Techdirt

The 2020 Full Stack Digital Marketing Certification Bundle has 12 courses to help you master marketing on Facebook, LinkedIn, Google Analytics, and more. You'll learn how to create your first advertising campaign via Google PPC ads and branch out from there to learn about advertising on YouTube and Facebook. You'll also learn how to market ideas and products on LinkedIn, MailChimp, Reddit and more. It's on sale for $39, and if you use the code 20SAVE20, you'll save an additional 20% off at checkout.Note: The Techdirt Deals Store is powered and curated by StackCommerce. A portion of all sales from Techdirt Deals helps support Techdirt. The products featured do not reflect endorsements by our editorial team.

The development and deployment of facial recognition tech continues steadily, but the algorithms involved don't seem to be getting much better at recognizing faces. Recognizing faces is pretty much the only thing it's expected to do and it can't seem to get the job done well enough to entrust with it things like determining whether or not a person is going to be detained or arrested.That critical failure hasn't slowed down deployment by government agencies. There are a handful of facial recognition tech bans in place around the nation, but for the most part, questions about the tech are being ignored in favor of the potential benefits touted by government contractors.Last year, members of Congress started demanding answers from Amazon after its "Rekogition" tech said 28 lawmakers were criminals. Amazon's response was: you're using the software wrong. That didn't really answer the questions raised by this experiment -- especially questions about the tech's disproportionate selection of minorities as potential perps.This has been a problem with facial recognition tech for years now. Biases introduced into the system by developers become amplified when the systems attempt to match faces to stored photos. A recent study by the National Institute of Standards and Technology (NIST) found that multiple facial recognition programs all suffer from the same issue: an inordinate number of false positives targeting people of color.

This week, our first place winner on the insightful side is an anonymous commenter summing up the motivation behind FOSTA 2.0:

Five Years AgoThis week in 2014, NSA mega-defender Mike Rigers took a moment on his way out of congress to attack Obama for not launching a pre-emptive cyberwar with North Korea, while a retired official launched a bizarre lawsuit against Edward Snowden and Laura Poitras "on behalf of the American people". We were also unsurprised to learn that a CIA-appointed panel determined there was nothing wrong with the CIA spying on the Senate.Meanwhile, Sony was still lashing out against people sharing the documents leaked in the big hack, first demanding a Twitter user remove posts then stepping it up and threatening to sue Twitter itself. While this was going on, more digging through the documents confirmed that the MPAA's $80-million settlement with Hotfile was about appearances, not money.Ten Years AgoA brief world tour of this week in 2009: China was raising the Great Firewall even higher with claims about fighting piracy, the Australian Domain authority was shutting down sites critical of internet filters, Argentina was extending its copyright terms, a Hungarian copyright maximalist called those who oppose anti-circumvention laws "hate-driven" and "Maoist", Italian courts were continuing to attack YouTube at every opportunity, the Vancouver Olympics in Canada was making even-more-insane-than-usual intellectual property demands, and the Vatican created a special new copyright-like right on everything related to the Pope. On the more positive side, Chile rejected an attempt to force ISPs to filter and block copyrighted works, and at least one Lord in the UK was fighting to include something good in the Digital Economy Bill.Fifteen Years AgoThis week in 2004, the recording industry was getting creatively evil in attempting to freeze money donated to the Red Cross because it came from the company that operated Kazaa. The CEO of India's eBay affiliate was arrested because people sold pornographic material on the site, ComScore was trying to invent a new category of "researchware" to avoid its tools being called spyware, the Washington Post bought Slate, and some courts that installed WiFi networks were suddenly shocked by the fact that people were using them. Blockbuster was continuing to try to prop itself up, following its recent elimination of late fees with a big price drop for its subscription service. And at a time when it was popular to panic about kids using "text speak" and forgetting how to write properly, one study showed that they are perfectly capable of doing both.

Late last week, Cloudflare put up a fascinating and thoughtful blog post discussing (among other things) a change to its warrant canary list. As you hopefully know, a warrant canary is when a service provider makes a proactive statement about something it has supposedly never done. The idea is that if that statement disappears at a later date, one might reasonably infer that the company had been forced to do the thing it claimed it had not ever done -- and, additionally, that it had possibly been gagged from saying so. There are (somewhat reasonable) criticisms of warrant canaries, and to date, they're probably more well known for false alarms than any actual report of gagged pressured malfeasance.Still, Cloudflare's public (so, not gagged) decision to delete a line from its warrant canary is interesting and worth thinking about. The original warrant canary from Cloudflare stated that the company hadn't done any of the following:

Buying and selling marijuana is legal in the state of Washington. There are several limits placed on these acts, but it's pretty much the equivalent of alcohol. You have to be 21, can only buy a certain amount at a time, and can't smoke it in public or drive under the influence.What's apparently illegal is playfully announcing your pot business sells pot using nothing but Christmas lights. (via Reason)In 2017, Hashtag Cannabis in Redmond, Washington hung up some Christmas lights on the store that spelled out "P-O-T." Here's a really terrible photo of the contested display, taken from the county court's ruling on Hashtag's pot sign:Ho ho ho now I have a gravity bong.The local authorities -- the Washington Liquor and Cannabis board -- were not amused. The Board cited the store for violating restrictions on signage, claiming the string of Christmas lights exceeded the allowable size of 1,600 square inches by 2,300 square inches. It also said the sign was not "affixed" to the "permanent structure," which seems a little weird because lights have to be affixed to something and in this case it was the business' building. The Board also took issue with the word "POT" because it wasn't part of Hashtag Cannabis' business name.Two years later, Hashtag Cannabis has struck a blow for the little guy with Christmas lights, a weed business, and maybe a little too much time on his hands. The ruling [PDF] says the state's regulations run afoul of state free speech protections, as well as the US Constitution.The state argued its ban on POT in Christmas light form was crucial to the government's "substantial interest" in "curtailing minor children's interest in and exposure to the marijuana trade." Inarguably, this is a legitimate interest. However, the laws governing this speech aren't all that legitimate.

For a decade we've talked about how the broadband and cable industry has perfected the use of utterly bogus fees to jack up subscriber bills -- a dash of financial creativity it adopted from the banking and airline industries. Countless cable and broadband companies tack on a myriad of completely bogus fees below the line, letting them advertise one rate -- then sock you with a higher rate once your bill actually arrives. These companies will then brag repeatedly about how they haven't raised rates yet this year, when that's almost never actually the case.Despite this gamesmanship occurring for the better part of two decades, nobody ever seems particularly interested in doing much about it. The government tends to see this as little more than creative marketing, and when efforts to rein in this bad behavior (which is really false advertising) do pop up, they tend to go nowhere, given this industry's immense lobbying power.But something quietly shifted just before the holidays. After a longstanding campaign by Consumer Reports, The Television Viewer Protection Act of 2019 passed the House and the Senate last week buried inside a giant appropriations bill that now awaits President Trump’s signature.The bill bans ISPs from charging you extra to rent hardware you already own (something ISPs like Frontier have been doing without penalty for a few years). It also forces cable TV providers to send an itemized list of any fees and other surcharges to new customers within 24 hours of signing up for service, and allows users shocked by the higher price to cancel service without penalty.The bill's not perfect. Because of the act itself it largely only applies to cable TV, not broadband service where the problem is just as bad. And cable TV providers can still falsely advertise a lower rate, thanks to what appears to be some last minute lobbying magic on the part of the cable TV sector:

The Ethical Hacking Training Bundle has 8 courses designed to help you move from novice to expert in how to diagnose different kinds of cybersecurity attacks and how to defeat them. You'll learn about bug bounty programs, SQL injections, phishing, cross site scripting, and more. It's on sale for $39, and you can use the code 20SAVE20 to save an additional 20% off.Note: The Techdirt Deals Store is powered and curated by StackCommerce. A portion of all sales from Techdirt Deals helps support Techdirt. The products featured do not reflect endorsements by our editorial team.

The world's second-largest jailer of journalists -- Recep Erdogan's Turkish government -- has just been pushed back against ever so slightly by the country's Constitutional Court. The government's long-running ban of Wikipedia has been overturned, the Associated Press reports.

Another case of nonexistent "customer confusion" is being litigated. Tofurky, the maker of several vegetable-based products, sued the state of Arkansas over its bogus [squints at Legiscan in disbelief] "Act To Require Truth In Labeling Of Agricultural Products That Are Edible By Humans" law.The law, written at the behest of meat and dairy lobbyists, claims customers are "confused" by non-meat products that use meat-like words in their product descriptions. A law similar to this passed in Mississippi was recently found unconstitutional by a federal court, resulting in legislators rewriting the law to make it less, um, unlawful.The Arkansas law has an added bonus not found elsewhere: wording targeting the use of phrase "cauliflower rice." Why? Because Arkansas is home to the nation's largest rice industry.Not that any consumers were actually confused. If they had been, they would have approached lawmakers. Instead, the entities approaching legislators were entrenched interests claiming shoppers were too stupid to figure out veggie burgers don't contain meat.That law is now on death's door, having been savaged by a federal judge calling bullshit on the state's willingness to violate the First Amendment to make certain industries happy. (via AgWeek)The ruling [PDF] blocks the state from enforcing the law while the rest of the particulars are sorted out, but it seems clear there's no way the state can salvage this terrible legislation. Tofurky pointed out the law contains no exceptions for makers of plant-based meat alternatives, meaning the company has almost zero chance of ever complying fully with the law, even if it retools its packaging (at an estimated cost of $1,000,000) and does everything it can to keep Arkansas consumers from viewing ads targeting shoppers in states not saddled with idiotic laws.The state argued that Tofurky's use of words like "sausage," "kielbasa," "burger," and "ham" confuse consumers despite Tofurky also using words like "white quinoa," "all vegan," "plant-based," and a big "V" to distinguish its vegetarian and vegan products from the meats they emulate. The court says this argument is ridiculous.

The Maccabeats, as I have just discovered, is an Orthodox Jewish a capella group that specializes in Jewish-themed parodies of hit songs (pretty much all a cappella groups seem to do a bunch of parodies). Their latest video, for this year's Chanukkah, was a parody of both Billie Eilish's Bad Guy (here: "Pan Fry") and Lil Nas X's "Old Town Road." It's pretty entertaining. Anyway, on Tuesday, they got a takedown notice from YouTube, saying that the video is no longer allowed to be shown for copyright violations:

Some sanity has finally prevailed in Austria, where libel laws are anything but sane. Earlier this year, a guest of the Ferienhof Gerlos hotel in Austria was sued by the hotel after posting reviews that mentioned the unexpected presence of a photo of a man in a Nazi uniform by the front entrance.The guest -- referred to in court documents only as "Thomas K" -- said a few things the hotel didn't like in his reviews. This:

The Ultimate SQL Bootcamp Bundle has 6 courses to help you learn how to manage tasks and databases like a pro. You'll learn about SQL Lite, Microsoft SQL, MySQL, PostgreSQL, Rest API, and Oracle SQL. It's on sale for $21.Note: The Techdirt Deals Store is powered and curated by StackCommerce. A portion of all sales from Techdirt Deals helps support Techdirt. The products featured do not reflect endorsements by our editorial team.

Back in March, NY Times reporter Nellie Bowles had quite a story, announcing that When Uber and Airbnb Go Public, San Francisco Will Drown In Millionaires. Nearly all of the article was quotes from various third party service providers -- real estate, financial planners, party planners -- excitedly planning to cash in, but the overall tone of the article was basically one big "Man, San Francisco is sure going to be totally overrun by obnoxious insanely rich tech bros." When that article came out, I think I heard about it from just about everyone I knew. People both here in the Bay Area and elsewhere were all commenting on it -- in many cases worried what it would do to where we all live.And, basically none of it happened. So rather than explore why NY Times reporter Nellie Bowles got it wrong, she's just written a new article about the same types of folks as the last article, complaining that they can't find all the "zillionaires" they expected. Maybe because that's not how any of this works and the original article was feeding a nonsense narrative? But that's not covered. There's no mention of the earlier article at all. There's no exploration of why the predictions didn't come true. Just scores of quotes from people disappointed that the throngs of stupid rich tech bros spending silly money didn't actually appear.This seems like the kind of thing that the NY Times would know better than to do. Both stories are making grand claims, where data could and should exist, but supporting them solely with a few limited anecdotes. There are good times to use anecdotes as a narrative tool in reporting, but considering how frequently I heard from people who honestly believed that tech IPOs were going to completely change San Francisco over the past few months -- which didn't even remotely happen -- it seems like the NY Times owes readers a bit more self-reflection on why it ran the original story, why it framed it the way it did, and why its predictions that were written as if they were set in stone never actually happened.This is the kind of thing that the NY Times used to have a "public editor" to handle, but the NY Times decided a few yeas back that it no longer needed such a position. Each and every day we learn more about why that was a mistake.

Another stupid, pointless effort to turn protectors and servants into professional victims is being mounted in Alabama. Cops can barely be bothered to educate themselves on the laws they're enforcing, but they're usually all over the ones that allow them to turn things they don't like into criminal activity.It's (yet another) "blue lives matter" law being foisted upon citizens by legislators who are altogether too certain they're in the right. Here's the backer of the proposed law that would turn cops into a protected group making a claim that's proven false before the end of the article at PoliceOne.

Last week, Karl wrote up a fascinating post about a NY Times effort to use a dataset that a whistleblower at a data broker firm gave them to track the whereabouts of President Trump, by spotting the location data of what appears to be a Secret Service agent detailed to the President. Karl included two quotes from two different Senators in the article, and I found both of them amusing, as they both basically took the story and responded with their own "hobby horse" solution to the problem, even though neither one of them seemed to accurately understand or describe it:

I usually don't jump in on things like these until a few more facts are in. As much as law enforcement complains about people "rushing to judgment" before every conceivable fact has been examined, here at Techdirt we prefer to be right, rather than first. Hey, we care about our reputation and we know our readers expect better of us.That being said, there are a lot of tells in this story that suggest this is going to get a whole lot worse for the law enforcement agencies involved in this nearly-deadly raid. Not "worse before it gets better." Oh my no. The only way it gets "better" is if these officers and agencies have access to a time machine and can undo every fucked up thing they did here.Here's a brief summary of what happened, as reported by the Associated Press:

We recently wrote about how Senators Lindsey Graham and Richard Blumenthal are preparing for FOSTA 2.0, this time focused on child porn -- which is now being renamed as "Child Sexual Abuse Material" or "CSAM." As part of that story, we highlighted that these two Senators and some of their colleagues had begun grandstanding against tech companies in response to a misleading NY Times article that seemed to blame internet companies for the rising number of reports to NCMEC of CSAM found on the internet, when that should be seen as more evidence of how much the companies are doing to try to stop CSAM.Of course, working with NCMEC and other such organizations takes a lot of effort. Being able to scan for shared hashes of CSAM isn't something that every internet site can do. It's mostly just done by the larger companies. But last week Cloudflare (one of the companies that Senators are demanding "answers" from), did something quite fascinating: it enabled all Cloudlfare users, no matter what level of service, to start using Cloudflare CSAM scanning tools for free, even allowing them to set their own rules and preferences (something that might become very, very important if the Graham/Blumenthal bill becomes the law.I highly recommend reading the entire article, because it's quite a clear, interesting, and easy to read article about how fuzzy hashing works (including pictures of dogs and bicycles). As the Cloudflare post notes, those who use such fuzzy hashing tools have intentionally kept at least some of the details secret -- because being too public about it would allow those who are producing and distributing CSAM to make changes that "dodge" the various tools and filters, which would obviously be a problem. However, that also results in two potential issues: (1) a lack of transparency in how these filtering systems really operate and (2) an inability for all but the largest players to make use of these tools -- which would be disastrous for smaller companies if they were required to make use of such things.And that's where Cloudflare's move is quite interesting. In providing the tool for free to all of its users, it keeps the proprietary nature of the tool secret, but it's also letting them set the thresholds.

Enjoy 9 hours of battery life with this lightweight 11.6-inch Apple MacBook Air laptop. It has 128GB of flash storage to provide plenty of space for files, and its resolution of 1366 x 768 delivers enhanced picture quality. This refurbished Apple MacBook Air laptop has an Intel Core i5 processor and 4GB of RAM for smooth multitasking capability. It's on sale for $400 and if you use the code HAPPYHOLIDAYS, you receive an additional 15% off (code valid across the site until 12/25 11:59pm PST).Note: The Techdirt Deals Store is powered and curated by StackCommerce. A portion of all sales from Techdirt Deals helps support Techdirt. The products featured do not reflect endorsements by our editorial team.

There's a whistleblower talking about TSA stuff, but it's not the sort of whistleblowing you're probably accustomed to. Frustrated by the internal routing of his complaints, the TSA's highest-ranking official in [checks notes] Kansas has brought his complaints to CNN.We all know the TSA has done almost nothing to make traveling safer over the course of its existence, but what the TSA's Jay Brainard has observed shows the actors in our nationwide security theater are tiring of their roles.

Former MEP Julia Reda, who lead the fight to block the problematic parts of the EU Copyright Directive (and who came very close to succeeding against huge odds, but eventually lost) has published a really important piece for the Berkman Klein Center at Harvard about why the new Copyright Directive should terrify every American who recognizes the importance of an open internet. First off, these laws mostly target American companies -- many of which may just choose to follow the new EU rules globally.

Back in the fall, we noted that, even if we thought it was silly, under existing law, it seemed highly likely that the DOJ would win its lawsuit against the publisher for Ed Snowden's memoir, Permanent Record. As I noted at the time, the government and the intelligence community in particular take the issue of "pre-publication review" incredibly seriously. Basically, if you take a job in the intel community, you sign a lifelong contract that says if you ever publish a book about anything regarding the intelligence community, you have to submit it for pre-publication review. Officially, this is to avoid classified information showing up in a book. Unofficially, it also gives the US government a sneak peek at all these books, and sometimes (it appears) allows them to hide stuff they'd rather not be public.As I noted when the lawsuit was filed, there is another ongoing lawsuit challenging pre-publication review requirements on 1st Amendment grounds -- but given the state of the law today, it seemed pretty clear that Snowden would lose this case. And, that's exactly what's happened. Judge Liam O'Grady (who seems to end up with all sorts of high profile cases) easily ruled in favor of the government last week. In short, the court says: an unambiguous contract is an unambiguous contract.

The eternal flame that is Ring's dumpster fire of an existence continues to burn. In the past few months, the market leader in home surveillance products has partnered with over 600 law enforcement agencies to:

Back in October, we wrote about the disastrous results (even if there were good intentions behind it) of a California law, AB5, that sought to "protect" so-called "gig" workers by forcing companies to hire them as employees, rather than freelancers/contractors. Supporters of the bill, including its vocal author Lorena Gonazlez, argued that it was necessary to protect these workers from exploitative companies and that it was clarifying what the courts had already decided. However, a big part of the problem was the framing of the bill, which more or less assumed that no one could possibly want to be a freelancer or contractor, that everyone must want to be an employee. That's not true. Nowhere was this more clear than in the world of freelance journalism, where many freelancers like the flexibility that comes with the role, and the ability to write for many different publications. Gonzalez's bill, which goes into effect on January 1st, put a ridiculously low yearly "cap" on articles that a freelancer could contribute to a single news site at 35. Any more than that, and the person would need to be reclassified as an employee. Even Gonzalez flat out admitted that the 35 cap was "a little bit arbitrary." Lots of freelancers contribute way more than 35 articles per year (some do more than that in a month), and they rightly saw that this would likely destroy the ability to be a freelance journalist in California.Gonzales didn't make things any better by initially attacking some of those who pointed out these problems, even retweeting a tweet calling journalist Yashar Ali "a selfish piece of shit" for pointing out the problems with the bill. And, of course, as the law is about to go into effect, the impact is being felt. The biggest one was Vox-owned sports site SBNation, which has long allowed for sports fans to write about their favorite teams and get paid for it as freelancers. However, last week, Vox announced it could no longer have California freelancers writing for the site. It was going to hire a much smaller number of full time staff, but hundreds of freelance contributors could only continue to contribute for free:

Earlier this year, the Fifth Circuit Appeals Court inexplicably allowed an anonymous police officer to continue suing activist DeRay McKesson for the injuries he sustained when someone (not DeRay McKesson) threw a chunk of concrete at him during a protest in New Orleans.Never mind the First Amendment, said the court. What about the duty of care McKesson somehow inherited when he chose to organize a protest? Since the protest deliberately broke the law by blocking traffic, the court decided McKesson was at least indirectly responsible for any violence resulting from the inevitable clash between protesters and law enforcement.

Commute, hit the gym, jog around town, and more in style with the PaMu Slide in-ear headphones. Ergonomically designed, these earphones stay in your ears no matter how much you jostle them. They boast a Qualcomm QCC3020 chip and the most advanced Bluetooth 5.0 tech to give you powerful sound with extra bass. With outstanding battery life, they charge fast and last for up to 60 hours of playtime with the included charging case (which also conveniently doubles as a wireless phone charger.) Enjoy your favorite playlists or podcasts on the go, rain or shine, with an IPX6 water-resistance that keeps your headphones protected from rain, water, and sweat. They're on sale for $100 and if you use the code MerrySave15, you'll save an additional 15% off.Note: The Techdirt Deals Store is powered and curated by StackCommerce. A portion of all sales from Techdirt Deals helps support Techdirt. The products featured do not reflect endorsements by our editorial team.

Just as some in Congress are finally realizing that perhaps all of the moralizing around the need for FOSTA missed the fact that it actually put more people at risk, Senators Richard Blumenthal (an original sponsor of what became FOSTA) and Lindsey Graham are preparing for FOSTA 2.0 instead. This is coming a few months after Graham's big grandstanding "but think of the children online" hearing that was basically a few hours of clueless moral panic about things that insecure adults were absolutely positive the kids were getting up to on their phones.The latest reporting on the planned "let's break Section 230 a bit more" bill from Graham and Blumenthal is that they'll create a new FOSTA-like exemption from Section 230 protections for any internet company found to have hosted "child sex abuse material" (the industry's new favorite acronym: CSAM). From what I've heard in talking to people on the Hill, a "commission" would be formed that would set forth "best practices" for preventing CSAM on their platforms, and if an internet company wanted to "earn" its CDA 230 protections, it would need to show that it complied with the commission's recommendations. Also, "certifying" that you comply, but not actually complying, could lead to criminal charges.Of course, what this misses is that basically all major internet companies already have systems in place to deal with this stuff -- mostly in working with NCMEC, the National Center for Missing and Exploited Children. But, Congress loves nothing better than an issue it doesn't understand but can grandstand over. A few months back, the NY Times ran a highly misleading article about CSAM, using the data around all of the vast amount of reporting that internet platforms did to NCMEC about the CSAM they found and dealt with... and using that to suggest the platforms themselves were to blame for the issue.Child sexual abuse is a very real and very serious issue. But, as with "sex trafficking" and FOSTA last year, blaming the tech companies for it seems really misguided. That NY Times article did exactly that -- using the numbers reported to NCMEC as evidence that the problem was growing (rather than as evidence that tech companies were doing a better job finding, blocking and reporting this stuff). Indeed, if you actually read down into the details, what the article is really demonstrating is the failure of the federal government and the Justice Department in tackling the very real criminal issues related to CSAM.But what good Senator can grandstand about their own failures to fund the DOJ's efforts, when it's much more fun and headline-grabbing to send letters to 36 major internet companies demanding to know what they do to stop CSAM, which is now being used as the basis for this new law.Again, these Senators could be funding the DOJ to tackle the problem. They could be helping NCMEC better deal with its own issues. But, instead, they're going to attack the group of companies who have been overwhelmingly proactive in helping to fight CSAM. And, in the process, they're going to end up poking another bunch of holes in Section 230, which (if FOSTA is any evidence) is likely to have the exact opposite impact of what the Senators insist will actually happen.

For the better part of the decade, ISPs like Comcast and Spectrum have been desperately trying to carve out a niche in the home security and automation space. But despite their best efforts those projects haven't gone particularly well, to the point where big ISPs try to hide how many subscribers have signed up for such service in earnings reports. Historically, users already feel they pay their cable TV and broadband provider too much money, and only a few folks feel it's worth paying them even more for home security and automation products they can find elsewhere, usually for less.Customers received a good reminder last week of why it's not worth buying home security and automation services and products from their ISP. Charter Spectrum, the nation's second biggest cable provider, has announced it's shuttering its home security services as of February:

This week, our first place winner on the insightful side That One Guy responding to various portions of the letter from members of Congress telling a private organization not to comment on copyright law:

Five Years AgoThis week in 2014, the world was reeling from a major hack of Sony and a trove of documents it exposed. While the company was trying to put the genie back in the bottle (even being accused of engaging in DDoS attacks), the documents were revealing the MPAA's relationwhip with Attorneys General, especially Mississippi's Jim Hood in his investigations Google — soon followed by more evidence, then even more, prompting Google to file a challenge against Hood's subpoenas. We also learned more about the MPAA's ongoing desire for SOPA-style site blocking and its secret plan to break the internet by reinterpreting the DMCA. By the end of the week, the FBI had formally accused North Korea of being responsible for the hack.Ten Years AgoThis week in 2009, Microsoft made one of the most infuriating DRM screw-ups when Office 2003 started locking people out of their own documents, Blu-Ray was trying to implement a silly managed copy DRM, and Apple and various other companies were making it almost impossible to publish an audiobook without DRM. A woman who was arrested for filming snippets of New Moon was considering suing the theater, ASCAP was demanding licenses from venues that let people play Guitar Hero, and the FBI did its duty as Hollywood's police force and arrested the person who leaked Wolverine online. Meanwhile, Joe Biden convened a "piracy summit" that was completely one-sided, full of copyright maximalists complaining about theft, where reporters were kicked out so everyone could schmooze in peace. Congress also earmarked another $30-million to fight piracy, but we were at least somewhat pleasantly surprised when the White House actually came out in favor of copyright exemptions for the visually impaired.Fifteen Years AgoThis week in 2004, TiVo was still king of the DVR world, and started lashing out to protect its trademark in some questionable ways, while Blockbuster was trying to forestall its death at the hands of Netflix by doing away with late fees. A lawsuit was filed with the argument that software should not be copyrightable, the MPAA decided to start going after BitTorrent trackers, and SonyBMG was once again celebrating new DRM for CDs. And in Canada, a court overturned the country's tax on MP3 players, though we suspected that would just set the stage for new and even worse legislative changes.

Hadopi, the French law built to punish copyright infringers in graduated steps, was always controversial. In addition to many in the public scoffing at the punishment ramp the law put on the public, the actual effects of the law have been murky at best. While Hadopi basically ceased to be in 2016, it is true that the French public has been trending towards less piracy and more legal practices in its wake. Always at question is exactly how direct a relationship that kind of trend has with laws like Hadopi. Studies have straddled both answers to that question, even as we all realize the truth, which is that the impact of laws like Hadopi is nuanced.Fortunately, the latest study looking back at when Hadopi was first introduced has a nicely nuanced output. The academic study by Ruben Savelkoul compared digital music sales across several European countries looking to answer two questions. First, did Hadopi actually correlate to increased digital music sales through its threat of enforcement? Second, how were those effects spread across the music industry landscape and how long-lasting were they?The answers are quite fascinating. As to the first question:

Billionaire casino mogul Sheldon Adelson has been known to be a bit litigious at times. Way back in 2015, when there was an effort underway to overturn Nevada's very good anti-SLAPP law, there was speculation that Adelson was behind the effort, due to him losing a case thanks to that law. It turns out that the remnants of that particular case are still going, despite dating all the way back to events in 2012. The issue involves the National Jewish Democratic Council posting a link concerning operations in Adelson's Macau casinos. The case went through a variety of different courts and was dismissed under Nevada's anti-SLAPP laws.But a variation on that case continued because when NJDC then sought compensatory and punitive damages for the original SLAPP suit, Adelson tried to flip the script and argued (among many other things) that the lawsuit against him for such damages was, itself, a SLAPP suit. Earlier this fall, the judge said that's not how any of this works.

The Second Circuit Court of Appeals has suggested -- not exactly ruled -- that backdoor searches of Section 702 collections targeting Americans (citizens and permanent residents) is a violation of the Fourth Amendment.The case involves Agron Hasbajrami, a lawful permanent resident who was arrested in 2011 as he attempted to board a flight to Turkey. The government claimed Agron -- an Albanian immigrant -- was ultimately headed to Pakistan to join a terrorist organization.Agron is somewhat of a unicorn. He's one of the few defendants that's actually been informed the evidence used against him was derived from NSA collections under Section 702. The DOJ is supposed to be proactive about this, but instead has chosen to emphasize parallel construction over transparency.The evidence appears to have come from a backdoor search by the FBI. The FBI is allowed to access Section 702 collections, but domestic data and communications are supposed to be "minimized" to protect US persons swept up by the NSA. If the FBI performs backdoor searches to access Americans' communications that have been incidentally collected by the NSA foreign-facing surveillance programs, it should have to obtain a warrant. But that's not actually the case for a couple of reasons. First, very few defendants are ever informed of the true source of the evidence against them. Second, the secrecy shrouding the NSA's collections and the Intelligence Community's access prevents a lot of judicial examination in the few cases where evidence can actually be challenged.The Second Circuit's ruling [PDF] kicks Hasbajrami's case back down to the lower court so it can reexamine the Fourth Amendment implications of warrantless backdoor searches. The Appeals Court has no problem with the NSA's collections, which putatively target foreigners. The court says these are lawful. Accessing collected communications from Americans via the NSA's collections, not so much.The issue here isn't the collection itself or any inadvertent collection of US persons' communications. The problem is the querying of stored communications without a warrant when the target of the queries is a US person. The court doesn't say the FBI can't look at its own stored collections without a warrant to locate intelligence or evidence. Stuff it has already acquired is fair game, more or less. The court makes a physical analogy:

As companies and governments increasingly hoover up our personal data, a common refrain to keep people from worrying is the claim that nothing can go wrong because the data itself is "anonymized"--or stripped of personal detail. But time and time again, studies have shown how this really is cold comfort; given it takes only a little effort to pretty quickly identify a person based on access to other data sets. Yet most companies, policy folk, and government officials still act as if "anonymizing" your data means something. It's simply not true.While that point hasn't yet resonated with the public and press fully, it should now.The second in an amazing 7 series saga by the New York Times was released this week, taking a closer look at a data trove of 50 billion location pings from the phones of more than 12 million Americans given to the Times by an anonymous insider at one of countless location data brokers. The first in the Times' series took a look at how easy it was to identify "anonymized" normal citizens and track their everyday lives. This second piece ups the ante by... easily tracking the President of the United States via the location data of one of his secret service agents:

In May, San Francisco became the first city in the United States to ban facial recognition tech by city agencies. Being on the cutting edge has its drawbacks, as the city has now found out several months later. Tom Simonite and Gregory Barber of Wired report the city's legislation inadvertently nuked many of its employees' devices.

Get started producing your own music with the Ultimate Logic Pro X Music Production Bundle. Logic Pro X is the leading Digital Audio Workstation for Apple users and it's used across professional studios and bedrooms worldwide. Learning how to use your DAW correctly will improve the quality of your music and the speed you create it. Over 8 courses, you'll learn everything from songwriting, mixing and mastering tracks, audio mixing for podcasts, and more. It's on sale for $29 and use the code MERRYSAVE15 for an additional 15% off.Note: The Techdirt Deals Store is powered and curated by StackCommerce. A portion of all sales from Techdirt Deals helps support Techdirt. The products featured do not reflect endorsements by our editorial team.

We've highlighted the many problems with the various lawsuits against Cox Communications arguing that the company should be held liable for failing to wave a magic wand and stop all piracy from occurring on its service. The internet access provider was originally sued by music publisher BMG, and they got a judge who made it clear that he was not a fan of the internet, and didn't see why it should be a problem for anyone to be kicked off the internet at all. Cox lost the case mostly because the company didn't really follow its own internal repeat infringer policy. That ruling was upheld on appeal, leading the company to settle the case for $25 million.Sensing an opportunity to cash in, all of the RIAA major record labels jumped in to sue Cox as well -- and got the same exact judge, Liam O'Grady. After a trial earlier this month, a jury has now awarded an absolutely astounding $1 billion damages verdict. The verdict is so preposterous and so disconnected from reality, that the math is wrong. The jury verdict document said that each infringed work should lead to statutory damages to the tune of $99,830.29. And there were 10,017 works infringed. And thus, the total was $1 billion on the dot:Except that if you multiply those two numbers, the total would actually be $1,000,000,014.93. The jury's bad math saved Cox just about $15. Small favors.Anyway, Cox has already made it clear that it will appeal, and I'd be stunned of such an amount held up. Everything about this is (1) crazy and (2) demonstrative of just how messed up and broken the "statutory damages" set up is for copyright. We've long wondered why statutory damages are even a thing in copyright, because they really don't make any sense. But the fact that statutory damages can go as high as $150k per work infringed -- even if there were literally no actual damages, raises significant 5th Amendment issues about due process (specifically, the wholly arbitrary nature of the jury award) and whether or not the award is "obviously unreasonable."In a Supreme Court ruling almost exactly 100 years ago (St. Louis v. Williams), the Supreme Court ruled about obviously unreasonable awards, noting that there's a problem when "the penalty is 'arbitrary and unreasonable, and not proportionate to the actual damages sustained.'" That certainly seems to be the case here. After all, a basic recounting of the facts seems important here. Yes, Cox did not adequately follow its own repeat infringer policy, which may have lost it its DMCA safe harbors, but a jury verdict of over $30,000 per work infringed requires the jury to say that each and every infringement was willful by Cox. And that's crazy. Fucking up your own policies doesn't mean that you willfully infringed on every single work that someone shared via your network. Indeed, Cox was actually one of the more aggressive internet access providers in kicking people off for infringing.Just to put this in perspective, the entire RIAA made just under $10 billion in 2018 in the US. IFPI reported that the total globally was $19.1 billion. And they want to now say that piracy of 10,000 songs on one ISP should grant them $1 billion? Honestly, the award is so insane, and so out of touch with reality, I actually wonder if the RIAA might come to regret it, as it makes the strongest case I've seen yet for the sheer unconstitutional nature of statutory damages, without any evidence of actual damages, for copyright infringement.

First there was the Securus and LocationSmart scandal, which showcased how cellular carriers and data brokers buy and sell your daily movement data with only a fleeting effort to ensure all of the subsequent buyers and sellers of that data adhere to basic privacy and security standards. Then there was the blockbuster report by Motherboard showing how this data routinely ends up in the hands of everyone from bail bondsman to stalkers, again, with only a fleeting effort made to ensure the data itself is used ethically and responsibly.Throughout it all, government has refused to lift a finger to address the problem, presumably because lobbyists don't want government upsetting the profitable apple cart, or because too many folks still labor under the illusion that this sort of widespread dysfunction will be fixed by a clearly broken and unaccountable US telecom market.Enter the New York Times, which this week grabbed a hold of a massive data set from a broker, highlighting the scope of this problem. The dataset includes 50 billion location pings from the phones of more than 12 million Americans as they traveled around Washington DC, New York, San Francisco and Los Angeles. In this case the data came from a location data company that hoovers the data up from apps, though cellular carriers and appmakers alike have been equally complicit.The report is part of a 7-part series highlighting just how big the problem has become, and just how little we're doing about it:

As is usual for cases being considered by the EU's highest court, the Court of Justice of the European Union (CJEU), before the main ruling a senior legal adviser offers a preliminary opinion. Although the view by the Advocate General is not binding on the court, it often gives a good idea of how things will go. That makes some of the issues raised in a new opinion by Advocate General Saugmandsgaard Øe (pdf) concerning the EU's GDPR privacy regulation particularly interesting. The case is yet another one triggered by a complaint from the privacy activist Max Schrems as a result of Snowden's revelations. The background is summed up well by the press release on the Advocate General's opinion (pdf):

While the volume isn't enormous, I would still say that there are entirely too many Techdirt posts on the topic of yoga. Most of those center around yoga instructors somehow thinking that a specific progression of yoga poses is somehow deserving of copyright protection or patents. The whole thing feels antithetical to yoga practices to begin with, which are at least in part about bringing a calm spiritual experience into a healthy living style. Paywalling that is an odd choice.But it gets all the more strange when a yoga organization somehow thinks that a documentary using footage to tell its story runs afoul of copyright law. That is what's happening in a public war of words between Netflix and Ghosh's Yoga College, where Bikram Choudhury studied early in his career. The documentary is entitled Bikram: Yogi, Guru, Predator, and it details the story of Choudhury and accusations from those in his classes that he'd used racist invective and has been sexually inappropriate towards them. Where Ghosh's Yoga College comes in, however, is to complain publicly that the film used video of Choudhury practicing at its facilities.

Well, this is very disappointing. Back in 2015, you may recall that there was an effort to get SpaceX to put its photos into the public domain. As you hopefully know, all NASA photos, as works of the US government, are in the public domain -- which let us post photos like this one:But as more and more spaceflight gets privatized, there were concerns that future space photos may increasingly get locked up behind copyright.After an initial outcry, SpaceX initially agreed to use a Creative Commons license, but one that restricted usage to non-commercial efforts. As we pointed out at the time, that really wasn't good enough. Why does SpaceX need copyright as incentive to take photographs?After people pointed this out to Elon Musk, he said that they had a good point and that he changed SpaceX's policy to dedicate all the photos to the public domain. And that's how it's been for over four and a half years.Until now. As Vice's Motherboard reports, SpaceX has now gone back to a more restrictive Creative Commons license, one that says no commercial use is allowed. While using CC is better than going all out with full restrictions, this is still a very disappointing move. The company has told reporters that news organizations can still use the images, and many will have to rely on that promise. While Creative Commons has put a lot of effort into "clarifying" what is meant by "non-commercial" in recent years, including highlighting that for profit news orgs should still be able to make use of such works, that's not really been tested in court.And, considering that Elon Musk has an occasionally antagonistic relationship with the press, you could see an unfortunate situation in which he decides to go after a journalism organization that upsets him by claiming that they were misusing the "NC" part of the license on a SpaceX photo.So, once again, we have to ask: why is SpaceX doing this? Why is it going back on Musk's earlier promise that all SpaceX photos would be in the public domain? Why does SpaceX need the restrictions of copyright as an incentive to take photos? Isn't just being able to get to space enough incentives to take some photos?

One of the features of surveillance in Germany is the routine use of malware to spy on its citizens. The big advantage for the authorities is that this allows them to circumvent end-to-end encryption. By placing spy software on the user's equipment, the police are able to see messages in an unencrypted form. Austrian police were due to start deploying malware in this way next year. But in a welcome win for digital rights, Austria's top court has just ruled its use unconstitutional (in German). The Austrian Constitutional Court based its judgment on the European Convention on Human Rights (ECHR -- pdf). The Web site of the Austrian national public service broadcaster ORF reported the court as ruling:

India's internet blockade targeting the Kashmir state has set a dubious record that really shouldn't be held by a government that considers itself a democracy.

The Complete Raspberry Pi Course Bundle has 3 courses designed to help you master the Raspberry Pi. Catered for all levels, these project-based courses will get you up and running with the basics of Pi, before escalating to full projects. Before you know it, you'll be building a gaming system to play old Nintendo, Sega, and Playstation games and a personal digital assistant using the Google Assistant API. You'll also learn about the Pi Camera Module, how to use the Amazon Developer Portal to configure and create, and how to integrate with Alexa. It's on sale for $19, and if you use the code MerrySave15, you'll save an additional 15% off.Note: The Techdirt Deals Store is powered and curated by StackCommerce. A portion of all sales from Techdirt Deals helps support Techdirt. The products featured do not reflect endorsements by our editorial team.

A few months back, we were pleasantly surprised to see Rep. Ro Khanna announce plans to introduce a bill that would study the impact of FOSTA on sex workers. Earlier this week, he came through, introducing the SAFE SEX Workers Study Act, which he's introducing with Rep. Barbara Lee in the House. On the Senate side, Senators Elizabeth Warren and Ron Wyden have introduced the companion bill. You can read the bill here. It would task Health & Human Services with studying the impact of FOSTA on sex workers, in coordination with the Centers for Disease Control and the National Institute of Health.The bill is quite clear in laying out the concerns these elected officials have about the overall impact of FOSTA:

If you recall, the state of Wisconsin had originally promised Taiwan-based Foxconn a $3 billion subsidy if the company invested $10 billion in a Wisconsin LCD panel plant that created 13,000 jobs. But as the subsidy grew to $4.5 billion, the promised factory began to shrink further and further to the point where nobody is certain that anything meaningful is going to get built at all.Last October, reports emerged clearly illustrating the ever-shrinking nature of the deal. They also highlighted how Foxconn was effectively just using nonsense to justify its failure to follow through, showing that while the company hadn't built much of anything meaningful in the state, it was still routinely promising to deploy a "AI 8K+5G ecosystem" in the state to somehow make everything better. Shockingly, that mish-mash of buzz words is effectively meaningless.Whatever Foxconn is building in the state now, it's certainly not the massive factory that was supposed to create 13,000 jobs. Feckless leaders appear to have just finally figured out the original deal should be amended in the wake of Foxconn's head fake (something even Foxconn seemed amenable to initially), yet documents obtained by The Verge show that the company is refusing to budge in any meaningful capacity until somebody grows a spine and forces them to:

According to Eric Goldman's count (and he would know), this is the 12th ridiculous "blame Twitter for terrorism" lawsuit to be tossed by a federal court. The dubious legal theory -- one so dubious it has yet to find any judicial takers -- is that Twitter and other social media platforms "allow" terrorists to converse and radicalize and do other terrorist things. What no one has successfully alleged is that Twitter, Facebook, etc. are directly or indirectly responsible for terrorist attacks.This lawsuit was one of the dumbest. The brain geniuses at Excolo Law convinced a client this would be a winning strategy: claim the shooting of some cops by a shooter in Dallas was Twitter's fault because possibly the shooter thought terrorist group Hamas was pretty cool. 96 pages of lawsuit and this was the tenuous allegation plaintiffs Jesus Retana and Andrew Moss thought might finally prove social media companies are providing material support to terrorists.

We were just discussing the deafening silence coming from two of the most prolific copyright trolls in federal courts, Malibu Media and Strike 3 Holdings. While both trolls had set a record-breaking pace for the better part of this year, both also suddenly went mostly silent over the last couple of months. As we indicated in that post, Strike 3 specifically appears to have simply moved its operations to Florida state courts. While we were not totally sure why that would be at the time of the last post, we had a theory.

When the NAFTA replacement "USMCA" agreement was first announced last year, we noted that it included a mix of good and bad ideas. The key good idea was that the USMCA contained a bit of language establishing a requirement for strong intermediary liability protections, similar to (but not exactly the same as) Section 230's protections in the US. Among the really bad ideas was expanding the data protection term for biologics -- which, we've noted, is really dangerous for basic science and innovation for new drugs -- but was supported by big pharmaceuticals to increase their monopoly power and ability to extract monopoly rents.So it seems like good news that the latest version of the agreement keeps the intermediary liability protections and drops the biologics piece, which has the big pharma companies screaming angrily.The intermediary liability protections for tech also have lots of people complaining -- including from both parties, but it's all ridiculous. First of all, most of the people freaking out about this are the very same people who originally loved the idea of sneaking ideas like longer copyright terms and anti-circumvention provisions into trade deals, and are now mad that internet companies are realizing that other ideas, that are better for the internet and free speech, can be put into those deals as well.Perhaps more importantly -- as you hear more people whining about the inclusion of intermediary liability protections in USMCA -- is that these protections aren't even that strong, and Canada is already talking about ways to put more liability on internet services, despite what it's about to agree to in the USMCA. In other words, while it's good to see this language in the agreement, which will, at the margins, help keep the internet more open for free speech, the actual impact of this provision may be limited by creative efforts to write around the agreement -- and now just becomes a stick for those pushing the whole "techlash" narrative to beat against a wall.

In Mike's piece about Greg Doucette's lawsuit against the Sons of Confederate Veterans for abusing the DMCA, he suggests that the lawsuit might not belong in the Northern District of California. I thought it worth exploring why it might very much belong here, because those reasons may apply to most other DMCA Section 512(f) jurisprudence as well.Mike is right that there are many things to consider in deciding where to bring a legal fight. Neutral ground, especially on issues as sensitive locally as those raised by this case, can indeed be desirable because it will help allow for clear focus on the legal questions. And in this regard Northern California is a better choice than North Carolina.But there are also legal considerations. When I first read Marc Randazza's demand letter on behalf of Doucette, I worried that he would have to file any such lawsuit in Northern California. Which is in the Ninth Circuit, which is the sole circuit that has thus far interpreted Section 512(f) of the DMCA. And which, in doing so, basically inserted its own language into the statute when it decided that a takedown notice sender only had to have a subjective "good faith belief" that the targeted material was infringing. Which represents a substantial decrease in the amount of good faith a takedown notice sender would need to have in order to be able to send their deletion demands with impunity. Which has thus severely defanged the DMCA's 512(f) provision, which was supposed to impose a deterring penalty on those who send invalid ones. And which has therefore now opened the door to a torrent of unmeritorious and abusive takedown demands, of which the Songs of Confederate Veterans demand was just one more. I therefore hoped that if any lawsuit should follow that it be filed elsewhere, where a new court could look at the statute with fresh eyes and ignore the Ninth Circuit's statutory modifications. But I wasn't sure it could be.Forum choice isn't exactly a science. It can sometimes be the most heavily litigated aspect of a case. And there also may not always even be just one right answer. But there are some general rules to help figure out whether a forum choice is appropriate, and one of them relates to where the harm occurred. On the one hand, the Sons of Confederate Veterans were likely located in North Carolina when they dispatched their takedown notice. But that takedown notice was dispatched to a company with corporate headquarters in Northern California, and it was at that company where the decision to abide by the takedown demand and remove the material Doucette had published was made.And where, arguably, it needed to be made. Because a DMCA takedown notice isn't really an attack against allegedly infringing content. It's an attack against the 512(c) safe harbor that Internet platforms depend on to not get obliterated by crippling copyright litigation. Greg Doucette's speech was victimized by the takedown demand, but the takedown demand itself was the Sons of Confederate Veterans actually throwing down the gauntlet at Dropbox, demanding satisfaction. Like any 512(c) takedown notice it essentially was a declaration to the platform, "Take this content down, or we may sue you for it." And all the harm that then flowed to Doucette was due to Dropbox, a company headquartered in Northern California, yielding to this threat.We may wish that Dropbox had resisted this facially unmeritorious demand. From time to time platforms can and do resist bogus takedown demands. But by and large it is simply not possible to pick and choose which to ignore. There are simply too many takedown demands, and the stakes are too enormous if the platform should get the call wrong.Which is why having a provision like 512(f) as part of the DMCA was so important. Because the platforms cannot effectively filter out the abusive takedown notices, we need the senders to do it themselves. We need the fear of expensive sanction needs to be plausible enough to make a takedown notice sender think twice before sending a wrongful one. Unfortunately, following the Rossi and Lenz v. Universal cases, the decision to send garbage takedown demands is now virtually costless.But maybe it won't be here. It's quite possible that this takedown notice, which zeroed in on a textbook-example of First Amendment-protected speech exemplifying exactly why the public interest demands we protect it, failed to meet even the flimsy Ninth Circuit standard of "subjective" good faith. It's possible that adjudicating this case, in N.D. Cal and maybe eventually the Ninth Circuit at large, could turn out to provide a precedential example that helps revive at least some of the potency 512(f) was supposed to have. True, it won't be able to incite the sort of circuit split that attracts the Supreme Court review needed to resolve the issue once and for all, as it unfortunately refused to do in the Lenz case. But given the number of Internet platforms availing themselves of the 512(c) safe harbor who are located here, in this district and this circuit, this is where we need to see the courts finally start recognizing and punishing the harm on protected speech that these meritless takedown demands inflict.