Techdirt

This week, both of our winning comments on the insightful side come in response to the news that Jared Kushner's coronavirus task force has been using private email accounts for official business. In first place, it's That One Guy breaking down his reaction:

Five Years AgoThis week in 2015, in what was not an April Fool's joke, President Obama signed a silly cybersecurity executive order that amounted to little more than an empty threat, while raising some concerning questions. Meanwhile, in the TV world, analysts were still happily pretending cord-cutting doesn't exist and doing their part for an entire industry in denial (to the point cable companies would throw tantrums when forced to offer a la carte channels). We also took a look at how the TPP could be used to undermine free speech, and a ridiculous ruling in Ireland that required ISPs to kick accused filesharers off the internet.Ten Years AgoThere were a couple of huge rulings this week in 2010. In one, the district court in the Myriad Genetics case ruled that patents on isolated genes are invalid, in a decision that would have a widespread impact. In another unrelated but equally monumental ruling, a court said the Bush administration broke the law with warrantless wiretaps.Meanwhile, a huge wave of automated copyright shakedown lawsuits hit the US, the EU was putting the pressure on Canada to change its IP laws, the Olympic Committee was already hard at work securing its sweeping powers in Vancouver for 2012, and Sony made a lot of people very angry and ruined a lot of cool projects by removing the ability to install other operating systems on the PS3.Fifteen Years AgoFive years earlier in 2005, Sony was on the receiving end of a sudden disruption when a judge ruled that the PlayStation and PlayStation 2 infringed on patents and could not be sold in the US, while over on the Sony Music side, the boss was asking the Supreme Court to step in and stop piracy (the very real chilling effects of the entertainment industry's stance on Grokster weren't getting it done). Librarians and hobbyists were stepping up to oppose the broadcast flag, ISPs were practically begging to be regulated by blocking VoIP usage, and Verizon was blaming the entertainment industry for its decision to cripple Bluetooth on phones.

By now, you've probably seen this image of the coronavirus responsible for COVID-19 a million times:It's freaking everywhere. And it's in the public domain. That's because it was created by employees at the CDC, and as a work of the US government it is exempt from copyright laws, meaning anyone can use it. Which is probably why everyone uses it. One of the many reasons why a public domain is so useful.The NY Times has a nice story about how the image came to be that's well worth reading.

The Houston Police Department's botched drug raid that resulted in the killing of the home's two occupants continues to cause problems for the PD and the city of Houston. The raid was predicated on a phone call from an unbalanced, vengeful neighbor with a history of calling in bogus crime reports. Probable cause was bolstered (if that's even the word) by dirty cop Gerald Goines, who fabricated a confidential informant and provided evidence for drug trafficking allegations by pulling heroin from the console of his cop car.The end result was the execution of Dennis Tuttle and Rhogena Nicholas -- a couple who had been together for 21 years and whose house contained nothing more than personal use amounts of marijuana and cocaine. There was no evidence of the heroin dealing alleged by Goines' nonexistent informant.Goines is now facing murder charges and a handful of other felony charges. The PD's drug task force has been disbanded. And Rhogena Nicholas' mother -- who was at one point falsely named as the person behind the anonymous tip Goines supposedly received -- is suing the city for its failure to properly oversee the police department. (via Courthouse News)The city has so far refused to cooperate with the lawsuit. Nicholas wants to depose city officials about the raid but the city has chosen to continue its stonewalling and obfuscation. The city (and the PD) have done everything they can to avoid giving Nicholas anything to work with, starting immediately after it became clear the raid wasn't justified and had been led by an incredibly dirty cop. Here's the Texas appeals court's description [PDF] of the city's post-raid recalcitrance:

A few weeks back we wrote about how Fortress Investment Group -- a massive patent trolling operation funded by Softbank -- was using old Theranos patents to shake down BioFire, a company that actually makes medical diagnostics tests, including one for COVID-19. Fortress had scooped up the patents as collateral after it issued a loan to Theranos, which Theranos (a complete scam company, whose founders are still facing fraud charges...) could not repay. Fortress then set up a shell company, Labrador Diagnostics, which did not exist until days before it sued BioFire. After it (and the law firm Irell & Manella) got a ton of bad press for suing BioFire over these patents -- including the COVID-19 test -- Fortress rushed out a press release promising that it would issue royalty-free licenses for COVID-19 tests. However, it has still refused to reveal the terms of that offer, nor has it shared the letter it sent to BioFire with that offer.And while some have argued that after issuing this "royalty-free license" offer, the whole thing was now a non-story, that's not true. It appears that the offer only covers half of the test: the pouches that have the test-specific reagents, but not the test device that is used to analyze the tests. And so while the COVID-19 test pouches may get a "free" license, the machines to test them are still subject to this lawsuit.In the meantime, tons of people have been asking how Theranos -- who appeared to never have a working product, despite publicly claiming it did (and convincing Walgreens that it did) -- could possibly have received patents on technology that never actually existed. Tragically, the answer is that our patent system (for reasons that make no sense) does not require a working prototype, which results in all sorts of nonsense getting a patent. That said, the good folks at Unified Patents have launched a crowdsourcing contest for prior art about the two Theranos patents in question.

Most people know about TikTok, from the company Bytedance, but not many know that it is the international version of the similar, but separate, Douyin app. The What's on Weibo site has a good explanation of why the two versions came about, and how they differ:

I'm still amazed that any photographer could think it's wise to hire notoriously bad copyright trolling lawyer Richard Liebowitz. Liebowitz, among many other problems, has been sanctioned for lying to the court, sanctioned for failing to comply with court orders, and even got into trouble for lying to a court about the death of his grandfather (in that one he actually had a friend of his father's write a letter to the court basically saying that the judge should excuse Richard's many lies, because he's just not that experienced). And even if you could look past all that, he's a dreadful copyright lawyer. Going back a few years we quoted a judge telling him "No reasonable lawyer with any familiarity with the law of copyright could have thought..." Just a few months ago, a court made it clear that Liebowitz's reputation comes with baggage:

Boxne SSD Hosting is a great place to start for anyone creating a website that needs secure and affordable hosting with great customer service. With 100% SSD storage-based servers, Boxne ensures that your data is available to you as quickly as possible. This hosting platform features top-level software and physical security including 24/7 manned-data centers with backup power generators and advanced fire protection. Boxne uses autoscaling that shifts and changes with your traffic levels and load-balancing to spread traffic across a range of servers to ensure 99.99% uptime. With Boxne's Lite Plan, you'll get unlimited SSD disk space, bandwidth, website, and MySQL databases, as well as sub and add-on domains. It's on sale for $40.Note: The Techdirt Deals Store is powered and curated by StackCommerce. A portion of all sales from Techdirt Deals helps support Techdirt. The products featured do not reflect endorsements by our editorial team.

Israel's leading malware purveyor is pitching in to help with the pandemic. NSO Group -- which has pitched its spy tools to a number of questionable governments -- is trying to help track the spread of the virus with its proprietary surveillance tool.This would be the third effort by the country to keep tabs on the disease, starting with the Israeli government's authorization of the use of phone/location data to monitor infected individuals. There's also a more voluntary effort, created by the country's Ministry of Health, that allows users to "check in" by providing data about where they've been and whether or not they've tested positive for the disease.But it's NSO's spyware that's the most worrying. Motherboard was able to observe the software in action and Lorenzo Franceschi-Bicchierai reports it's a pretty scary piece of spycraft.

T-Mobile and Sprint finally closed their controversial $26 billion wireless mega merger this week, opening the door to a new era in U.S. wireless with notably less overall competition and, inevitably, higher prices. The government, courts, much of the press, and many "top policy thinkers" of the era happily ignored 40 years of very clear global data showing that such consolidation in telecom reduces competition, raises overall prices, and inevitably results in a steady parade of layoffs. And most of them did so for all the usual reasons: either rigid partisan ideology, or the prioritization of profit above reason, empathy, or common sense.But the deal's approval was also rife with an unprecedented amount of corruption, fraud, and regulatory capture -- even for the U.S.The FCC rubber stamped the deal before it had even seen its own impact analysis data, with Commissioner Brendan Carr meeting with T-Mobile behind closed doors nine times to help the deal gain approval. T-Mobile slathered Trump's businesses with cash and hired Trump ally Corey Lewandowski shortly after Lewandowski mocked a kid with Down Syndrome on TV. DOJ antitrust boss Makan Delrahim, instead of doing his job, personally helped guide the deal's approval process via personal phone and email accounts.Former FCC Commissioners from both parties lobbied for the deal, often without making their financial motives clear in media appearances and a steady parade of editorials. And that's before you get to the comically broken U.S. court system, which tied itself in knots ignoring every last shred of hard data just so the deal could proceed.It's a merger that could only have been approved in the Trump era, given similar competition-eroding deals (AT&T T-Mobile in 2011, and Sprint T-Mobile in 2014) were shot down for good reason: global data, from Canada to Ireland, shows this kind of consolidation is almost always problematic. Less competition means higher prices. Unions and Wall Street analysts alike have estimated this particular deal could result, in time, with anywhere from 10,000 to 30,000 employees being fired as redundant retail and management positions are eliminated. Studies even suggest people at other companies will likely be paid less.And while the DOJ floated a half-cooked deal that will try to create a new replacement fourth carrier out of Dish Network and some twigs, most experts strongly doubt much ever comes from it for a laundry list of reasons. The most obvious being that AT&T, Verizon, and T-Mobile will all be incentivized to make sure, via relentless lobbying, that this new fourth carrier never fully materializes. And barring any election-triggered change, the current FCC, known for being a glorified rubber stamp to industry, isn't likely to engage in the kind of nannying necessary to make sure the deal works, or punish companies that fail to live up to pre-merger promises.As the deal closed this week, media outlets covering the news failed to include any of this as context. CNET, for example, largely repeated T-Mobile's claims with a focus on network performance, with not so much as a peep on how or why such a deal might be problematic for your wallet or T-Mobile employees. Ditto for TechCrunch, which briskly broke down the last year or two of sleazy lobbying as little more than "months of regulatory maneuvering" while giving extra weight to merger conditions that U.S. history makes clear will never actually be enforced:

Performance Rights Organizations (PROs), sometimes known as "Collection Societies," have a long history of demanding licensing for just about every damn thing. That's why there was just some confusion about whether or not those with musical talents would even be allowed to perform from their balconies while in COVID-19 lockdown. And if you thought that it was crazy that anyone would even worry about things like that, it's because you haven't spent years following the crazy demands made by PROs, including demanding a license for a woman in a grocery store singing while stocking the shelves, a public performance license for having the radio on in a horse stable (for the horses), or claiming that your ringtone needs a separate "public performance" license, or saying that hotels that have radios in their rooms should pay a public performance license.Five years ago, we wrote about another such crazy demand -- a PRO in Sweden demanding that rental car companies pay a performance license because their cars had radios, and since "the public" could rent their cards and listen to the radio, that constituted "a communication to the public" that required a separate license. The case has bounced around the courts, and finally up to the Court of Justice for the EU which has now, finally, ruled that merely renting cars does not constitute "communication to the public."From the CJEU's press release:

As the world navigates the reality of the COVID-19 worldwide pandemic, we've already noted several ways that the outbreak has changed our daily lives. Me being me, I noticed just how many professional sports organizations were moving into broadcast versions of their eSports as a way to fill the void. That of course isn't the only way video game life has changed.Another appears to be the odd case of Final Fantasy 14, an online MMORPG. The game has had a vibrant, if congested, real estate economy involving the buying of virtual homes and properties. Due to the outbreak, the game recently announced that, similar to real life in many cities, evictions were on a pause.

It's always fun to read a good benchslap of cops who've tried to turn nothing at all into "probable cause." It doesn't happen very often because courts are far too obliging far too often. The standard law enforcement officers are held to -- objective reasonableness -- rarely seems reasonable, no matter how objectively you approach it.This ruling [PDF] by a Florida federal court does not coddle the officer who made a mockery of both objective reasonableness and probable cause. You can tell this is headed into unconstitutional territory during the recounting of the events that led to the arrest of Jorge Sanchez. (via FourthAmendment.com)Local officers were working with the DEA on a drug trafficking investigation. They decided to pull over someone heading away from the house they were surveilling. But the officers had nothing approaching probable cause. All they had was someone driving away from a house they suspected might be tied to drug sales. But that wasn't going to stop them from stopping Sanchez. So, they did what they had to do.

It's worth repeating for the folks in the back: the FCC's hugely unpopular, facts-optional and fraud-slathered repeal of net neutrality did a lot more than just kill "net neutrality." It gutted the FCC's already dwindling authority over giant telecom monopolies, shoveling any remaining authority to an FTC that lacks the authority or resources to police the US telecom sector (the whole goal of telecom lobbyists). As a result, you've now got ISPs free to engage in problematic behavior (like bullshit fees, or charging people "rental fees" for modems they already own) that the government is incapable and unwilling to address.And the government's decision to ignore the public and pander to the telecom lobby has deeper ramifications as well. As telecom lawyer and former FCC staffer Gigi Sohn writes in an editorial at The Verge, there has been a multi-decade effort to kill telecom oversight under the (clearly false) claim that the miracle of the free market will somehow magically fix a sector that's been clearly broken for decades:

As we noted just a few weeks ago, two Senators -- Kelly Loeffler from Georgia and Richard Burr from North Carolina, both of whom were publicly trying to play down the risks associated with COVID-19 -- were quietly engaging in stock trades that suggested they had a different viewpoint (while five different Senators sold stock during this period, only Loeffler's and Burr's look particularly suspicious). Burr's stock sell-off was revealed first, and got the most attention, in part because he's also the Chair of the Senate Intelligence Committee and was getting classified briefings about COVID-19. The latest news on that front is that the Justice Department has supposedly opened an investigation:

The FBI's inability (or unwillingness) to craft factual FISA court affidavits was exposed late last year by an investigation by the DOJ's Inspector General. During the FBI's surveillance of former Trump advisor, Carter Page, information known by the agency was omitted to allow agents to continue its interception of Page's communications. Despite having obtained info showing Page was likely not acting on behalf of a foreign power, the FBI continued its surveillance for months by hiding this key finding from the FISA court.The fallout from this report continues. The FISA Court banned the FBI agent who lied on the warrant applications. The court also instructed the FBI to start cleaning up its Carter Page mess, including tracking down where any other info it might have illegally collected in this case might have gone, in order to prevent further violations by other agencies in the future.Current and former DOJ/FBI officials made it clear the FBI's questionable actions in this case were only the agency's most current violations. The skirting of internal guidelines and the truth itself was a common practice dating back nearly 20 years.The Inspector General's findings in the Page investigation were the tip of the unexpected iceberg. The IG is now looking at the rest of the FBI's FISA work. And the office is finding even more to be concerned about.

The Comprehensive Beginner's Guide to Cybersecurity Bundle has 4 courses to give you a foundation level introduction to cybersecurity. These courses will walk you through basic cybersecurity terminologies, concepts, and protocols and move on to hacking methods, malware types, and the processes employed by cybersecurity professionals to defend networks and systems from attacks. It's on sale for $30.Note: The Techdirt Deals Store is powered and curated by StackCommerce. A portion of all sales from Techdirt Deals helps support Techdirt. The products featured do not reflect endorsements by our editorial team.

Richard Blumenthal has been attacking internet services he doesn't understand since before he was even a US Senator. It has carried over into his job as a Senator, and was abundantly obvious in his role as a co-sponsor for FOSTA. His hatred of the internet was on clear display during a hearing over FOSTA in which he flat out said that if smaller internet companies couldn't put in place the kind of infrastructure required to comply with FOSTA, that they should go out of business. Blumenthal's latest ridiculous bit of legislation lose your Section 230 protections. And while Blumenthal likes to pretend that the EARN IT Act doesn't target encryption, he also lied about FOSTA and insisted it had no impact on CDA 230 (which it directly amended).But Blumenthal has now taken his ridiculousness up a notch. Following the (legitimately concerning) reports that the suddenly incredibly popular videoconferencing software Zoom was not actually providing end-to-end encrypted video chats (despite its marketing claims), Blumenthal decided to step in and play the hero sending an angry letter to the company, while linking to the Intercept's original story about Zoom's misleading claims about encryption:

In 2017, hackers and security researchers highlighted long-standing vulnerabilities in Signaling System 7 (SS7, or Common Channel Signalling System 7 in the US), a series of protocols first built in 1975 to help connect phone carriers around the world. While the problem isn't new, a 2016 60 Minutes report brought wider attention to the fact that the flaw can allow a hacker to track user location, dodge encryption, and even record private conversations. All while the intrusion looks like ordinary carrier to carrier chatter among a sea of other, "privileged peering relationships."Telecom carriers and lobbyists have routinely downplayed the flaw and their multi-year failure to do much about it. In 2018, the CBC noted how Canadian wireless providers Bell and Rogers weren't even willing to talk about the flaw after the news outlet published an investigation showing how (using only a mobile phone number) it was possible to intercept the calls and movements of Quebec NDP MP Matthew Dubé.Now there's another wake up call: a new report by The Guardian indicates that Saudi Arabia has likely been exploiting the flaw for years to track and monitor Saudi Arabian targets when they travel in the United States:

As Karl Bode wrote what feels like a decade ago on March 19, 2020, privacy and encryption will be more important than ever during this pandemic and the future that succeeds it. Plenty of governments have been sacrificing citizens' privacy for better virus tracking and plenty of governments were already throwing shade at encryption well before the pandemic became a pandemic. That includes our government, which has been agitating against encryption for several years now and fighting against our privacy in federal courts for decades.An influx of remote workers makes encryption and privacy even more important, as there's plenty of sensitive company business being done over open networks with minimal protections. The beneficiaries of this new normal are responding quickly to the unexpected demand, but protection of work-at-home employees and their employers seems to have been forgotten.The field is crowded with lots of telecommuting software providers. Standing out is key if you're going to take advantage of the current health crisis. Video conference software developer Zoom, however, is playing fast and loose with terminology in an attempt to scoop up more market share. As Micah Lee and Yael Grauer report for The Intercept, words don't seem to mean what they normally mean when they're being used by Zoom.

Somehow, it's been nearly four years since a tattoo company, Solid Oak Sketches, decided to sue 2K Sports, the studio behind the renowned NBA 2K franchise, claiming that the game's faithful representation of several stars' tattoos was copyright infringement. The company claimed to own the copyright on the design of several players' tattoos, including most famously LeBron James, Kobe Bryant, and DeAndre Jordan. The claim in the suit was that 2K's faithful depiction of the players, whom had collectively licensed their likenesses via the NBAPA, somehow violated Solid Oak's IP rights.Put another way, it could be said that by branding the player with Solid Oak's designs, the company seems to think it can control the players' ability to profit off of their own likenesses. That this draws the mind to very uncomfortable historical parallels apparently was of no issue to Solid Oak.Well, while 2K Sports failed to get the court to dismiss the case back in 2018, it has more recently won the case on summary judgement, with the court quite helpfully getting everything right and declaring the depiction of tattoos in video games in this manner to be Fair Use.

We have moved to a radically remote posture, leaving a lot of empty real-estate in corporateoffices and abandoning the final protections of the digital perimeter. For years, we’ve heard thatthe perimeter is dead and there are no borders in cyberspace. We have even had promises ofa new and better style of working without being bound to a physical office and the tyranny andwaste of the commute. However, much like the promise of less travel in a digital age or even thetotal paperless office these work-life aspirations never had a chance to materialize beforeCOVID-19 forced us to disperse and connect over the Internet. This has massive implicationson corporate culture and productivity. More immediately, the surge in use of remote workcapabilities has consequences from a security and privacy perspective that cannot be ignored.For some, working from home isn’t new. This is especially true for those in sales and fieldmarketing across many industries or for knowledge workers, such as federal governmentemployees that are familiar with their telecommuting contract. The day after the “stay home”order is given, the rest of the company suddenly find themselves doing the math on how to stayproductive, whether they are the 20% of largely general and administrative or management staffwho are always in the office for a young tech startup or the 80% of all employees at a big bluechip company. Some already have a laptop that they bring with them everywhere and are usedto bringing home, but for others it’s time to spark up the family computer or get a hastily issuedcompany laptop and try to get it running without an IT technician parked at their elbow to help.Others will grab a tablet or a smartphone, once relegated to mostly personal use, and repurposeit to attend to professional needs. Any way you look at it, the enterprise footprint just grew andradically changed in a 24 hour period.From a security perspective, the basics are critical. This is true whether a company is a maturesecurity shop or not—risk management is the lodestar. It starts with a risk analysis and dialog.You’ll need to first create a master list of security essentials and rank them in order ofsensitivity, likelihood and impact. The reality is that you can do anything, but you can’t doeverything; and ultimately this is a triage game.High on the list are concerns about misinformation, weaponized information and socialengineering. While companies can’t control machines that they don’t own, they have to try to getthe most secure endpoints they can and ensure identity integrity. This means emphasizing whatchannels are appropriate or not for employees and their families for information: news networks,websites and the like. But COVID-19 is our new common watering hole, and malicious actorsare manufacturing phishing attacks, devilish spear-phishing campaigns, rogue applications andmore. Regular, short, routine communications to remind people of the basics, to gain a pulse onthe organization and to provide clear policies are essential.Also at the highest level of concern is securing the connection to the network and back into theenvironment. This requires VPN connections, strong authentication and endpoint preventionand detection controls. In the back office generally and in the security operations centerspecifically, baselines from which anomalies are normally noted for focus will be in flux;everything will look like an anomaly for a while in the brave new remote world.Which brings us to the most difficult of topics: privacy.Did employees bring notes and data home before the office closure? Are they creating IP anddata protected by privacy laws and regulations as they continue to do business? Who is in theimmediate environment physically? These are some of the critical questions. In some cases youmay never know the answers to these questions or you may not have a right to know theanswers but must appreciate others’ living situations and assume some worst case scenarios.There are still more questions. Should cameras be on for conference calls when employeesmight be embarrassed of their personal space being seen by colleagues? Should they useheadsets when a life partner might work for another company or even a competitor or perhaps aroommate might simply overhear sensitive information? Do we encourage them to care for achild when they are crying or do workers feel the need to hide their families? While manycompanies have previously developed “work from home” policies now we are beginning tounderstand what is really needed for remote, working employees. Now is the time to take afresh look at privacy in your work from home policy.Finally, we must understand the adversary is moving into a new normal as well. They may notbe able to immediately exploit all weaknesses or even any given weakness. They too willpursue the lowest hanging fruit while investing in some longer term R&D to develop new attacksspecifically for the home environment. Threat actors may be purchasing tools fromcybercriminals, mining existing botnets to see what IP is on those already-compromisedmachines or targeting home automation, printers and routers after triangulating IP addressesand digital locations for targets. In the weeks ahead, targeting new dimensions of technicaldiversity and innovating to develop new attack vectors will be the name of the game for the badguys.The future is very much a moving target for security and privacy professionals. Here is wherethe ongoing maintenance on an ongoing basis is critical: watching vulnerabilities in the newbattery of enterprise applications for remote productivity, moving to the next order ofvulnerabilities and so on. This might involve extending IT support and patching advice to homeusers on how to secure their home network, how to configure Amazon or Alexa devices or newtools and services for secure note-taking, collaboration, use of newly available standardoperating environment systems and so on. In short, the game of security and privacy will beabout rates of adaptation between asymmetric opponents.The brave new work from home world would be best if it was short lived, but the genie won’t goback in the bottle. While the economy will adapt and move on at some point, it’s too early to tellwhat percentage of current remote workers will continue to work from home permanently in apost COVID-19 world or if we will return to the tyranny of the commute. Regardless, the lastingeffect of innovation on both attack and defense will persist. As has been said, never waste agood crisis: let’s hope that IT, corporate culture, security and privacy all benefit from the currentsituation to make a more productive and humane cyber world when we return to a more normalepidemiological world.Sam Curry is Chief Product and Security Officer at Cybereason.

It's pretty well established that giving the finger to cops is protected expression. Stopping or detaining someone for flipping you off violates their rights and the usual law enforcement excuses for unconstitutional behavior tend to perform poorly when examined by a federal judge.In 2018, a Virginia federal court denied qualified immunity to Officer Rob Coleman for his stop of Brian Clark, who made a gesture that "was crude, but not criminal." Officer Coleman claimed he was "concerned" by Clark's hand gesture and was just doing some community caretaking by pulling over the car Clark was riding in. Literally unbelievably, the officer claimed he viewed the hand gesture as a sign of distress, as only a person "under the influence" of alcohol or drugs (or "suffering from some sort of mental illness") would dare do such a thing.Of course, Coleman never made any inquiries about distress, mental illness, or intoxication during the 20-minute stop. The court denied Coleman's request for qualified immunity, stating it should have been clear stopping someone for throwing the bird would violate both the First and Fourth Amendments.The case went to trial. Somehow the jury managed to find in favor of the cop who had violated two rights with his traffic stop. The jury said Coleman did not lack reasonable suspicion to stop and detain Clark for allegedly giving the officer the one-finger salute.Clark challenged this verdict, asking the court to overturn the inexplicable decision by the jury to go against its own interests by saying it's ok for cops like Coleman to engage in retaliatory stops of people who've offended them.The court agrees with Clark: this is indeed some bullshit. (via The Newspaper)From the decision [PDF]:

Here we go again: content moderation at scale is impossible to do well -- and, as we've discussed, things are especially tricky when it comes to content moderation and political advertising. Now, when you mix into that content moderation to try to stop disinformation during the COVID-19 pandemic and you run up against... politicians facing blocks in trying to advertise about Trump's leadership failures in response to the pandemic:

A couple of lying cops who couldn't perform a traffic stop without violating the driver's rights have just seen their illegally-obtained evidence tossed and their successful drug bust busted. The Louisiana Second Circuit Court of Appeal not only finds the officers untrustworthy but also points out there's nothing reasonably suspicious about someone's invocation of their rights.The traffic stop that resulted in the discovery of methamphetamines was clearly pretextual. There's nothing legally wrong with using traffic stops to engage in other investigations, but officers must have the reasonable suspicion to navigate away from the initial purpose of the stop. The Supreme Court's Rodriguez decision removed a lot of the leeway law enforcement officers have exploited for years.This stop began with the accusation that the car's driver, Michael Glen Robinson, was failing to stay in his own lane. Robinson's driving was recorded by the officer's dash cam, along with the entire traffic stop. The court says it's not clear Robinson actually violated the law. From the decision [PDF]:

Integrity Training is an online provider of proven on-demand training for corporate, government, and education employees. The ultimate online learning package, Integrity Training gives you lifetime access to all 600+ courses with completion certificates covering a wide variety of topics, including IT certification, project management, business & soft skills, sales & marketing, design, big data, programming languages, blockchain development, and more. These training classes are taught by field experts with multiple certifications from providers like Microsoft, CompTIA, PMI, ITIL, Cisco, VMware, Mile 2, and more. It's on sale for $59.Note: The Techdirt Deals Store is powered and curated by StackCommerce. A portion of all sales from Techdirt Deals helps support Techdirt. The products featured do not reflect endorsements by our editorial team.

Continuing our never-ending series of posts about the impossibility of content moderation at scale, let's take a look at just how impossible it is to handle misinformation in the age of COVID-19. Ben Thompson over at Stratechery has a truly wonderful post highlighting this problem with regards to Twitter's disinformation policies, and how things break down when the "misinformation" is coming form official sources. We noted this, to some extent, the other day when we called out Houston Police Chief Art Acevedo for saying that he was seeking to have anyone who posted false information online about COVID-19 prosecuted. During the press conference, he said to only listen to "your elected officials, or to your appointed officials." But, as we noted, our elected officials and their appointees aren't always right.As Thompson points out, Twitter also took the seemingly reasonable position that in an effort to stop (widespread) COVID-19 misinformation, it would start taking down content that disagreed with official government statements:

Generally speaking, experts believe the U.S. internet should hold up pretty well under the significant new strain created by COVID-19. Italy and China's networks have generally weathered the added load, and most major U.S. ISPs say congestion shouldn't be a problem. Streaming providers have been reducing their overall bandwidth consumption as a precautionary measure, though generally many providers say they've seen greater impact from events like the Superbowl.That's not to say there won't be a few hiccups. A new report by broadband availability tracking firm BroadbandNow indicates that a number of cities are seeing slowdowns under the weight of millions of additional telecommuters and videoconferencing students. That said, most cities aren't seeing any sort of devastating slowdowns as of yet:

The Baltimore Police Department was an enthusiastic early adopter of cell site simulator technology. In 2015, a Baltimore detective admitted the department had deployed its collection of cell tower spoofers 4,300 times since 2007.The best estimate on how many of those 4,300 deployments ever showed up in court documents remains near zero. The Baltimore PD hid its deployments behind pen register orders, ensuring judges and defendants never knew the departments was using cell site simulators to track down suspects.A little bit of information has reached the public domain in recent years, showing the Baltimore PD was more willing to toss cases than expose its use of Stingray devices. Judges were willing to toss cases too, once it was determined these secret deployments violated the Fourth Amendment.There are now three Supreme Court rulings that directly affect Stingray deployments, with the most recent being the Carpenter decision. If the government needs a warrant to obtain historical cell site location info, it stands to reason a warrant should be required to engage in real-time tracking using Stingrays, even if the court did not specifically address this.There's also the Kyllo decision, which found the use of an infrared device to search a house for occupants violated the Fourth Amendment. An intrusion in which the government never actually enters the house is still an intrusion. Cell site simulators force phones inside houses to give up certain identifying information even if officers never approach the residence.Finally, there's the Riley decision that implemented search warrants for cellphones. A Stingray device searches cellphones, even if the search is "limited" to identifying info and location data. (Stingrays can also be used to intercept communications, but there's been no confirmed use of this particular configuration by US law enforcement agencies.)All of these are in play in this recent decision [PDF] by the Fourth Circuit Court of Appeals. The court does not explicitly find that a Hailstorm deployment by the Baltimore PD in 2014 was unconstitutional. But it does find that the lower court did not do enough fact-finding to determine whether it fell on the wrong side of the Fourth Amendment.The Baltimore PD has pretty much conceded some of these points already.

As some of you may be aware, Florida Atlantic University's sports teams and mascots are the Owls. As some of you may also be aware, the southeast is home to Owl Tutoring, a college tutoring service with a fairly good reputation. Owl Tutoring has existed for over a decade and has even promoted itself by advertising in FAU publications. That's probably why it took the folks at the company by such surprise to suddenly get a C&D letter from FAU's legal team accusing it of committing trademark infringement.

So we've noted a few times now how the FCC's decision to kill net neutrality did a hell of a lot more than just kill "net neutrality." It obliterated much of the FCC's consumer protection authority, making it harder than ever to hold U.S. telecom monopolies accountable for bad behavior like rampant privacy violations, ripping you off with bullshit fees, or refusing to upgrade or repair long-neglected taxpayer subsidized networks. And this was a problem even before America began staring down the barrel of a brutal pandemic while stuck at home telecommuting.Enter American Enterprise Institute's Roslyn Layton, who apparently thought that using COVID-19 as a prop to celebrate the death of U.S. telecom consumer protections was somehow a good idea. In a brutally tone-deaf blog post this week, Layton insisted that the FCC's decision to ignore a bipartisan majority of the public and kiss the ass of U.S. telecom giants was proving to be really helpful during a terrifying crisis:

We know the FBI can't accurately track how many encrypted devices it has in its possession. Two consecutive directors have pushed a "going dark" narrative using an inflated number of uncracked phones. At one point the FBI claimed it had nearly 8,000 phones in its possession, each one presumably full of evidence. When pressed for information by members of Congress, the FBI suddenly realized it had overstated this number by at least 6,000 phones. It discovered its error in May of 2018. It has yet to release an updated number.The FBI can't track seized phones so it should come as no surprise it can't accurately track the guns and ammo in its possession. The DOJ Inspector General has completed its audit [PDF] of the FBI's weapons control system and found that the FBI isn't really controlling its weapons.The FBI claims to have nearly 58,000 firearms in its inventory. This is pretty much the extent of the good news in the IG report:

It's been said many times over that if libraries did not currently exist, there's no way that publishers would allow them to come into existence today. Libraries are, in fact, a lovely and important artifact of a pre-copyright time when we actually valued knowledge sharing, rather than locking up knowledge behind a paywall. Last week, the Internet Archive announced what it's calling a National Emergency Library -- a very useful and sensible offering, as we'll explain below. However, publishers and their various organizations freaked out (leading some authors to freak out as well). The freak out is not intellectually honest or consistent, but we'll get there.As you may or may not know, for a while now, the Internet Archive and many other libraries have been using a system called Controlled Digital Lending, which was put together to enable digital checkouts of books for which there may not be any ebooks available. Basically, the Archive helped a bunch of libraries scan a ton of books, and the libraries lend them out just as if they were lending out regular books. They keep the physical copy on the shelf and will not lend out more copies of the digital book than the physical copies they hold -- basically doing exactly what a library does. There are strong arguments for why this is clearly legal. Scanning a book you own is legal. Lending out books is legal.Of course, when CDL was first announced, publishers (mainly) and The Authors Guild (which, contrary to its name, tends to be a front group for publishers, rather than authors) completely lost their shit and whined about how this was piracy. Remember, the Authors Guild has already tried suing libraries for scanning books and failed miserably. Challenging this effort at lending scans of books would also likely fail.One important thing to note: the scans of books that are part of the CDL effort are not great. They are images of actual book pages, and not anything like ebooks that are designed to be read nicely on a Kindle or whatnot. No one would choose a CDL book over a regular ebook if given the choice, because the experience is not nearly as good.The big news with the National Emergency Library is basically the removal of waitlists for checking out these books. They still have DRM and you still only can access the books for two weeks, but unlike with CDL where there was a 1 to 1 ratio of which books the Internet Archive had a physical copy of and those which it would lend out, the NEL removed that limitation and made it so that more people could access those books at once. The reasoning here is sound: in the midst of this pandemic, most physical libraries are closed, so most people literally cannot get physical books. They are sitting there unlendable. To help deal with that, the Internet Archive removed the waitlists on the books it had scanned. As the Archive explained, it focused heavily on making sure books with no ebook-availability (and educational books) were available:

The Premium A to Z Microsoft Excel Bundle has 10 courses to help you discover the power of Excel. You'll start off learning the basics like building your own spreadsheets, using formulas, and creating Macros to help automate your work. You'll move on to learning how to program in VBA, how to easily sort your data using cell protection, named ranges, multi-level storing, advanced filters, and more. You will gain skills for better collaboration, including password protection and tracking changes, learn to audit worksheets, validate data to ensure consistency, and use other essential business tools in Microsoft Excel. The bundle is on sale for $50.Note: The Techdirt Deals Store is powered and curated by StackCommerce. A portion of all sales from Techdirt Deals helps support Techdirt. The products featured do not reflect endorsements by our editorial team.

Every tragedy should be exploited. That's the theory behind a string of Excolo Law and 1-800-LAW-FIRM lawsuits that seek to hold social media companies responsible for acts of terrorism. So far, not a single court has been willing to ignore Section 230 of the CDA or the First Amendment to give these opportunists any satisfaction. Notwithstanding some very bizarre arguments from one Ninth Circuit judge, it's been a long run of shutouts for lawyers I fucking hope are working on contingency.However you may feel about social media companies' efforts to cut down on "terrorist" content, the reality of the situation is Twitter, Facebook, et al are not directly or indirectly responsible for acts of violence. Moderation at scale is impossible and allowing litigants to target social media companies directly is only going to result in lousier moderation, rather than whatever it is each litigant desires. (See also: numerous lawsuits about "anti-conservative bias.")This lawsuit is a particularly durable loser. Eric Goldman has the details at his blog. How many times do litigants need to be told "No?" Well, I told you once and I told you twice, but you never listen to my advice:

For years, we've been promised repeatedly that new broadband technologies would soon arrive to disrupt the broken, cable broadband versus telco DSL duopoly in the states. And for just as long, these emergent technologies, for a wide variety of reasons, have failed to materialize.In the late 90s and early aughts it was the promise of broadband over powerline (BPL) -- an emerging tech that utilized utility poles and electrical lines to help deliver broadband to underserved regions. But while BPL was widely hyped and repeatedly used to justify rampant deregulation at the time (read: we don't need pesky consumer protections because this new competition will soon arrive to fix everything), the technology wound up being an interference-prone dud. All of the deregulation based on this emerging technology remained intact however, and the U.S. broadband competition problem in many ways got worse.Cable enjoys a massive, growing monopoly over broadband across huge swaths of the U.S. thanks to phone companies that have effectively given up on upgrading or even repairing aging DSL lines across numerous markets. These days, instead of BPL, fifth-generation wireless (5G) is often used as the carrot on a stick panacea to justify industry deregulation, even if (1) such deregulation repeatedly tends to make U.S. telecom problems worse, and (2) 5G isn't going to be universally available, affordable, or as unrestrictive as fixed-line broadband for a laundry list of reasons.Low orbit satellite broadband is also often used to justify endless deregulation of the sector and the steady erosion of U.S. telecom consumer protections. In part because the lower orbit means such connections should have lower latency than traditional, often crappy satellite broadband. But there too the hype, at least so far, has failed to live up to reality. For example OneWeb, one of several operations exploring the space, has been hyped for a few years as a deus ex machina that will soon fix much of what ails U.S. broadband. From a speech by FCC boss Ajit Pai last year, for example:

The Electronic Privacy Information Center (EPIC) has obtained a DOJ report on predictive policing via a FOIA lawsuit. The document dates back to 2014 but it shows the DOJ had concerns about the negative side effects of predicting where crime may occur by using data that details where crime has happened.The report [PDF] contains some limited data from trial runs of predictive policing efforts. One of these tests ran from 2009 to 2012 in Shreveport, Louisiana. Using historic property crime data, along with 911 calls and the number of residents on parole or probation, the analytic software attempted to predict where future crime might occur and where police presence might be increased to prevent crime.The results were inconclusive:

It's clear that digital technology will play a key role in helping to deal with the COVID-19 pandemic, whether as a way of disseminating information, telecommuting, or of keeping people entertained during lockdowns. Less welcome is the use of advanced surveillance and tracking techniques to monitor the movements of people to see if they are obeying quarantine restrictions. Another obvious way to apply technology is to manage the key resources being used to tackle it. That's what the UK's National Health Service (NHS) is doing:

Everyone has rights, even the people who often disrespect the rights of others. But those rights can only be violated in certain, specific ways and the two cops, who sued over alleged rights violations, didn't actually have their rights violated.Officers Denis Lawlor and Daniel Varallo once worked for the Metropolitan Water Reclamation District (MWRD) in Chicago. They were fired after some of their candid comments about their work ethic and coworkers were inadvertently publicly broadcast on a Illinois State Police channel. These comments were recorded and turned over to the officers' employer, which correctly decided these two officers should find somewhere else to work. (via FourthAmendment.com)Lawlor and Varallo arrived at work and set about doing what they apparently normally did: nothing. This isn't an assumption. It's what they admitted to during the conversation they thought they were having privately. However, the officers' expectation of privacy isn't the same as the Fourth Amendment's expectation of privacy, even if they were safely (or so they thought) ensconced in a "break room with a lock in a secluded area… during the sparsely manned night shift."But first comes the First. The fired cops claimed they were retaliated against unlawfully for their protected speech. The court doesn't think much of this argument, especially since the plaintiffs did all they could to avoid discussing the content of the speech they claimed was protected. From the decision [PDF]:

Yet another reminder that copyright is really, really broken. As you may have seen, there have been a few viral videos making the rounds of people locked down in apartment buildings deciding to hold impromptu music performances from balconies. When the first of these came out, I had joked that it would only be a matter of time until some music collection society called these an unlicensed public performance and demanded royalty payments. Thankfully, that has not happened, though in Spain, a copyright professor did tell a journalist that those singing from the balconies should first get a license (relying on Google translate here...):

Be the surveillance you don't necessarily want to see in the world. That's the plan detailed in this report by Thomas Brewster for Forbes. Dozens of countries are kicking around large-scale privacy violations to track the spread of the coronavirus. A handful of other countries are already doing this, including China, India, and Hong Kong.But if you're willing to give up your own privacy to help government entities track the virus and monitor those who are infected, there's an app for that.

What is it with people who should know better immediately resorting to censorship and gag orders in the face of important information sharing? With more and more reports directly from doctors and nurses about shortages of necessary protective supplies in the midst of a pandemic, there are also disturbing reports of hospital administrators trying to silence them, and threatening retaliation:

The 2020 Full Stack Digital Marketing Certification Bundle has 12 courses to help you master marketing on Facebook, LinkedIn, Google Analytics, and more. You'll learn how to create your first advertising campaign via Google PPC ads and branch out from there to learn about advertising on YouTube and Facebook. You'll also learn how to market ideas and products on LinkedIn, MailChimp, Reddit and more. It's on sale for $39.Note: The Techdirt Deals Store is powered and curated by StackCommerce. A portion of all sales from Techdirt Deals helps support Techdirt. The products featured do not reflect endorsements by our editorial team.

While numerous vendors and tech giants have cooked up lower-cost Android phones with marketing focused on helping the poor, a recent study by advocacy group Privacy International found that the privacy trade offs of these devices are... potent. Not only do they usually come with outdated OS' opening the door to hackers, the phones have locked down user control to such a degree they're unable to remove apps that may also pose security risks. In this way, the researchers argued, we've made privacy a luxury option that's only available to those who can actually afford it.But the poor aren't the only ones harmed by our continually lax treatment of consumer privacy and security. In a new blog post, researchers from Checkpoint Software say that a huge number of kids-oriented Android apps are also privacy and security nightmares. The researchers recently identified a new malware family found in 56 applications that were collectively downloaded some 1 million times globally. Motivated by advertising fraud, the "Tekya" malware imitates the user’s actions in order to click ads and banners from agencies like Google’s AdMob, AppLovin’, Facebook, and Unity, Checkpoint found.Most-malware infected apps compromise the end users' data, credentials, emails, text messages, and geographical location. Twenty four of those apps were aimed at children, the researchers noted:

If you're a public official, your communications and documents are supposed to be accessible by the public. That's not me being an absolutist on open government. That's the law. And yet, here we are, watching an administration that rode into office on chants of "Lock her up!" once again conducting government business off the grid, using the same sort of private email accounts Trump repeatedly declared should have landed Hillary Clinton in the slammer.Citizens for Responsibility and Ethics in Washington (CREW) has taken note of the latest violation of multiple laws by the Trump Administration and wants to know what the White House is going to do about it.

If you're a public official, your communications and documents are supposed to be accessible by the public. That's not me being an absolutist on open government. That's the law. And yet, here we are, watching an administration that rode into office on chants of "Lock her up!" once again conducting government business off the grid, using the same sort of private email accounts Trump repeatedly declared should have landed Hillary Clinton in the slammer.Citizens for Responsibility and Ethics in Washington (CREW) has taken note of the latest violation of multiple laws by the Trump Administration and wants to know what the White House is going to do about it.

This week, our first place winner on the insightful side is virusdetected with some predictions about the future of the unicorn licensing lawsuit that a judge forcefully deferred:

Five Years AgoThis week in 2015, while AT&T was changing its story on Title II classification when it protected AT&T, the first legal challenges to net neutrality rules were filed, and the State of Tennessee was fighting the FCC to be able to block muni-broadband. We got a look at the extremely concerning rules in the leaked corporate sovereignty portion of the TPP agreement, and learned more about how the USTR bullied other countries into extending copyright, while the copyright industry was still pushing for stricter rules in Australia. On the brighter side, copyright troll Perfect 10 was ordered to pay $5.6 million over a bogus lawsuit.Ten Years AgoThis week in 2010, Viacom was using its legal battle with YouTube to brazenly pretend the DMCA requires proactive filtering, while Hollywood was still parroting made up facts about piracy that the AP happily parroted, and one lawyer in a criminal copyright trial was pushing back on casual use of the term "piracy", on the basis that it's prejudicial. We learned that the ACTA agreement was set to cover not just copyright and trademarks, but seven areas of intellectual property, while EU negotiators continued to insist it would move forward and there was nothing to worry about — though reports from the field suggested that negotiations weren't going so well. The full ACTA draft was leaked midway through the week, and it was full of all the troubling stuff we expected and more, raising serious constitutional questions.Fifteen Years AgoIn 2005, there was still an idea floating around that you could cause an explosion by using a mobile phone at the gas pump, which Mythbusters dispelled this week. List spam was on the rise while classic spam was apparently still working, and phishing was looking unnecessary given how easily people would give up personal info. And screensavers were still a thing — and a vector for malware.We were watching the actions of newly-minted MPAA boss Dan Glickman, and his big idea seemed to be just telling people not to tape movies and, bafflingly, to make the movie industry more like the IRS. But at least he had the help of the FBI, which was ramping up its role as Hollywood's private enforcer.

We've written a few times about the White House's unconstitutional retaliation against journalists it did not like, such as Jim Acosta and Brian Karem. PEN America, a key group fighting for free speech rights for journalists and writers, has now been allowed to proceed in its lawsuit against the President over his campaign of retaliation against journalists. PEN America had sued back in 2018, asking for declaratory and injunctive relief (basically the court telling the Trump White House to knock it off) against a variety of forms of retaliation he had done or threatened against the press.Specifically, PEN America had raised five actions that Trump had done or threatened to do in retaliation against the press: barring access to White House briefings, revoking (or threatening to revoke) security clearances of ex-government employees for commentary made to news organizations, threats to revoke broadcast licenses, raising postage rates to attack Amazon in response to Washington Post coverage, and interfering with the AT&T/Time Warner merger over anger about CNN's coverage.The DOJ had argued in response that PEN America had no standing, since Trump had not targeted PEN America. PEN America's response was that Trump had targeted PEN America members, including various news orgs and their employees, such as Jim Acosta. Indeed, when the filing was first made, we pointed out that the "standing" question would be a big hurdle. However, in a bit of a surprise, the court has said that PEN America has enough standing to proceed... at least on two of the issues at play:

When I write about this new lawsuit, filed on behalf of "retired MMA fighter" Nick Catone, against Facebook for removing his account over his anti-vaccine posts, you may expect that it was filed pro se. However, somewhat shockingly, there's an actual lawyer, James Mermigis, who filed this dumpster fire of an awful complaint. Mermigis does not appear to have any experience in internet law, and boy does it show. His various profiles online list his experience in divorce law, real estate law, and personal injury law. His own Twitter feed is basically all just wacky anti-vax nonsense, and, late last year, he was quoted as representing people trying to block a NY law removing a religious exemption for vaccines. We've gone over this many times before, but spewing junk science and angry rants that are literally putting tons of people in danger is no way to go through life, and it's certainly no way to file a lawsuit. Especially not in the midst of a pandemic where a vaccine sure would be nice.But, alas.The filing is bad, and Catone and Mermigis should feel bad about it. It will be quickly dismissed under CDA 230, even though (hilariously) it claims that Facebook's moderation of Catone's account "violates" CDA 230 (which is not a thing, as you cannot "violate" CDA 230). This lawsuit is like a collection of misunderstood tropes about internet law. It starts with this: