Techdirt

In a win for researchers and the ACLU, a federal court has ruled that violating a site's terms of service is not a criminal violation of the CFAA.The ACLU filed this lawsuit in 2016, representing researchers, scientists, and journalists who were looking into whether employment websites engaged in discriminatory behavior. To do so, the researchers needed to deliberately violate the terms of service of the websites they were studying by creating bogus accounts and providing other false information.Since the CFAA has been the go-to law for companies seeking to silence security researchers and critics, the ACLU and its plaintiffs raised a pre-enforcement challenge, seeking a ruling declaring this work legal before the DOJ had a chance to abuse this terrible law to shut the research down.The DC federal court doesn't go so far as to extend First Amendment protection to these actions, but it does hold, importantly, that the CFAA does not criminalize terms-of-service violations. From the decision [PDF]:

Learn Spanish, French, Italian, German, and many more languages with Babbel, the top-grossing, language-learning app in the world. Developed by over 100 expert linguists, Babbel is helping millions of people speak a new language quickly and with confidence. After just one month, you will be able to speak confidently about practical topics, such as transportation, dining, shopping, directions, making friends, and much more. It's on sale for $159.Note: The Techdirt Deals Store is powered and curated by StackCommerce. A portion of all sales from Techdirt Deals helps support Techdirt. The products featured do not reflect endorsements by our editorial team.

Lots of famous folks have been making (often amusing) "Stay Home" public service announcements. One great one showed up last week, in which Samuel L. Jackson read a copy of a new "poem" by Adam Mansbach, the author (a decade ago) of the infamous Go the Fuck to Sleep. This time, it was Stay the Fuck at Home. As with the original, Mansbach wrote it, and they got Samuel L. Jackson to read it -- though it debuted on the Jimmy Kimmel show (filmed with everyone at home, of course). You can see it embedded below (hopefully starting at the right part):As you can see, this was in the middle of a much longer clip from the show (an interview of Jackson by Kimmel). Many, many people snipped out just the reading and posted versions of it to Twitter and YouTube. In fact, the first version I spotted was a tweeted version that only had about half of the reading. A bunch of versions showed up on YouTube as well... and, of course, Disney had to step in and shut that shit right down with a copyright takedown (ht to Plainsite, who first spotted this).While there was some confusion as to how Disney held the copyright on this, it's because it was originally aired on Jimmy Kimmel's show which is on ABC, which is owned by Disney. So, pretty straightforward, and you might argue, a legitimate use of copyright. The clip's copyright is held by Disney, and so it's not a bogus takedown.But that doesn't make it smart. After all, the whole damn point of this is to make it be seen by as many people as possible. That's the nature of a Public Service Announcement. And the Kimmel clip buried the reading in the middle, whereas many people making clipped versions of it made it that much easier for people to see it. And, I should remind you, the whole damn reason that the original Go the Fuck to Sleep became popular in the first place was because of "piracy" sharing the original around (oh, and also, the original artwork was done without licensing some of the artwork).But, hey, it's the middle of a pandemic and Disney's going to Disney everything up, I guess.

Fifth generation wireless (5G) is not magic. It's not witchcraft. It's not a "race." It's not going to kill you. And frankly, it's not even all that interesting.We've noted for years now how 5G has been over-hyped by wireless carriers looking to spike lagging smartphone sales, or the gear makers hoping to cash in on global network builds. They've been busily trying to suggest that 5G is almost magic, capable of everything short of curing cancer. In reality 5G is barely available, expensive to adopt, and requires pricey new handsets that aren't worth it because we haven't figured out battery life issues. In time 5G will be a good thing in the way faster, more resilient networks are good, but it's not actually all that transformative.On the flip side of the industry's relentless empty hype is the conspiracy theorists who, despite the overwhelming consensus of scientists, insist that 5G is bad for your health. While it would be hubris to claim we know everything about the way wireless technology impacts human biology, the science we have at the moment makes it clear 5G is not killing you. Theories to the contrary have always bubbled around the internet, but during the pandemic they've somehow gone next level, resulting in folks actually burning down 5G towers in the UK last week:

No one really needs to wait until Friday afternoon to bury bad news. Not these days when bad news is all we seem to have, occasionally mixed with even worse news. But the White House remains the White House, so the time-honored process of dumping stuff you want to stay out of the headlines right before everyone punches out for the weekend remains in place.The government as a whole claims it wants whistleblowers to report wrongdoing through the proper channels. It then routinely follows this up by ensuring the proper channels remain the best way to see good deeds punished.The whistleblower that reported President Trump's inappropriate conversation with Ukraine president Volodymyr Zelensky saw their report buried by the White House's Office of Legal Counsel. So much for the proper channels. President Trump himself asked for the whistleblower to be outed, undermining the protections the federal government has established to ensure wrongdoing is reported.The only party receptive to the whistleblower's complaints has now been fired by President Trump, closing the loop on the White House's retaliatory actions.

As most of you will know, the term "fake news" has been so bastardized at this point so as to be more a moniker of quite literally the opposite of its original intended meaning. Once used to label the sort of nonsense news stories that people would share haphazardly on social media, the term is now almost exclusively used by government strong-men with paper-thin skin and entirely too much power. Still, the term does have a real meaning, if only we made a point of getting back to it.Perhaps in one story, we can illustrate both sides of this. One of the aforementioned leaders that has enjoyed shouting "fake news!" at any media coverage he doesn't like has been Israel's Benjamin Netanyahu. You would think "fake news" would be something Netanyahu really hates. And, yet, Netanyahu also apparently gathered his cabinet members, sat them down, and then solemnly showed them video of Iranian government officials secretly dumping dead bodies in garbage dumps so as to conceal how many COVID-19 deaths the country was enduring.There was just one tiny problem...

Hamilton County (TN) Deputy Daniel Wilkey is in more trouble than possibly any other law enforcement officer has ever been in. Currently facing nine lawsuits over his bizarre and disturbing rights violations, Wilkey is simultaneously facing 44 criminal charges, 25 of which are felonies.Wilkey's rights violations were especially creative. He forced one woman to undergo an involuntary mid-winter baptism in a nearby lake in exchange for some assistance with the drug charges Wilkey was filing against her. In another incident, Wilkey pulled over a car full of minors, forcing the only male occupant to strip to his boxers while he alternated between swearing at the teens and preaching to them.The criminal charges against Wilkey are a hideous blend of mundane and horrifying -- ranging from reckless driving to false imprisonment to stalking to rape. Wilkey could have been taken off the street anytime before this turned into national news, but the Hamilton County Sheriff's Department apparently felt eight internal affairs investigations in ten months was acceptable behavior, rather than a continuous stream of misconduct it should have diverted before it overflowed the office's capacity to control the narrative.But the Sheriff's Office seems determined to protect Wilkey from the consequences of his actions. As Courthouse News reports, a whole lot of camera footage from Wikey's patrol car has suddenly gone missing. The attorney for the woman who was forcibly "baptised" by Wilkey has just discovered months of possibly-damning footage has mysteriously vanished.

Late last week, we wrote a nice story about how the infamous image of the coronavirus that is causing COVID-19 is in the public domain, since it's a work of the US federal government. That's part of the reason why it's everywhere these days:But, as one of our commenters pointed out, that won't stop Getty Images from trying to sell you a license to the image (even complete with the CDC logo on it, which takes real balls by Getty) for an astounding $500.I mean, the text with the image even directly says that it was created at the CDC. You'd think some worker bee at Getty might recognize that this makes it public domain.Getty has a bit of a history of this, and was even sued by a photographer for trying to license images that she had put into the public domain. To be clear, Getty is not violating any law here. Something that's in the public domain is free for use in any manner, meaning that you certainly could try to sell it, though it does seem a bit sleazy and dishonest, especially at a time when news about the coronavirus is so important.What would be problematic, of course, is if Getty actually threatened, sent DMCA takedowns, or sued over anyone using the image. Because that would be bullshit. It's a little unclear exactly how Getty got this image. It's listed as part of the "Smith Collection/Gado." However, it's hard to find out what exactly that means. There is a company called Gado Images, which mixes a bunch of buzzwords about AI with stuff about archiving photographs. I'm not sure I understand what one has to do with the other. It says it's using AI for "digitizing, capturing and sharing the world's visual history." And licensing it, perhaps. But if the images are not Gado's to share, then that raises a whole bunch of other questions.Either way, the whole thing is pretty sleazy, and Getty should either (a) take it down, or (b) admit that it is public domain and make it freely available.

Thanks to the goddamn everything else going on in the world right now, we've now learned what happens when Congress lets surveillance authorities expire. Nothing, really. Here's Charlie Savage for the New York Times.

WordLogic is a patent troll. The company has been around for a while and holds a bunch of patents (such as US Patent 7,681,124) which it claims covers the concept of predictive text writing. While WordLogic is (was?) a publicly listed company, the stock is currently worth $0.0001 per share. About the only news about the company has to do with hiring patent lawyers and failing to live up to bragging press releases.The company has spent the last few years filing a whole bunch of patent shakedown lawsuits. A quick glance shows 12 federal cases involving the '124 patent, and they don't appear to have gone all that well for WordLogic. I didn't check all of the cases to see how they ended up, but I haven't come across one that they've won yet. Two cases are notable. Unified Patents asked the patent office to review the patent, saying it should never have been granted in the first place. The PTAB (the review board) came out with an initial ruling that the patent was likely invalid, at which point, WordLogic suddenly found religion and "settled" the case before the PTAB could issue a final ruling on the validity of the patent.But that meant that WordLogic could continue to shake down companies with that patent. Indeed, it looks like 9 of the cases over the '124 patent were filed after the review was "settled." In one case, against Fleksy, WordLogic's lawyers were facing Rule 11 sanctions in which Fleksy highlights that nothing it does comes anywhere near what the patent asserts and that WordLogic knew this. Just a snippet:

Enjoy your laptop's supposed portability and convenience with Ledetech's Laptop Docking Station Stand. Featuring 9 outputs, this dock holds your laptop while it functions as a universal port replicator, allowing you to connect the peripherals you need with ease. The holder has an HDMI, RJ451, SD Card/Micro SD card readers, and more ports that you can use simultaneously with your laptop. With 12.2" length, this device will add convenience without taking up much space. This holder has full support for Windows 7, 8.1, and 10 systems from most manufacturers and models. It's on sale for $70.Note: The Techdirt Deals Store is powered and curated by StackCommerce. A portion of all sales from Techdirt Deals helps support Techdirt. The products featured do not reflect endorsements by our editorial team.

Pretty much everyone knew this was coming. Fox News' coverage of the COVID-19 pandemic has been absolutely despicable -- insisting that it was little more than the flu, was overhyped by Trump's political enemies, and nothing anyone should be worried about, before turning on a dime to suddenly pretend they never said any of that earlier, and that suddenly it was always obvious it was serious:

Location data has long proven to be hugely profitable to wireless carriers, given it's used by everyone from city planners to marketing departments. Now it's proving useful to help spread the track of COVID-19, allowing researchers to see not only who an infected person has been in contact with and where they've been, but also helping them predict where hot spots might appear next. Such technology was used during the Ebola outbreak in West Africa to help both track and predict the movement of the disease.Now the government says it's working in partnership with the advertising industry to use such location data here in the States. The Wall Street Journal (paywall, alternative read at The Verge) indicates the Centers for Disease Control and Prevention and state and local governments have already received cell phone data about people in areas of “geographic interest." In this case, to track movements and determine how well people are adhering to "stay at home" restrictions:

Update: The full video is now back up and it's even worse than the original clip we posted. It's unclear if it went back up thanks to YouTube deciding it was fair use, or Pinsky removing the bogus takedown. Either way, watch it here:Copyright system supporters keep insisting to me that copyright is never used for censorship, and yet over and over again we keep seeing examples that prove that wrong. The latest is Dr. Drew Pinsky, the somewhat infamous doctor and media personality, who has been one of the more vocal people in the media playing down the impact of the coronavirus. In a video that had gone viral on Twitter and YouTube, it showed many, many, many clips of Dr. Drew insisting that COVID-19 was similar to the flu, and that it wouldn't be that bad. Assuming it hasn't been taken down due to a bogus copyright claim, you can hopefully see it below:

This week, both of our winning comments on the insightful side come in response to the news that Jared Kushner's coronavirus task force has been using private email accounts for official business. In first place, it's That One Guy breaking down his reaction:

Five Years AgoThis week in 2015, in what was not an April Fool's joke, President Obama signed a silly cybersecurity executive order that amounted to little more than an empty threat, while raising some concerning questions. Meanwhile, in the TV world, analysts were still happily pretending cord-cutting doesn't exist and doing their part for an entire industry in denial (to the point cable companies would throw tantrums when forced to offer a la carte channels). We also took a look at how the TPP could be used to undermine free speech, and a ridiculous ruling in Ireland that required ISPs to kick accused filesharers off the internet.Ten Years AgoThere were a couple of huge rulings this week in 2010. In one, the district court in the Myriad Genetics case ruled that patents on isolated genes are invalid, in a decision that would have a widespread impact. In another unrelated but equally monumental ruling, a court said the Bush administration broke the law with warrantless wiretaps.Meanwhile, a huge wave of automated copyright shakedown lawsuits hit the US, the EU was putting the pressure on Canada to change its IP laws, the Olympic Committee was already hard at work securing its sweeping powers in Vancouver for 2012, and Sony made a lot of people very angry and ruined a lot of cool projects by removing the ability to install other operating systems on the PS3.Fifteen Years AgoFive years earlier in 2005, Sony was on the receiving end of a sudden disruption when a judge ruled that the PlayStation and PlayStation 2 infringed on patents and could not be sold in the US, while over on the Sony Music side, the boss was asking the Supreme Court to step in and stop piracy (the very real chilling effects of the entertainment industry's stance on Grokster weren't getting it done). Librarians and hobbyists were stepping up to oppose the broadcast flag, ISPs were practically begging to be regulated by blocking VoIP usage, and Verizon was blaming the entertainment industry for its decision to cripple Bluetooth on phones.

By now, you've probably seen this image of the coronavirus responsible for COVID-19 a million times:It's freaking everywhere. And it's in the public domain. That's because it was created by employees at the CDC, and as a work of the US government it is exempt from copyright laws, meaning anyone can use it. Which is probably why everyone uses it. One of the many reasons why a public domain is so useful.The NY Times has a nice story about how the image came to be that's well worth reading.

The Houston Police Department's botched drug raid that resulted in the killing of the home's two occupants continues to cause problems for the PD and the city of Houston. The raid was predicated on a phone call from an unbalanced, vengeful neighbor with a history of calling in bogus crime reports. Probable cause was bolstered (if that's even the word) by dirty cop Gerald Goines, who fabricated a confidential informant and provided evidence for drug trafficking allegations by pulling heroin from the console of his cop car.The end result was the execution of Dennis Tuttle and Rhogena Nicholas -- a couple who had been together for 21 years and whose house contained nothing more than personal use amounts of marijuana and cocaine. There was no evidence of the heroin dealing alleged by Goines' nonexistent informant.Goines is now facing murder charges and a handful of other felony charges. The PD's drug task force has been disbanded. And Rhogena Nicholas' mother -- who was at one point falsely named as the person behind the anonymous tip Goines supposedly received -- is suing the city for its failure to properly oversee the police department. (via Courthouse News)The city has so far refused to cooperate with the lawsuit. Nicholas wants to depose city officials about the raid but the city has chosen to continue its stonewalling and obfuscation. The city (and the PD) have done everything they can to avoid giving Nicholas anything to work with, starting immediately after it became clear the raid wasn't justified and had been led by an incredibly dirty cop. Here's the Texas appeals court's description [PDF] of the city's post-raid recalcitrance:

A few weeks back we wrote about how Fortress Investment Group -- a massive patent trolling operation funded by Softbank -- was using old Theranos patents to shake down BioFire, a company that actually makes medical diagnostics tests, including one for COVID-19. Fortress had scooped up the patents as collateral after it issued a loan to Theranos, which Theranos (a complete scam company, whose founders are still facing fraud charges...) could not repay. Fortress then set up a shell company, Labrador Diagnostics, which did not exist until days before it sued BioFire. After it (and the law firm Irell & Manella) got a ton of bad press for suing BioFire over these patents -- including the COVID-19 test -- Fortress rushed out a press release promising that it would issue royalty-free licenses for COVID-19 tests. However, it has still refused to reveal the terms of that offer, nor has it shared the letter it sent to BioFire with that offer.And while some have argued that after issuing this "royalty-free license" offer, the whole thing was now a non-story, that's not true. It appears that the offer only covers half of the test: the pouches that have the test-specific reagents, but not the test device that is used to analyze the tests. And so while the COVID-19 test pouches may get a "free" license, the machines to test them are still subject to this lawsuit.In the meantime, tons of people have been asking how Theranos -- who appeared to never have a working product, despite publicly claiming it did (and convincing Walgreens that it did) -- could possibly have received patents on technology that never actually existed. Tragically, the answer is that our patent system (for reasons that make no sense) does not require a working prototype, which results in all sorts of nonsense getting a patent. That said, the good folks at Unified Patents have launched a crowdsourcing contest for prior art about the two Theranos patents in question.

Most people know about TikTok, from the company Bytedance, but not many know that it is the international version of the similar, but separate, Douyin app. The What's on Weibo site has a good explanation of why the two versions came about, and how they differ:

I'm still amazed that any photographer could think it's wise to hire notoriously bad copyright trolling lawyer Richard Liebowitz. Liebowitz, among many other problems, has been sanctioned for lying to the court, sanctioned for failing to comply with court orders, and even got into trouble for lying to a court about the death of his grandfather (in that one he actually had a friend of his father's write a letter to the court basically saying that the judge should excuse Richard's many lies, because he's just not that experienced). And even if you could look past all that, he's a dreadful copyright lawyer. Going back a few years we quoted a judge telling him "No reasonable lawyer with any familiarity with the law of copyright could have thought..." Just a few months ago, a court made it clear that Liebowitz's reputation comes with baggage:

Boxne SSD Hosting is a great place to start for anyone creating a website that needs secure and affordable hosting with great customer service. With 100% SSD storage-based servers, Boxne ensures that your data is available to you as quickly as possible. This hosting platform features top-level software and physical security including 24/7 manned-data centers with backup power generators and advanced fire protection. Boxne uses autoscaling that shifts and changes with your traffic levels and load-balancing to spread traffic across a range of servers to ensure 99.99% uptime. With Boxne's Lite Plan, you'll get unlimited SSD disk space, bandwidth, website, and MySQL databases, as well as sub and add-on domains. It's on sale for $40.Note: The Techdirt Deals Store is powered and curated by StackCommerce. A portion of all sales from Techdirt Deals helps support Techdirt. The products featured do not reflect endorsements by our editorial team.

Israel's leading malware purveyor is pitching in to help with the pandemic. NSO Group -- which has pitched its spy tools to a number of questionable governments -- is trying to help track the spread of the virus with its proprietary surveillance tool.This would be the third effort by the country to keep tabs on the disease, starting with the Israeli government's authorization of the use of phone/location data to monitor infected individuals. There's also a more voluntary effort, created by the country's Ministry of Health, that allows users to "check in" by providing data about where they've been and whether or not they've tested positive for the disease.But it's NSO's spyware that's the most worrying. Motherboard was able to observe the software in action and Lorenzo Franceschi-Bicchierai reports it's a pretty scary piece of spycraft.

T-Mobile and Sprint finally closed their controversial $26 billion wireless mega merger this week, opening the door to a new era in U.S. wireless with notably less overall competition and, inevitably, higher prices. The government, courts, much of the press, and many "top policy thinkers" of the era happily ignored 40 years of very clear global data showing that such consolidation in telecom reduces competition, raises overall prices, and inevitably results in a steady parade of layoffs. And most of them did so for all the usual reasons: either rigid partisan ideology, or the prioritization of profit above reason, empathy, or common sense.But the deal's approval was also rife with an unprecedented amount of corruption, fraud, and regulatory capture -- even for the U.S.The FCC rubber stamped the deal before it had even seen its own impact analysis data, with Commissioner Brendan Carr meeting with T-Mobile behind closed doors nine times to help the deal gain approval. T-Mobile slathered Trump's businesses with cash and hired Trump ally Corey Lewandowski shortly after Lewandowski mocked a kid with Down Syndrome on TV. DOJ antitrust boss Makan Delrahim, instead of doing his job, personally helped guide the deal's approval process via personal phone and email accounts.Former FCC Commissioners from both parties lobbied for the deal, often without making their financial motives clear in media appearances and a steady parade of editorials. And that's before you get to the comically broken U.S. court system, which tied itself in knots ignoring every last shred of hard data just so the deal could proceed.It's a merger that could only have been approved in the Trump era, given similar competition-eroding deals (AT&T T-Mobile in 2011, and Sprint T-Mobile in 2014) were shot down for good reason: global data, from Canada to Ireland, shows this kind of consolidation is almost always problematic. Less competition means higher prices. Unions and Wall Street analysts alike have estimated this particular deal could result, in time, with anywhere from 10,000 to 30,000 employees being fired as redundant retail and management positions are eliminated. Studies even suggest people at other companies will likely be paid less.And while the DOJ floated a half-cooked deal that will try to create a new replacement fourth carrier out of Dish Network and some twigs, most experts strongly doubt much ever comes from it for a laundry list of reasons. The most obvious being that AT&T, Verizon, and T-Mobile will all be incentivized to make sure, via relentless lobbying, that this new fourth carrier never fully materializes. And barring any election-triggered change, the current FCC, known for being a glorified rubber stamp to industry, isn't likely to engage in the kind of nannying necessary to make sure the deal works, or punish companies that fail to live up to pre-merger promises.As the deal closed this week, media outlets covering the news failed to include any of this as context. CNET, for example, largely repeated T-Mobile's claims with a focus on network performance, with not so much as a peep on how or why such a deal might be problematic for your wallet or T-Mobile employees. Ditto for TechCrunch, which briskly broke down the last year or two of sleazy lobbying as little more than "months of regulatory maneuvering" while giving extra weight to merger conditions that U.S. history makes clear will never actually be enforced:

Performance Rights Organizations (PROs), sometimes known as "Collection Societies," have a long history of demanding licensing for just about every damn thing. That's why there was just some confusion about whether or not those with musical talents would even be allowed to perform from their balconies while in COVID-19 lockdown. And if you thought that it was crazy that anyone would even worry about things like that, it's because you haven't spent years following the crazy demands made by PROs, including demanding a license for a woman in a grocery store singing while stocking the shelves, a public performance license for having the radio on in a horse stable (for the horses), or claiming that your ringtone needs a separate "public performance" license, or saying that hotels that have radios in their rooms should pay a public performance license.Five years ago, we wrote about another such crazy demand -- a PRO in Sweden demanding that rental car companies pay a performance license because their cars had radios, and since "the public" could rent their cards and listen to the radio, that constituted "a communication to the public" that required a separate license. The case has bounced around the courts, and finally up to the Court of Justice for the EU which has now, finally, ruled that merely renting cars does not constitute "communication to the public."From the CJEU's press release:

As the world navigates the reality of the COVID-19 worldwide pandemic, we've already noted several ways that the outbreak has changed our daily lives. Me being me, I noticed just how many professional sports organizations were moving into broadcast versions of their eSports as a way to fill the void. That of course isn't the only way video game life has changed.Another appears to be the odd case of Final Fantasy 14, an online MMORPG. The game has had a vibrant, if congested, real estate economy involving the buying of virtual homes and properties. Due to the outbreak, the game recently announced that, similar to real life in many cities, evictions were on a pause.

It's always fun to read a good benchslap of cops who've tried to turn nothing at all into "probable cause." It doesn't happen very often because courts are far too obliging far too often. The standard law enforcement officers are held to -- objective reasonableness -- rarely seems reasonable, no matter how objectively you approach it.This ruling [PDF] by a Florida federal court does not coddle the officer who made a mockery of both objective reasonableness and probable cause. You can tell this is headed into unconstitutional territory during the recounting of the events that led to the arrest of Jorge Sanchez. (via FourthAmendment.com)Local officers were working with the DEA on a drug trafficking investigation. They decided to pull over someone heading away from the house they were surveilling. But the officers had nothing approaching probable cause. All they had was someone driving away from a house they suspected might be tied to drug sales. But that wasn't going to stop them from stopping Sanchez. So, they did what they had to do.

It's worth repeating for the folks in the back: the FCC's hugely unpopular, facts-optional and fraud-slathered repeal of net neutrality did a lot more than just kill "net neutrality." It gutted the FCC's already dwindling authority over giant telecom monopolies, shoveling any remaining authority to an FTC that lacks the authority or resources to police the US telecom sector (the whole goal of telecom lobbyists). As a result, you've now got ISPs free to engage in problematic behavior (like bullshit fees, or charging people "rental fees" for modems they already own) that the government is incapable and unwilling to address.And the government's decision to ignore the public and pander to the telecom lobby has deeper ramifications as well. As telecom lawyer and former FCC staffer Gigi Sohn writes in an editorial at The Verge, there has been a multi-decade effort to kill telecom oversight under the (clearly false) claim that the miracle of the free market will somehow magically fix a sector that's been clearly broken for decades:

As we noted just a few weeks ago, two Senators -- Kelly Loeffler from Georgia and Richard Burr from North Carolina, both of whom were publicly trying to play down the risks associated with COVID-19 -- were quietly engaging in stock trades that suggested they had a different viewpoint (while five different Senators sold stock during this period, only Loeffler's and Burr's look particularly suspicious). Burr's stock sell-off was revealed first, and got the most attention, in part because he's also the Chair of the Senate Intelligence Committee and was getting classified briefings about COVID-19. The latest news on that front is that the Justice Department has supposedly opened an investigation:

The FBI's inability (or unwillingness) to craft factual FISA court affidavits was exposed late last year by an investigation by the DOJ's Inspector General. During the FBI's surveillance of former Trump advisor, Carter Page, information known by the agency was omitted to allow agents to continue its interception of Page's communications. Despite having obtained info showing Page was likely not acting on behalf of a foreign power, the FBI continued its surveillance for months by hiding this key finding from the FISA court.The fallout from this report continues. The FISA Court banned the FBI agent who lied on the warrant applications. The court also instructed the FBI to start cleaning up its Carter Page mess, including tracking down where any other info it might have illegally collected in this case might have gone, in order to prevent further violations by other agencies in the future.Current and former DOJ/FBI officials made it clear the FBI's questionable actions in this case were only the agency's most current violations. The skirting of internal guidelines and the truth itself was a common practice dating back nearly 20 years.The Inspector General's findings in the Page investigation were the tip of the unexpected iceberg. The IG is now looking at the rest of the FBI's FISA work. And the office is finding even more to be concerned about.

The Comprehensive Beginner's Guide to Cybersecurity Bundle has 4 courses to give you a foundation level introduction to cybersecurity. These courses will walk you through basic cybersecurity terminologies, concepts, and protocols and move on to hacking methods, malware types, and the processes employed by cybersecurity professionals to defend networks and systems from attacks. It's on sale for $30.Note: The Techdirt Deals Store is powered and curated by StackCommerce. A portion of all sales from Techdirt Deals helps support Techdirt. The products featured do not reflect endorsements by our editorial team.

Richard Blumenthal has been attacking internet services he doesn't understand since before he was even a US Senator. It has carried over into his job as a Senator, and was abundantly obvious in his role as a co-sponsor for FOSTA. His hatred of the internet was on clear display during a hearing over FOSTA in which he flat out said that if smaller internet companies couldn't put in place the kind of infrastructure required to comply with FOSTA, that they should go out of business. Blumenthal's latest ridiculous bit of legislation lose your Section 230 protections. And while Blumenthal likes to pretend that the EARN IT Act doesn't target encryption, he also lied about FOSTA and insisted it had no impact on CDA 230 (which it directly amended).But Blumenthal has now taken his ridiculousness up a notch. Following the (legitimately concerning) reports that the suddenly incredibly popular videoconferencing software Zoom was not actually providing end-to-end encrypted video chats (despite its marketing claims), Blumenthal decided to step in and play the hero sending an angry letter to the company, while linking to the Intercept's original story about Zoom's misleading claims about encryption:

In 2017, hackers and security researchers highlighted long-standing vulnerabilities in Signaling System 7 (SS7, or Common Channel Signalling System 7 in the US), a series of protocols first built in 1975 to help connect phone carriers around the world. While the problem isn't new, a 2016 60 Minutes report brought wider attention to the fact that the flaw can allow a hacker to track user location, dodge encryption, and even record private conversations. All while the intrusion looks like ordinary carrier to carrier chatter among a sea of other, "privileged peering relationships."Telecom carriers and lobbyists have routinely downplayed the flaw and their multi-year failure to do much about it. In 2018, the CBC noted how Canadian wireless providers Bell and Rogers weren't even willing to talk about the flaw after the news outlet published an investigation showing how (using only a mobile phone number) it was possible to intercept the calls and movements of Quebec NDP MP Matthew Dubé.Now there's another wake up call: a new report by The Guardian indicates that Saudi Arabia has likely been exploiting the flaw for years to track and monitor Saudi Arabian targets when they travel in the United States:

As Karl Bode wrote what feels like a decade ago on March 19, 2020, privacy and encryption will be more important than ever during this pandemic and the future that succeeds it. Plenty of governments have been sacrificing citizens' privacy for better virus tracking and plenty of governments were already throwing shade at encryption well before the pandemic became a pandemic. That includes our government, which has been agitating against encryption for several years now and fighting against our privacy in federal courts for decades.An influx of remote workers makes encryption and privacy even more important, as there's plenty of sensitive company business being done over open networks with minimal protections. The beneficiaries of this new normal are responding quickly to the unexpected demand, but protection of work-at-home employees and their employers seems to have been forgotten.The field is crowded with lots of telecommuting software providers. Standing out is key if you're going to take advantage of the current health crisis. Video conference software developer Zoom, however, is playing fast and loose with terminology in an attempt to scoop up more market share. As Micah Lee and Yael Grauer report for The Intercept, words don't seem to mean what they normally mean when they're being used by Zoom.

Somehow, it's been nearly four years since a tattoo company, Solid Oak Sketches, decided to sue 2K Sports, the studio behind the renowned NBA 2K franchise, claiming that the game's faithful representation of several stars' tattoos was copyright infringement. The company claimed to own the copyright on the design of several players' tattoos, including most famously LeBron James, Kobe Bryant, and DeAndre Jordan. The claim in the suit was that 2K's faithful depiction of the players, whom had collectively licensed their likenesses via the NBAPA, somehow violated Solid Oak's IP rights.Put another way, it could be said that by branding the player with Solid Oak's designs, the company seems to think it can control the players' ability to profit off of their own likenesses. That this draws the mind to very uncomfortable historical parallels apparently was of no issue to Solid Oak.Well, while 2K Sports failed to get the court to dismiss the case back in 2018, it has more recently won the case on summary judgement, with the court quite helpfully getting everything right and declaring the depiction of tattoos in video games in this manner to be Fair Use.

We have moved to a radically remote posture, leaving a lot of empty real-estate in corporateoffices and abandoning the final protections of the digital perimeter. For years, we’ve heard thatthe perimeter is dead and there are no borders in cyberspace. We have even had promises ofa new and better style of working without being bound to a physical office and the tyranny andwaste of the commute. However, much like the promise of less travel in a digital age or even thetotal paperless office these work-life aspirations never had a chance to materialize beforeCOVID-19 forced us to disperse and connect over the Internet. This has massive implicationson corporate culture and productivity. More immediately, the surge in use of remote workcapabilities has consequences from a security and privacy perspective that cannot be ignored.For some, working from home isn’t new. This is especially true for those in sales and fieldmarketing across many industries or for knowledge workers, such as federal governmentemployees that are familiar with their telecommuting contract. The day after the “stay home”order is given, the rest of the company suddenly find themselves doing the math on how to stayproductive, whether they are the 20% of largely general and administrative or management staffwho are always in the office for a young tech startup or the 80% of all employees at a big bluechip company. Some already have a laptop that they bring with them everywhere and are usedto bringing home, but for others it’s time to spark up the family computer or get a hastily issuedcompany laptop and try to get it running without an IT technician parked at their elbow to help.Others will grab a tablet or a smartphone, once relegated to mostly personal use, and repurposeit to attend to professional needs. Any way you look at it, the enterprise footprint just grew andradically changed in a 24 hour period.From a security perspective, the basics are critical. This is true whether a company is a maturesecurity shop or not—risk management is the lodestar. It starts with a risk analysis and dialog.You’ll need to first create a master list of security essentials and rank them in order ofsensitivity, likelihood and impact. The reality is that you can do anything, but you can’t doeverything; and ultimately this is a triage game.High on the list are concerns about misinformation, weaponized information and socialengineering. While companies can’t control machines that they don’t own, they have to try to getthe most secure endpoints they can and ensure identity integrity. This means emphasizing whatchannels are appropriate or not for employees and their families for information: news networks,websites and the like. But COVID-19 is our new common watering hole, and malicious actorsare manufacturing phishing attacks, devilish spear-phishing campaigns, rogue applications andmore. Regular, short, routine communications to remind people of the basics, to gain a pulse onthe organization and to provide clear policies are essential.Also at the highest level of concern is securing the connection to the network and back into theenvironment. This requires VPN connections, strong authentication and endpoint preventionand detection controls. In the back office generally and in the security operations centerspecifically, baselines from which anomalies are normally noted for focus will be in flux;everything will look like an anomaly for a while in the brave new remote world.Which brings us to the most difficult of topics: privacy.Did employees bring notes and data home before the office closure? Are they creating IP anddata protected by privacy laws and regulations as they continue to do business? Who is in theimmediate environment physically? These are some of the critical questions. In some cases youmay never know the answers to these questions or you may not have a right to know theanswers but must appreciate others’ living situations and assume some worst case scenarios.There are still more questions. Should cameras be on for conference calls when employeesmight be embarrassed of their personal space being seen by colleagues? Should they useheadsets when a life partner might work for another company or even a competitor or perhaps aroommate might simply overhear sensitive information? Do we encourage them to care for achild when they are crying or do workers feel the need to hide their families? While manycompanies have previously developed “work from home” policies now we are beginning tounderstand what is really needed for remote, working employees. Now is the time to take afresh look at privacy in your work from home policy.Finally, we must understand the adversary is moving into a new normal as well. They may notbe able to immediately exploit all weaknesses or even any given weakness. They too willpursue the lowest hanging fruit while investing in some longer term R&D to develop new attacksspecifically for the home environment. Threat actors may be purchasing tools fromcybercriminals, mining existing botnets to see what IP is on those already-compromisedmachines or targeting home automation, printers and routers after triangulating IP addressesand digital locations for targets. In the weeks ahead, targeting new dimensions of technicaldiversity and innovating to develop new attack vectors will be the name of the game for the badguys.The future is very much a moving target for security and privacy professionals. Here is wherethe ongoing maintenance on an ongoing basis is critical: watching vulnerabilities in the newbattery of enterprise applications for remote productivity, moving to the next order ofvulnerabilities and so on. This might involve extending IT support and patching advice to homeusers on how to secure their home network, how to configure Amazon or Alexa devices or newtools and services for secure note-taking, collaboration, use of newly available standardoperating environment systems and so on. In short, the game of security and privacy will beabout rates of adaptation between asymmetric opponents.The brave new work from home world would be best if it was short lived, but the genie won’t goback in the bottle. While the economy will adapt and move on at some point, it’s too early to tellwhat percentage of current remote workers will continue to work from home permanently in apost COVID-19 world or if we will return to the tyranny of the commute. Regardless, the lastingeffect of innovation on both attack and defense will persist. As has been said, never waste agood crisis: let’s hope that IT, corporate culture, security and privacy all benefit from the currentsituation to make a more productive and humane cyber world when we return to a more normalepidemiological world.Sam Curry is Chief Product and Security Officer at Cybereason.

It's pretty well established that giving the finger to cops is protected expression. Stopping or detaining someone for flipping you off violates their rights and the usual law enforcement excuses for unconstitutional behavior tend to perform poorly when examined by a federal judge.In 2018, a Virginia federal court denied qualified immunity to Officer Rob Coleman for his stop of Brian Clark, who made a gesture that "was crude, but not criminal." Officer Coleman claimed he was "concerned" by Clark's hand gesture and was just doing some community caretaking by pulling over the car Clark was riding in. Literally unbelievably, the officer claimed he viewed the hand gesture as a sign of distress, as only a person "under the influence" of alcohol or drugs (or "suffering from some sort of mental illness") would dare do such a thing.Of course, Coleman never made any inquiries about distress, mental illness, or intoxication during the 20-minute stop. The court denied Coleman's request for qualified immunity, stating it should have been clear stopping someone for throwing the bird would violate both the First and Fourth Amendments.The case went to trial. Somehow the jury managed to find in favor of the cop who had violated two rights with his traffic stop. The jury said Coleman did not lack reasonable suspicion to stop and detain Clark for allegedly giving the officer the one-finger salute.Clark challenged this verdict, asking the court to overturn the inexplicable decision by the jury to go against its own interests by saying it's ok for cops like Coleman to engage in retaliatory stops of people who've offended them.The court agrees with Clark: this is indeed some bullshit. (via The Newspaper)From the decision [PDF]:

Here we go again: content moderation at scale is impossible to do well -- and, as we've discussed, things are especially tricky when it comes to content moderation and political advertising. Now, when you mix into that content moderation to try to stop disinformation during the COVID-19 pandemic and you run up against... politicians facing blocks in trying to advertise about Trump's leadership failures in response to the pandemic:

A couple of lying cops who couldn't perform a traffic stop without violating the driver's rights have just seen their illegally-obtained evidence tossed and their successful drug bust busted. The Louisiana Second Circuit Court of Appeal not only finds the officers untrustworthy but also points out there's nothing reasonably suspicious about someone's invocation of their rights.The traffic stop that resulted in the discovery of methamphetamines was clearly pretextual. There's nothing legally wrong with using traffic stops to engage in other investigations, but officers must have the reasonable suspicion to navigate away from the initial purpose of the stop. The Supreme Court's Rodriguez decision removed a lot of the leeway law enforcement officers have exploited for years.This stop began with the accusation that the car's driver, Michael Glen Robinson, was failing to stay in his own lane. Robinson's driving was recorded by the officer's dash cam, along with the entire traffic stop. The court says it's not clear Robinson actually violated the law. From the decision [PDF]:

Integrity Training is an online provider of proven on-demand training for corporate, government, and education employees. The ultimate online learning package, Integrity Training gives you lifetime access to all 600+ courses with completion certificates covering a wide variety of topics, including IT certification, project management, business & soft skills, sales & marketing, design, big data, programming languages, blockchain development, and more. These training classes are taught by field experts with multiple certifications from providers like Microsoft, CompTIA, PMI, ITIL, Cisco, VMware, Mile 2, and more. It's on sale for $59.Note: The Techdirt Deals Store is powered and curated by StackCommerce. A portion of all sales from Techdirt Deals helps support Techdirt. The products featured do not reflect endorsements by our editorial team.

Continuing our never-ending series of posts about the impossibility of content moderation at scale, let's take a look at just how impossible it is to handle misinformation in the age of COVID-19. Ben Thompson over at Stratechery has a truly wonderful post highlighting this problem with regards to Twitter's disinformation policies, and how things break down when the "misinformation" is coming form official sources. We noted this, to some extent, the other day when we called out Houston Police Chief Art Acevedo for saying that he was seeking to have anyone who posted false information online about COVID-19 prosecuted. During the press conference, he said to only listen to "your elected officials, or to your appointed officials." But, as we noted, our elected officials and their appointees aren't always right.As Thompson points out, Twitter also took the seemingly reasonable position that in an effort to stop (widespread) COVID-19 misinformation, it would start taking down content that disagreed with official government statements:

Generally speaking, experts believe the U.S. internet should hold up pretty well under the significant new strain created by COVID-19. Italy and China's networks have generally weathered the added load, and most major U.S. ISPs say congestion shouldn't be a problem. Streaming providers have been reducing their overall bandwidth consumption as a precautionary measure, though generally many providers say they've seen greater impact from events like the Superbowl.That's not to say there won't be a few hiccups. A new report by broadband availability tracking firm BroadbandNow indicates that a number of cities are seeing slowdowns under the weight of millions of additional telecommuters and videoconferencing students. That said, most cities aren't seeing any sort of devastating slowdowns as of yet:

The Baltimore Police Department was an enthusiastic early adopter of cell site simulator technology. In 2015, a Baltimore detective admitted the department had deployed its collection of cell tower spoofers 4,300 times since 2007.The best estimate on how many of those 4,300 deployments ever showed up in court documents remains near zero. The Baltimore PD hid its deployments behind pen register orders, ensuring judges and defendants never knew the departments was using cell site simulators to track down suspects.A little bit of information has reached the public domain in recent years, showing the Baltimore PD was more willing to toss cases than expose its use of Stingray devices. Judges were willing to toss cases too, once it was determined these secret deployments violated the Fourth Amendment.There are now three Supreme Court rulings that directly affect Stingray deployments, with the most recent being the Carpenter decision. If the government needs a warrant to obtain historical cell site location info, it stands to reason a warrant should be required to engage in real-time tracking using Stingrays, even if the court did not specifically address this.There's also the Kyllo decision, which found the use of an infrared device to search a house for occupants violated the Fourth Amendment. An intrusion in which the government never actually enters the house is still an intrusion. Cell site simulators force phones inside houses to give up certain identifying information even if officers never approach the residence.Finally, there's the Riley decision that implemented search warrants for cellphones. A Stingray device searches cellphones, even if the search is "limited" to identifying info and location data. (Stingrays can also be used to intercept communications, but there's been no confirmed use of this particular configuration by US law enforcement agencies.)All of these are in play in this recent decision [PDF] by the Fourth Circuit Court of Appeals. The court does not explicitly find that a Hailstorm deployment by the Baltimore PD in 2014 was unconstitutional. But it does find that the lower court did not do enough fact-finding to determine whether it fell on the wrong side of the Fourth Amendment.The Baltimore PD has pretty much conceded some of these points already.

As some of you may be aware, Florida Atlantic University's sports teams and mascots are the Owls. As some of you may also be aware, the southeast is home to Owl Tutoring, a college tutoring service with a fairly good reputation. Owl Tutoring has existed for over a decade and has even promoted itself by advertising in FAU publications. That's probably why it took the folks at the company by such surprise to suddenly get a C&D letter from FAU's legal team accusing it of committing trademark infringement.

So we've noted a few times now how the FCC's decision to kill net neutrality did a hell of a lot more than just kill "net neutrality." It obliterated much of the FCC's consumer protection authority, making it harder than ever to hold U.S. telecom monopolies accountable for bad behavior like rampant privacy violations, ripping you off with bullshit fees, or refusing to upgrade or repair long-neglected taxpayer subsidized networks. And this was a problem even before America began staring down the barrel of a brutal pandemic while stuck at home telecommuting.Enter American Enterprise Institute's Roslyn Layton, who apparently thought that using COVID-19 as a prop to celebrate the death of U.S. telecom consumer protections was somehow a good idea. In a brutally tone-deaf blog post this week, Layton insisted that the FCC's decision to ignore a bipartisan majority of the public and kiss the ass of U.S. telecom giants was proving to be really helpful during a terrifying crisis:

We know the FBI can't accurately track how many encrypted devices it has in its possession. Two consecutive directors have pushed a "going dark" narrative using an inflated number of uncracked phones. At one point the FBI claimed it had nearly 8,000 phones in its possession, each one presumably full of evidence. When pressed for information by members of Congress, the FBI suddenly realized it had overstated this number by at least 6,000 phones. It discovered its error in May of 2018. It has yet to release an updated number.The FBI can't track seized phones so it should come as no surprise it can't accurately track the guns and ammo in its possession. The DOJ Inspector General has completed its audit [PDF] of the FBI's weapons control system and found that the FBI isn't really controlling its weapons.The FBI claims to have nearly 58,000 firearms in its inventory. This is pretty much the extent of the good news in the IG report:

It's been said many times over that if libraries did not currently exist, there's no way that publishers would allow them to come into existence today. Libraries are, in fact, a lovely and important artifact of a pre-copyright time when we actually valued knowledge sharing, rather than locking up knowledge behind a paywall. Last week, the Internet Archive announced what it's calling a National Emergency Library -- a very useful and sensible offering, as we'll explain below. However, publishers and their various organizations freaked out (leading some authors to freak out as well). The freak out is not intellectually honest or consistent, but we'll get there.As you may or may not know, for a while now, the Internet Archive and many other libraries have been using a system called Controlled Digital Lending, which was put together to enable digital checkouts of books for which there may not be any ebooks available. Basically, the Archive helped a bunch of libraries scan a ton of books, and the libraries lend them out just as if they were lending out regular books. They keep the physical copy on the shelf and will not lend out more copies of the digital book than the physical copies they hold -- basically doing exactly what a library does. There are strong arguments for why this is clearly legal. Scanning a book you own is legal. Lending out books is legal.Of course, when CDL was first announced, publishers (mainly) and The Authors Guild (which, contrary to its name, tends to be a front group for publishers, rather than authors) completely lost their shit and whined about how this was piracy. Remember, the Authors Guild has already tried suing libraries for scanning books and failed miserably. Challenging this effort at lending scans of books would also likely fail.One important thing to note: the scans of books that are part of the CDL effort are not great. They are images of actual book pages, and not anything like ebooks that are designed to be read nicely on a Kindle or whatnot. No one would choose a CDL book over a regular ebook if given the choice, because the experience is not nearly as good.The big news with the National Emergency Library is basically the removal of waitlists for checking out these books. They still have DRM and you still only can access the books for two weeks, but unlike with CDL where there was a 1 to 1 ratio of which books the Internet Archive had a physical copy of and those which it would lend out, the NEL removed that limitation and made it so that more people could access those books at once. The reasoning here is sound: in the midst of this pandemic, most physical libraries are closed, so most people literally cannot get physical books. They are sitting there unlendable. To help deal with that, the Internet Archive removed the waitlists on the books it had scanned. As the Archive explained, it focused heavily on making sure books with no ebook-availability (and educational books) were available:

The Premium A to Z Microsoft Excel Bundle has 10 courses to help you discover the power of Excel. You'll start off learning the basics like building your own spreadsheets, using formulas, and creating Macros to help automate your work. You'll move on to learning how to program in VBA, how to easily sort your data using cell protection, named ranges, multi-level storing, advanced filters, and more. You will gain skills for better collaboration, including password protection and tracking changes, learn to audit worksheets, validate data to ensure consistency, and use other essential business tools in Microsoft Excel. The bundle is on sale for $50.Note: The Techdirt Deals Store is powered and curated by StackCommerce. A portion of all sales from Techdirt Deals helps support Techdirt. The products featured do not reflect endorsements by our editorial team.

Every tragedy should be exploited. That's the theory behind a string of Excolo Law and 1-800-LAW-FIRM lawsuits that seek to hold social media companies responsible for acts of terrorism. So far, not a single court has been willing to ignore Section 230 of the CDA or the First Amendment to give these opportunists any satisfaction. Notwithstanding some very bizarre arguments from one Ninth Circuit judge, it's been a long run of shutouts for lawyers I fucking hope are working on contingency.However you may feel about social media companies' efforts to cut down on "terrorist" content, the reality of the situation is Twitter, Facebook, et al are not directly or indirectly responsible for acts of violence. Moderation at scale is impossible and allowing litigants to target social media companies directly is only going to result in lousier moderation, rather than whatever it is each litigant desires. (See also: numerous lawsuits about "anti-conservative bias.")This lawsuit is a particularly durable loser. Eric Goldman has the details at his blog. How many times do litigants need to be told "No?" Well, I told you once and I told you twice, but you never listen to my advice:

For years, we've been promised repeatedly that new broadband technologies would soon arrive to disrupt the broken, cable broadband versus telco DSL duopoly in the states. And for just as long, these emergent technologies, for a wide variety of reasons, have failed to materialize.In the late 90s and early aughts it was the promise of broadband over powerline (BPL) -- an emerging tech that utilized utility poles and electrical lines to help deliver broadband to underserved regions. But while BPL was widely hyped and repeatedly used to justify rampant deregulation at the time (read: we don't need pesky consumer protections because this new competition will soon arrive to fix everything), the technology wound up being an interference-prone dud. All of the deregulation based on this emerging technology remained intact however, and the U.S. broadband competition problem in many ways got worse.Cable enjoys a massive, growing monopoly over broadband across huge swaths of the U.S. thanks to phone companies that have effectively given up on upgrading or even repairing aging DSL lines across numerous markets. These days, instead of BPL, fifth-generation wireless (5G) is often used as the carrot on a stick panacea to justify industry deregulation, even if (1) such deregulation repeatedly tends to make U.S. telecom problems worse, and (2) 5G isn't going to be universally available, affordable, or as unrestrictive as fixed-line broadband for a laundry list of reasons.Low orbit satellite broadband is also often used to justify endless deregulation of the sector and the steady erosion of U.S. telecom consumer protections. In part because the lower orbit means such connections should have lower latency than traditional, often crappy satellite broadband. But there too the hype, at least so far, has failed to live up to reality. For example OneWeb, one of several operations exploring the space, has been hyped for a few years as a deus ex machina that will soon fix much of what ails U.S. broadband. From a speech by FCC boss Ajit Pai last year, for example: