Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. ×

Feed Techdirt: What Should We Add Next To The Techdirt Gear Store? (techdirt.com)

Get I Invented Email, Copymouse and more in the Techdirt Gear store

Right now, there are four different designs in available in the Techdirt Gear store on Teespring: our new Copymouse gear, our limited-time I Invented Email gear, and two different styles of Techdirt logo gear. But, under Teespring's new ongoing-order system, over time we're going to start bringing back some of our designs from last year as permanent fixtures in the store — in some cases with tweaked or updated designs.

So, which Techdirt tees would our readers like to see first? There's our popular Takedown gear, the controversial Copying Is Not Theft , and some less-popular but beloved-by-some options like Home Cooking Is Killing Restaurants and Math Is Not A Crime . Of course, there's also the first t-shirt we offered and still the most popular: Nerd Harder .

We have some brand new designs in the works too and will be rolling those out in the near future, but first we want to get one or two of these classics back into rotation. In addition to letting us know which ones you're most interested in, feel free to include your thoughts on whether the design needs an update or you'd like to see different products/colors available!

Thanks for your feedback, and thanks for supporting Techdirt.

Two logo tee styles (plus hoodies, mugs & more) in the Techdirt Gear store



Permalink | Comments | Email This Story

Feed Techdirt: Just To Be Safe, We're Resetting All Techdirt Passwords In Response To Cloudbleed (techdirt.com)

As you may have heard, late yesterday it was revealed that there was a pretty major bug that was potentially leaking all sorts of sensitive data for some companies that use Cloudflare. The bug is being dubbed "Cloudbleed" as it's actually quite similar to what happened a few years ago with OpenSSL in what was known as Heartbleed. Cloudflare was alerted to the bug by some Google security researchers and quickly patched the problem -- but it had gone on for months, with some sensitive data being indexed by search engines (that's all been cleaned up too).

At Techdirt, we use some Cloudflare services. It is unclear (and, in fact, unlikely) that any Techdirt data leaked via Cloudbleed. Also, we don't retain sensitive data from our users. However, in an abundance of caution, we have decided to reset everyone's passwords. If you have an account on Techdirt (which is not a requirement), you will be logged out, and will be required to go through the password reset process to get back into your account. Yes, this is a bit of a pain for our users, but despite the low likelihood of people here being impacted, we felt it was the right thing to do. Various security researchers have suggested that people change their passwords at other sites as well, and we recommend using a password generator/wallet (some of which will automatically change passwords at many sites upon request) to do so.



Permalink | Comments | Email This Story

Feed Techdirt: California Law Enforcement Union Sues To Block Police Accountability (techdirt.com)

Because there's just not enough opacity shrouding police misconduct and not enough slanting of the criminal justice system against defendants, California police unions have decided to get involved in a judicial dispute over lists of law enforcement officers whose half of "our word against yours" isn't quite as bulletproof as is normally assumed.

A Los Angeles sheriff is trying to do the right thing, but he's running into opposition from his own supposed "representatives."

The Los Angeles County Sheriff’s Department has collected the names of about 300 deputies who have a history of past misconduct — such as domestic violence, theft, bribery and brutality — that could damage their credibility if they testify in court.

Sheriff Jim McDonnell wants to send the names to prosecutors, who can decide whether to add them to an internal database that tracks problem officers in case the information needs to be disclosed to defendants in criminal trials.

I don't imagine prosecutors are exactly thrilled to be the recipient of information that damages the credibility of their favorite witnesses, but it's probably better than having your witness destroyed in open court by a defense attorney. But prosecutors may never see this information, thanks to the police union's belief that officers shouldn't be held accountable for anything.

The union that represents rank-and-file deputies strongly opposes providing the names to prosecutors and has taken the department to court. The Assn. for Los Angeles Deputy Sheriffs argues that the disclosure would violate state laws protecting officer personnel files and draw unfair scrutiny on deputies whose mistakes might have happened long ago.

The union is wrong. Officers' misconduct records are a crucial part of their trustworthiness. Burying these just makes the union look like a willing enabler of bad behavior. There would be no "unfair scrutiny" of deputies. Judges and juries are perfectly capable of determining whether past misconduct is relevant to the case at hand. The union's lawsuit seeks to place the determination of officers' credibility solely in the union's hands. And in its hands, all officers are credible until proven otherwise -- something that will be almost impossible to do with exactly zero information on hand.

The union's move is a preemptive Brady violation. Brady material is exculpatory evidence and information prosecutors are statutorily required to turn over to the defense. That would include misconduct records, which might point to a testifying officer's lack of credibility, or show a pattern of relevant misconduct. These files would not be made public, which undercuts the union's "privacy violation" claims. True, some of the files' contents would be made public during court proceedings, but it's not as though the sheriff is asking the DA's office to post the contents of the list on its website.

The union wants law enforcement officers to have more rights than the people they serve. The body of a person killed by an officer hasn't even begun to cool before department press liaisons are pushing the dead person's criminal background check results into the hands of every reporter covering the incident. No one expresses any privacy concerns when a 20-year-old arrest is used to alter the public's perception of a police shooting victim. But when it comes to cops themselves -- public servants with immense power, layers of immunity, and publicly-funded opacity that separates them from the consequences of their actions -- privacy is of utmost concern.



Permalink | Comments | Email This Story

Feed Techdirt: Tiffany & Co., Defenders Of Intellectual Property, Sued For Copyright Infringement (techdirt.com)

For some time now, famed jewelry retailer Tiffany Co. has been a staunch defender of intellectual property and an adversary to a free and open internet. You will recall that this is the company that wanted eBay to be held liable for third-party auctions of counterfeit Tiffany products. The company also lent its support to censoring the internet via the seizing of domains it didn't like, as well as its support for COICA (which was the predecessor of the bill that eventually became SOPA). COICA, among other things, was a bill that would have allowed the DOJ to seize so-called "pirate" websites that infringed on others' intellectual property.

And because this always seems to happen, it's noteworthy that despite wanting to completely shut down websites due to infringement, Tiffany is now being sued for copyright infringement for using a photograph without permission or attribution.

Tiffany Co. is in a bit of hot water over a photograph it is using in connection with one of its jewelry lines. Last Friday, New York-based photojournalist Peter Gould filed suit against the famous jewelry company in the U.S. District Court for the Southern District of New York, a federal court in Manhattan, citing copyright infringement.

According to Gould’s complaint, the Tiffany Co. website “features the photograph to sell [the company’s] Elsa Peretti Jewelry.” The complaint further states that at all times Gould “has been the sole owner of all right, title and interest in and to the photograph, including the copyright thereto.”

Perhaps more significantly, Gould also alleges that Tiffany Co. didn't merely use his photograph of Peretti without his permission, but also actively stripped out the copyright information on the photograph to relieve him of any attribution for it as well. That, of course, is a federal no-no spelled Section 1202 of the Copyright Act. Given its vehement defense of intellectual property in the past, the complaint says Tiffany Co. knew or should have known that such removal of copyright attribution would be seen as an attempt to slide its infringement of Gould's photograph under the legal radar.

Given that the photograph is being used on its website, I'm sure the folks at the company would understand if tiffany.com were seized by the government over such allegations, should they prove to be true. Right?



Permalink | Comments | Email This Story

Feed Techdirt: Judge Rejects Warrant Seeking To Force Everyone At A Searched Location To Unlock Seized Electronic Devices (techdirt.com)

Late last year, Thomas Fox-Brewster of Forbes uncovered a strange search warrant among a pile of unsealed documents. The warrant -- approved by a magistrate judge -- allowed law enforcement officers to demand that everyone present at the searched location provide their fingerprints to unlock devices seized from the same location.

In support of its request, the government cited cases dating back to 1910, as though they had any relevance to the current situation. The most recent case cited was 30 years old -- still far from easily applicable to today's smartphones, which are basically pocket-sized personal data centers.

The judge granted it, stating that demands for fingerprints, passwords, or anything (like encryption keys) that might give law enforcement access to the devices' content did not implicate the Fourth or Fifth Amendments. While the magistrate was correct that no court has found the application of fingerprints to unlock devices to be a violation of the Fifth Amendment, the other access options (passwords, encryption keys) might pose Fifth Amendment problems down the road.

Riana Pfefferkorn has uncovered a similar warrant request, but this one has been rejected by the magistrate judge. Pretty much across the board, the order is the antithesis of the one revealed last year. The judge finds [PDF] that the broad request to force everyone present at the residence to apply their fingerprints to seized devices to unlock them implicates multiple Constitutional amendments.

The issues presented in this warrant application are at the cross section of protections provided by the Fourth and Fifth Amendments. Essentially, the government seeks an order from this Court that would allow agents executing this warrant to force "persons at the Subject Premises" to apply their thumbprints and fingerprints to any Apple electronic device recovered at the premises. (See Attach. B, tT 12.) The request is neither limited to a particular person nor a particular device. And, as noted below, the request is made without any specific facts as to who is involved in the criminal conduct linked to the subject premises, or specific facts as to what particular Apple-branded encrypted device is being employed (if any).

The judge notes the government is able to detain and search persons located at the premises being searched, but that does not extend to forcing every single person in a residence at the time of a search to comply with attempts to unlock seized devices. Because the warrant affidavit contained no particularity about the devices or who in the household the government suspected of engaging in criminal activity, the court can't find anything that justifies the broad, inclusive language contained in the request.

This Court agrees that the context in which fingerprints are taken, and not the fingerprints themselves, can raise concerns under the Fourth Amendment. In the instant case, the government is seeking the authority to seize any individual at the subject premises and force the application of their fingerprints as directed by government agents. Based on the facts presented in the application, the Court does not believe such Fourth Amendment intrusions are justified based on the facts articulated.

The court has other problems with the affidavit -- beyond the government's unwarranted extension of Fourth/Fifth Amendment jurisprudence to cover any devices/fingerprints encountered at a searched location. Early in the order, it notes the government is deploying boilerplate nearly as outdated as its case citiations.

Despite the apparent seriousness of the offenses involved, the Court notes that some of the "boilerplate" background information included in the warrant is a bit dated, such as its explanation that "[t]he internet allows any computer to connect to another computer [so] [e]lectronic contact can be made to millions of computers around the world;" its explanation that a "Blackberry" is a common "Personal Digital Assistant" and its suggestion that the use of "cloud technology" is the exceptional way of transferring files and that transferring images to a computer by directly connecting a cable to a camera or other recording device is the expected means of data transfer.

The judge notes outdated boilerplate isn't enough to undo probable cause assertions, but it certainly doesn't help -- especially not when the government is requesting this sort of broad permission.

The inclusion of this somewhat dated view of technology certainly does not distract from the application's goal of establishing probable cause. However, the dated "boilerplate language" is problematic for what is not included. There is absolutely no discussion of wireless internet service and the possibilities and capabilities that wireless service presents in this context. For example, an unsophisticated intemet user, or a careless one, may fail to properly encrypt his wireless service or may share the password injudiciously. Such practices leave open the possibility that it is not an inhabitant of the subject premises that has used the internet to gather and distribute child pornography, but rather it is a person who has access to the internet service at the subject premises.

Obviously, this possibility holds true in all investigations that track the investigation outlined in the instant application. The limitations of this investigation are not fatal to establishing probable cause, but, in the Court's view, these limitations do impact the ability of the government to seek the extraordinary authority related to compelling individuals to provide their fingerprints to unlock an Apple electronic device.

Then there's the other assertions. The government's application does nothing to narrow down which resident it's seeking or what device(s) might contain evidence of criminal activity. What it does appear to be certain about -- for reasons not included in the application -- is that the devices it seeks are Apple products. A footnote in the order questions this assertion.

Why Apple devices are likely to be found at the premises is not explained. The Court is aware that Apple has a large market share in online hardware, but Microsoft's Windows operating systems continue to dominate the overall market share of operating systems used.

What makes these broad, unsupported assertions even worse, especially when combined with the outdated boilerplate, is that this is apparently the direction the government is heading with its search warrants.

In closing, upon presentation of the warrant application to this Court, the government identified for this Court that the warrant application was seeking the forced fingerprinting discussed herein. The government further noted "[t]his is the language that we are making standard in all of our search warrants." This declaration of standardization is perhaps the crux of the problem. As the Court hopes it is plain from the above, the issues presented here require a fact-intensive inquiry both for purposes of the Fourth Amendment and the Fifth Amendment.

More particularity, better probable cause, and fewer assumptions about the Fourth and Fifth Amendment's application in a post-Riley world are what's needed from the government, according to this order. Even though this application was rejected, it's safe to say this same approach has worked elsewhere. We've seen one approved warrant already and there are likely several more safely hidden from the public eye in the government's multitudinous sealed cases.

What's troubling about the government's assertions in this application is its apparent belief it's found an encryption workaround: one that blows past Fourth and Fifth Amendment concerns using little more than boilerplate that still considers cables to be an essential part of "cloud computing," and magistrate judges willing to buy its outdated legal arguments.



Permalink | Comments | Email This Story

Feed Techdirt: Federal Election Commission Member Quits, Says Agency Refuses To Address Campaign Finance Violations (techdirt.com)

"Every vote counts."

"Throw the bastards out."

"Election platitude #10."

Every bit as meaningless as Trump's promise to "drain the swamp." The Beltway Swamp is drain-proof. The process that populates the swamp is rigged. Not in the "millions of illegal votes from illegals" way... or even the "I can see the Russians hacking the election from my house" way. It's rigged because the only federal agency charged with making sure the election process is fair and equitable can't -- actually, won't -- do a single thing to ensure the process' integrity.

Two years ago, the Federal Election Commission Chairwoman had this to say about the FEC's powerlessness/uselessness:

“The likelihood of the laws being enforced is slim,” Ann M. Ravel, the chairwoman, said in an interview. “I never want to give up, but I’m not under any illusions. People think the F.E.C. is dysfunctional. It’s worse than dysfunctional.”

Post-election, this diagnosis has been confirmed. As government accountability research site MapLight reports, an FEC member has decided to exit the dysfunctional commission. On her way out the door, Ann Ravel released a letter and a report [PDF] plainly stating the FEC effectively serves zero purpose.

Ann Ravel, an FEC member appointed to the six-member regulatory panel in 2013 by former President Barack Obama, said the commission’s routine deadlocked votes are sending clear signals that campaign finance laws won’t be enforced.

“This incredibly significant Commission is not performing the job that Congress intended, and violators of the law are given a free pass,” Ravel wrote in “Dysfunction and Deadlock,” a 25-page report released with her resignation letter to President Donald Trump. “Because of this, candidates and committees are aware that they can ignore the laws enacted to protect the integrity of our elections.”

Partisan politics aren't limited to the halls of Congress. The FEC is composed of six members -- three from each side of the political aisle. (Third parties/independents aren't recognized as possible participants in this process.) Reported campaign finance violations received by the Commission can only be addressed if a majority of members agree on moving forward. Because of the ideological split, fewer and fewer violations are being addressed. From the report:

The bloc has used the four vote requirement to take most action as unchecked veto power to delay and dismiss flagrant violations, impose significantly lower penalties, and leave major cases without resolution. In 2006, commissioners deadlocked in just 2.9% of substantive votes in Matters Under Review (“MURs”—also known as enforcement cases) closed that year. For MURs closed in 2016, the Commissioners deadlocked on 30% of all substantive votes taken in those matters. In 2006, only 4.2% of MURs closed had at least one deadlocked vote. However, in 2016, 37.5% of all MURs closed had at least one deadlocked vote.

This partisanship undercuts the commission's singular purpose. The Supreme Court may hand down rulings on campaign finance transparency, but the court's word is meaningless when no one's willing to enforce it. As the report points out, since the court's 2010 Citizens United decision, more than $800 million has flowed to federal election campaigns without its sources being disclosed.

Over the past ten years, the FEC has just become another inhabitant of the swamp it was supposed to help drain -- long before President Trump made it a campaign platform. The FEC has devolved into separate factions glaring at each other over a stack of campaign finance violations neither is willing to address if it might adversely affect "their" party.

Suck it up, voters. The system only works as well as those who benefit from it most will allow it to. A house divided against itself cannot stand stands to profit from years and years of two-party status quo.



Permalink | Comments | Email This Story

Feed Techdirt: Daily Deal: Hacking For National Security Training (techdirt.com)

The $39 Hacking for National Security Training courses are designed to help you prepare to get the Certified Ethical Hacker (CEH) credential and to get the Certified Network Defense Architect (CNDA) certification. There are 19 modules covering topics from routing out worms and viruses to network reconnaissance and more.

Note: The Techdirt Deals Store is powered and curated by StackCommerce. A portion of all sales from Techdirt Deals helps support Techdirt. The products featured do not reflect endorsements by our editorial team.



Permalink | Comments | Email This Story

Feed Techdirt: Arizona Legislators Approve Bill That Would Allow Government To Seize Assets From Protesters (techdirt.com)

Building legislation on top of the political equivalent of an urban myth is never a good idea. Fold in something routinely abused by law enforcement and you've got a proposed bill whose short name should be "Shit Sandwich."

That's the (tentative) plan in Arizona, where the existential threat of "paid protesters" has resulted in a terrible bill that promises to use a handful of Constitutional amendments as a doormat. (via Raw Story)

SB1142 expands the state’s racketeering laws, now aimed at organized crime, to also include rioting. And it redefines what constitutes rioting to include actions that result in damage to the property of others.

Nothing good can come from the expansion of racketeering laws, which are already abused by government agencies and citizens alike. But it gets worse. A lot worse. It doesn't just apply to protesters who damage property. It applies to anyone possibly connected to a protest in which damage occurs, even if they don't induce or encourage the destruction. (Perhaps even if they speak out against violent acts, but still support the demonstration's premise.)

And, to top it all off, police officers would not only be authorized to arrest people engaged in First Amendment activity just because someone down the street broke a window, but also to enrich themselves in the process.

But the real heart of the legislation is what Democrats say is the guilt by association — and giving the government the right to criminally prosecute and seize the assets of everyone who planned a protest and everyone who participated. And what’s worse, said Sen. Steve Farley, D-Tucson, is that the person who may have broken a window, triggering the claim there was a riot, might actually not be a member of the group but someone from the other side.

Supporters of asset forfeiture always claim it's a great tool for defunding criminal ventures. I can only imagine the verbal gymnastics that will need to be deployed to justify taking cash, cars, whatever from protesters, especially when the state's existing laws already criminalize rioting but without the added "bonus" of depriving rioters of their cash, homes, cars, etc. Do the legislators actually believe protesters are being paid in small, unmarked bills and mid-priced sedans?

The "guilt by association" aspect allows law enforcement to apply its discretion, which is seldom a good thing. The moment anything is damaged, it's open season on protest attendees. In fact, it's open season on non-attendees as well, if cops can dredge up anything that appears to be evidence of protest planning. Acquiring a permit pre-demonstration is no longer an act of good faith. It's self-incriminating.

One supporter of this truly stupid legislation believes the state's existing riot laws don't work because wait for it the bail system exists.

Sen. Sylvia Allen, R-Snowflake, said the new criminal laws are necessary.

“I have been heartsick with what’s been going on in our country, what young people are being encouraged to do,’’ she said.

She agreed with Quezada that there already are laws that cover overt acts. But Allen said they don’t work.

“If they get thrown in jail, somebody pays to get them out,’’ she said. “There has to be something to deter them from that.’’

I don't often can't even, but... here we are. People have argued against the bail system because it's stacked against the poorest criminal suspects, but I've never heard the system portrayed as faulty because it works exactly the way it's intended to. And the new law wouldn't change anything this legislator is concerned about. Brand new criminal charges stemming from the stupid bill would still allow suspects to post bail. The only difference is they may not have the cash to do it or a car to drive home if they make bail. Maybe that's what Allen is referring to: extra layers of punitiveness because most current protests are targeting the senator's party -- which also happens to be the party in power at the moment.

This made it past a House vote in Arizona, suggesting the state's craziness isn't confined to Maricopa County. It won't survive a Constitutional challenge if it somehow manages to stumble out the governor's desk without being vetoed.



Permalink | Comments | Email This Story

Feed Techdirt: Federal Judge Says Providing Web Hosting Isn't Even Close To The Same Thing As Contributory Infringement (techdirt.com)

A federal judge has just let a plaintiff know there's a big difference between providing hosting for infringing content and actually participating in copyright infringement. ALS Scan sued basically everybody for copyright infringement after discovering adult images that it owned posted all over the web. In addition to Steadfast Holdings -- the defendant just dismissed from this suit -- ALS Scan sued Cloudflare, Juicy Ads, and a number of other hosting services and Does.

One by one, these defendants have been excused from the suit. The underlying logic for the dismissals is solid. Providing web hosting is not the same thing as contributory infringement, no matter how much ALS Scan wants it to be.

In the Steadfast ruling, Wu said that merely hosting a pirate site does not make the hosting service liable for any copyright infringement actions the site may be guilty of.

In its motion to dismiss, Steadfast argued that it did not manage or operate the Imagebam site, and that it only provided computer storage.

"The court is unaware of any authority holding that merely alleging that a defendant provides some form of 'hosting' service to an infringing website is sufficient to establish contributory copyright infringement," Wu wrote.

“The court would therefore find that the [complaint] fails to allege facts establishing that Steadfast materially contributed to the infringement,” Wu wrote.

There's a lot more Steadfast (and the other hosting companies) would have to do to be considered contributory infringers, and the hosting companies are doing none of those things. ALS Scan wants hosting sites to do more than they're legally obligated to do. But it can't sue just because it doesn't agree with their practices. From the opinion [PDF]:

[T]he only allegations specific to Steadfast that are raised in the SAC are that Steadfast “hosts” pirate sites, including Imagebam, and that Plaintiff has sent numerous notifications to Steadfast of infringing content on Imagebam, but Steadfast has failed to implement or enforce a repeat infringer policy by removing Imagebam from its servers.

Beyond that, ALS's complaint contains nothing that shows evidence of its claims.

Steadfast also contends that the SAC fails to allege material contribution or inducement. The Court would agree. The SAC alleges only that Steadfast “hosts” pirate sites that feature infringing content. It is entirely unclear what services Steadfast provides to Imagebam; what type of infringing activity Imagebam conducts (or even what Imagebam is); or how Steadfast contributes to or facilitates that infringing activity. As such, the Court would find that the SAC fails to plead material contribution.

The same goes for the rest of the allegations. Steadfast did not induce or contribute to infringing activity at hosted sites, nor did it somehow violate ALS's trademarks by hosting sites where infringing images could be found.

As Judge Wu's opinion points out, it's not up to the court to determine whether sued websites are "responsive enough" to rightsholders' demands. The law rightsholders wanted -- the DMCA -- sets the rules and as long as sites and hosts follow the statutory requirements, they're insulated from most infringement claims.

It appears ALS is engaging in pray-and-spray litigating. Beyond the Does, there's been no attempt made to target those actually participating in copyright infringement. Instead, ALS sued a bunch of hosting companies (and an ad network) in hopes of landing a settlement or two before its allegations were exposed as weak and baseless by the presiding judge.



Permalink | Comments | Email This Story

Feed Techdirt: Comcast's Decision To Charge Roku Users A Bogus Fee Highlights Its Uncanny Ability To Shoot Innovation In The Foot (techdirt.com)

So when we last checked in with Comcast, the company was whining about a now deceased FCC plan to bring some much-needed openness and competition to your dusty old cable box. The FCC had proposed requiring that cable providers let users pick the cable box of their choice, later modifying the plan (after endless industry pearl-clutching) to simply requiring that cable providers bring their existing content in app form to existing streaming boxes. Granted, Comcast was at the heart of a massive, bizarre disinformation effort claiming the plan would end civilization as we know it.

Of course, what it would have ended was not only $21 billion in cable box monopoly rental fees, but a cornerstone of the closed, locked down walled garden that helps prop up the cable industry's gatekeeper power. Comcast, for what it's worth, claimed that bringing its content to third-party devices would harm copyright, increase piracy, hinder cable industry "innovation," and was technically impossible anyway. Regardless, the FCC's plan is dead, and it's not coming back any time soon.

But Comcast still has to drive the impression that it's listening to consumers and driving innovation, so the cable giant recently announced it would be bringing its Xfinity cable TV service to Roku streaming hardware. The app, currently in beta, lets users access their existing Comcast TV content without the need for a cable box, highlighting, Comcast insists, the company's innovation in the TV space:

"Featuring an immersive guide with rich graphics, imagery, personalized recommendations and detailed information for tens of thousands of movies and TV shows, the app will allow Xfinity TV customers to watch live and on demand programming, including local broadcast and Public Educational and Governmental channels, as well as their cloud DVR recordings, delivered over Comcast’s secure private managed network, on Roku devices in the home."

On its surface this sounded great. But this being Comcast, the company couldn't allow itself to be innovative without saddling customers with entirely unnecessary fees. Reports quickly began to emerge that Comcast would be charging customers that use Roku in this fashion an additional $7.95 every month, for no coherent reason whatsoever:

"What makes this fee striking is that it's not designed to pay for any particular cost to Comcast's business. The $9.95 fee that 99 percent of cable customers pay for set-top boxes is listed on bills as an equipment "rental fee." Even the Cablecard fee includes a bit of hardware from the cable operator. But the Roku app is purely software. It doesn't require a piece of equipment supplied by the cable company, nor does it require a technician to come to your home to set it up."

But Gigi Sohn, who served as a senior adviser to former FCC Chairman Tom Wheeler, said she knows why.

"It's gravy to them," Sohn said. "You're already paying handsomely for the service. And now they're making you pay a second time."

It is, in effect, a $7.95 "because we can" fee, and a big reason the FCC wanted to standardize this process to keep cable executive "creativity" under control. Of course, this being Comcast, the company was also quick to make sure this service wouldn't count against the completely unnecessary broadband usage caps it continues to deploy across the least competitive portions of the company's footprint. Comcast's FAQ on the new Roku beta correctly notes that this technically isn't a net neutrality violation, because this traffic never actually touches the general internet:

The Xfinity TV service delivered through the Xfinity TV Beta app is not an Internet service and does not touch or use the Internet. Rather, it is a Title VI cable service delivered solely over Comcast's private, managed cable network, so it will not count toward your Xfinity Internet Data Usage Plan.

So yeah, while not technically a violation of net neutrality (not that those rules will be around long anyway), it still gives Comcast a competitive advantage. If you're trying to choose between a new streaming live TV service like Sony's Playstation Vue or Dish's Sling TV or Comcast's offering, the fact that those services will erode your Comcast usage cap could very likely drive you back into the arms of Comcast. Of course, that's quite by design, and is a perfect example of how every "innovation" Comcast pushes into the market tends to have a nasty underlayer of price gouging and anti-competitive shenanigans.



Permalink | Comments | Email This Story

Feed Techdirt: In Latest Twist To The Global Trade Deal Saga, EU Now Looking To Fill The Gap Left By US In Exiting TPP (techdirt.com)

Remember the good old days, when trade deals were so boring nobody even cared they were happening? That started to change with the Anti-Counterfeiting Trade Agreement, (ACTA), where the copyright industries rather foolishly tried to slip in some proposals that would have had big impacts on the online world. As Techdirt reported at the time, that led to an unprecedented awareness of, and resistance to, ACTA that ultimately caused its defeat in the European Parliament.

After that, things were never the same again in the world of trade deals, because digital activists were now on the lookout for the bad stuff hidden in the stultifyingly dull language. They soon found it in TPP, which people realized was basically "Son of ACTA," but worse. Then came TAFTA/TTIP, which publicly dropped its ACTA-like elements in a desperate attempt to stave off criticisms and mass protests. That didn't work, of course; TTIP soon ground to a halt, and remains in limbo. Even though TPP was eventually concluded after years of delays, it was derailed by the election of Donald Trump as US President, who promptly withdrew from the deal. But if you thought things had finally quieted down for a while -- TISA too has dropped off the radar recently -- think again. There's a new twist in the global trade deal saga, as the Handelsblatt newspaper reports:

The European Union is positioning itself to fill any vacuum left behind by the United States as the Trump administration spurns trade deals in Asia and Latin America.

E.U. Trade Commissioner Cecilia Malmström said Brussels has been in close contact with several Asia-Pacific countries since the White House decided to withdraw from the Trans-Pacific Partnership.

"We have seen that many of the TPP countries are now approaching us and saying 'we still want to do deals,' " Ms. Malmström told Handelsblatt. "We are engaged with basically all of them, either negotiating or have a deal or preparing negotiations."

Yes, those wily Europeans are trying to take advantage of the US's apparent withdrawal from multilateral trade negotiations to stitch up deals with the other Pacific rim countries that have just been left at the TPP altar. An agreement with the EU, whether individually or as a bloc, could be a good option for the ex-TPP nations. It would allow each of them to move forward with a trade deal after expending so much political capital on the failed TPP, and it would show that being jilted by the US is not the end of the world. For the EU, it would signal that it can take the initiative and become the flag-bearer for free trade at a time when Trump seems to be embracing protectionism, and turning his back on Europe.

It's early days yet, and if the previous five years have taught us anything, it is that nothing is certain in the world of trade deals. It's still possible that the Trump administration will perform a U-turn and embrace TPP, perhaps with some token changes to justify the move. But of one thing we can be sure: we're not going back anytime soon to the days when trade deals were boring.

Follow me @glynmoody on Twitter or identi.ca, and +glynmoody on Google+



Permalink | Comments | Email This Story

Feed Techdirt: Netherlands Looks To Join The Super-Snooper Club With New Mass Surveillance Law (techdirt.com)

As Techdirt has noted, the UK's Investigatory Powers Act, better known as the Snooper's Charter, has been dubbed "the most extreme surveillance law ever passed in a democracy." It may be the worst, but it's not an isolated case. Governments around the world are bringing in laws that grant them powers to spy on innocent citizens using "bulk collection" of information -- mass surveillance, in other words. As the Dutch site Bits of Freedom reports, the latest country to join the super-snooper club is the Netherlands, where the lower house has just passed the bill for the new Intelligence and Security Services Act:

The controversial new law will allow intelligence services to systematically conduct mass surveillance of the internet. The current legal framework allows security agencies to collect data in a targeted fashion. The new law will significantly broaden the agencies' powers to include bulk data collection. This development clears the way for the interception of the communication of innocent citizens.

Another worrying trend is for spies around the world to pass on information they have gathered to intelligence services in other countries. The Dutch law is particularly bad in this respect, for the following reason:

Under the passed bill, Dutch security agencies may also share collected data without having analyzed it first. But when we hand over data to foreign governments without performing some form of data analysis prior to the exchange, we run the risk of not knowing what potentially sensitive information falls into foreign hands, and the consequences that might have for citizens.

The Bits of Freedom post also notes that much in the proposed law has yet to be defined, which is hardly a happy state of affairs. That includes limitations on the powers and how oversight will be carried out. However, more positively, among the revisions made to the bill when it was put out for public consultation in 2015 are some important improvements. Here's what happens next:

It's now the Senate's turn to review the bill. A bill that, in all likelihood, will not meet the minimum safeguards dictated by European law. If the parliamentary groups in the upper house abide by those in the lower house, the bill will be cleared with a comfortable majority.

The mention of the safeguards of European law is significant. As we reported in December, the Court of Justice of the European Union (CJEU) confirmed that general and indiscriminate data retention is illegal in the EU. Assuming the Dutch law is passed as expected, a legal challenge at the CJEU could follow, and would seem to stand a good chance of getting the law struck down in its present form.

Follow me @glynmoody on Twitter or identi.ca, and +glynmoody on Google+



Permalink | Comments | Email This Story

Feed Techdirt: Lindsay Lohan Won't Put Her GTA5 Lawsuit Out Of Its Misery (techdirt.com)

Here is something you, the dear Techdirt reader, may not have known about me: I had always thought that there was only one proper spelling for the name "Lindsey." I'm not sure why I thought that, but I was certain that name was only spelled with an "e" before the "y." But, it turns out, spelling it as "Lindsay" is a perfectly common and accepted alternate spelling for the name. And the only reason that I now know that is because Linsday, with an "a," Lohan will not let her lawsuit against Take-Two Interactive -- for appropriating her likeness for several characters, which didn't actually happen -- die its final death.

First, a refresher. Lohan decided that a side quest character in Grand Theft Auto 5, which was actually an amalgam of several Hollywood starlet tropes, violated her publicity rights. She also claimed that an entirely different character that was used on some of the game's marketing and packaging was also her and also violated her publicity rights. The case wove its way through the past half-decade, largely with the court and Take-Two casting narrow eyes at the mountains of paperwork Lohan's legal team was able to produce while somehow maintaining an inability to come up with claims that were in any way credible, before the court finally tossed the lawsuit entirely. The court at the time made it clear that Take-Two's characters weren't direct appropriations of Lohan's likeness and that the parody amalgam starlet it had created was clearly protected by the First Amendment.

But, for some reason, it appears that LiLo's legal team was, like, "nuh uh!"

Lindsay Lohan has been granted an appeal in her lawsuit against the maker of the Grand Theft Auto video games. Last year, the Appellate Division Courthouse of New York State tossed the case, stating it was without merit. Her appeal was accepted by the New York Court of Appeals on 16 February.

It must be nice to have the kind of money required to keep the legal team going on a lawsuit that's been a loser at every turn. Still, it's perplexing that this lawsuit hasn't been put out of its misery at this point. The nature of the characters and their status as protected speech seems as clear cut as it gets. And, perhaps more importantly, the character that Lohan is desperate to associate herself with for the purposes of this lawsuit is one that is depicted engaging in sex acts in a public setting and being photographed doing so. I'm struggling to understand why one would want to engage in this kind of legal reach under those circumstances.

Her legal staff should be informing her that it's time to give this whole thing the Ol' Yeller treatment. Why they aren't doing so is beyond me.



Permalink | Comments | Email This Story

Feed Techdirt: German Regulators Urge Parents To Destroy WiFi Connected Doll Over Surveillance Fears (techdirt.com)

For a while now, we've discussed how your children's toys are quickly becoming the latest and greatest privacy threat courtesy of cryptic or half-cooked privacy policies and the treatment of device security as an afterthought; rather part and parcel now for the privacy dumpster fire that is the internet of not-so-smart things era. Numerous privacy groups have complained that smart Barbies and other toys not only now hoover up and monetize childrens' prattle, but leave the door open to the devices' being used nefariously by third parties.

The problems culminated in a lawsuit last December here in the States against Genesis Toys, maker of "smart" toys like the My Friend Cayla doll and the i-Que Intelligent Robot. The lawsuit accuses the company of violating COPPA (the Childrens' Online Privacy Protection Act of 1998) by failing to adequately inform parents that their kids' conversations and personal data collected by the toys are being shipped off to servers and third-party companies. The privacy policy for the toys does warn users that companies like Nuance Communications, also a government defense contractor, will receive this data for analysis:

"We may use the information that we collect for our internal purposes to develop, tune, enhance, and improve our products and services, and for advertising and marketing consistent with this Privacy Policy." It continues, “If you are under 18 or otherwise would be required to have parent or guardian consent to share information with Nuance, you should not send any information about yourself to us."

The lawsuit alleges the toys are violating COPPA because they're marketed to "ages 4 and up" and being mostly used by kids under age 18. Under COPPA, companies gathering kids' data have to provide notice to, and obtain consent from parents regarding data collection. They also have to provide parents tools to access, review and delete this data if wanted, as well as the parental ability to dictate that the data can be collected, but not shared with third parties. The complaint suggests neither Nuance or Genesis Toys are doing any of this.

But Genesis is also under fire for the fact that these toys just aren't all that secure. A report by the Norwegian Consumer Council (pdf) found that a lot of the data being transmitted by these toys is done so via vanilla, unencrypted HTTP connections that could be subject to man-in-the-middle attacks.

While Genesis faces a lawsuit here in the States, the FTC has yet to act against the company. Overseas however, German regulators are taking a different tack and urging parents to destroy the data-collecting dolls entirely:

"An official watchdog in Germany has told parents to destroy a talking doll called Cayla because its smart technology can reveal personal data. The warning was issued by the Federal Network Agency (Bundesnetzagentur), which oversees telecommunications. Researchers say hackers can use an unsecure bluetooth device embedded in the toy to listen and talk to the child playing with it.

As it stands, German regulators say that a bluetooth-enabled device could connect to Cayla's speaker and microphone system within a radius of 33 feet. As a result, the doll is being effectively treated as a "concealed transmitting device," illegal under an article in German telecom law. A spokesman for the Federal Network Agency said it doesn't really matter what shape the device took; "it could be an ashtray or fire alarm" and would still be illegal. While demanding destruction of the dolls may be overkill, it's just another example of how privacy and security apathy continue to haunt the IoT space.



Permalink | Comments | Email This Story

Feed Techdirt: Judge Blocks California's IMDb-Targeting 'Ageism'' Law, Citing Free Speech Concerns (techdirt.com)

California's IMDb-targeting "ageism" law looks as though it won't be able to survive the website's Constitutional challenge -- an outcome that should have been foreseen while the bill was still in its crafting phase. The law was passed to address apparent age discrimination by movie studios. For whatever reason, the California legislature decided the best way to handle this was to force a web site to stop publishing actors' ages, rather than just, you know, enforcing the state's existing anti-discrimination laws. Sure, other similar sites would also (theoretically) be affected, but IMDb is the only one that's actually been sued by an aggrieved actress over its publication of facts.

Politico's Josh Gerstein reports the presiding federal judge doesn't see much to like in the new law and has granted a temporary restraining order to IMDb while everything gets sorted out it rolls to its inevitable victory.

A federal judge has barred the State of California from enforcing a new law limiting online publication of actors' ages.

Acting in a case brought by online movie information website IMDb, U.S. District Court Judge Vince Chhabria ruled Wednesday that the California law likely violates the First Amendment and appears poorly tailored to proponents' stated goal of preventing age discrimination in Hollywood.

The order [PDF] is only three pages long, but it's more than enough space to detail the serious problems with California's law.

With respect to the first part of the preliminary injunction test, it's difficult to imagine how AB 1687 could not violate the First Amendment. The statute prevents IMDb from publishing factual information (information about the ages of people in the entertainment industry) on its website for public consumption. This is a restriction of non-commercial speech on the basis of content.

Going beyond the First Amendment issue, Judge Chhabria goes on to attack the premise underlying the ridiculous legislation.

To be sure, the government has identified a compelling goal – preventing age discrimination in Hollywood. But the government has not shown how AB 1687 is "necessary" to advance that goal. In fact, it's not clear how preventing one mere website from publishing age information could meaningfully combat discrimination at all. And even if restricting publication on this one website could confer some marginal antidiscrimination benefit, there are likely more direct, more effective, and less speech-restrictive ways of achieving the same end. For example, although the government asserts generically that age discrimination continues in Hollywood despite the long-time presence of anti-discrimination laws, the government fails to explain why more vigorous enforcement of those laws would not be at least as effective at combatting age discrimination as removing birthdates from a single website. Because the government has presented nothing to suggest that AB 1687 would actually combat age discrimination (much less that it's necessary to combat age discrimination), there is an exceedingly strong likelihood that IMDb will prevail in this lawsuit.

The Screen Actors Guild, which supports the new law, expressed its disappointment in the judge's ruling and stated it was "looking forward" to presenting evidence that targeting IMDb for publishing actors' ages will somehow reduce discriminatory practices by movie and TV studios. I'm looking forward to that as well, although for very different reasons than SAG is. Defending indefensible laws isn't much fun for those doing the defending, but it's an incredibly entertaining spectator sport.



Permalink | Comments | Email This Story

Slashdot Top Deals

Nothing in progression can rest on its original plan. We may as well think of rocking a grown man in the cradle of an infant. -- Edmund Burke

Working...