

General EFF, legal, policy, or online resources queries:
information@eff.org