Jailbreaking Accorded DMCA Exemption
On Monday a groundbreaking moment for the liberalization of copyright law occurred. The US Library of Congress granted iPhone consumers who practice what has come to be known as “jailbreaking,” exemption from prosecution under the anti-circumvention section of the DMCA (Digital Millennium Copyright Act). Jailbreaking is essentially when a consumer circumvents digital protections on smartphones to install unapproved third-party software or applications. Consumers are exempt from punishment when such jailbreaking is found to be “noninfringing.” The exemption was proposed by the EFF (Electronic Frontier Foundation) in 2008 who argued that consumers should be allowed to install third-party software to their phones if such was legally attained.
Exemptions determined by the Librarian expire every 3 years, meaning the previous 2006, 2003, and 2000 findings no longer apply. It is worth noting that Apple or other similar companies to remove digital protection from their software; rather, if a consumer chooses to circumvent the protection and is within the rules while doing so, they will not be held criminally responsible for the act of jailbreaking. Also, the exemption only applies for legally attained software, not for pirated applications.
Several other exemptions were announced on Monday, but they all are quite similar to their 2006 version.
The iPhone jailbreaking exception is certainly a victory for the EFF and other proponents of liberalized copyright law. Our civil liberties certainly grant consumers the right to utilize and alter their purchased technological devices however they see fit.
“Top Secret America”
Dana Priest and William Arkin spent two years investigating the government’s response to the September 11th attacks. Yesterday, a 16-page report on their findings was published in the Washington Post. The piece focuses on the “top secret” government that has developed. Priest and Arkin discovered an American government that does not budget spending appropriately, that has grown uncontrollably, and whose lines of responsibility are blurred beyond recognition to even those highest in power. Just how secretive is this “top secret America” you might ask? According to Priest and Arkin, it is secretive enough to hinder society from knowing how much money it costs, how many people it employs, and how many programs and agencies exist.
A government transformed in order to keep our citizens safe has become so large and secretive that the effectiveness of its spending and agencies is unknown. Army Lt. Gen. John R. Vines claims that “because it lacks a synchronizing process, it inevitably results in message dissonance, reduced effectiveness and waste, we consequently can’t effectively assess whether it is making us more safe.”
Many are arguing that Priest and Arkin are exaggerating the scope of “Top Secret America”, bringing in a touch of sensationalism to garner unnecessary concern from the reader. I, on the other hand, can’t help but be concerned. I hope that all readers will reflect upon the facts and interviews presented in the report and at least become skeptical of the government that we actually know very little about. Regardless of the effectiveness and intentions of the actions taken by “Top Secret America,” concern is warranted merely by the lack of knowledge and transparency that exists.
FCC Told to Reconsider Fines
On Tuesday the New York Second Circuit Court of Appeals ruled that the FCC must reconsider the fines that it administers for “unplanned expletives” that are expressed during live broadcasts. The FCC has a very strict policy on these so-called “fleeting expletives” on broadcast television, blatantly violating our First Amendment right to free speech. The court’s decision should please those who respect our First Amendment rights as their holding may potentially limit government control over the media and may stop what many view as the FCC evaluating the content of broadcasts rather than just their technicalities. This case comes at a time when there is already much debate about whether or not the FCC should play such a powerful role in media regulation. The FCC’s regulatory infringement severely violates our First Amendment rights and has certainly added a few flames to the already heated debate between those in favor of strict regulation and those in support of free speech and press.
Perhaps this case may result in greater deference toward the First Amendment, a right that has so frequently been violated and given little respect. Those in support of regulation from the FCC cite the responsibility that the organization has to “protect the public”, as broadcasts are in fact public. They argue that the use of profanity and expletives cannot be completely tolerated, as children are often watching the broadcasts. This argument does seem to raise some valid points, as public opinion does seem to be that there is far too much vulgarity and profanity on television in this day in age. However, if organizations are given the power to regulate the media and our speech in order to adhere to arbitrary standards of what is in the public’s interest, how will a line ever be drawn? Our fundamental rights to free speech and free press as guaranteed to us by the First Amendment certainly seem to outweigh the potential benefits of altering such freedom.
CT Department of Public Safety Visit
I’d like to thank Connecticut’s Department of Public Safety. The DPS was very welcoming and helpful throughout our visit, during which we looked through the 2003 DHS (Department of Homeland Security) Grants Files and learned that the funds were primarily administered for CBRNE (Chemical, Biological, Radiological, Nuclear, and Explosive) equipment. Such was the case due to the fact that the grants were being allocated shortly after 9/11 and recent Anthrax incidents. Thus, most of the money was spent on decontamination facilities and HazMat (Hazardous Materials) response efforts. Once again, thank you very much to the Connecticut Department of Public Safety for being transparent and allowing our group to visit their facility.
Ticketmaster’s Terms of Service
Recently the EFF filed an amicus brief urging a Federal Judge to overturn the indictment charges against the operators of Wiseguys Tickets, Inc., a ticket re-selling service. The four defendants are being charged with purchasing tickets from Ticketmaster by automated means. Such action violated Ticketmaster’s terms of service, and thus, the Computer Fraud and Abuse Act (CFAA). In the brief, the EFF argues that prosecution is broadening the scope of the CFAA, giving websites the ability to create unreasonable terms of service and to impose criminal liability onto its users. It also appears as it the prosecution is limiting the access to information and online services without having the necessary and compelling government interest to do so.
If the prosecution is to prevail then users can be held criminally liable for not following all arbitrary terms of services that websites decide to impose upon them. An online service website can impose unfair requirements in their terms of services, as did Ticketmaster, in order to limit the success of their competitors. Such a tactic hinders the free market and will result in a lack of media advancement. The prosecution claims this is about consumers’ free access to media tickets, however, it seems that quite the opposite is the case. The charge against the defendants is a hindrance to free access.
The Computer Fraud and Abuse Act is a law passed by the United States Congress in 1986 intended to reduce the hacking of computer systems and to address federal computer-related offenses. The CFAA governs cases with a compelling federal interest, where computers of the federal government or certain financial institutions are involved. It also governs computers used in interstate and foreign commerce. Under the CFAA, criminal offenses are typically accessing a computer without authorization in order to obtain national security data or information from a department or agency of the US. Some other punishable actions include offenses such as accessing a protected computer with the intent to defraud or traffic unauthorized information. How exactly the case at hand applies to this Act is unclear. It certainly seems the government is broadening the scope of the Act in order to crack down on terms of service violators. However, such a stance is bound to limit future innovation among online services and will intimidate users from seeking all available resources. The CFAA is meant to prevent trespass and theft, not meant to hinder innovation.
The possible implication of a guilty finding is that anyone who ignores or doesn’t read a website’s terms of service could be held liable for computer criminal conduct according to the reasoning of the government. If the prosecution is to be successful then it seems an unacceptable power dynamic among the online service and the user will be created. Ticketmaster and other online services will have the tremendous power over its users to decide what is criminal conduct and what isn’t.
Grants Administration Trip
Hi all,
Just a quick update: Our trip to the Grants Administration Office in Middleton which was scheduled for today had to be rescheduled due to a broken air conditioning in the building. We will now be going on Wednesday, July 7th.
Updates will follow.
Carolyn
Pre-Grants Administration Trip
Greetings! I’m Carolyn McVeigh, a senior undergraduate Political Science major at Stanford University. I am fortunate enough to be one of the summer interns working with the Information Society Project (ISP). Specifically, I am assisting the Media Freedom and Information Access (MFIA) group with their quest to increase government transparency and the public’s right to know. I will be posting blogs throughout my time at the ISP to update on our research findings and to document the process of our achievements in attaining more liberal media and information access.
On Monday I will be joining a few members of MFIA on a trip to the Grants Administration (GA) at the Department of Public Safety in Middleton, CT. The GA is responsible for the management of all federal and state grants and acts as the “central conduit for all grant related program issues.” Our objective is to determine the specifics of the allocations of the 2003 Department of Homeland Security Grants (DHS). We hope to obtain information from the documents that will inform us of whether or not the grant money was distributed appropriately.
In particular we will be focusing on the 2003 sub grant to the Department of Emergency Management and Homeland Security (DEMHS), the State Administrative Agency for Homeland Security Grant funding. DEMHS has administered more than $125 million in federal funding to enhance homeland security and “all-hazard preparedness” across the state. Additionally, DEMHS is working with local agencies to “establish, equip, and train five Regional Response Teams capable of handling any type of Terrorist occurrence.” All of these plans are created to comply with the National Incident Management System (NIMS) and supportive of both the State’s and National strategies. The 2003 DEMHS sub grant had a state budget exceeding $2.4 million and a local budget surpassing $300,000. We expect to find out the specifics of the allotting of this money and the legality of such activities.
By pairing grant dollars with homeland security and emergency management programs, SPGA (Strategic Planning and Grant Administration) helps to further the agency’s mission of “directing and coordinating all available resources to protect the life and property of the citizens of Connecticut in the event of a disaster or crisis.” We will be looking to establish whether or not the DEMHS sub grants were budgeted in a manner that properly sought to achieve such objectives.
On a similar note, Connecticut is home to one of our nations 72 Fusion Centers. They are state, local and regional institutions created to improve the sharing of anti-terrorism intelligence among different state, local and federal law enforcement agencies. The range of their mission has rapidly expanded with the support and encouragement of the federal government; they are now meant to cover “all crimes and all hazards.” It seems that several Fusion Centers are partaking in intelligence activities that raise civil liberties and privacy concerns. There is a severe lack of proper legal structure with Fusion Centers that makes their fundamental mission of preventing terrorist activities very difficult. Since the mission of DEHMS and Fusion Centers are parallel, by looking into the 2003 grant spending, we may acquire knowledge that sheds light on the impact of Fusion Centers. Perhaps we will gain information that strengthens the belief that Fusion Centers are both intrusive to our civil liberties and ineffective as anti-terrorism facilities.
I will update everyone about our findings on Monday!
The Regulation Room: Public Participation Online
Posted by Steve in Blogosphere, lamp, open access on April 5, 2010
We here at MFIA clearly do a lot of work holding agency’s accountable on the back end – that is, we target information that will reveal how the government has acted by filing FOIA requests and litigating denials. But I think it’s also important to remember that there’s a lot people can do to hold agency’s accountable before they take action. That’s what a group at Cornell Law School and the DOT have in mind with their new site Regulation Room.
This article on NextGov.com (a great site for information on government and technology) provides the background on the initiative; I recommend reading it. The Cornell Law-led Regulation Room attempts to use technology to increase public participation in notice-and-comment rulemaking. (Regulations.gov is the government’s central hub for online participation). E-rulemaking has also received substantial academic attention – if you’re interested, Beth Noveck, an ISP Fellow and the Deputy Chief Technology Officer and Director for the White House Open Government Initiative, has written numerous articles on the subject, focusing in particular on the importance of structuring technology in order to encourage collaboration and participation.
The Regulation Room makes at least three important contributions to the E-rulemaking process: (1) it digests the proposed rule, providing natural language summaries of a rule’s most salient features; (2) it provides a space for deliberation on the rule’s components via commenting, allowing users to react to each other and the moderators; and (3) the moderators cull the comments, combining them into an effective summary that is sent to the agency.
I have two main questions about the site as designed:
Public or Private? As the NextGov.com article says, “Regulation Room stresses it is not a government site and CeRI owns all comments and e-mail addresses collected for authentication purposes.” At the same time, the article notes that DOT is “allow[ing]” Cornell Law to launch the site. It certainly helps that the DOT is on board (so they can provide more information to Cornell), but is it necessary? Presumably, any private group could set up a similar site, post a proposed rule, solicit comments, and then combine the comments into a summary that is then sent to the agency. The question then is should this site be run by the agency or private actors. Or is this hybrid model perhaps best? An agency-run site could probably have the most significant impact on agency action, insofar as the agency-run site would be more fully incorporated into the decision-making process. The hybrid model, however, might still command the attention of the agency, while allowing people to organize and gather their suggestions without taxing agency personnel.
Blog format? Both the article and the site’s own About page call the Regulation Room a “blog,” and the article notes the advantages of the “blog format.” The Regulation Room mirrors a blog in certain respects (at its most basic level, the site offers some main text and then invites comments from the public, which is certainly blog-like). But that’s where the comparison ends for me. The layout is not nearly as intuitive as a typical blog (you have to click on two non-obvious links before you can view actual comments, and then the user faces multiple scrolling windows and multiple panels that appear and disappear as she moves her mouse across the screen). I actually think that the site would be better if it were more like a traditional blog – at least then, I would know exactly where to go for the text and the comments. Regardless, the underlying point is Noveck’s: technological design matters. Anything that makes it harder to post a comment increases the costs to the would-be public participant. Unfortunately, as it currently is, I think the Regulation Room’s format may inhibit some from participating.
These are just a couple of observations, none of which dampen my overall enthusiasm for the project and what it stands for. Agencies should be thinking about ways to build a digital relationship with the public, and Cornell Law and DOT are at the forefront of the experimentation. Time will tell whether projects like this can compete for the public’s attention alongside the vast amounts of other information and entertainment online.
Anti-Counterfeiting Trade Agreement: Analysis
Posted by Margot in Blogosphere, Privacy, Surveillance, first amendment, lamp on March 25, 2010
I’ve written up in detail my comments on the new acta text.
The text reads like a debate between countries. Most of the more salient issues are still up in the air; I’ve tried to pinpoint those issues along with the varying takes on them by different negotiators.
Recurring themes include: 1) regulatory capture by private industries of government resources such as courts and border officials; 2) significant privacy concerns sparked by “sharing” information with rights holders and other countries during investigations; 3) expansion of US law internationally despite contradicting decisions in other jurisdictions; and 4) blatant disregard for existing international IP institutions and norms.
These, in shorter form, are some of the important features to note:
1. ACTA imposes mandatory statutory damages in civil copyright law. Australia, Mexico, and New Zealand do not want this provision, as their law does not include statutory damages (which have been shown in the US to often be grossly disproportionate to the harm done).
2. Privacy in civil cases: accused infringers must produce evidence of the “means of production and distribution” during civil proceedings. The EU proposes that this mandate be subject to data privacy protections.
3. Smaller de minimis exception in border measures: TRIPS provides an exception for the import of “small quantities of goods of a non-commercial nature”. ACTA would further limit this exception to quantities “reasonably attributable to personal use of the traveler”, exempting gifts for other people rather than tying de minimis to non-commerciality as TRIPS does.
4. Ex officio action at the border: Under TRIPS, countries may optionally mandate ex officio action (customs-official-initiated action, rather than by a party) only once a prima facie case of infringement has been shown. ACTA as proposed by the US mandates such ex officio action by all countries (”shall” instead of “may”), and refers to “suspected” counterfeit goods rather than goods for which a prima facie case of infringement has been shown. The government is doing the work of private parties before a substantial case has been established.
5. Privacy: Releasing personally identifying information of border crossers to rights holders without process: TRIPS stated that identifying information be disclosed to rights holders only after a determination that goods were infringing “on the merits of a case”. ACTA as proposed by the US allows release of such information as part of an investigation, once the goods have been confiscated rather than once guilt has been at least initially established.
6. Demands on the court and on border officials: ACTA proposes a fast turn around by the courts in these cases, and encourages governments to absorb storage and application fees to avoid burdening rights holders.
7. Expanding the definition of criminal copyright infringement internationally. TRIPS had a “commercial scale” requirement for criminal copyright infringement. The United States understands “commercial scale” in its domestic law to include acts done for “private financial gain”- which rights holders argue includes downloading pirated music for no cost. The US wants “private financial gain” included in ACTA, and also wants a category of “significant willful infringements that have no direct or indirect motivation of financial gain”- again targeting music and movie filesharing.
8. ACTA enlarges the scope of international criminal law sanctions to mandate imprisonment. TRIPS allowed countries to chose between criminal fines and prison terms, and set no minimum standards for either. ACTA mandates “penalties that include actual sentences of imprisonment” and includes a negotiator’s note requiring countries to “encourage competent authorities” to “impose penalties… including imposition of actual terms of imprisonment.”
9. ACTA exports the Digital Millenium Copyright ACT (DMCA), which includes the US’s understanding of third party liability for copyright infringement, inconsistent with other jurisdictions. New Zealand, for example, notes that it does not find search engine activity to be copyright infringing, and therefore questions why this provision regarding third party liability exists in reference to search engines. Mexico notes that takedown must be requested “by a competent authority”, not a party. Japan also notes that these provisions are not currently consistent with its jurisdiction.
10. Exceptions and limitations, and fair use: The US asks for a note including reference to exceptions and limitations (at the discretion of countries according to the Berne Convention and TRIPs) and fair use (a US concept); the EU wishes to include exceptions and limitations in the actual text of the agreement.
11. DMCA technological circumvention measures. The US wants to expand DMCA criminalization of technological circumvention (”hacking” digital rights management (DRM)). The EU wants to striek the criminalization aspect of this, limiting to civil remedies. Japan explicitly notes that its laws currently allow for circumvention in certain cases; New Zealand notes that circumvention of noncopyrighted works is not a crime, and access control is not a right given to copyright holders.
12. International cooperation: ACTA mandates cooperation between countries in criminal IP infringement cases. The EU proposes “particular attention… to infringing goods detrimental to… health and safetly.” This potentially targets the distribution of generic medicines.
13. Information sharing between countries: parties are debating whether countries “may” or “shall” share information during investigations. This could be extremely problematic for countries with different standards of privacy norms and laws.
14. Paternalistic crafting of domestic legislation: Countries must work with countries not party to ACTA to craft domestic legislation that brings them in line with ACTA. Canada wishes to strike this provision.
15. Officially fostering dialogue with private party righs holders: The US wants to establish formal mechanisms for authorities to hear the view of rights holders. Again, this looks like the government doing work on behalf of private entities.
16. Transparency of process- with major discretional exceptions: Exceptions to transparency of ACTA-mandated investigations include whether they would be “contrary to … domestic laws or policy” or “the public interest”- extremely vague, governmentally discretionary terms.
17. A new IP institution to Preserve ACTA? The ACTA “Committee” would oversee disputes, amendments to ACTA, and supervise implimentation. This disadvantages those devleoping countries who are not original signatories to the agreement.
18. Only five states are required for ratification. Effectively, the five most powerful can rush to sign on to terms everybody else will have to take on later.
Anti-Counterfeiting Trade Agreement draft released
The new biggest set of international laws to hit copyright is the Anti-Counterfeiting Trade Agreement, a plurilateral agreement negotiated outside of the WTO’s processes and protections. Many organizations have had serious concerns about the potential civil liberty and economic impact of ACTA. A draft text of ACTA has been leaked here. (Searchable version available here.)
Many of these issues are clearly still up for debate. The biggest three may be the scope of criminal copyright infringement, the expansion of the US Digital Millienium Copyright Act internationally (DMCA), and the creation of a new international institution (an ACTA “Committee”) to deal with enforcement of ACTA.
In short, ACTA is geared up to do pretty much exactly what I predicted in a “Recent Development” in YJIL last year. It amps up IP protection and criminal sanctions, without respecting existing international institutional process and involving the interests of developing countries.
Unsurprisingly, the US is an IP maximalist here, pushing for the strongest provisions. Singapore is a minimalist. Australia fluctuates depending on the provision. Japan appears to be on board with the US except for DMCA provisions, with which it heartily disagrees.
What’s at stake here? Institutional process and legitimacy (why is this taking place outside of the World Trade Organization (WTO) and WIPO?), and a rush to standardization on approaches to the Internet around the US standard, which arguably isn’t the ideal.
Privacy interests (versus data sharing with both other countries and rights’ holders) and liberty interests (why rush to the unreasonable US standard of criminalization?) are also very much at stake.
I will be posting responses to specific provisions of ACTA later.