Techdirt

Last week we noted that the general consensus at this point is that Bloomberg screwed up its story about a supposed supply chain hack, in which it was claimed that Chinese spies hacked Supermicro chips that were destined for Apple and Amazon. Basically everyone is loudly denying the story, and many are raising questions about it. In our comments, some of you still seemed to want to believe the article, and argued (without any evidence) that the US and UK governments, along with Amazon and Apple, were flat out lying about all of this. I pointed out a few times that that's not how things work. Also untrue is the idea that many floated that the US government was forcing Apple and Amazon to lie. That also is not how things work (for those who don't believe this, please check your First Amendment case history).Anyway, over at Serve the Home, Patrick Kennedy has one of the most thorough and comprehensive debunkings of the Bloomberg story, detailing how incredibly implausible the story is. Kennedy's write-up is very detailed, including lots of pictures and detailed drawings of how networks are set up. Here's just a little snippet as an example:

The ATF's stash house stings are one of the worst things about federal law enforcement. And it's a crowded field! Sure, the FBI routinely engages in something approaching entrapment when it turns people with self-esteem problems and/or serious mental health issues into terrorists. But the FBI can't tell a judge how much terrorism to charge defendants with. The ATF stings -- involving imaginary drugs hidden in fictitious stash houses -- give the government the ability to trigger mandatory minimum sentences simply by claiming the fake stash of drugs was more than five kilos -- automatically setting up defendants for 20-year prison terms.Another victim of the ATF's stash house stings is fighting his conviction in court. Daryle Lamont Sellers hopes to prove the ATF's stash house stings are racially-biased. There's some evidence this is the case. Researchers found sting operations in Chicago netted a disproportionate number of minority suspects. A review of hundreds of court cases by the USA Today showed the ATF targeted minorities 91% of the time.Sellers says the ATF is engaging in selective enforcement. To do that, he needs information the ATF has on hand, but is refusing to hand over. The Ninth Circuit Appeals Court has declared Sellers should have access to this information because the claim he's making isn't the same as selective prosecution, which requires Sellers to show more than he has in this case. From the decision [PDF]:

Just about two years ago, you might recall that the internet partially imploded after DNS provider Dyn was hit with a historically massive DDOS attack. A major reason for the attack was the Mirai botnet malware, which made creating rampant botnets a pretty trivial affair for anybody with an IQ over 70. The other problem was that Mirai was able to quickly compromise and incorporate millions of internet of things devices as part of the assault thanks to said devices' lack of meaningful privacy and security protections.That included a large number of DVRs and internet-connected cameras by a Chinese company by the name of XiongMai Technologies, which stated it would be recalling many of the devices after issuing a statement in rather broken English that didn't really make much sense:

As Canada looks to update its copyright laws as part of the USMCA, the replacement for NAFTA strong-armed into existence by Donald Trump, we covered previously how ridiculous it is that copyright interests have been allowed to stick their nose in the whole thing and make all kinds of demands. Part of USMCA involves allowing Canada to keep its notice and notice system, as opposed to the notice and takedown system we have here in the States. While Canada's system is preferable to our own, it's not without it's flaws, of course. One of those flaws is how the notice and notice system has devolved into a deluge of settlement letters.So dire is the plague of threat letters, in fact, that ISPs in Canada are using this opportunity to suggest outlawing those threat letters be included in the updates of Canadian copyright laws.

Let's start off with the basics, because if I don't, I know we'll be flooded with these comments: no, the European concept of "free speech" differs quite a bit from the American one. The American 1st Amendment creates extremely strong protections for all sorts of expression -- including insulting or offending expression. Europe has always been a bit more willing to shove various exceptions into the right of freedom of expression, while mostly paying lip service to the concept. Article 10 of the Human Rights Act says that you have the right to your own opinions and the freedom to share them without government interference but, in practice, Europe has always been much quicker in brushing that aside in order to engage in all sorts of censorship from prior restraint to rewriting history.And, according to a new ruling from the European Court of Human Rights, another exception to free expression is that you can't disparage religions because it might hurt the feelings of religious practitioners. No, really.The case, which was originally brought in Austria, involved a woman who hosted an event where she made a bunch of silly and misleading claims about Muslims and the Prophet Muhammad, in particular, claiming that because one of his marriages was to a very young girl, there was an implication that he was a pedophile (and further, strongly implying that other Muslims sought to emulate Muhammad). I'm not entirely clear as to why anyone cares what someone did over a thousand years ago (nor could anyone know with any real certainly what actually happened), but either way, some were offended by these comments -- and that's fine. If someone says offensive things, it's reasonable for some to take offense.But to claim its a human rights violation?Multiple lower courts found that such comments could not be permitted, and it finally went up to the European Court of Human Rights, where much of the discussion centered around what the court believed was a clash, of sorts, between freedom to express opinions and freedom to manifest religion. And, the court comes down in this with an argument that would be laughed out of any US court, in that it sets up a "balancing" test. As Ken White has explained multiple times, the Supreme Court in the US doesn't recognize any "balancing" test when it comes to free speech. In US v. Stevens, the Supreme Court explicitly rejected any sort of balancing test:

Microsoft Azure is in high-demand in today's business, as it's used by 85% of Fortune 500 companies, particularly in conjunction with the Microsoft Office 365 Suite. The Microsoft Azure Mastery Bundle will take you through training for three certification exams: 70-532, 70-533, and 70-535. You'll learn about Azure virtual networks, managed identities, Azure web apps and much more. The bundle is on sale for $34.Note: The Techdirt Deals Store is powered and curated by StackCommerce. A portion of all sales from Techdirt Deals helps support Techdirt. The products featured do not reflect endorsements by our editorial team.

Last year we mentioned an interesting (or crazy, depending on your point of view) case that was being sent to the EU Court of Justice (CJEU), on a German case, exploring whether or not a German newspaper had infringed on the government's copyrights in publishing leaked military reports about German operations in Afghanistan (which people are calling the "Afghanistan Papers"). And, yes, as we've discussed before, while US copyright law is quite explicit that works created by our federal government cannot be subject to copyright law, many other countries do have a terrible and highly questionable concept of "crown copyright." In most cases -- including the one at the heart of this case -- such laws are used to stifle the press and freedom of speech. Here it's quite obvious that the case is being brought not because of the copyright incentives in these military reports, but in an attempt to stifle the leaks and intimidate the media from publishing such things.Either way, the CJEU's Advocate General has weighed in and is now saying that there can be no copyright interest in such a document:

The NSA is promising to be kinder to whistleblowers.

This was widely predicted this summer in the wake of the EU's massive $5 billion antitrust fine on Google concerning its practices with Android. As we noted at the time, the EU's antitrust focus seems to be much more directed at harming US companies rather than protecting EU consumers. Indeed, it is leading to situations where the antitrust efforts seem to be harming EU consumers, rather than helping them.The latest is that Google is no longer offering its app suite for free in Europe.

Regular readers here will know that we have been sounding the alarm on how trademarks are being handled in the enormously explosive craft beer industries. With the explosion of trademark applications in the industry, it's no surprise that a cottage industry for legal intellectual property services specifically for beer brands has sprouted up. We've already begun to see the fallout from the a once-friendly and fraternal industry devolving into protectionism, but the only sane read on the data is that it's going to get a lot worse in short order.But, lest you think this is some uniquely American problem, a report out of the UK shows that things are going to be equally insane there, too. We have previously discussed UK intellectual property law firm RPC's noting that trademark applications in the UK had doubled over the past decade, with a 20% uptick in applications in 2017 alone. A new report puts some reason to those numbers and it's likely not what you're imagining. Far from this being a result purely of the growth in new breweries entering the market, this has more to do with established breweries looking to expand trademark portfolios for everything they produce.

A law filled with good intentions and vague wording is, more often than not, a law named after the victim of a crime. So-called "Marsy's Laws" are being passed in states that grant crime victims extra rights, often at the expense of the accused's Constitutional rights. As Scott Greenfield explains, "Marsy's Laws" insert crime victims into a process that isn't theirs to be inserted into. Once a crime has been committed, the government takes over and it's between the prosecutor and the accused from that point forward. As harsh as it may sound, crime victims aren't in need of extra rights. Any effort made to "fix" this nonexistent problem only deprives others of their rights.

Australia's controversial and clumsy rollout of its "My Health Record" program this summer didn't cause the "spill" -- what Australians call an abrupt turnover of party leadership in Parliament — that gave the country a new Prime Minister in August. But it didn't improve public trust in the government either. The program — which aims to create a massive nationally administered database of more or less every Australian's health care records — will pose massive privacy and security risks for the citizens it covers, with less-than-obvious benefits for patients, the medical establishment, and the government.Citizen participation in the new program isn't quite mandatory, but it's nearly so, thanks to the government's recent shift of the program from purely voluntary to "opt-out." Months before the planned rollout, which began June 16, at least one poll suggested that a sizable minority of Australians don't want the government to keep their health information in a centralized health-records database.In response to ongoing concern about the privacy impact of the program (check out #MyHealthRecord on Facebook and Twitter), the new government is pushing for legislative changes aimed at addressing the growing public criticism of the program. But many privacy advocates and health-policy experts say the proposed fixes, while representing some improvements on particular privacy issues, don't address the fundamental problem. Specifically, the My Health Record program, which originally was designed as a voluntary program, is becoming an all-but-mandatory health-record database for Australian citizens, held (and potentially exploited) by the government.Australia's shifting of its electronic-health-records program to "opt-out" — which means citizens are automatically included in the program unless they take advantage of a short-term "window" to halt automatic creation of their government-held health records — is a textbook example of how to further undermine trust in a government that already has trust issues when it comes to privacy. Every government that imposes record-keeping requirements that impact citizen privacy should view Australia's abrupt shift to "opt-out" health-care records as an example of What Not To Do.And yet: supporters of My Health Record have persisted in their commitment to "opt out" during the shift from Malcolm Turnbull's administration to that of his successor, Scott Morrison. This means that if an Australian doesn't invest time and energy into invoking her right not to be included in the database — within the less-than-one-month window that citizens currently have to make this choice — she will be included by default.In other words, any citizen's health-care records in the program will be held by the government permanently throughout that citizen's and will persist for 30 years after that citizen's death. Even if an Australian chose later to opt out of the program, the record might still (theoretically) accessible to health-care providers and government officials. Health Minister Greg Hunt introduced legislation last summer that would address some of these complaints about the program, but it's unclear whether the Australian Parliament, which has weathered several leadership shifts over the past decade, has the focus or will to implement the changes.The fact is, the automatic creation of your My Health Record could still result in a permanent health-care record that's outside of any individual Australian's control because the government can always repeal any law or regulation requiring deletion or limiting access. In effect, "My Health Record" is a misnomer: a more accurate name for the program would be "The Government's Health Records About You."A great deal of Australian media coverage of the rollout has been critical of the Turnbull government's -– and later the Morrison government's -- "full steam ahead" approach. The pushback against My Health Record has been immense. Worse, citizens who have rushed to opt out of the program have found the system less than easy to navigate — whether on the Web or through a government call center. The flood of Australians who attempted to opt out of the program on the first day they were allowed to do so, found that they were unwitting beta testers, stress-testing the opt-out system. After the first-day opt-out numbers, the government has either declined or been unable to disclose how many Australians are opting out. But a Sydney Morning Herald report in July said the number of opt-outs might "run into the millions."In kind of a weird mirror-universe adventure, Australia has managed to reproduce the same kind of public concern that sank a similar health-care effort in the United Kingdom just a few years ago. Phil Booth of the UK's Medconfidential privacy-advocacy group told the Guardian that "[t]he parallels are incredible" and that "this system seems to be the 2018 replica of the 2014 care.data." After a government-appointed commission underscored privacy and security concerns, the UK's "care.data" program was abandoned in 2016. Unfortunately for Australians, in the Australian version of the UK's "care.data" scheme, Spock has a beard.The UK's experience suggests that the policy problem signaled by the opposition to the My Health Record initiative is bigger than Australia. That shouldn't be a surprise. After all, a developed country may provide a "universal health care" program like the United Kingdom's National Health Service, or a more "mixed" system (a public health care program supplemented by private insurers like that of Australia) or even an insurance-centric public-health program like Obamacare. But whatever the system, the appeal of "big data" approaches to create efficiencies in health care is broad, in the abstract.But despite the theoretical appeal of #MyHealthRecord there's a paucity of actual economic research that shows that centralized health-care databases will actually provide benefits that recoup the costs of investment. (Australia's program has been estimated to cost more than $2 billion AUD so far, and it's not yet fully implemented.) No one, in or out of government, has made a business case for My Health Record that uses actual numbers. Instead, the chief argument in favor MHR is that it will enable health-care providers to share patient data more easily — which supposedly will save money — but health-care workers, much as they hate the paperwork associated with it, mostly know that there's no substitute for taking a fresh patient history at the point of intake.The push for a national database of personal health information has been a fairly recent development, even though the country's current health-care system has been in place in more or less its current form since 1984. The Australian Department of Health announced in 2010 that the government would be spending nearly half a billion Australian dollars to build a system of what then were called Personally Controlled Electronic Health Records. The primary idea was to make it more efficient to share critical patient information among health-care providers treating the same person.Another purported benefit would be standardization. Like the United States (where proposals to for a national health-records system have sometimes been promoted) Australia is a federal system of states and territories, each of which has its own government. The concern was that a failure to set national standards for digital health records would lead to the states and territories developing their own, possibly mutually incompatible systems. The distance among the states and territories (mostly on the coasts surrounding Australia's dry, unpopulated Outback) makes integration harder because of the distances separating different pockets of its population (now 25 million).The 2010 announcement of the Personally Controlled Electronic Health Records program stated expressly "[a] personally controlled electronic health record will not be mandatory to receive health care." The basic model was opt-in — starting in 2012, Australians had to actively choose to create their shared digital health records. If you didn't register for the program, however, you didn't create a PCEHR. If you did register, you had the assurance that, under the government-promulgated Australian Privacy Principles, your personal health information would be strongly protected.In practice, the PCEHR program, eventually rebranded as My Health Record, has never had much appeal to most citizens. The government burned somewhere near or past $2 billion AUD and yet, years into the program, the total number of citizens who had volunteered to "opt in" to have their health records shared and available in the program was only about 6 million. According to a March report in Australia's medical-news journal, the Medical Republic, Australia's physicians also seem to be less than sold on the value in the program either.Prior to the latest push for a shift to "opt-out," only a few citizens saw much benefit (much less any fun or personal return) of investing the time it takes to master producing a complete and useful health record, and even those who did only rarely ended up using its key features. (Some health-fashion-forward citizens who do want to share their health-care records easily have opted to invest in more private solutions rather than rely on a centralized database that may be less controllable and less complete.)By 2014 it was clear that the Australian government (control of which had shifted to the more conservative of the two major parties) wanted to move in closer-to-mandatory direction. It did so by announcing a wholesale conversion of the My Health Record database from opt-in to opt-out. This meant that, if you were an Australian citizen, a health record would be created automatically for you—unless you explicitly said you didn't want one. But the possibility of opting out hasn't quelled these ongoing complaints from the general public:

Earlier this year, we wrote a story about the boutique law firm Clare Locke that appeared to specialize in intimidating news orgs with legal threats to try to get them to kill stories. One of the firm's partner, Elizabeth Locke, flat out says that she thinks there's too much press freedom:

The awful EU Copyright Directive is not done and dusted. As Techdirt reported last month, the European Parliament may have failed to do its duty and protect the EU Internet for the region's citizens, but the proposed law has not yet passed. Instead, it has entered the so-called "trilogue" discussions. Pirate Party MEP Julia Reda explains:

Project management is booming as more and more companies pivot to become more efficient in their operations. Even if you don't even know what a project manager is, the All-Inclusive Project Management Bundle will introduce you to this crucially important field. With lifetime access to more than 100 courses, you'll cover a variety of project management disciplines like Agile, Scrum, and Lean, along with important topics that project managers need to know. It's on sale for $19.Note: The Techdirt Deals Store is powered and curated by StackCommerce. A portion of all sales from Techdirt Deals helps support Techdirt. The products featured do not reflect endorsements by our editorial team.

By now the President's unwillingness to adhere to anything close to reasonable security when using his mobile phones has been made pretty clear. Whereas the Defense Information Systems Agency (DISA) and the NSA usually work in concert providing state leaders with "hardened" devices that are heavily encrypted, routinely updated, and frequently swapped out, Trump has refused to use these more secure DMCC-S devices (effectively a Samsung Galaxy S4 device utilizing Samsung's Knox security architecture), because it might infringe on his ability to Tweet.Past reports have suggested that security advisors have at least convinced him to use two iPhones: one locked down specifically for Twitter, and the other specifically tasked with making phone calls. But as a new report this week from the New York Times makes clear, Trump's lax phone security is being pretty routinely taken advatage of by foreign intelligence agencies:

Back in January, 23 state attorneys general sued the FCC over its net neutrality repeal, claiming it ignored the public, ignored the experts, and was little more than a glorified handout to uncompetitive, predatory telecom monopolies. That trial will also determined whether the FCC ignored rules like the Administrative Procedure Act, which requires you, oh, actually have data to support a major, wholesale reversal of such a major policy (if you're just tuning in, they didn't). The suit, which is also backed by a few companies (including Mozilla), could result in the FCC's repeal being overturned and the FCC's 2015 net neutrality rules being restored.This week three additional state AGs (Texas, Arkansas, and Nebraska) decided to take the opposite tack, and filed a brief (pdf) last Friday in the US Court of Appeals for the District of Columbia Circuit, insisting that judges reject the lawsuit against the FCC. Not too surprisingly, the brief is filled with the kind of arguments net neutrality opponents have been trying to make for years, including the repeatedly, and clearly debunked claim that net neutrality simply had to be repealed because it was killing broadband industry network investment:

A government has decided to handle "fake news" in about the only way it should be handled. FINALLY. While most governments appear willing to treat "fake news" legislation as a gateway drug to censorship, the UK government -- a government that certainly isn't known for its rational handling of speech issues -- is going the other way.It's a decision that treats the term with all the respect it deserves: none.

Fan translations of movies and video games, while wildly popular in many different countries, have also come under recent attack. Claims of copyright infringement have been leveled against many sites and groups that put these translations together, with the theory being that it violates copyright to make works understandable to fans in countries where, often times, a translated version of the work isn't even on offer. If that sounds stupid and protectionist to you, ding ding ding, you're right.But it's somewhat interesting to see this scenario happen in reverse, and note how different the reaction from fans are when they find their hard work in official releases, without credit. Meet Francesco, an Italian game developer with a particular affinity for a game that I've honestly never heard of.

Turkey's government has already locked up more than 70 journalists -- most of them in the wake of a failed coup. President Recep Erdogan says the imprisoned journalists are terrorists and criminals, but rather than offer evidence of wrongdoing, Erdogan just keeps throwing more of them in jail.The notoriously thin-skinned president has been eliminating dissent and criticism since he took power, so there's no reason to give his accusations of criminal activity credence. Erdogan has leaned on favorable laws elsewhere in the world to press for criminal charges and extradition of citizens of other nations who've offended his delicate sensibilities.As a player on the world stage, Erdogan and his government will use whatever tools they have available to continue to eliminate their critics. It appears Erdogan is now asking the world's police forces to help him track down journalists he hasn't yet jailed. (h/t Mutlu Civiroglu)

The Ninth Circuit Court of Appeals is the latest appeals court to find the FBI's warrant for malware deployment during a child porn investigation to be invalid, but still close enough for government work. The FBI's NIT (Network Investigative Technique) was sent to visitors of a dark web child porn site called Playpen. The hitchhiking software then traveled out of the district the server was housed in (Virginia) to send back identifying info from computers and devices all over the world.At the time the warrant was sought, warrants were only valid in the district they were issued. Multiple courts found the FBI's malware was a search under the Fourth Amendment. A smaller subset found the extrajurisdictional search unsupported by current law and the underlying warrant invalid from the moment it was issued. Challenges to the extrajurisdictional searches have all run into dead ends at the appellate level.The First, Eighth, and Tenth Circuits have all refused to suppress evidence, even if the courts found the search warrant invalid. The reasoning? There was no deterrent effect served by suppressing the evidence because the law changed after the warrant was issued and the malware deployed to allow the FBI to engage in extrajurisdictional searches. In essence, this is retroactive application of a law that changed after the warrant was sought, giving it the sort of blessing courts won't extend to victims of law enforcement misconduct that happened to occur before precedential decisions explicitly declared that particular form of misconduct unconstitutional.In addition to the retroactive application of Rule 41 jurisdictional changes, these appeals courts have also granted the government "good faith." Somehow, it's believed an FBI agent seeking a warrant for a search that he knew would violate Rule 41 limits when executed wasn't the FBI rolling the dice on favorable rulings and a potential future mooting by changes to the law.There's more of the same in the Ninth Circuit decision [PDF]. The court says the warrant was bad but the faith was good, so no harm, no foul, no suppression. (h/t Brad Heath)

Back in August, I wrote a big post about the impossible choices that large internet platforms have to make concerning content moderation. A large part of the point of that post is that there is no perfect content moderation, and especially at scale, there are going to be large swaths of people who disagree with any choice (leaving content up, taking it down, demonetizing it, putting a flag on it, whatever). And expecting these platforms to magically get things right is going to end in serious disappointment for everyone.In its own hamfisted way, Google has now proven that point (and, no, they're not doing this on purpose). About a month after that post went up, we got a notification from Google, telling us that this article violated Google's AdSense policies (we use AdSense to backfill ads when we don't have a better solution -- it pays us close to nothing) and therefore they were restricting AdSense from appearing on that page. The only details we received were that it was "dangerous or derogatory."If you can't see that, it says that our link is "dangerous or derogatory" in that it:

Web tracking ranges from innocuous to deeply serious, and it's more important than ever to take precautions to ensure your internet security. Disconnect blocks trackers and malware across your entire device, allowing you to browse up to 44% faster, using up to 39% less bandwidth, and greatly improve battery life. A one year subscription is $19, 3 years for $29, or lifetime for $49.Note: The Techdirt Deals Store is powered and curated by StackCommerce. A portion of all sales from Techdirt Deals helps support Techdirt. The products featured do not reflect endorsements by our editorial team.

Fake court orders have landed a businessman real jail time. Michael Arnstein, CEO of Natural Sapphire Company, pled guilty last year to forging court orders he sent to Google to delist negative reviews. This was apparently the lesson Arnstein learned from his single, successful defamation suit: it's cheaper and easier to forge documents than jump through judicial hoops for several months to achieve the same ends.In fact, he said as much to others seeking solutions to negative review problems -- all preserved as evidence used against him by the DOJ:

Historically, large telecom mergers don't end well for consumers or employees. Usually in the wake of these megadeals nothing much happens for about a year, after which the acquiring company begins trimming back redundant positions and offices. In telecom, growth for growth's sake also usually has a detrimental impact on customer service, investment in which takes a back seat to getting acquired systems and employees in sync (see: Comcast). And more often than not, mindless consolidation in telecom tends to slowly reduce overall players in the space, resulting in higher prices and apathy no matter how many promises to the contrary are made by the merging companies (see: Charter, Time Warner Cable).As T-Mobile and Sprint attempt to merge (once again), their executives are throwing out all the usual claims ahead of such mergers: that the merger will create immeasurable "synergies"; that the reduction of major U.S. wireless competitors from four to three will somehow create competition; that the deal will somehow make it easier for them to deploy next-gen "5G" networks; and that the deal will somehow magically create oodles of new jobs.At a meeting with Sprint employees this week, T-Mobile CEO John Legere tried to ease employees' worries that many of them would be out of a job once the two carriers are fused into one. This merger, Legere told employees, would somehow be different (he failed to offer any solid reasons why):

Literally anything can be the basis of a moral panic. The internet's mere existence has prompted all sorts of panickers (professional and lay) to blame any number of things/concepts for destroying the youth of the world. If it's not teens getting high by huffing MP3s with their eyeballs and ears, it's Minecraft creating unrealistic home-building expectations or IoT devices creating a generation of automaton abusers.For those that buy into this thinking, it seems plausible because it's happening in the present. With technology being indiscernible from magic, the academics behind these questionable assertions are no more than shamans guiding the faithful towards conclusions that cohere with their prejudices. If they didn't have X growing up, chances are X is what's ruining their kids. A little history would go a long way. I mean, at one point in time, chess -- the game of kings and gifted elementary school students -- was considered to be the Grand Theft Auto of its day, capable of turning players into cold-blooded killers.Some UK "researchers," who have earned every bit of derision contained in those scare quotes, are claiming internet memes are ruining children. While they may have somewhat of a point about bullying and shaming, they lose it completely by claiming memes play a role in the UK's childhood obesity stats. (via PetaPixel)Here's the part of the "written evidence" [PDF] that makes a little bit of sense:

So just about a year ago the Mexican court system decided to ban all Roku streaming hardware from being sold in Mexico. The ban was the result of legal action taken by Mexican cable company Cablevision, which accused Roku of facilitating piracy. How? While Roku devices are more locked down than many of the more open home media PC solutions (also the target of endless pearl clutching and hyperventilation by the entertainment industry), users can install certain unofficial, third-party "private" channels that provide access to pirated live streams of cable content.While Roku went out of its way to try and lock down their hardware, some users paid hackers a few bucks to crack open and modify the devices anyway, letting them access the dubious third-party channels in question. While this obviously wasn't Roku's fault, Cablevision believed Roku should be punished for the behavior of the company's customers, and declared it was doing Mexican consumers a public service:

In the pantheon of massively talented musical acts that also get and embrace the power of the internet, of using free music to make money, and of emergent business models, the folks behind Run The Jewels stand particularly tall. The duo, Killer Mike and El-P, have managed to make themselves household names through a combination of freely available music, a positive and often humorous level of interaction with their fans, and the kind of forthright public statements that create a bond with those that follow them. It's all so perfectly well done that you would think Run The Jewels was following some kind of a script, but it is pleasantly obvious that these are just really good guys who happen to also make fantastic music. They also occasionally, and far too infrequently, write blog posts, including for Techdirt.The most recent version of all of this started with a Twitter user complaining to El-P that he or she typically listens to RTJ on Spotify and had no idea where to get their albums. Another Twitter account piped up confirming that, like the rest of the RTJ catalog, the albums were available for free download on the group's website. That same Twitter account mentioned that he also bought the albums through iTunes purely out of a desire to support RTJ. This, of course, happens quite frequently, which is virtually ignored by the "Piracy is killing music, argghghgh!" crowd.What doesn't happen as frequently is what came next from El-P.

For years we've talked about the journalistic perils of what journalism professor Jay Rosen calls the "view from nowhere," or the pretty common misconception that journalists should prioritize factual symmetry in news reporting, instead of actually trying to get to the truth. This usually results in "he said, she said" reporting where both sides are given equal weight (even if one side is clearly being intentionally misleading), with the idea that the reader can then ferret out the truth, while the journalist him or herself stands stoically protected from accusations of "bias" because they refused to take a real stand.Rosen put it this way during an interview back in 2010:

The Little Rock drug raid story is appalling. The indiscriminate, repeated, and systemic violation of the Fourth Amendment has been enormously destructive to people's lives, as well as an entire community. But if this situation is to be remedied, and hopefully it will be, it will be thanks to the First Amendment.Most obviously, the First Amendment is what has allowed for Radley Balko's reporting of the story. Speaking truth about power is only possible with strong press protection. By allowing injustice to be discovered and shared, justice becomes possible. With Balko's reporting the public at large can now be aware of the abuse being done in their name, and the revelation is what will allow people to press for change. As it is, publication of the story has already led to charges being dropped against one of its other victims.

The Ultimate Python Programmer's Bootcamp Bundle contains 6 courses to take you from a coding beginner to a pro with over 45 hours of training. Python is a general-purpose programming language which can be used to solve a wide variety of problems, be they in data analysis, machine learning, or web development. You'll learn to do such things as perform password complexity analysis, work with databases including SQLite and Postgres, explore MongoDB, and more. It's on sale for $39.Note: The Techdirt Deals Store is powered and curated by StackCommerce. A portion of all sales from Techdirt Deals helps support Techdirt. The products featured do not reflect endorsements by our editorial team.

I've threatened in the past to write up a post explaining why a blockchain-based DRM is a terrible idea that will flop -- and it appears I finally need to do so, with the sort of announcement that Sony is preparing to use the blockchain for "next-gen DRM." I should note that, unlike some people, I'm actually not a blockchain skeptic. I think that it does have a few potentially revolutionary and disruptive uses. But... I also think that nearly every use of the blockchain that has been championed so far is incredibly silly and pointless. In most cases, what people claim they're using a blockchain for would better be served with... a database. If you're just replacing a database with a blockchain-based system, all you're really doing is adding unnecessary inefficiency and complexity.So while a blockchain does have efficiency and complexity weaknesses compared to a database, it does have two potential advantages -- but only if those advantages are necessary to the service being built. The first advantage is that the blockchain can be truly distributed, rather than centralized. For years, we've discussed the problems of too many centralized systems, whether it's the siloing of information, the weird incentives it creates for the central database controller, or simply the fact that a centralized system creates a single point of failure and/or point of attack for a would-be assailant. A blockchain can help limit (though not eliminate) some of those problems -- and that can open up some incredible new services. The second big thing that a blockchain does better than a database is that it creates a more trustworthy way to prevent the "double spending" problem.The issue there is that with anything digital, it can always be copied and/or manipulated in some way. If you are trying to construct something that requires scarcity -- such as a digital currency or a specific ledger of asset ownership -- then you want to be sure that the system really has a 100% accurate record, and won't allow the same bit of digital currency to be held by multiple people (or allowing it to be spent multiple times by the same person) or, that the same asset is listed as being owned by different entities. One of the cool features of the Blockchain is that it is designed such that people can be fairly cryptographically certain that we don't have that sort of "double spending" problem. You do have to trust the math and the code, but the code is open and people are constantly checking it. Now, you can claim a centralized database can prevent these kinds of things too, but you have to totally trust whoever is in control over that centralized database. And you might. Most of the money you probably have is really in a centralized database at your bank. But, there are some advantages to have that record be on a publicly distributed ledger a la the blockchain.The issue, of course, is finding services and applications that can really take advantage of these benefits of the blockchain, and so far, they are few and far between, though there are plenty of future possibilities where they could be super useful.For years now, we've heard some people arguing for a blockchain-based DRM. This idea is at least marginally better than simply replacing a database with an unnecessary blockchain, because at the very least, it is an attempt (a weak one, but an attempt) to leverage one of the advantages I discuss above: the double spending issue. Obviously, as lots of people will tell you, the legacy copyright industries have decried the fact that the internet makes content super easy to copy, making their legal monopoly over the distribution of that content less than monopolistic. Thus, the folks who wish to go back to a world in which content is locked up, hear about how a blockchain "solves" the double spending problem, and they get excited: why couldn't we use that as DRM? After all, isn't the point of that aspect of the blockchain that it stops copying of digital assets?But, that's about as far as the thought process goes. Because from there, it completely breaks down. There are few actual details about Sony's blockchain-based DRM idea, but it's not difficult to understand why it will fail. First, it's important to understand something that copyright supporters frequently forget: the copyright on something is different from the content itself. Copyright system supporters like to conflate the content itself and the "intellectual property." But as we've explained in the past while a "copyright" may have property-like elements, the underlying content does not.The blockchain-based system for solving the double spend problem is a useful solution when it's the record or ledger entry that you don't want copied. But that's not what any DRM system would be. Because the "record" is the copyright information -- not the music/movie/book/etc. And who cares whether or not you can copyright the copyright information? You're solving the wrong problem? The content itself can still get copied. There's no way to stop that, because even if you were to somehow encode the actual content in the blockchain (a pointless idea), you'd still have the analog hole to deal with, as the content would inevitably escape the blockchain.The other reason why a blockchain-based DRM solution is so dumb is because it actively goes against what the public wants. The reason a disruptive or transformational technology works is because it provides the public with something much better than they had before. A blockchain-based DRM solution provides a worse solution. There is no demand for such a thing. Sure, there may be "demand" on the label side, but that doesn't translate to usage.The final reason why a blockchain-based DRM solution is utterly stupid is conveyed quite nicely by Cory Doctorow in his BoingBoing post about this announcement, in which he notes that what Sony is proposing appears to be a privacy nightmare:

So we've made it pretty clear by now that the FCC's entire justification for repealing net neutrality was based entirely on fluff and lobbyist nonsense. But because the Administrative Procedure Act requires that regulators actually provide hard data to justify massive reversals in policy, both the Ajit Pai FCC and his BFFs at Verizon, Comcast, and AT&T have clung tightly to one, completely false claim: that net neutrality harmed network investment. But as we've stated countless times, that's simply not true.That's not an opinion, it's based on SEC filings, earnings reports, and the on-the-record statements of nearly a dozen telecom industry CEOs.That undeniable fact hasn't really bothered the folks at US Telecom, the telecom industry's biggest lobbying and policy organization. The group last week penned a blog post with an accompanying graph proudly proclaiming that telecom network investment was on a sharp upward trajectory after the repeal of net neutrality. From the missive:

We're used to stories about asset forfeiture being abused to seize vehicles from citizens here in the US, with the vehicle/sales proceeds going directly to the bottom line of the agency seizing them. That encourages all sorts of abuse performed in the name of Drug Warring but, in reality, just creating a somewhat sustainable revenue source for the government.At least in this context, seizures of vehicles make sense. Perverted incentives have created a demand for assets drug cartels just can't deliver, so it's up to average Americans -- many of them not at all involved in international drug trade -- to make up the difference. But what can you even make of this atrocity, performed by the Flintshire, Wales government? (via Jalopnik)

When we talk about trademark disputes around here, we're often talking about them at the start of a bullying process or at the conclusion of a trial. Those are the natural checkpoints for covering these kinds of disputes, with either the initiation of the dispute, often times specious, or the conclusion when an outcome is reached, often times unfortunate. Less discussed but certainly as important are the softer outcomes of trademark bullying and disputes. And it's useful to highlight just what it can cost a small entity that is victimized by all of this.Dick Fowles and Kate Ackerly opened a clothing store in 1993 called Peter-Blair Accessories, named after the duo's godchildren. Out of the blue in 2009, Fowles and Ackerly received a letter from Blair Corp., a discount retailer of accessories that primarily sells its goods online. Blair Corp. too sold ties and accessories on its website, though they were significantly different in terms of price and quality. The letter accused Peter-Blair Accessories of infringing Blair Corp. trademarks by selling its goods online. After a great deal of back and forth, Blair Corp. agreed to allow the smaller clothier to sell only its own branded ties online. Nothing else.This went on for nearly a decade, coinciding with the exact time when online clothes shopping took off.

To graduate from high school in Texas, you must first be able to show you won't provoke police officers into shooting/tasing/beating you during a traffic stop. That's according to a new state law that ran through the legislature under the guise of solving police/community relationship problems. (via Popehat)

The War on Drugs seems to bring out the worst in law enforcement. Wiretap abuse, asset forfeiture, flashbang grenades tossed into toddlers' cribs, internal corruption… these are all aspects of law enforcement's drug-related police work.Radley Balko has uncovered more abuse and Constitutional violations, this time stemming from the Little Rock PD's anti-drug efforts. The wrongs detailed in Balko's investigation include false statements on warrant requests, abuse of no-knock warrants, "reliable" confidential informants who are anything but reliable, and a handful of destroyed lives left in its wake.It opens with the story of Roderick Talley, whose apartment was raided by a Little Rock (AR) SWAT team. The team used explosives to remove his door, sending it flying onto the couch where Talley was sleeping. The raid was predicated on an informant's supposed controlled buy. But Talley's own security cameras -- which also captured the raid itself -- showed the informant didn't do what police said he did.

By now Techdirt readers should be fairly keyed into FCC head Ajit Pai's schtick: kill most meaningful oversight over the telecom sector at the industry's direct behest (including net neutrality and modest privacy rules), then proudly proclaim you've unleashed a tidal wave of innovation, investment, and competition. When you look a little closer however, you'll generally find that the justifications for such moves not only ignore the will of the public and engineering expertise, but are often based entirely on evidence free lobbying claims from the industry itself. You'll also find the promised competition and innovation never materializes.Consumer groups say this same, evidence-optional, industry-cozy approach has fueled the FCC's attempts to hold telecom operators accountable for lagging post-hurricane repairs.You might recall that Verizon used Hurricane Sandy as cover to effectively stop upgrading huge swaths of its fixed-line networks. Countless customers on traditional copper voice and DSL lines were suddenly left without service or repairs, with Verizon claiming that capped, expensive, frequently unavailable and oft-congested wireless service was a "good enough" replacement for them (those users disagreed). That, in turn, resulted in the previous FCC passing some rules saying that if you're going to kill off landline service, you need to replace it with something at least equal in quality.But like everything else Pai touches, those rules, in addition to other consumer protections (like state rules holding carriers accountable for missed deadlines or unfulfilled promises on refunds), were quickly stripped away under the claim it would bring "greater innovation and investment" to the telecom sector. Fast forward to this month, and consumer groups are arguing that much of this mindless deregulation is actively harming recovery efforts in the wake of Hurricane Michael.Both Ajit Pai and Florida Governor Rick Scott have been issuing press missives claiming they're "holding carriers accountable." But consumer groups like Public Knowledge say that both Pai and Scott are oddly forgetting to mention that their blind deregulatory efforts managed to throw some very useful guidance and protections out the window, making the existing problem worse:

In the wake of the revelations about Harvey Weinstein, writer Stephen Elliott's name ended up on a Google doc called Shitty Media Men, along with the information "Rape accusations, sexual harassment [sic], coercion, unsolicited invitations to his apartment, a dude who snuck into Binders???" listed under the column heading "ALLEGED MISCONDUCT" and the additional note that, "Multiple women allege misconduct." He has now sued Moira Donegan, the owner of the Google doc, and dozens of anonymous third-party contributors to the list for defamation, as well as intentional and negligent infliction of emotional distress. He has also now cemented his reputation as a very shitty man.First, let me say that I do not call Stephen Elliott a shitty man because of what posters to the Shitty Media Men list wrote about him. He's shitty for filing this lawsuit against the host of and contributors to the list, seeking to chill the speech of those who would speak out against bad behavior. He's shitty for threatening to unmask people who had exercised their right to speak anonymously to warn others of potential harm.

We all know brushing is an important part of maintaining a healthy smile, but how much good are you doing if you're cleaning your pearly whites with a dirty brush? Complete with a UV sanitizing charging case that kills 99% of germs and bacteria on its brush heads, the Platinum Sonic Toothbrush offers a better way to brighten your smile. It delivers 40,000 brush strokes per minute to remove more plaque and whiten better than a standard toothbrush, and its two-minute smart auto timer helps ensure you brush for the ADA-recommended time. It's on sale for $50.Note: The Techdirt Deals Store is powered and curated by StackCommerce. A portion of all sales from Techdirt Deals helps support Techdirt. The products featured do not reflect endorsements by our editorial team.

Before FOSTA passed, a ton of experts warned it would lead to bad things, and now we're seeing more and more stories about how FOSTA is actually increasing the sex trafficking problem, rather than decreasing it. Police have admitted that it's now harder to catch traffickers without the information they used to get from Backpage, and pimps have apparently seized on the opportunity to make use of the disappearance of Backpage and other sites to more aggressively position themselves as the only option for sex workers.The latest such report to make this clear is in the San Francisco Chronicle, where police note that FOSTA has emboldened pimps to take control of sex workers' lives:

As we've made pretty clear, the broadband industry is successfully obliterating most meaningful federal and state oversight of their broken, largely uncompetitive broadband monopolies. They've had great success in convincing the Trump administration to effectively neuter the FCC, driving any piddly, remaining enforcement authority to an FTC that's ill-equipped for the job. At the same time, the federal government and ISPs like Comcast are also waging a not-so-subtle and completely coordinated war on state authority to step in and fill the consumer protection void.Earlier this month, the entire broadband industry, hand in hand with the Trump DOJ, filed lawsuits against the state of California for passing a net neutrality law the majority of the public supports. This week broadband industry lobbying organizations like US Telecom (primarily funded and directed by AT&T) filed suit against the state of Vermont (pdf), again claiming that the state's new net neutrality law is prohibited by the legally dubious "pre-emption" language embedded in the FCC's net neutrality repeal at direct telecom lobbyist request.I've discussed at length here and elsewhere why these efforts aren't likely to work: the simple version being that when an agency (in this case the FCC) abdicates its authority to regulate an industry (which the FCC did with its rollback of Title II classification of ISPs under the Telecom Act), it also eliminates its right to tell states what to do. This isn't a nuanced debate; I've been hard pressed to find a single telecom lawyer that thinks the FCC's state pre-emption efforts are on sound legal footing. It's generally seen as a delay tactic to prevent states from protecting users until the looming suit against the FCC is settled.The lawsuit against Vermont parrots the oft-repeated falsehood that the FCC justly dismantled net neutrality because it was stifling sector investment, a claim that has indisputably and repeatedly been proven false. From the complaint:

Government agencies will eventually follow the letter of FOIA law. It usually takes a lawsuit to push things forward, but even losing in court seldom prompts above-and-beyond service from the government. The spirit of the law is ignored in favor of obfuscation, foot-dragging, and blatant antipathy.Certainly the government shouldn't be expected to compose FOIA requesters requests for them if they send vaguely-worded requests. On the other hand, the government shouldn't demand specificity from requesters who don't know what documents an agency has on hand or how the search will be conducted.The CIA once told a requester he needed to know exactly which parties were involved in communications about the agency's FOIA portal outage -- information that could only be gleaned from the emails the CIA was refusing to look for until it had more information. This is the normal level of being dicked around that requesters can expect when dealing with our more reticent public agencies."Vagueness" was the CIA's excuse to not perform its FOIA duties. The DHS, on the other hand, has decided specificity in requests can also be used against requesters. A FOIA lawsuit filed by the Government Accountability Project contends the agency did a deliberately lousy job searching for records related to border phone searches and ideological assessments performed by border security personnel.The federal judge agrees. The opinion [PDF] notes the DHS has turned the FOIA process into a game -- one requesters aren't likely to win. [h/t Mike Scarcella]

This week, our first place winner on the insightful side is Thad with a short first amendment refresher regarding PEN America's lawsuit against Trump:

Five Years AgoThere was plenty of NSA apologia again this week in 2013. Keith Alexander was claiming that he was protecting civil liberties by violating them and playing the fear card by claiming people will die due to the Snowden leaks, while the lawyer who helped give legal cover to Bush's warrantless wiretapping was claiming everyone will grow to love the intrusive NSA, and Dianne Feinstein was playing the 9/11 card (and being debunked by the ACLU).Meanwhile, the latest information from the leaks revealed that the NSA was collecting email contact lists and instant messaging friend lists overseas with no oversight, that the agency was involved in the drone strike program, and of course that the agency was in fact drowning in a glut of data.Ten Years AgoThis week in 2008, the president finally signed the ProIP bill and created America's copyright czar position. We took a closer look at the MPAA's lawsuit against RealNetworks (and how it was all about controlling innovation), while the RIAA was appealing the mistrial ruling in the Jammie Thomas trial, and a German court was finding Google Images thumbnails to be a copyright violation. Unexpectedly, the McCain campaign sent a letter to YouTube urging them to consider and protect fair use when processing DMCA requests, and YouTube offered up the excellent response that they can't give the campaign special treatment, but they hope McCain will fix the law. Meanwhile, Larry Lessig was giving his own impassioned defense of fair use and remix culture.Fifteen Years AgoThis week in 2003, the EFF found another person who was wrongly accused of file-sharing and sued by the RIAA (they wouldn't be the last), just as the RIAA was commencing round two of its shakedown scheme by, as promised, offering people a chance to pay up before being sued (how nice of them). We also took a closer look at the RIAA's lawsuits against Grokster and Morpheus, and how their true ambitious goal was to overturn the Betamax precedent that makes video tape machines legal. Also this week, Brewster Kahle was fighting against the DMCA in an attempt to preserve old software.Meanwhile, lots of companies and industries were really struggling to adapt. Some people were discussing possible futures for usual-consumer-electronics-leader Sony after Apple beat it to the punch on smartphones, print publishers were basically dragging their heels about this whole internet thing, and Polaroid reached the highly questionable conclusion that its future was in digital photo kiosks.

A few weeks ago, Bloomberg published a giant story claiming that Chinese spies did a somewhat daring supply chain hack on American big tech firms. The gist of the story was that servers from Super Micro had hidden chips that somehow were then used by Apple and Amazon (not to mention the US government), that allowed someone in China to access certain data. The story was a blockbuster that got everyone talking. But, almost as soon as it came out, a bunch of people started raising questions about the story. While the Bloomberg reporters claimed over a dozen sources, both Apple and Amazon came out with incredibly strong denials. Way stronger than is common in these situations. And while I know some cynical people insist that companies will lie about this stuff all the time, that is not actually true. Some companies may misrepresent things, or try to play down stories, but outright fabrication is not at all common (and the consequences of a company doing it would be severe). And here, both Amazon and Apple's denials were so clear, so specific and so adamant that it raised serious questions about the reporting.Since there was so much confusion over it all, we held off on writing about it, figuring more information would come out in the days and weeks after the initial story. And so far, nearly all of the "additional info" has only served to raise significantly more questions about Bloomberg's reporting. Various government and intelligence agencies all claimed they had no evidence to support these claims. Again, some will argue that they are lying, and (again) while those agencies may have a history of misrepresenting things, the denials here were clear and unequivocal. The UK's National Cyber Security Centre (a part of GCHQ) said they completely supported Apple and Amazon that no such attack occurred. The US Department of Homeland Security said the same thing. Dan Coats, the US Director of National Intelligence said the US intelligence community has seen no evidence of such an attack, which certainly undermines the Bloomberg story. Some of the folks quoted in the Bloomberg article even questioned the accuracy of the article with one going so far as to say the article that he is named in... "didn't make sense."Also, as reporter Nicole Perlroth noted, one of the reporters on the Bloomberg story -- Michael Riley -- had also done a story back in 2014 making bold claims that the NSA had exploited the Heartbleed bug, and multiple other reports ripped that story to shreds, with multiple people denying it and no one else confirming it.Now, with this story, Apple has done something it's never done before: asked Bloomberg for a retraction of the article. That's a pretty big move -- and Bloomberg says it still stands by its reporting (as it did with the Heartbleed story).However, at this point, Bloomberg has whittled away whatever benefit of the doubt there was left and set fire to the scraps. It's difficult to believe that Bloomberg's story was accurate, and the company and its reporters owe everyone an explanation -- or at least some additional evidence to support the reporting. I don't doubt that there is a kernel of truth in the story -- but given the vehement and thorough response from everyone, it certainly seems likely that the reporters on the Bloomberg piece misunderstood something big, leading to misreporting of things in a way that leads to a very inaccurate picture of what's going on. Bloomberg should, at the very least, appoint someone else to go through the work put in by reporters Michael Riley and Jordan Robertson, and explore whether or not the story really is accurate, and why it is that basically everyone is saying it's not.Reporters can, and do, make mistakes. How they respond to such mistakes is the real marker of the ethics they and the organizations they work for hold. Considering Bloomberg stood by that Heartbleed story, perhaps we shouldn't expect such a reckoning at the publication -- but, at the very least, it's going to lead plenty of people to write off Bloomberg as a credible source on issues like these, and that's unfortunate, given that there are some really big and important stories having to do with computer security right now. Having one major publication show itself to be untrustworthy in its coverage would be very bad.

Whistleblowers play a vital role in releasing information the powerful would rather keep secret. But the former pay a high price for their bravery, as the experiences of recent whistleblowers such as Chelsea Manning and Edward Snowden make plain. Another whistleblower whose life has become very difficult after leaking is Rudolf Elmer. He has a Web site about his actions and his subsequent problems, but it's not the easiest to navigate. Here's Wikipedia's summary of who he is and what he did:

Phew. The 11th Circuit appeals court has just overturned a lower court ruling and said that Georgia's laws, including annotations, are not covered by copyright, and it is not infringing to post them online. This is big, and a huge win for online information activist Carl Malamud whose Public.Resource.org was the unfortunate defendant in a fight to make sure people actually understood the laws that ruled them. The details here matter, so let's dig in:For the past few years, we've been covering the fairly insane situation down in Georgia, where they insist that the state's annotated laws are covered by copyright. This is not quite the same thing as saying the laws themselves are covered by copyright. Everyone here seems to recognize that Georgia's laws are not covered by copyright. But here's where the problem comes in. The state of Georgia contracts out with a private company, LexisNexis, to "annotate" the law basically giving more context, and discussing the case law interpretations of the official code. The deal with the state is that LexisNexis then transfers whatever copyright it gets from the creation of the annotations back to the state. Finally, the only "official" version of Georgia's state laws is in the "annotated" version. If you want to look up the official law of Georgia you are sent to the "Official Code of Georgia Annotated" (OCGA), and it's hosted by LexisNexis, and it has all sorts of restrictive terms of service on top of it. Indeed, every new law in Georgia literally says that it will amend "the Official Code of Georgia Annotated," which certainly suggests that the OCGA -- all of it -- is the law in Georgia. And the state insisted that part of the law was covered by copyright.Malamud found this obviously troubling, believing that the law must be freely accessible to anyone in order to be valid. The state of Georgia threatened him and then sued him claiming that reposting the OCGA in a more accessible fashion was copyright infringement. The district court not only found that the annotations (even if part of the official law) could be covered by copyright but further that it was not fair use for Malamud to post them online. This was a horrifying decision.And, it's also no longer a valid one.The appeals court has put together a thorough ruling rebuking the lower court's analysis, and noting that the OCGA is not subject to copyright at all. The court admits the annotations by a private company make this more complicated than the general question of whether or not laws are covered by copyright, but notes that since this is so closely tied to the law, and directed by state officials, it seems clear that the annotations cannot be covered by copyright:

It's no secret that the Vietnamese government is no fan of the open internet. All the way back in 2002 we wrote about the government requiring people to register just to create a website. That same year we were writing about people being arrested for posting criticism of the government. In 2008, we wrote about the Vietnamese government banning "subversive" blogs as well. With the rise of social media, Vietnam has shifted its focus there. In 2013, it banned news reporting on social media, saying it should be for personal use only. In 2014, we wrote about how the government was abusing Facebook's own reporting tools to shut down dissenters from using the site. And at the beginning of this year, we wrote about how the government now employed around 10,000 people whose only job was to monitor the internet for dissent.And now it's going to get even worse -- to a degree that might even lead some of the big internet companies to leave Vietnam entirely. And we have the NSA (partially) to blame. Ever since the revelation of the Snowden documents, describing how the NSA was getting access to all sorts of data and metadata on foreigners by compelling various private companies to cough up their data, there's been a big push among some for data localization. Some of that push has come from privacy activists themselves, arguing in other countries that their data shouldn't be allowed to go to the US where the NSA has so much access -- but much of it has simply been using the NSA revelations as a stalking horse to get what they want: which is the ability to snoop locally on all of that data. That's why countries like Russia has been a huge proponent of data localization.And now we can add Vietnam to the list. Despite strong condemnation from the US (and US internet companies) it appears that Vietnam wants to require any internet company with Vietnamese users to host that data locally where the government and its thousands of content monitors can snoop on it:

The UK government is still polishing its porn filtering law. The latest updates to the law show there's been some effort put forth to make the law less stupid, but even these additions don't make the law (or its implementation) much better.There are still threats of fines and other governmental pressure should sites fail to "voluntarily" adopt the measures recommended by the UK government when the law goes live next year. One noticeable change is that the responsibility of deciding what is or isn't porn will be placed in the hands of the UK's film classification board, the British Board of Film Classification. If it's anything like the MPAA, it won't necessarily know porn when it sees it, but it will know what it doesn't like and regulate along those lines.The updated guidelines [PDF] try to blend suggestions and mandates into something cohesive and palatable, all while removing as much government accountability as possible. The updates recognize collecting personally-identifiable info on British porn filters creates a juicy target for malicious actors. It also notes this data collection must somehow comply with the UK's tangle of privacy laws, meaning companies should put some sort of protections in place, but not so much they undermine positive identifications.The BBFC suggests a possible compromise: verification of age only and no retention of site access logs. But, like everything else, this too is only a suggestion. This means sites are free to gather and retain as much info as they'd like and potentially dodge privacy-related legal battles by pointing to the UK government's porn blockade demands.In this ridiculous pile of "would you kindly (under possible penalty of law)?", one aspect of the porn filtering plans continues to stick out. And it promises to make the BBFC's job extremely difficult, if not completely impossible. One round of updates on and the UK government is still no closer to resolving the issue, as The Verge's James Vincent points out: