Electronic Frontier Foundation

Prison Messaging System JPay Withdraws Copyright Claims 141

Posted by timothy
from the got-you-coming-and-going dept.
Florida-based JPay has a specialized business model and an audience that is at least in part a (literally) captive one: the company specializes in logistics and communications services involving prisons and prisoners, ranging from payment services to logistics to electronic communications with prisoners. Now, via Cory Doctorow at Boing Boing comes a report from the EFF that the company has back-pedaled on a particularly strange aspect of the terms under which the company provided messaging services for prisoners: namely, JPay's terms of service made exhaustive copyright claims on messages sent by prisoners, claiming rights to "all content, whether it be text, images, or video" send via the service. That language has now been excised, but not in time to prevent at least one bad outcome; from the EFF's description: [Valerie] Buford has been running a social media campaign to overturn her [brother, Leon Benson's] murder conviction. However, after Buford published a videogram that her brother recorded via JPay to Facebook, prison administrators cut off her access to the JPay system, sent Benson to solitary confinement, and stripped away some of his earned "good time." To justify the discipline, prison officials said they were enforcing JPay's intellectual property rights and terms of service.
Patents

Patent Issued Covering Phone Notifications of Delivery Time and Invoice Quantity 60

Posted by Soulskill
from the i-should-patent-the-rubber-stamp dept.
eldavojohn writes: The staggering ingenuity of the U.S. Patent system has again been showcased by the EFF's analysis of recent patents. This week's patent and follow-up patent cover the futuristic innovative idea that when you order something, you can update your order and add additional amounts to your order while it's being processed. But wait, it gets even more innovative! You may one day be able to even to notify when you would like it delivered — on your phone! I know, you're busy wiping all that brain matter off your screen as your head seems to have exploded. Well, it turns out that inventor and patent holder Scott Horstemeyer (aka Eclipse IP, LLC of Delray Beach, FL) found no shortage of targets to go after with his new patents. It appears Tiger Fitness (and every other online retailer) was sending notices to customers about shipments. Did I mention Horstemeyer is a lawyer too? But not just a regular lawyer, a "SUPER lawyer" from the same firm that patented social networking in 2007, sued Uber for using location finding technologies in 2013 and sued Overstock.com as well as a small time shoe seller for using shipping notifications in 2014. A related article at Vox makes this case: "The primary problem with the patent system is, well, the patent system. The system makes it too easy to get broad, vague patents, and the litigation process is tilted too far toward plaintiffs. But because so many big companies make so much money off of this system, few in Congress are willing to consider broader reforms."
Privacy

New Privacy Threat: Automated Vehicle Occupancy Detection 140

Posted by Soulskill
from the shades-of-minority-report dept.
An anonymous reader writes: The Electronic Frontier Foundation is warning against a new potential privacy threat: cameras that look inside cars and try to identify how many people are inside. This technology is a natural combination of simpler ones that have existed for years: basic object recognition software and road-side cameras (red light cameras, speeding cameras, license plate readers — you name it). Of course, we can extrapolate just a bit further, and point out that as soon as the cameras have high enough resolution, they can start running face recognition algorithms on the images, and determine the identities of a vehicle's occupants.

"The San Diego Association of Governments (SANDAG), a government umbrella group that develops transportation and public safety initiatives across the San Diego County region, estimates that 15% of drivers in High Occupancy Vehicle (HOV) lanes aren't supposed to be there. After coming up short with earlier experimental projects, the agency is now testing a brand new technology to crack down on carpool-lane scofflaws on the I-15 freeway. ... In short: the technology is looking at your image, the image of the people you're with, your location, and your license plate. (SANDAG told CBS the systems will not be storing license plate data during the trial phase and the system will, at least for now, automatically redact images of drivers and passengers. Xerox's software, however, allows police the option of using a weaker form of redaction that can be reversed on request.)"
Electronic Frontier Foundation

After EFF Effort, Infamous "Podcasting Patent" Invalidated 58

Posted by timothy
from the there-should-an-absurdity-check dept.
Ars Technica reports some good news on the YRO front. An excerpt: A year-and-a-half after the Electronic Frontier Foundation created a crowd-funded challenge to a patent being used to threaten podcasters, the patent has been invalidated. In late 2013, after small podcasters started getting threat letters from Personal Audio LLC, the EFF filed what's called an "inter partes review," or IPR, which allows anyone to challenge a patent at the US Patent and Trademark Office. The order issued today by the USPTO lays to rest the idea that Personal Audio or its founder, Jim Logan, are owed any money by podcasters because of US Patent No. 8,112,504, which describes a "system for disseminating media content representing episodes in a serialized sequence." The article points out, though, that the EFF warns Personal Audio LLC is seeking more patents on podcasting. Mentioned within: Adam Carolla's fight against these patents and our Q&A with Jim Logan.
Privacy

The DEA Disinformation Campaign To Hide Surveillance Techniques 46

Posted by Soulskill
from the you-can-trust-us dept.
An anonymous reader writes: Ken White at Popehat explains how the U.S. Drug Enforcement Agency has been purposefully sowing disinformation to hide the extent of their surveillance powers. The agency appears to have used a vast database of telecommunications metadata, which they acquired via general (read: untargeted, dragnet-style) subpoenas. As they begin building cases against suspected criminals, they trawl the database for relevant information. Of course, this means the metadata of many innocent people is also being held and occasionally scanned. The Electronic Frontier Foundation has filed a lawsuit to challenge this bulk data collection. The DEA database itself seems to have been shut down in 2013, but not before the government argued that it should be fine not only to engage in this collection, but to attempt to hide it during court cases. The courts agreed, which means this sort of surveillance could very well happen again — and the EFF is trying to prevent that.
Encryption

'Let's Encrypt' Project Strives To Make Encryption Simple 116

Posted by Soulskill
from the reaching-for-peak-encryption dept.
jones_supa writes: As part of an effort to make encryption a standard component of every application, the Linux Foundation has launched the Let's Encrypt project (announcement) and stated its intention to provide access to a free certificate management service. Jim Zemlin, executive director for the Linux Foundation, says the goal for the project is nothing less than universal adoption of encryption to disrupt a multi-billion dollar hacker economy. While there may never be such a thing as perfect security, Zemlin says it's just too easy to steal data that is not encrypted. In its current form, encryption is difficult to implement and a lot of cost and overhead is associated with managing encryption keys. Zemlin claims the Let's Encrypt project will reduce the effort it takes to encrypt data in an application down to two simple commands. The project is being hosted by the Linux Foundation, but the actual project is being managed by the Internet Security Research Group. This work is sponsored by Akamai, Cisco, EFF, Mozilla, IdenTrust, and Automattic, which all are Linux Foundation patrons. Visit Let's Encrypt official website to get involved.
Electronic Frontier Foundation

ESA Rebukes EFF's Request To Exempt Abandoned Games From Some DMCA Rules 153

Posted by timothy
from the locked-up-forever-in-their-castle dept.
eldavojohn writes It's 2015 and the EFF is still submitting requests to alter or exempt certain applications of the draconian DMCA. One such request concerns abandoned games that utilized or required online servers for matchmaking or play (PDF warning) and the attempts taken to archive those games. A given example is Madden '09, which had its servers shut down a mere one and a half years after release. Another is Gamespy and the EA & Nintendo titles that were not migrated to other servers. I'm sure everyone can come up with a once cherished game that required online play that is now abandoned and lost to the ages. While the EFF is asking for exemptions for museums and archivists, the ESA appears to take the stance that it's hacking and all hacking is bad. In prior comments (PDF warning), the ESA has called reverse engineering a proprietary game protocol "a classic wolf in sheep's clothing" as if allowing this evil hacking will loose Sodom & Gomorrah upon the industry. Fellow gamers, these years now that feel like the golden age of online gaming will be the dark ages of games as historians of the future try to recreate what online play was like now for many titles.
United States

Snowden Demystified: Can the Government See My Junk? 200

Posted by timothy
from the aside-from-the-hidden-cameras dept.
An anonymous reader writes Comedian and journalist John Oliver set out to understand US Government surveillance in advance of the June 2015 expiration of section 215 of the Patriot Act. What resulted was a humorous but exceptionally journalistic interview of Edward Snowden which distilled the issues down in a (NSFW) way everyone can understand. Regardless of whether you view Snowden as a despicable traitor or an honorable whistleblower, it's worth a watch.
Electronic Frontier Foundation

USPTO Demands EFF Censor Its Comments On Patentable Subject Matter 71

Posted by timothy
from the adversarial-justice-system dept.
An anonymous reader sends this report from TechDirt: As you know, last year the Supreme Court made a very important ruling in the Alice v. CLS Bank case, in which it basically said that merely doing something on a general purpose computer didn't automatically make it patentable. ... However, the USPTO apparently was offended at parts of the EFF's comment submission, claiming that it was an "improper protest." Protest or not, the EFF denies in strong terms that the original comments were improper.
Transportation

EFF Fighting Automakers Over Whether You Own Your Car 292

Posted by Soulskill
from the what's-yours-is-ours dept.
An anonymous reader writes: The Digital Millennium Copyright Act contains anti-circumvention prohibitions that affect everything from music files to cell phones. The EFF noticed that it could apply to cars as well, so they asked for an exemption to be put in place so car owners would be free to inspect and modify the code running on their vehicles. It turns out U.S. automakers don't agree — they filed opposition comments through trade associations. "They say you shouldn't be allowed to repair your own car because you might not do it right. They say you shouldn't be allowed to modify the code in your car because you might defraud a used car purchaser by changing the mileage. They say no one should be allowed to even look at the code without the manufacturer's permission because letting the public learn how cars work could help malicious hackers, "third-party software developers" (the horror!), and competitors. John Deere even argued that letting people modify car computer systems will result in them pirating music through the on-board entertainment system, which would be one of the more convoluted ways to copy media (and the exemption process doesn't authorize copyright infringement, anyway)."
China

EFF: Wider Use of HTTPS Could Have Prevented Attack Against GitHub 48

Posted by timothy
from the one-day-one-day dept.
itwbennett writes The attack against GitHub was enabled by someone tampering with regular website traffic to unrelated Chinese websites, all of which used a JavaScript analytics and advertising related tool from Baidu. Somewhere on China's network perimeter, that analytics code was swapped out for code that transparently sent data traffic to GitHub. The reason GitHub's adversaries were able to swap out the code is because many of the Chinese websites weren't encrypting their traffic.
Electronic Frontier Foundation

EFF Questions US Government's Software Flaw Disclosure Policy 18

Posted by Soulskill
from the we'll-do-that-at-least-once-in-the-past-decade dept.
angry tapir writes: It's not clear if the U.S. government is living up to its promise to disclose serious software flaws to technology companies, a policy it put in place five years ago, according to the Electronic Frontier Foundation. They write, "ODNI has now finished releasing documents in response to our suit, and the results are surprisingly meager. Among the handful of heavily redacted documents is a one-page list of VEP 'Highlights' from 2010. It briefly describes the history of the interagency working group that led to the development of the VEP and notes that the VEP established an office called the 'Executive Secretariat' within the NSA. The only other highlight left unredacted explains that the VEP 'creates a process for notification, decision-making, and appeals.' And that's it. This document, which is almost five years old, is the most recent one released. So where are the documents supporting the 'reinvigorated' VEP 2.0 described by the White House in 2014?"
The Almighty Buck

DuckDuckGo Donates $100,000 Among Four FOSS Projects 36

Posted by samzenpus
from the have-a-little-cash dept.
jones_supa writes As is the search engine company's annual habit, DuckDuckGo has chosen to advance four open source projects by donating to them. The primary focus this year was to support FOSS projects that bring privacy tools to anyone who needs them. $25,000 goes to The Freedom of the Press Foundation to support SecureDrop, which is a whistleblower submission used to securely accept documents from anonymous sources. The Electronic Frontier Foundation was given $25,000 to support PrivacyBadger, which is a browser add-on that stops advertisers and other third-party trackers from secretly tracking your surfing habits. Another $25,000 arrives at GPGTools to support GPG Suite, which is a software package for OS X that encrypts files or messages. Finally, $25,000 was donated to Riseup to support Tails, which is a live operating system that aims at preserving your privacy and anonymity.
Privacy

Supreme Court Gives Tacit Approval To Warrantless DNA Collection 135

Posted by timothy
from the welcome-to-gattica dept.
An anonymous reader writes On Monday, the U.S. Supreme Court refused to review a case involving the conviction of a man based solely on the analysis of his "inadvertently shed" DNA. The Electronic Frontier Foundation (EFF) argues that this tacit approval of the government's practice of collecting anyone's DNA anywhere without a warrant will lead to a future in which people's DNA are "entered into and checked against DNA databases and used to conduct pervasive surveillance."
Patents

Patent Trolls On the Run But Not Vanquished Yet 56

Posted by samzenpus
from the don't-forget-the-fire dept.
snydeq writes Strong legislation that will weaken the ability of the trolls to shake down innovators is likely to pass Congress, but more should be done, writes InfoWorld's Bill Snyder. "The Innovation Act isn't an ideal fix for the program patent system. But provisions in the proposed law, like one that will make trolls pay legal costs if their claims are rejected, will remove a good deal of the risk that smaller companies face when they decide to resist a spurious lawsuit," Snyder writes. That said, "You'd have to be wildly optimistic to think that software patents will be abolished. Although the EFF's proposals call for the idea to be studied, [EFF attorney Daniel] Nazer doesn't expect it to happen; he instead advocates several reforms not contained in the Innovation Act."
Piracy

Trans-Pacific Partnership Enables Harsh Penalties For Filesharing 154

Posted by Soulskill
from the legislation-via-industry dept.
An anonymous reader writes: The Electronic Frontier Foundation went through a recent leak of the secretive Trans-Pacific Partnership agreement, an international treaty in development that (among other things) would impose new intellectual property laws on much of the developed world. The EFF highlights one section in particular, which focuses on the punishments for copyright infringement. The document doesn't set specific sentences, but it actively encourages high monetary penalties and jail terms. Its authors reason that these penalties will be a deterrent to future infringement. "The TPP's copyright provisions even require countries to enable judges to unilaterally order the seizure, destruction, or forfeiture of anything that can be 'traceable to infringing activity,' has been used in the 'creation of pirated copyright goods,' or is 'documentary evidence relevant to the alleged offense.' Under such obligations, law enforcement could become ever more empowered to seize laptops, servers, or even domain names."
Electronic Frontier Foundation

EFF: Hundreds of S. Carolina Prisoners Sent To Solitary For Social Media Use 176

Posted by timothy
from the don't-you-have-enough-friends-already? dept.
According to the EFF's Deep LInks, Through a request under South Carolina’s Freedom of Information Act, EFF found that, over the last three years, prison officials have brought more than 400 hundred disciplinary cases for "social networking" — almost always for using Facebook. The offenses come with heavy penalties, such as years in solitary confinement and deprivation of virtually all privileges, including visitation and telephone access. In 16 cases, inmates were sentenced to more than a decade in what’s called disciplinary detention, with at least one inmate receiving more than 37 years in isolation. ... The sentences are so long because SCDC issues a separate Level 1 violation for each day that an inmate accesses a social network. An inmate who posts five status updates over five days, would receive five separate Level 1 violations, while an inmate who posted 100 updates in one day would receive only one. In other words, if a South Carolina inmate caused a riot, took three hostages, murdered them, stole their clothes, and then escaped, he could still wind up with fewer Level 1 offenses than an inmate who updated Facebook every day for two weeks.
DRM

DMCA Exemption Campaign Would Let Fans Run Abandoned Games 157

Posted by Soulskill
from the don't-break-what-people-pay-for dept.
An anonymous reader writes: Games that rely on remote servers became the norm many years ago, and as those games age, it's becoming more and more common for the publisher to shut them down when they're no longer popular. This is a huge problem for the remaining fans of the games, and the Digital Millennium Copyright Act forbids the kind of hacks and DRM circumvention required for the players to host their own servers. Fortunately, the EFF and law student Kendra Albert are on the case. They've asked the Copyright Office for an exemption in the case of players who want to keep abandoned games alive. It's another important step in efforts to whittle away at overreaching copyright laws.
Government

DEA Hands MuckRock a $1.4 Million Estimate For Responsive Documents 136

Posted by samzenpus
from the pay-the-man dept.
An anonymous reader writes with news about what might be the largest Freedom of Information Act fee yet. "The EFF recently kicked off a contest for the 'most outrageous response to a Freedom of Information Act request' and we already have a frontrunner for the first inaugural 'Foilie.' MuckRock's loose confederation of FOIA rabblerousers has been hit with a $1.4 million price tag for John Dyer's request for documents related to the 'localization and capture' of Mexican drug lord 'El Chapo.'"
Electronic Frontier Foundation

Site Launches To Track Warrant Canaries 159

Posted by Soulskill
from the tag-and-release dept.
Trailrunner7 writes: In the years since Edward Snowden began putting much of the NSA's business in the street, including its reliance on the secret FISA court and National security Letters, warrant canaries have emerged as a key method for ISPs, telecoms, and other technology providers to let the public know whether they have received any secret orders. But keeping track of the various canaries scattered around the Web is difficult, so a group of legal and civil liberties organizations have come together to launch a new site to monitor the known warrant canaries.

The Canary Watch site is the work of the EFF, the Berkman Center for Internet and Society, and NYU's Technology Law and Policy Center and it works on a simple concept. The site maintains a list of all of the known warrant canaries and periodically checks each organization's site to see whether the canary is still there and then lists any changes to the status. Right now, Canary Watch lists 11 organizations, including Lookout, Pinterest, Reddit, and Tumblr.

"Canarywatch lists the warrant canaries we know about, tracks changes or disappearances of those canaries, and allows users to submit canaries not listed on the site. For people with interest in a particular canary, the site will show any changes we know about," Nadia Kayyali of the EFF said in a blog post.