Tuesday, February 16, 2010

Extraterritoriality in Patent Infringement Cases

The Recent Expansion of Extraterritoriality in Patent Infringement Cases
by Katherine E. White*

INTRODUCTION

[¶1] The rapid pace of globalization has intensified the desire to expand the territorial reach of United States law to determine patent infringement.[1] Historically, enforcement of patent rights was limited to infringement activity occurring solely within the borders of the United States.[2] The concept of territoriality is not unique to patent law, but is instead a venerable principle of the law of the United States generally.[3] However, the fundamental and traditional principal of territoriality recently has been expanding to find patent infringement for activity occurring entirely outside of the United States.[4]

[¶2] Previously, the Supreme Court and the Federal Circuit have expanded the territorial reach of patent laws only in very limited circumstances. One circumstance has been when the nature of a system or device is such that it cannot be physically located in any single country's territory. An example of this would be when the nature of a system's components permits their use to be separated from their physical location, such that the system may not be located wholly within one jurisdiction.[5] In such cases, instead of focusing on physical location, the system is deemed located where it is primarily used or controlled.[6]

[¶3] Another reason for expanding the territorial reach of patent law is based on distinctions regarding the type of patent claims obtained. Whether claims are written to cover devices and systems versus whether they protect processes or methods has affected the decision whether to extend the territoriality of the patent laws beyond the boundaries of the United States.[7] For example, courts have found patent claims on processes require, under 35 U.S.C. § 271(a),[8] all steps of the process occur within the United States for patent infringement to arise.[9] If, however, the claims are drawn to a device, where only one part of the system takes place outside the United States, extraterritorial application of the patent law of the United States is appropriate.[10]

[¶4] In an unprecedented move, the Federal Circuit, in AT&T v. Microsoft Corp.,[11] held that copying in a foreign country of software made in the United States infringed United States patents under United States law. Such a holding " provides extraterritorial expansion to U.S. law by punishing under U.S. law 'copying' that occurs abroad." [12] Although courts have previously expanded the geographic boundaries where United States patent law applies, never before have the arguments for extraterritorial reach diverged so far from the traditional arguments to extend territoriality. This extraterritorial application of the patent laws perhaps is related to the unique qualities of software as a technological art. Because software is a mysterious concept that most laymen do not understand intuitively, issues that should remain separate have been conflated and confused, leading to an unfortunate and unprecedented application of extraterritoriality of the patent laws.

[¶5] AT&T is a monumental case because never before have courts related their decision to extend the geographic boundaries of patent law to be dependant on the nature of the field of technology on which the patent was granted. The holding in AT&T expands territoriality while violating the fundamental principle of providing " the same treatment to all forms of invention without discrimination." [13]

[¶6] In AT&T, the court looked to the nature of software inventions as an excuse to treat them differently from inventions involving other technological arts.[14] Despite difficulties in separating computer software from its existence as an arrangement of algorithms,[15] any expansion of extraterritorial application of United States patent law should not be based on the nature of the technological arts, but on principles derived from precedent. The dissimilar treatment in AT&T is in conflict with precedent and United States treaty agreements.[16] Perhaps the AT&T case reveals problems associated with patenting software.[17] In any case, AT&T goes too far in extending extraterritoriality for United States patents, and is likely to encourage software manufacturers to make their software overseas to escape patent infringement liability in the United States.

[¶7] Part I of this Article is a general overview of the strict application of the doctrine of territoriality in patent infringement cases. Part II discusses the limits of the strict application of the doctrine of territoriality. Part III reviews Congress's legislative solution to close a loophole in the doctrine of territoriality. Part IV discusses the subsequent expansion by the courts of extraterritoriality beyond what Congress intended.

Read The Full Story at:
The Recent Expansion of Extraterritoriality in Patent Infringement Cases

Teen Charged With Sending Nude Pics of Herself - ABC News

Teen Charged With Sending Nude Pics of Herself - ABC News: Girl Faces Felony Charges After Allegedly Sending Photos of Herself to Classmates

By SCOTT MICHELS
Oct. 10, 2008 —

A 15-year-old Ohio girl faces felony charges and may have to register as a sex offender for allegedly taking nude photos of herself and sending them to her high school classmates.

The girl, whose name has not been released, was arrested last week and charged in juvenile court with possessing criminal tools and the illegal use of a minor in nudity-oriented material, said Licking County, Ohio, prosecutor Ken Oswalt.

Her alleged actions are part of what some in law enforcement say is a growing problem around the country.

During a court appearance this week, the teen denied the charges, according to Oswalt. The girl attends Licking Valley High School in the town of Newark. Her lawyer declined to comment.

"There's a totally false perception among juveniles that there is no risk to this," Oswalt told ABCNews.com. "That picture, once taken and sent, gives anyone who receives it the ability to do anything with it, forever. If a picture of you found its way onto the Internet, that's going to haunt you, potentially forever."

If convicted, the girl could face a sentence of anywhere from probation to several years in a juvenile detention center. A judge also has the discretion to make the girl register as a sex offender under Ohio law.

Oswalt said other teens who received the photographs, which are considered child pornography under state law, may also be charged.

Law enforcement agencies and schools across the country say they are struggling to deal with a relatively new phenomenon -- teens who send nude photos to friends and classmates.

A 17-year-old in Wisconsin was charged in May with child pornography for allegedly posting naked pictures of his ex-girlfriend on the Internet. The girl had sent him the pictures. He told the La Crosse County Sheriff's Department he was just "venting" after she broke up with him.

Earlier this year, another teenager in Ohio reportedly made a sexual cell phone video of himself and sent it to female classmates. One of the girls forwarded the video to at least 30 other people. Similar incidents have been reported in Wyoming, New York and Pennsylvania.

Oswalt said his office got several such cases a week earlier this year before he started giving presentations at high schools warning of the potential consequences of sending nude photos.

One of those presentations, he said, was delivered at Licking Valley, the same high school attended by the 15-year-old.

Oswalt said the girl had already been warned by school administrators about what he called "inappropriate cell phone behavior."

The Licking Valley High School principal did not return a call for comment.

In Pittsburgh, Pa., police Detective Mike Overholt told ABC News he encounters similar problems at least once a week. "It's ballooned here," he said.

"My sense is they look at it as if there's nothing wrong with it," said Overholt. "It's being a star."

But there can be serious consequences in many states that make child pornography illegal to send or possess.

A teen field hockey player in upstate New York testified earlier this year that she took a photograph of herself in panties and bra and sent it to her coach at his request.

"It made me feel special and important," she told a jury, according to Binghamton Press Sun Bulletin. "He would say I was beautiful, that I had a good body and was really athletic."

The coach was convicted of child pornography and other charges.

Candice Kelsey, author of "Generation MySpace: Helping Your Teen Survive Online Adolescence," said online culture encourages exhibitionism. "It's a means of getting attention, of becoming more popular," she said. "It's an unhealthy extension of a healthy adolescent exploration."

http://abcnews.go.com/TheLaw/story?id=5995084&page=1
Copyright © 2010 ABC News Internet Ventures

Monday, December 14, 2009

Hackers Brew Self-Destruct Code to Counter Police Forensics | Threat Level | Wired.com

Hackers Brew Self-Destruct Code to Counter Police Forensics | Threat Level | Wired.com

Hackers have released an application designed to thwart a Microsoft-packaged forensic toolkit used by law enforcement agencies to examine a suspect’s hard drive during a raid.

The hacker tool, dubbed Decaf, is designed to counteract the Computer Online Forensic Evidence Extractor, aka Cofee. The latter is a suite of 150 bundled, off-the-shelf forensic tools that run from a script. Microsoft combined the programs into a portable tool that can be used by law enforcement agents in the field before they bring a computer back to their forensic lab. The script runs on a USB stick that agents plug into the machine.

The tools scan files and gather information about activities performed on the machine, such as where the user surfed on the internet or what files were downloaded.

Someone submitted the Cofee suite to the whistleblower site Cryptome last month, prompting Microsoft lawyers to issue a take-down notice to the site. The tool was also being distributed through the Bit Torrent file sharing network.

This week two unnamed hackers released DECAF, an application that monitors a computer for any signs that Cofee is operating on the machine.

According to the Register, the program deletes temporary files or processes associated with Cofee, erases all Cofee logs, disables USB drives, and contaminates or spoofs a variety of MAC addresses to muddy forensic tracks. The hackers say that later releases of the program will allow computer owners to remotely lock down their machine once they detect that it has fallen into law enforcement hands. The hackers, however, have not released source code for the program, which would make it easy for anyone to see if the program contains malware that might also harm a computer or allow the attackers to take control of it. Hackers Brew Self-Destruct Code to Counter Police Forensics | Threat Level | Wired.com

Hackers have released an application designed to thwart a Microsoft-packaged forensic toolkit used by law enforcement agencies to examine a suspect’s hard drive during a raid.

The hacker tool, dubbed Decaf, is designed to counteract the Computer Online Forensic Evidence Extractor, aka Cofee. The latter is a suite of 150 bundled, off-the-shelf forensic tools that run from a script. Microsoft combined the programs into a portable tool that can be used by law enforcement agents in the field before they bring a computer back to their forensic lab. The script runs on a USB stick that agents plug into the machine.

The tools scan files and gather information about activities performed on the machine, such as where the user surfed on the internet or what files were downloaded.

Someone submitted the Cofee suite to the whistleblower site Cryptome last month, prompting Microsoft lawyers to issue a take-down notice to the site. The tool was also being distributed through the Bit Torrent file sharing network.

This week two unnamed hackers released DECAF, an application that monitors a computer for any signs that Cofee is operating on the machine.

According to the Register, the program deletes temporary files or processes associated with Cofee, erases all Cofee logs, disables USB drives, and contaminates or spoofs a variety of MAC addresses to muddy forensic tracks. The hackers say that later releases of the program will allow computer owners to remotely lock down their machine once they detect that it has fallen into law enforcement hands. The hackers, however, have not released source code for the program, which would make it easy for anyone to see if the program contains malware that might also harm a computer or allow the attackers to take control of it.

Tuesday, December 1, 2009

White House's Ties to Health Care Industry Deeper Than Visitor Records Show | Politics | AlterNet

If there's one thing the political wing of the United Shakedown Artists we know more accurately today as the global finance oligarchy and corporate rule is that people really do get very emotionally attached to images of celebrity and the popular appeal of psycophancy, is that they've got the art and science of developing effective propaganda bullet points that people really couldn't care less about . What is a public oppinion? The GOP rank and file are going on as before, however they do it in a mindless haze imported from the global conspiracy theory clen blah blah

durnk typing above.

on for for as long as I can remember,

White House's Ties to Health Care Industry Deeper Than Visitor Records Show | Politics | AlterNet

Thursday, November 26, 2009

MPAA Says: Don't Like Global Fascism? Go Fuck Yourself!

Yup! That's right folks: If you think the idea of world government sucks ass and that people should at least have a say in deciding what laws we should impose upon ourselves, well... Go Fuck Yourself! You Hate Hollywood!!! And ya know what else, You're an ungreatful, unpatriotic communist bed wetter who support international terrorism!!! You Bastards!!!! Argh!!!

And so there it is. I hate Hollywood! Forget about the so called great propaganda they produce there for just a moment... I don't hate Detroit simply because some really crappy cars are made there year after year after year. I might hate the fucknuts at Ford or Chevy or whatever, but surely not Detroit!!! Rock City? No fuckin' way man! Hollywood? Give me a fuckin' break. Fuck Hollywood. Nothin' there but a bunch of smack shootin' crack tootin' baby rapin' video tapin' ass whores lookin for no good, if you ask me... Fuck em!!! The whole three lots left of em...

That's my response to this article: MPAA Says Copyright-Treaty Critics Hate Hollywood Threat Level Wired.com

There's got to be a better way of protecting intellectual property rights!!! And I think I've got the answer, start thinking for yourself and tell thsse fucking idiots to go fuck themselves in the ass three times daily... Turn off your TV!!! for god's sakes!!! Pretty soon, they'll think they have the intellectual rights to the whole of the English language or Spanish or perhaps French. Fuck it, The MPAA has dibs on every form of communication that could possibly take place between human beings, between mamal and foul, between fish and bait. Go fucking figure!!!

But I oh how I do love copyleft, Electronic Frontier Foundation, and all the other blessed bands muckraking the fuck out of this shit. Without them, we might sereously never know anything about anything ever again. On account of, We The Peoople don't seem to matter anymore... We are the enemy!!! Well I say, fuck that!
Public Knowledge, a “copyleft” lobbying group who has seen the unfinished
treaty’s text, blasted Glickman’s comment, which comes weeks after the MPAA
urged the Federal Communications Commission to support internet
filtering of unauthorized copyrighted material.
“We do want to make certain that the rights of internet users are not
trampled by overwhelming government power asserted at the behest of a single special interest,” Gigi Sohn, Public Knowledge’s president, said in a statement. She added that it is “inappropriate to ask ISPs and application designers to do what the studios themselves have found impossible to do: manage security to prevent all illegal copying.”
Along with Public Knowledge, the movie studios, internet providers, electronics companies and lawyers for the recording industry have been given access to the text of the treaty that has not finalized. We’ve asked many of them to provide details, but confidentiality agreements with the Obama administration forbid that.
While Glickman would do well by apologizing for his George W.
Bush-style “With us or against us” smearing of his debate opponents, we applaud his call to unwind the secrecy surrounding the accord.

READ THE FULL ARTICLE AT: www.wired.com/threatlevel/2009/11/mpaa-acta-letter/

Wednesday, October 7, 2009

Vulnerabilities Allow Attacker to Impersonate Any Website | Threat Level | Wired.com

LAS VEGAS — Two researchers examining the processes for issuing web certificates have uncovered vulnerabilities that would allow an attacker to masquerade as any website and trick a computer user into providing him with sensitive communications.

Normally when a user visits a secure website, such as Bank of America, PayPal or Ebay, the browser examines the website’s certificate to verify its authenticity.

However, IOActive researcher Dan Kaminsky and independent researcher Moxie Marlinspike, working separately, presented nearly identical findings in separate talks at the Black Hat security conference on Wednesday. Each showed how an attacker can legitimately obtain a certificate with a special character in the domain name that would fool nearly all popular browsers into believing an attacker is whichever site he wants to be.

The problem occurs in the way that browsers implement Secure Socket Layer communications.

“This is a vulnerability that would affect every SSL implementation,” Marlinspike told Threat Level, “because almost everybody who has ever tried to implement SSL has made the same mistake.”

Certificates for authenticating SSL communications are obtained through Certificate Authorities (CAs) such as VeriSign and Thawte and are used to initiate a secure channel of communication between the user’s browser and a website. When an attacker who owns his own domain — badguy.com — requests a certificate from the CA, the CA, using contact information from Whois records, sends him an email asking to confirm his ownership of the site. But an attacker can also request a certificate for a subdomain of his site, such as Paypal.com\0.badguy.com, using the null character \0 in the URL.

The CA will issue the certificate for a domain like PayPal.com\0.badguy.com because the hacker legitimately owns the root domain badguy.com.

Then, due to a flaw found in the way SSL is implemented in many browsers, Firefox and others theoretically can be fooled into reading his certificate as if it were one that came from the authentic PayPal site. Basically when these vulnerable browsers check the domain name contained in the attacker’s certificate, they stop reading any characters that follow the “\0″ in the name.

More significantly, an attacker can also register a wildcard domain, such as *\0.badguy.com, which would then give him a certificate that would allow him to masquerade as any site on the internet and intercept communication.

Marlinspike said he will be releasing a tool soon that automates this interception.

It’s an upgrade to a tool he released a few years ago called SSLSniff. The tool sniffs traffic going to secure web sites that have an https URL in order to conduct a man-in-the-middle attack. The user’s browser examines the attacker’s certificate sent by SSLSniff, believes the attacker is the legitimate site and begins sending data, such as log-in information, credit card and banking details or any other data through the attacker to the legitimate site. The attacker sees the data unencrypted.

A similar man-in-the-middle attack would allow someone to hi-jack software updates for Firefox or any other application that uses Mozilla’s update library. When the user’s computer initiates a search for a Firefox upgrade, SSLSniff intercepts the search and can send back malicious code that is automatically launched on the user’s computer.

Marlinspike said Firefox 3.5 is not vulnerable to this attack and that Mozilla is working on patches for 3.0.

With regard to the larger problem involving the null character, Marlinspike said since there is no legitimate reason for a null character to be in a domain name, it’s a mystery why Certificate Authorities accept them in a name. But simply stopping Certificate Authorities from issuing certificates to domains with a null character wouldn’t stop the ones that have already been issued from working. The only solution is for vendors to fix their SSL implementation so that they read the full domain name, including the letters after the null character.



Vulnerabilities Allow Attacker to Impersonate Any Website | Threat Level | Wired.com

PayPal Suspends Researcher’s Account for Distributing Hacking Tools | Threat Level | Wired.com

A security researcher who disclosed a serious vulnerability in online certificates has been blocked from accessing his PayPal account after someone released a counterfeit PayPal certificate he created for a professional training session.

Moxie Marlinspike, who gave a talk at the Black Hat security conference in July about vulnerabilities in the ways that certificate authorities issue website certificates, told The Register that PayPal suspended his account, which contains $500 in value, a day after someone posted his certificate online.

“This is not something I had anything to do with, and they responded by suspending my account,” he told the publication. “I’ve been the one trying to warn them of this in the first place.”

An e-mail to Marlinspike from PayPal indicated the account was being suspended, not for the certificate, but for misuse of the payment processing service.

“Under the Acceptable Use Policy, PayPal may not be used to send or receive payments for items that show the personal information of third parties in violation of applicable law,” the e-mail read. “Please understand that this is a security measure meant to help protect you and your account.”

Marlinspike was told the account would be reinstated once he had removed the PayPal logo from his website.

Marlinspike’s site includes a page where visitors can download free tools he’s written and donate money to him through PayPal. The tools include SSLSniff and SSLStrip, a recent tool he released following his presentation at Black Hat in Las Vegas.

Both tools are used to trick browsers into visiting bogus sites, such as fake PayPal or banking sites, using a bogus certificate.

SSLStrip sniffs traffic going to secure websites that have an https URL in order to conduct a man-in-the-middle attack and take the traffic to an attacker’s fake site instead. The user’s browser examines the attacker’s web certificate sent by SSLSniff, believes the attacker is the legitimate site and begins sending data, such as log-in information, credit card and banking details or any other data through the attacker to the legitimate site. The attacker would be able to see the data unencrypted.

A PayPal spokeswoman told The Register that the company does not allow PayPal “to be used in the sale or dissemination of tools which have the sole purpose to attack customers and illegally obtain individual customer information.”

The spokeswoman didn’t explain why other sites distributing so-called “hacking tools” and using PayPal to process payments have not had their accounts suspended. She also didn’t say why the company decided to suspend Marlinspike’s account only after someone had posted his bogus PayPal certificate.

Marlinspike’s talk at Black Hat showed how an attacker can legitimately obtain a web certificate with a special character in the domain name that would fool nearly all popular browsers into believing an attacker is whichever site he wants to be.

The problem occurs in the way that some certificate authorities issue Secure Socket Layer (SSL) certificates and in the way that browsers implement SSL communications.

“This is a vulnerability that would affect every SSL implementation,” Marlinspike told Threat Level in July, “because almost everybody who has ever tried to implement SSL has made the same mistake.”

Certificates for authenticating SSL communications are issued through Certificate Authorities (CAs) and are used to initiate a secure channel of communication between the user’s browser and a website. When an attacker who owns his own domain — badguy.com — requests a certificate from the CA, the CA, using contact information from Whois records, sends him an e-mail asking to confirm his ownership of the site. But an attacker can also request a certificate for a subdomain of his site, such as Paypal.com\0.badguy.com, using the null character \0 in the URL.

Some CAs will issue the certificate for a domain like PayPal.com\0.badguy.com because the hacker legitimately owns the root domain badguy.com.

Then, due to a flaw found in how SSL is implemented in many browsers, Internet Explorer and other browsers can be fooled into reading the certificate as if it were one that came from PayPal. When these vulnerable browsers check the domain name contained in the attacker’s certificate, they stop reading any characters that follow the “\0″ in the name.

Marlinspike said that an attacker could even register a wildcard domain, such as *\0.badguy.com, which would give him a certificate that would allow him to masquerade as any site on the internet and intercept communication. He said there were ways to trick some browsers into accepting a bogus certificate even if an issuing authority later revoked it.

During a private Black Hat training session that Marlinspike gave to security professionals prior to his public talk, he showed participants a PayPal certificate that he obtained as a proof of concept. Marlinspike told the Register he never distributed the certificate to participants, although a person going by the name “Tim Jones” who posted the certificate to the Full Disclosure mailing list on Monday indicated that Marlinspike did distribute it.

“Attached is one of the null-prefix certificates that [Marlinspike] distributed during his ‘intercepting secure communication’ training at Black Hat,” the person wrote. “This one’s for www.paypal.com, and since the Microsoft crypto api appears to remain unpatched, it works flawlessly with sslsniff against all clients on Windows (IE, Chrome, Safari).”

Marlinspike’s PayPal certificate was issued by IPS CA, based in Spain, which reportedly has since revoked the certificate. No one was available at IPS CA to answer questions when contacted by Threat Level.

Some browsers, such as Firefox, post a warning to users that the certificate has been revoked when they try to access a site using the certificate. But other browsers don’t trigger an alert and are fooled into accepting the certificate.

The vulnerability still exists, despite Marlinspike’s warning about it in July, because a bug in Microsoft’s CryptoAPI hasn’t been fixed. Google’s Chrome and Apple’s Safari for Windows, which rely on the Microsoft library to examine certificates, are two browsers vulnerable to spoofed certificates.


PayPal Suspends Researcher’s Account for Distributing Hacking Tools | Threat Level | Wired.com

Wednesday, September 30, 2009

Tuesday, September 1, 2009

Edwin Vieira, Jr. -- A Primer on "Martial Law"

A PRIMER ON “MARTIAL LAW”

By Dr. Edwin Vieira, Jr., Ph.D., J.D.August 31, 2009
NewsWithViews.com
It is difficult these days not to come upon some pessimistic patriotic commentator expressing the fear that something called “martial law” may soon be imposed on this country, as the General Government’s response to a new “terrorist attack”, or to the economic and social chaos arising out of a collapse of the monetary and banking systems, or to some other dire event that frightens hapless Americans into trading a sure and certain loss of their liberties for a dollop of conjectural safety.

An optimistic patriot might scoff at such fears. But both pessimists and optimists typically share the same implicit first premise: namely, that the form of “martial law” they have in mind is legitimate. Most of the time, this is a rather glaring and dangerous error.

In legal analysis, definitions of terms make all the difference. And “martial law” can be defined in at least four ways:

·First, the term could denote the law that Congress may enact for governance of the Armed Forces and “the Militia of the several States”. This kind of “martial law” is plainly legitimate, because the Constitution delegates to Congress the powers “[t]o make Rules for the Government and Regulation of the land and naval Forces” and “[t]o provide * * * for governing such Part of the[ Militia of the several States] as may be employed in the Service of the United States, reserving to the States, respectively, the Appointment of the Officers, and the Authority of training the Militia according to the discipline prescribed by Congress”. [U.S. Const. art. I, § 8, cls. 14 and 16.] With respect to “the land and naval Forces” such “martial law” applies at all times. With respect to the Militia, it applies only when the latter have been “call[ed] forth * * * to execute the Laws of the Union, suppress Insurrections and repel Invasions”. [U.S. Const. art. I, § 8, cl. 15.] With respect to everyone else, though, it applies not at all. This absolute separation the Fifth Amendment confirms: “No person shall be held to answer for a capital, or otherwise infamous crime, unless on a presentment or indictment of a Grand Jury, except in cases arising in the land or naval forces, or in the Militia, when in actual service in time of War or public danger”. “Martial law” (in this first sense), which may (but need not necessarily) dispense with “Grand Jur[ies]”, applies only to “the land and naval forces” and to the Militia in time of “War” (“repel[ling] Invasions”) or “public danger” (“execut[ing] the Laws of the Union” and “suppress[ing] Insurrections”), and to no one else.

It would be clearer, though, not to describe these matters as involving “martial law, but instead to refer to them with particularity (as the Constitution does) as, say, “rules for the government and regulation of the land and naval forces” and “rules for governing part of the Militia under certain conditions”. Then their application only to individuals in the Armed Forces (at all times and everywhere) and in the Militia (when “call[ed] forth” for the three constitutional purposes)—and their inapplicability to anyone else at any time, anywhere, for any reason—would immediately and always be beyond cavil.

·Second, the term “martial law” may denote the direct control of civilians by military personnel operating in those territories where civilians are present, but no effective (or even any) civilian government exists. For example, during a war, in the front lines and rear echelons, as well as in places in the immediate vicinity where no actual fighting with the enemy may be going on, but the civilian authorities have been destroyed or driven out as a consequence of previous fighting. Or, after some huge natural disaster, mammoth industrial accident, or “terrorists’ strike”, across a wide area in which every important civilian administration has been rendered inoperative. The justification for “martial law” in these cases is that, if the enforcement of civilian law is well-nigh impossible, some other form of order must be set up for the benefit of the civilians themselves who cannot be evacuated. To be sure, in a zone of military operations, crimes such as espionage, sabotage, banditry, looting, and otherwise terrorizing civilians have to be detected, tried, and punished as quickly as possible. But in the case of many (and probably most) other crimes, civilian suspects could simply be arrested and be held for later trial in civilian courts, under civilian law. And military personnel could perform the essentially “police” functions of detection, apprehension, and detention in keeping with the procedures and safeguards of civilian law, too.

Read full article at News with Views - Edwin Vieira, Jr. -- A Primer on "Martial Law"
http://www.newswithviews.com/Vieira/edwin198.htm

Uncle Sam Wants Your Brain

Drugs that make soldiers want to fight. Robots linked directly to their controllers’ brains. Lie-detecting scans administered to terrorist suspects as they cross U.S. borders.

These are just a few of the military uses imagined for cognitive science — and if it’s not yet certain whether the technologies will work, the military is certainly taking them very seriously.

"It’s way too early to know which — if any — of these technologies is going to be practical," said Jonathan Moreno, a Center for American Progress bioethicist and author of Mind Wars: Brain Research and National Defense. "But it’s important for us to get ahead of the curve. Soldiers are always on the cutting edge of new technologies."

Moreno is part of a National Research Council committee convened by the Department of Defense to evaluate the military potential of brain science. Their report, "Emerging Cognitive Neuroscience and Related Technologies," was released today. It charts a range of cognitive technologies that are potentially powerful — and, perhaps, powerfully troubling.

Here are the report’s main areas of focus:

Mind reading. The development of psychological models and neurological imaging has made it possible to see what people are thinking and whether they’re lying. The science is, however, still in its infancy: Challenges remain in accounting for variations between individual brains, and the tendency of our brains to change over time. One important application is lie detection — though one hopes that the lesson of traditional lie detectors, predicated on the now-disproven idea that the physiological basis of lying can be separated from processes such as anxiety, has been learned. Mind readers could be used to interrogate captured enemies, as well as"terrorist suspects" passing through customs. But does this mean, for example, that travelers placed on the bloated, mistake-laden watchlist would have their minds scanned, just as their computers will be? The report notes that "In situations where it is important to win the hearts and minds of the local populace, it would be useful to know if they understand the information being given them."

Cognitive enhancement.

Arguably the most developed area of cognitive neuroscience, with drugs already allowing soldiers to stay awake and alert for days at a time, and brain-altering drugs in widespread use among civilians diagnosed with mental and behavioral problems. Improved drug delivery systems and improved neurological understanding could make today’s drugs seem rudimentary, giving soldiers a superhuman strength and awareness — but if a drug can be designed to increase an ability, a drug can also be designed to destroy it. "It’s also important to develop antidotes and protective agents against various classes of drugs," says the report. This echoes the motivation of much federal biodefense research, in which designing defenses against potential bioterror agents requires those agents to be made — and that raises the possibility of our own weapons being turned against us, as with the post-9/11 anthrax attacks, which used a military developed strain.

Mind control. Largely pharmaceutical, for the moment, and a natural outgrowth of cognitive enhancement approaches and mind-reading insight: If we can alter the brain, why not control it? One potential use involves making soldiers want to fight. Conversely,"How can we disrupt the enemy’s motivation to fight? [...] How can we make people trust us more? What if we could help the brain to remove fear or pain? Is there a way to make the enemy obey our commands?"

Brain-Machine Interfaces. The report focuses on direct brain-to-machine systems (rather than, for example, systems that are controlled by visual movements, which are already in limited use by paraplegics.) Among these are robotic prostheses that replace or extend body parts; cognitive and sensory prostheses, which make it possible to think and to perceive in entirely new ways; and robotic or software assistants, which would do the same thing, but from a distance. Many questions surrounding the safety of current brain-machine interfaces: The union of metal and flesh only lasts so long before things break down. But assuming those can be overcome, questions of plasticity arise: What happens when a soldier leaves the service? How might their brains be reshaped by their experience?

Like Moreno said, it’s too early to say what will work. The report documents in great detail the practical obstacles to these aims — not least the failure of reductionist neuroscientific models, in which a few firing neurons can be easily mapped to a psychological state, and brains can be analyzed in one-map-fits-all fashion.

But given the rapid progress of cognitive science, it’s foolish to assume that obstacles won’t be overcome. Hugh Gusterson, a George Mason University anthropologist and critic of the military’s sponsorship of social science research, says their attempt to crack the cultural code is unlikely to work –"but my sense with neuroscience," he said, "is a far more realistic ambition."

Gusterson is deeply pessimistic about military neuroscience, which will not be limited to the United States.

"I think most reasonable people, if they imagine a world in which all sides have figured out how to control brains, they’d rather not go there," he said. "Most rational human beings would believe that if we could have a world where nobody does military neuroscience, we’ll all be better off. But for some people in the Pentagon, it’s too delicious to ignore."

Emerging Cognitive Neuroscience and Related Technologies [National Academies Press]
Image: University of Western Florida
Note: The NRC committee is formally known as the Committee on Military and Intelligence Methodology for EmergentNeurophysiological and Cognitive/Neural Science Research in the NextTwo Decades. In the future, cognitive technologies will apparently obviate the need for snappy, easily-acronymed titles.
WiSci 2.0: Brandon Keim’s Twitter and Del.icio.us feeds; Wired Science on Facebook.

Link to article: Uncle Sam Wants Your Brain Wired Science Wired.com

Monday, August 31, 2009

“Your Papers, Please!”

Written by Becky Akers
Wednesday, 19 August 2009

Not long ago, Americans feared and ridiculed the police states cursing too many parts of the world. We worried that they might one day conquer us despite their poverty and general misery even as we mocked their totalitarian tactics — especially their “Papers, please” mentality.

Indeed, being forced to prove one’s identity to a bureaucrat on demand, having to carry and produce documents with personal information for his approval — or condemnation — seemed especially horrifying. One of our classic films, Casablanca, revolved around the deadly hassles of obtaining or forging such papers under the Nazis; episodes of Mission Impossible in the 1960s often featured the same detail as American agents outwitted sinister Slavic tyrants.

What tragic irony, then, that the U.S. government increasingly compels us to identify ourselves. And it’s an even greater tragedy that this command no longer terrifies Americans, let alone goads them to protest.

Until now. While the president and his cronies push the country toward full-fledged fascism, state legislatures have rebelled against a federal edict that establishes a key component of such tyrannies: the national ID card.

Congress passed the REAL ID Act in 2005 as a rider on a bill handing more of our money to the military. There was no debate about either the concept of a national ID or the details of implementing it — including the astronomical costs of forcing states to convert the driver’s licenses they issue into national ID cards.

That expense may explain the fiery opposition REAL ID sparked — opposition unprecedented in our lifetime. Some states forbade their bureaucracies to comply with REAL ID while others officially denounced the legislation.

Feds Firing Back
But the feds haven’t surrendered. Instead, they’ve drafted virtually identical legislation under an alias — “Providing for Additional Security in States’ Identification Act of 2009” (PASS ID) — with one difference: states keep more of the taxes they extort from us (or, as Government Technology puts it, PASS ID “reduc[es] costs by providing greater flexibility for states to meet federal requirements by eliminating fees associated with the use of existing databases”). Nevertheless, the last time a federal outrage generated this much fury, Northerners and Southerners went to war.

And an outrage it is. By whatever name, this legislation puts your driver’s license on speed, ramping it up into a national ID. It dramatically increases the personal information your license contains, the number of bureaucrats who can access that data, and the circumstances when the government will not only scrutinize your ID but then decide whether you may proceed with your business — or not.

Though REAL ID wasn’t and PASS ID isn’t explicit about embedding a tracking chip or including biometric data such as fingerprints or retinal scans in licenses, it’s likely both would occur sooner rather than later. And you’ll be flashing your card so much you’ll probably wear it around your neck rather than dig it out of your wallet: the feds will inspect it each time you so much as enter a location under their jurisdiction, including courthouses and airports. You’ll have to show it to open a bank account as well. That custom will doubtless spread to all financial transactions, even the most picayune, as Americans become inured to the constant order, “Papers, please.”

No wonder REAL ID provoked rebellion. But little of it was grass-roots: except for members of organizations like the John Birch Society or Campaign for Liberty, most folks still know very little about REAL ID or PASS ID and care even less; a few actually applaud a national ID because the government claims it fights terrorism. Rather, organizations like the American Civil Liberties Union and the Electronic Frontier Foundation (which “defend[s] your rights in the digital world”) led the charge. Joining them were the governors of various states in a nigh revolutionary stand-off with the feds. That’s even more remarkable when we consider Washington, D.C.’s countless other anti-constitutional incursions over the last hundred years, most of which eviscerated states’ sovereignty just as much as if not more than REAL ID does. Yet it was REAL ID — not affirmative action and its contempt for freedom of association, nor environmental regulations that gut property rights, nor the massacres at Waco and Ruby Ridge — that finally galvanized states to defy the federal Frankenstein.

Why? Most of the governors opposed to REAL ID cited two reasons. They professed concern about our vanishing liberty — a concern strangely missing from their acceptance of other unconstitutional mandates, as well as their own tyrannical decrees. They also complained about its cost, which conservative estimates put somewhere around $23 billion. Yet D.C.’s dictators impose plenty of other unfunded mandates on states, and while governors complain, they don’t rebel.

Still, money likely motivated their mutiny. For one thing, the National Governors Association likes PASS ID because it believes the feds have learned their lesson and will put the dollars where their bill is this time. For another, states resented spending billions on REAL ID’s outlay, but that’s only a tiny part of the story. Licensing drivers is a gold mine for local governments, one so lucrative that they’re highly suspicious of federal interest in the process.

Indeed, the loot from licensing us, as well as the plunder from concomitant fees and fines, is so vast that no one knows the actual amount. That’s partly because governments conceal their profits lest bigger, badder governments steal from them what they stole from us: municipalities often hide how much they extract in traffic tickets for fear their state will demand a bigger cut. So even in our computerized age with its sophisticated methods of accounting, no one knows how much tickets alone filch from us. The National Motorists Association estimates the amount at somewhere between $3.75 and $7.5 billion annually — and that excludes parking tickets. Now add fees for car registration, driver’s licenses, license plates, title certificates, and inspections, as well as the taxes that encumber all things automotive (sales of cars, insurance, gasoline, and parking), to say nothing of parking meters and tolls. (Newsday reported that New York City alone collected 126 million tolls solely for crossing to and from the island of Manhattan in 2006; these ranged from a couple dollars for motorcycles to $36 or more for a truck with five axles.)

Picking our pockets on behalf of the State is one of licensing’s two basic purposes, regardless of its type: professional (doctor’s, realtor’s, broadcasting), fishing and hunting, driver’s. Linda Lewis-Pickett, president and CEO of the American Association of Motor Vehicle Administrators in 2006, frankly admitted that “each state agency has looked at DMVs as revenue generators — ‘Come in and pay taxes and give us money.’” The driver’s licenses and plates those DMVs dispense also enable officials to track us to a billing address, no matter how flawed the issuing cop’s judgment, regardless of how we disagree with his assessment of our speed or the length of time we paused at a stop sign.

Paternal Regulations
Licensing’s other purpose is the control it grants rulers. There’s a reason licenses are also known as “permits”: what the government permits one day it may prohibit the next. Wielding the power to deprive a man of his livelihood or his ability to travel keeps him obedient and cringing.

If that doesn’t inspire us to question government’s licensing of drivers, perhaps the system’s inherent insult will. Licensing implies that we are silly children eager to drive without bothering to learn how; only the fatherly State saves us from automotive annihilation.

That paternal motif increasingly characterizes states’ interactions with drivers as they withhold this “privilege” to coerce our behavior, the way parents do teens. Many revoke licenses for a long list of infractions, not just those that pertain to driving. Minnesota will suspend a license for “truancy,” “underage consumption of alcohol,” or merely the “attempt to unlawfully purchase alcohol or tobacco,” “failure to pay child support,” and “out-of-state conviction.” Ohio repeals its permission to drive for “dropping out of high school, drug-related offenses, unsatisfied civil judgments, delinquent, unruly, or habitual drug user (juveniles), failure to appear in court on a bond, liquor law violations, medical condition that would impair your driving ability [and who decides that?], tagged as a ‘problem driver’ in the National Driver Registry, insurance noncompliance, unresolved out-of-state ticket, out-of-state alcohol- or drug-related offenses.”

DMVs not only exploit this authority, they brag about it. “We walk a very fine line with incredible power over people,” David Lewis, deputy registrar of the Massachusetts Registry of Motor Vehicles, told author Simson Garfinkle in 1993 for an article published in Wired Magazine. Peter Nunnenkamp, manager of driver programs at Oregon’s Driver and Motor Vehicle Services agreed. “[Suspending a license is] the most effective thing that you can do without throwing them in jail.... And it’s fairly cost effective.” So much so that DMVs seldom struggle with delinquent debtors. “Last year,” Garfinkle wrote, “the Massachusetts Registry collected more than US$660 million in fees and fines; less than $600,000 came back as bounced checks — a whopping 0.1 percent. ‘How can you afford to stiff us?’ Lewis asks rhetorically. ‘Whatever it is you have, we’ll take it. We’ll pull your driver’s license. We’ll take your title.’” A capo in the mob sounds less menacing.

If government were honest enough to say, “Look, we want lots and lots of your money, and we also want to subjugate you,” most people would (we hope) deny it the power to license. So as usual, the State cloaks its motives in false solicitude. Licensing protects us, it claims — from selfish sportsmen who would hunt and fish our fields and streams to exhaustion, from broadcasters who would assault our ears with foul language, from reckless drivers. But is any of that true? And if so, if fishermen and radio announcers and drivers are as great a menace as rulers allege, are there more effective ways to protect us from their dangers than by licensing them?

In the case of driver’s licenses, the allegations about safety postdate licensing by several decades. Early drivers simply bought licenses without meeting any requirements whatsoever. In fact, folks often ordered them through the mail: no one tested eyesight, competence, or anything else. Only payment received mattered to the issuing government. Carl Watner at voluntaryist.com reports that by 1909, “twelve states and the District of Columbia required all automobile drivers to obtain” licenses. These generally listed the operator’s “name, address, age, and the type of automobile he claimed to be competent to drive.”

That contented many states for years; decades sometimes passed before they also forced drivers to satisfy a bureaucrat as to their vision and skills. Massachusetts and Missouri were both selling licenses by 1903, but only in 1920 did “Massachusetts . . . [pass] its first requirement for an examination of general operators,” and “Missouri had no driver examination law until 1952.” This at a time when both cars and roads lacked many of the protective features we now take for granted.

DMVs have come a long way since then. Modern ones administer driving and eyesight exams. They harp on seat belts and speed limits. They hang posters about defensive driving in their offices, then compel us to camp out there for hours while slow, surly clerks waste our time and money. That fools most Americans into equating licensed drivers with safe drivers.

Yet little research proves that licensing ensures anything other than increased revenues for government. Some studies purport to establish a link between licensing and safety, but two problems doom these. First, most of them assume rather than prove that governmental licensing equals safety (licensing by a private entity, perhaps an insurance company that requires proof of superior skill and prudence before staking its money on an applicant, would be another and very different matter). Then they compare two incomparable groups: licensed drivers, about whom we know a great deal (how many exist overall, their ages, their driving records, their places of residence, etc.), and unlicensed drivers, about whom there’s almost no information, collectively or individually. As the American Automobile Association warns, “[The] methodology [of researchers who study licensing and safety] has limitations.... [I]t is hard to arrive at reliable findings for unlicensed drivers simply because so little is known about them.”

And one set of such drivers actually establishes the futility of Leviathan’s licensing. The American Academy of Pediatrics reported last year: “No relationship was found between license status and reported crashes” among teen drivers — despite the fact that the unlicensed ones tended to drink and drive, speed, etc. It concluded that about six percent of them “drive unlicensed” — but “on average, they do not seem to have increased crash risk compared with licensed teens. However, they display increased unsafe driving behaviors, particularly lower rates of seat belt use, which puts them at higher risk for injury and death when a crash occurs.”

Meanwhile, many of the drivers Leviathan licenses are notoriously dangerous nonetheless. Not only are teens a hazard, as their insurance rates testify, so are elderly drivers. A study from 1998 noted that “some statistics show they are more likely to be involved in fatal accidents than all other age groups but those under 25.” Licensing does not quicken slow reflexes, and the visual tests most DMVs administer are so fatuous even patients suffering from cataracts and glaucoma can pass them. Then, too, we’ve all read about or known someone injured or killed by a drunk but licensed driver with multiple offenses to his credit. The bureaucrats who promise to protect us so long as we cede our liberty to them have failed abysmally.

There’s an army of them, too. The agencies connected to automotive transportation in each state — from those that build and repair the roads to those that issue driver’s licenses and plates to those that cruise the highways trapping unwary drivers and robbing them of even more money — are myriad and labyrinthine. They hire phalanxes of union members who protest each and every cut a state makes to their budget with the excuse that the “customers” they “serve” deserve better: when California recently tried to cut expenses by eliminating overtime — not jobs, mind you, just overtime — at DMVs, one employee moaned to ABC News, “We had to turn a lot of people away because we can’t serve them because we have to be out at 5:00 p.m. We cannot get no overtime [sic], so now we have customers yelling at us thinking it’s our fault.”

“Customers” should wise up. Rather than begging our rulers for longer hours and shorter lines so that we can more easily pay their extortion, we should demand that they quit charging us for a “privilege” we already own as a right.

Rights and Reasoning
Despite DMVs’ propaganda to the contrary, traveling by any means — walking; riding a horse, bus, train, or plane; driving a car — is one of the inalienable rights we possess by virtue of our humanity. Unless we trespass, we assault no one’s life, liberty, or property by simply moving from one location to another. The State has no moral authority to interfere.

Why, then, did our grandparents allow government to license cars in the first place? Didn’t this strike them as a bizarre and intrusive innovation? After all, no one licensed horses and buggies.

Unfortunately, inventors developed the internal combustion engine just as progressive politics with its veneration of Leviathan was hijacking the nation. Progressives convinced Americans who had formerly distrusted government that it was in fact their best friend, a benign giant protecting them in the frightening, rapidly changing world of electricity, telephones, airplanes, and automobiles.

Add to that the fear most people harbor for new technology, especially technology they can’t afford. Cars were playthings for the wealthy when they first appeared on the market — but noisy, smelly nuisances to everyone else. The folks whose horses shied as a newfangled automobile zipped past deeply resented this emerging industry.

And once Mr. Millionaire bought his car, where did he drive it? The early 20th century boasted very few paved roads.

These considerations spurred automotive enthusiasts to welcome government’s interest in their hobby. If the State approved of driving enough to license it, everyone must accept it, even those too poor to afford cars. And what politicians regulate, they usually fund, too. The magnates buying horseless carriages wanted all taxpayers, not just themselves, to subsidize the infrastructure their new toys required.

Since then, government has consolidated its conquest of our automotive lives — a conquest so complete most people take it for granted despite the State’s incompetence and even criminal negligence. It monopolizes the design and construction of roadways; meanwhile, we mourn roughly 42,000 traffic fatalities year after year. Deliberate carelessness like drunk driving accounts for some of these deaths, but others result when drivers follow the rules of the road as imposed by the State.

Bureaucrats heavily regulate automotive design and manufacture, too. Their latest mania is more miles to the gallon. But many experts blame the requisite flimsiness for more fatalities when crashes occur: cars built from plastic rather than steel reduce consumption of fuel but put occupants at risk. And government’s decades of ineptly micromanaging Detroit’s Big Three led directly to their failure and nationalization.

In short, an accident of history put government behind the wheel of all things automotive. But there’s no reason we should acquiesce in this. Certainly we should work to ensure that PASS ID suffers REAL ID’s same fate. But let’s go the extra mile and oppose the State’s licensing of drivers at all.

Whether in their current incarnation or REAL ID’s uber-version, driver’s licenses swindle huge amounts of our money while giving the State virtually unlimited authority and an excuse for spying on us. They also destroy the private market that would otherwise exist for authenticating one’s name and credentials — a market with virtually none of the fraud and identity theft that characterize the government’s monopoly of this industry. It would be a differentiated market, too, offering degrees of authentication for everything from cashing a check to entering a restricted area, rather than the one-size-fits-all approach of driver’s licenses that divulges our names, addresses, birthdates, height, and weight to every bank teller and supermarket clerk.

Indeed, frightening amounts of our personal data clog DMVs’ computers. Professor Margaret Stock of the United States Military Academy at West Point inadvertently makes that point when arguing that governments should issue driver’s licenses to illegal aliens. She writes that “driver license and state identification databases play” a huge “role” “in national security and law enforcement.”

“The collective DMV databases are the largest law enforcement databases in the country,” she continues, “with records on more individual adults than any other law enforcement databases. The collective DMV databases are the only comprehensive internal security database.

“The Department of Homeland Security (DHS) does not yet have a comprehensive database on all adult residents of the United States.... When DHS wants to find someone, the primary government database it relies upon is the driver license database.

“When a person … applies for a driver license, that person … provides the DMV with a variety of valuable personal information — including a key identifier, the digital photo. DMV databases thus contain biometric information, and a wealth of other valuable information that is updated on a regular basis … by the individual who has the license.” She insists that other databases can’t compete with the depth and breadth of the DMVs’ — not the “state birth certificate databases,” which record a one-time event without updates, nor the “federal Social Security” and “Internal Revenue Service databases,” which lack “biometric information.”

Should government know this much about us simply because we drive cars we own on roads we pay for?

“Your Papers, Please!”

The New York Times on Government Website Privacy | Electronic Frontier Foundation

By Tim Jones

Today's New York Times includes their editorial board's take on revising government web tracking policy. Their recommendations align closely with those we made in coordination with The Center for Democracy and Technology earlier this month:

Officials say they recognize that people must be told that their use of Web sites is being tracked — and be given a chance to opt out. More is needed. The government should commit to displaying such notices prominently on all Web pages — and to making it easy for users to choose not to be tracked.
It must promise that tracking data will be used only for the purpose it was collected for: if someone orders a pamphlet on living with cancer, it should not end up in a general database. Information should be purged regularly and as quickly as possible. These rules must apply to third parties that operate on government sites.

The Obama administration is working to better harness the power of the Internet to deliver government services. That is good. But it needs to be mindful that people should be able to get help and be assured that their privacy is being vigilantly protected.
Last week, CDT's Alissa Cooper summarized our recommendations in detail on CDT's PolicyBeta blog.
The New York Times on Government Website Privacy Electronic Frontier Foundation

Last-Ditch Effort to Scuttle RIAA File Sharing Verdict | Threat Level | Wired.com

Last-Ditch Effort to Scuttle RIAA File Sharing Verdict
By David Kravets August 31, 2009
Jammie Thomas-Rasset

Much of Jammie Thomas-Rasset’s legal arguments following this summer’s $1.92 million Recording Industry Association of America file sharing jury verdict against her don’t have much weight or precedent.

Clearly, that a jury in June ordered her to pay $80,000 for each of the 24 music tracks she infringed on Kazaa is outrageous and shocks the conscience – and there’s no rational relationship between the amount of harm suffered by the recording industry and the award granted.

Thomas-Rasset wass the nation’s first sharing defendant to go before a jury. The RIAA has filed more than 30,000 lawsuits targeting individuals, and most have settled out of court.

That said, in their latest court papers, (.pdf) Thomas-Rasset’s legal team again is sticking to the argument that the whopping jury award is a due process violation – all in a bid perhaps to secure a third trial. (The first ended in a $222,000 judgment against the Minnesota woman, but a mistrial was declared after the judge conceded he gave faulty jury instructions)

Still, it is true that the U.S. Supreme Court and the lower courts have repeatedly reduced lofty jury awards based on so-called due process breached. But those were punitive damages awards, not statutory damages awards.

Those punitive damage reductions, including the Exxon Valdez oil spill disaster, do not apply to Thomas-Rasset’s case – although Thomas-Rasset’s defense team suggests there’s always a first.

Punitive damages are the amount a jury awards to punish conduct of an offender. Up until recently, there generally has been no limit. But the Supreme Court has suggested that punitive damages should be limited to about no more than 10 times the amount of actual damages a jury awards.

Higher ratios, the courts have said, are due process breaches because defendants have no notice ahead of time about the lofty financial consequences of their actions.

But the law is crystal clear when it comes to the Copyright Act, the law under which the RIAA sued Thomas-Rasset. Juries can award up to $150,000 per violation. Punitive damages do not fall under the Copyright Act.

One of the only points in Thomas-Rasset’s brief that makes a compelling argument is that the Copyright Act, when amended in 1999, didn’t conceive of non-commercial cases the RIAA has been bringing the past six years.

“The notion that Congress decided that the award of statutory damages in this case was somehow appropriate or tailored to ensure deterrence is a fiction that the plaintiffs would have this court adopt. The Congress that enacted the statutory-damages provision of the Copyright Act could not have had the kinds of illegal but non-commercial music downloading here at issue in mind,” defense attorney K.A.D. Camara argues in recent briefs.

It’s true: There’s no doubt that a $1.92 judgment over $24 worth of music provides the clearest example yet of the abuses made possible by the 1976 Copyright Act, which Congress modified in 1999, at the behest of Hollywood and the recording industry, to carry a maximum penalty for a single infringement of up to $150,000.

That statutory penalty was intended to bankrupt large-scale commercial pirating operations, like organized DVD and CD bootleggers — not to put individuals like Thomas-Rasset in debt for the rest of their lives.

Still, the RIAA is crying foul.

After Thomas-Rasset refused to settle out of court, the industry is now demanding that Thomas-Rasset pay up. The RIAA is also seeking U.S. District Judge Michael Davis to issue an injunction barring her from future file sharing.

“Plaintiffs’ evidence showed that defendant knew what she was doing was wrong, that she did it anyway, and then lied about it for years. Through two trials, defendant still shows no remorse whatsoever for her actions and has made it clear that she has no intention of ever satisfying any portion of the judgment against her,” Timothy Reynolds, the RIAA’s attorney, wrote (.pdf) Davis.

Judge Davis of Minnesota could rule on the retrial and injunction issue any time.
Last-Ditch Effort to Scuttle RIAA File Sharing Verdict | Threat Level | Wired.com

Thursday, August 27, 2009

Dave Lindorff: Living in a Police State

The Gates Incident
Living in a Police State
By DAVE LINDORFF

The point about the arrest Monday by a Cambridge Police sergeant of Harvard Distinguished Professor Henry “Skip” Gates is not that the police initially thought the celebrated public intellectual, PBS host and MacArthur Award winner might have been a crook who had broken into Gates’ rented home. Anyone capable of seeing a 58-year-old man with a cane accompanied by a man in a tux as a potential burglar might make the same mistake, given that a neighbor had allegedly called 911 to report seeing two black men she thought were breaking into the house.

But after Prof. Gates had shown the cops his faculty ID and his drivers’ license, and had thus verified his identity, and after he had explained that he had just returned home on a flight from China and had been getting help from his limo driver in opening a stuck door, the cops should have been extremely polite and apologetic for having suspected him and for having insisted on checking him out.

After all, a man’s home is supposed to be his castle. When you violate that sanctity, you should, as a police officer, appreciate that the owner might be upset.

But where it really goes wrong is what happened next.

Prof. Gates, who was understandably outraged at the whole situation, properly told the sergeant that he wanted his name and his badge number, because he intended to file a complaint. Whether or not the officer had done anything wrong by that point is not the issue. It was Gates’ right as a citizen to file a complaint. The officer’s alleged refusal to provide his name and badge number was improper and, if Gates’ claim is correct, was a violation of the rules that are in force in every police department in the country.

But whatever the real story is regarding the showing of identification information by Gates and the officer, police misconduct in this incident went further. Gates reportedly got understandably angry and frustrated at the officer for refusing to provide him with this identifying information and/or for refusing to accept his own identification documents, and at that point the officer abused his power by arresting Gates and charging him with disorderly conduct.

There’s nothing unusual about this, sadly. It is common practice for police in America to abuse their authority and to arrest people on a charge of “disorderly conduct” when those people simply exercise their free speech rights and object strenuously to how they are being treated by an officer. Try it out sometime. If you are given a ticket for going five miles an hour over the posted speed limit, tell the traffic officer he or she is a stupid moron, and see if you are left alone. My bet is that you will find yourself either ticketed on another more serious charge, or even arrested for “disorderly conduct.” If you happen to be black or some other race than white, I’ll even put money on that bet. (If you’re stupid enough to go out and test this hypothesis, please don’t expect me to post your bail!)

There is no suggestion by police that Gates physically threatened the arresting officer. His “crime” at the time was simply speaking out.

What is unusual is not that the officer arrested Gates for exercising his rights. That kind of thing happens all the time. What’s unusual is that this time the police levied their false charge against a man who is among the best known academics in the country, who knows his rights, and who has access to the best legal talent in the nation to make his case (his colleagues at the Harvard Law School).

Very little of the mainstream reporting I’ve seen on this event makes the crucial point that it is not illegal to tell a police officer that he is a jerk, or that he has done something wrong, or that you are going to file charges against him. And yet too many commentators, journalists and ordinary people seem to accept that if a citizen “mouths off” to a cop, or criticizes a cop, or threatens legal action against a cop, it’s okay for that cop to cuff the person and charge him with “disorderly conduct.” Worse yet, if a cop makes such a bogus arrest, and the person gets upset, he’s liable to get an added charge of “resisting arrest” or worse.

We have, as a nation, sunk to the level of a police state, when we grant our police the unfettered power to arrest honest, law-abiding citizens for simply stating their minds. And it’s no consolation that someone like Gates can count on having such charges tossed out. It’s the arrest, the cuffing, and the humiliating ride in the back of a cop squad car to be booked and held until bailed out that is the outrage.

I’m sure police take a lot of verbal abuse on the job, but given their inherent power—armed and with a license to arrest, to handcuff, and even to shoot and kill—they must be told by their superiors that they have no right to arrest people for simply expressing their views, even about those officers.

Insulting an officer of the law is not a crime. Telling an officer he or she is breaking the law is not a crime. Demanding that an officer identify him or herself is not a crime. And saying you are going to file a complaint against the officer is not a crime.

As someone who, although white, spent his youth in the 1960s and early 1970s with long hair and a scraggly beard--both red flags to police back in the day--and who had his share of run-ins with police for that reason alone, I can understand to some extent what African-Americans, and especially African-American men, go through in dealing with white police officers. I used to be “profiled” as a druggie/lefty/hippy and was stopped regularly for no reason when I lived in Los Angeles and drove an 20-year-old pick-up truck. I’d be pushed up against the vehicle, frisked, shouted at, talked to threateningly. I’d have my vehicle searched (without a warrant). And if I objected, I’d be threatened with arrest, though I had done nothing. Under those circumstances, you quickly learn to be very deferential around police.

Prof. Gates was simply experiencing the frustration that young black men feel routinely, and that I used to feel back when I had hair and chose to grow it long—the feeling of being at the mercy of lawless, power-tripping cops.

In a free country, we should not allow the police, who after all are supposed to be public servants, not centurions, to behave in this manner. When we do, we do not have a free society. We have a police state.

Dave Lindorff is a Philadelphia-based journalist and columnist. His latest book is “The Case for Impeachment” (St. Martin’s Press, 2006 and now available in paperback). He can be reached at dlindorff@mindspring.com

Dave Lindorff: Living in a Police State

Tuesday, August 4, 2009

Feds at DefCon Alarmed After RFIDs Scanned

By Kim Zetter August 4, 2009 9:30 am Categories: Cybersecurity, DefCon


LAS VEGAS — It’s one of the most hostile hacker environments in the country –- the DefCon hacker conference held every summer in Las Vegas.

But despite the fact that attendees know they should take precautions to protect their data, federal agents at the conference got a scare on Friday when they were told they might have been caught in the sights of an RFID reader.

The reader, connected to a web camera, sniffed data from RFID-enabled ID cards and other documents carried by attendees in pockets and backpacks as they passed a table where the equipment was stationed in full view.

It was part of a security-awareness project set up by a group of security researchers and consultants to highlight privacy issues around RFID. When the reader caught an RFID chip in its sights — embedded in a company or government agency access card, for example — it grabbed data from the card, and the camera snapped the card holder’s picture.

But the device, which had a read range of 2 to 3 feet, caught only five people carrying RFID cards before Feds attending the conference got wind of the project and were concerned they might have been scanned.

Kevin Manson, a former senior instructor at the Federal Law Enforcement Training Center in Florida, was sitting on the “Meet the Fed” panel when a DefCon staffer known as “Priest,” who prefers not to be identified by his real name, entered the room and told panelists about the reader.

“I saw a few jaws drop when he said that,” Manson told Threat Level.

“There was a lot of surprise,” Priest says. “It really was a ‘holy shit,’ we didn’t think about that [moment].”


Law enforcement and intelligence agents attend DefCon each year to garner intelligence about the latest cyber vulnerabilities and the hackers who exploit them. Some attend under their real name and affiliation, but many attend undercover.

Although corporate- and government-issued ID cards embedded with RFID chips don’t reveal a card holder’s name or company — the chip stores only a site number and unique ID number tied to a company or agency’s database where the card holder’s details are stored — it’s not impossible to deduce the company or agency from the site number. It’s possible the researchers might also have been able to identify a Fed through the photo snapped with the captured card data or through information stored on other RFID-embedded documents in his wallet. For example, badges issued to attendees at the Black Hat conference that preceded DefCon in Las Vegas were embedded with RFID chips that contained the attendee’s name and affiliation. Many of the same people attended both conferences, and some still had their Black Hat cards with them at DefCon.

But an attacker wouldn’t need the name of a card holder to cause harm. In the case of employee access cards, a chip that contained only the employee’s card number could still be cloned to allow someone to impersonate the employee and gain access to his company or government office without knowing the employee’s name.

Since employee access card numbers are generally sequential, Priest says an attacker could simply change a few digits on his cloned card to find the number of a random employee who might have higher access privileges in a facility.

“I can also make an educated guess as to what the administrator or ‘root’ cards are,” Priest says. “Usually the first card assigned out is the test card; the test card usually has access to all the doors. That’s a big threat, and that’s something [that government agencies] have actually got to address.”"

In some organizations, RFID cards aren’t just for entering doors; they’re also used to access computers. And in the case of RFID-enabled credit cards, RFID researcher Chris Paget, who gave a talk at DefCon, says the chips contain all the information someone needs to clone the card and make fraudulent charges on it — the account number, expiration date, CVV2 security code and, in the case of some older cards, the card holder’s name.

The Meet-the-Fed panel, an annual event at DefCon, presented a target-rich environment for anyone who might have wanted to scan government RFID documents for nefarious purposes. The 22 panelists included top cybercops and officials from the FBI, Secret Service, National Security Agency, Department of Homeland Security, Defense Department, Treasury Department and U. S. Postal Inspection. And these were just the Feds who weren’t undercover.

It’s not known if any Feds were caught by the reader. The group that set it up never looked closely at the captured data before it was destroyed. Priest told Threat Level that one person caught by the camera resembled a Fed he knew, but he couldn’t positively identify him.

“But it was enough for me to be concerned,” he said. “There were people here who were not supposed to be identified for what they were doing … I was [concerned] that people who didn’t want to be photographed were photographed.”

Priest asked Adam Laurie, one of the researchers behind the project, to “please do the right thing,” and Laurie removed the SD card that stored the data and smashed it. Laurie, who is known as “Major Malfunction” in the hacker community, then briefed some of the Feds on the capabilities of the RFID reader and what it collected.

The RFID project was a collaboration between Laurie and Zac Franken — co-directors of Aperture Labs in the Britain and the ones who wrote the software for capturing the RFID data and supplied the hardware — and Aries Security, which conducts security-risk assessments and runs DefCon’s annual Wall of Sheep project with other volunteers.

Each year the Wall of Sheep volunteers sniff DefCon’s wireless network for unencrypted passwords and other data attendees send in the clear and project the IP addresses, login names and truncated versions of the passwords onto a conference wall to raise awareness about using wireless networks without encryption.

This year they planned to add data collected from the RFID reader and camera (below) — to raise awareness about a privacy threat that’s becoming increasingly prevalent as RFID chips are embedded into credit cards, employee access cards, state driver’s licenses, passports and other documents.

Read Full Story at Wired.com

Sunday, August 2, 2009

naked capitalism

naked capitalism

What the Dead Watch on Television Blog // Recent Blog Entries ...

What the Dead Watch on Television Blog // Recent Blog Entries ...

DefCon: ‘Credit Hackers’ Win the Credit Card Game … Legally | Threat Level | Wired.com

DefCon: ‘Credit Hackers’ Win the Credit Card Game … Legally | Threat Level | Wired.com: "Hundreds of “credit hackers” are legally gaming financial institutions by taking advantage of loopholes in the U.S. credit-reporting system, a security researcher says — warning that identity thieves could follow suit.
Christopher Soghoian, a fellow at Harvard’s Berkman Center, took a security expert’s eye to the tricks already in use by a healthy subculture of clever consumers who have managed to garner zero-interest loans and erase some information from their credit profiles. He’s presenting his findings Saturday at the DefCon hacker convention.
“The techniques outlined in this paper are not traditional hacking,” he said in an interview. “All that is being done is taking advantage of the formalized structure of the process.”"

Joe Biden loves RIAA, DRM; hates encryption, George Bush | The ...

Joe Biden loves RIAA, DRM; hates encryption, George Bush | The ...

riaa biden - Google Search

riaa biden - Google Search: "Joe Biden, huh? Talk about strike three. 2000: Democratic vice-presidential nominee Joe Lieberman “loses” election. Flash forward to 2008 and this stuffy ..."

Joe Biden's pro-RIAA, pro-FBI tech voting record | Politics and ...

Joe Biden's pro-RIAA, pro-FBI tech voting record | Politics and ...

How It Does It: The RIAA Explains How It Catches Alleged Music ...

How It Does It: The RIAA Explains How It Catches Alleged Music ...

boycott-riaa.com - CD Prices

boycott-riaa.com - CD Prices: "CD PRICES
The RIAA talks about how the costs have risen since the invention of the CD player in 1983 (I could have sworn it was earlier than that). They talk about consumer price index and cost of living increases to point out the cost of a CD are inexpensive comparatively. Using their numbers of a price of 12.75 in 1996 to 17.99 ( my number) that's a 41% price increase in 5 years.

Now then, in the same period, the cost of mid range CD Players have come down from around $400 dollars, to around $100 for a single disc machine the costs of the technology, have come way down.

In 1993 cheapest CDR recorder you could purchase was about $4500, yes $4500! Today the cost of a top of the line CDR recorder is under $200. Do the math, (of course the RIAA will have to hire a bank of high priced accountants and CD prices will rise again) CDR Prices have gone from $20 EACH to less than $1.00.

You be the judge.."

riaa - Google Search

riaa - Google Search: "EFF: RIAA Subpoena Database Query ToolInstead, the RIAA-member record labels are filing 'Doe' lawsuits against unnamed individuals and then issuing subpoenas to ISPs as part of the discovery ..."

RIAA wants your fingerprints • The Register

RIAA wants your fingerprints • The Register

Stop the RIAA lawsuits! Outrageous Lawsuits of RIAA

Stop the RIAA lawsuits! Outrageous Lawsuits of RIAA

Riaa will take 2191.78 years to sue everyone - The Inquirer

Riaa will take 2191.78 years to sue everyone - The Inquirer

MPAA and RIAA Information Page - A Resource on RIAA and MPAA Lawsuits and P2P Litigation

MPAA and RIAA Information Page - A Resource on RIAA and MPAA Lawsuits and P2P Litigation: "L a w O f f i c e s o f C h a r l e s L e e M u d d J r.
Providing Legal Representation to Individuals and Business Organizations"

Negativland and the RIAA (archive)

Negativland and the RIAA (archive): "The following archive covers our somewhat successful 1998 skirmish with the Recording Industry Association of America. The Washington Post article has the most succinct overview of what happened. Also included are some links and text we considered relevant to the situation at the time."

RIAA Claims Music On Car Radios Meant Only For Original Vehicle ...

RIAA Claims Music On Car Radios Meant Only For Original Vehicle ...

The RIAA Prank: Do They Really Care About Kazaa, Grokster, and Napster?

The RIAA Prank: Do They Really Care About Kazaa, Grokster, and Napster?: "The Recording Industry Association of America has been making headlines with their recent threat to sue anyone engaged in digital piracy. Take a look at this photo"

strangle Web radio in its crib by imposing impossible fee structures

strangle Web radio in its crib by imposing impossible fee structuresFacts and Figures


Every Music CDR since the AHRA was enacted has a hidden tax built into the price! (2% of the manufacturers sales) This is supposedly to pay the artists for home recording. Who Collects the Tax? The RIAA under the auspices of the AARC. Who shares office space with the RIAA and has many of the RIAA employees working for it. I haven't been able to find one artist that was paid a cent of the money. 4% is set aside for non-featured artists, of the remainder 40% for the featured artist and 60% for the labels. To date I have not found one artist who has received one cent of this money. (Source: RIAA website)
In addition every CD recorder has a $2.00 surcharge built into the price that goes directly to the RIAA
The artists received not one cent of the money from the MP3.Com settlements of approx $158 Million to the labels. Who did??? The label themselves.
SoundExchange" the new digital rights collective for collecting royalties from internet play is a division of the RIAA. They did not distribute royalties in July 2001 as they were supposed to do, but instead decided to wait until next year.
85% of all music is released by 5 major labels (Sony, EMI, UMG, Time Warner, & BMG)
Federal Trade Commission (FTC Statement): "At any given point about 20% of the music every recorded is available legally." The rest is locked away by the labels depriving the creators of a potential source of income, the fans of the music they want, while creating a false market for the band "d'jour."
The RIAA on their website say the cost of CD's haven't risen as much as they could have read our take it.

Read the settlement statement of the FTC findings against the Big 5 concerning charges that all five companies illegally modified their existing cooperative advertising programs to induce retailers into charging consumers higher prices for CDs
See where the money really goes Steve Albini (producer of Nirvana's "In Utero) Interesting comment from Fox Entertainment Group (FOX) Chief Executive Peter Chernin, who has about as much of a clue as Jack Valenti:
"Film makers can offer their audience a choice of ways to see movies -- they can view them in the theater, rent them, or buy them. . .Music companies are much less flexible.. . .It's hard to buy one song. You're forced to buy the CD," he said.
"I'd like to introduce the recording industry to something called bottled water," said Jonathan Potter, executive director of Digital Media Association, in a recent interview commenting on Free vs Fee online music. His lobbying group represents music sites that are trying to promote and sell music over the Internet.
"It is not correct to assume that every time a copy is made, a sale is lost," said Gary Shapiro, a spokesman for the Consumer Electronics Association. And, he also pointed out that many of the companies he represents, which make computers and other gadgets that enable people to copy music or download MP3s, have seen their sales fall much more sharply.

Congrats, RIAA: Chilling Effects Have Killed Interest In New Digital Music Startups | Techdirt

Congrats, RIAA: Chilling Effects Have Killed Interest In New Digital Music Startups | Techdirt: "Congrats, RIAA: Chilling Effects Have Killed Interest In New Digital Music Startups
from the nice-work! dept
We've noticed that pretty much every single new and innovative digital music startup that pops up eventually gets sued by the record labels. The labels seem to view this as a part of basic negotiations -- and, in fact, many of the lawsuits have ended in partnership/equity deals. But, those deals tend to be suffocating. Given that (likelihood of getting sued or getting a deal that makes a profitable business impossible), is it any wonder that entrepreneurs are shying away from any sort of digital music startup these days, in favor of opportunities with no obsolete gatekeepers demanding huge chunks of whatever revenue they might one day make?"

RIAA Bans Telling Friends About Songs | The Onion - America's ...

RIAA Bans Telling Friends About Songs | The Onion - America's ...

Boycott The IRAA!

Facts and Figures

Every Music CDR since the AHRA was enacted has a hidden tax built into the price! (2% of the manufacturers sales) This is supposedly to pay the artists for home recording. Who Collects the Tax? The RIAA under the auspices of the AARC. Who shares office space with the RIAA and has many of the RIAA employees working for it. I haven't been able to find one artist that was paid a cent of the money. 4% is set aside for non-featured artists, of the remainder 40% for the featured artist and 60% for the labels. To date I have not found one artist who has received one cent of this money. (Source: RIAA website)
In addition every CD recorder has a $2.00 surcharge built into the price that goes directly to the RIAA
The artists received not one cent of the money from the MP3.Com settlements of approx $158 Million to the labels. Who did??? The label themselves.
SoundExchange" the new digital rights collective for collecting royalties from internet play is a division of the RIAA. They did not distribute royalties in July 2001 as they were supposed to do, but instead decided to wait until next year.
85% of all music is released by 5 major labels (Sony, EMI, UMG, Time Warner, & BMG)
Federal Trade Commission (FTC Statement): "At any given point about 20% of the music every recorded is available legally." The rest is locked away by the labels depriving the creators of a potential source of income, the fans of the music they want, while creating a false market for the band "d'jour."
The RIAA on their website say the cost of CD's haven't risen as much as they could have read our take it.

Read the settlement statement of the FTC findings against the Big 5 concerning charges that all five companies illegally modified their existing cooperative advertising programs to induce retailers into charging consumers higher prices for CDs
See where the money really goes Steve Albini (producer of Nirvana's "In Utero) Interesting comment from Fox Entertainment Group (FOX) Chief Executive Peter Chernin, who has about as much of a clue as Jack Valenti:
"Film makers can offer their audience a choice of ways to see movies -- they can view them in the theater, rent them, or buy them. . .Music companies are much less flexible.. . .It's hard to buy one song. You're forced to buy the CD," he said.
"I'd like to introduce the recording industry to something called bottled water," said Jonathan Potter, executive director of Digital Media Association, in a recent interview commenting on Free vs Fee online music. His lobbying group represents music sites that are trying to promote and sell music over the Internet.
"It is not correct to assume that every time a copy is made, a sale is lost," said Gary Shapiro, a spokesman for the Consumer Electronics Association. And, he also pointed out that many of the companies he represents, which make computers and other gadgets that enable people to copy music or download MP3s, have seen their sales fall much more sharply.
Boycott The RIAA