Tag Archive for 'internet'

Why SOPA Will Turn The Internet Into A Television

Share on TwitterSubmit to StumbleUpon

It’s a sad state of affairs when our country’s internet might become more censored than China’s.  Because that’s apparently the kind of plan that Texas senator and professional hypocrite Lamar Smith has in store for the country with his Stop Online Privacy Act bill.  Thankfully though, our president along with those still looking out for our Constitution appear to have taken enough action to likely put SOPA down before it becomes law.

On paper, SOPA might initially seem like a good idea.  That’s because much like every bill introduced in Congress, SOPA is couched in patriotic, agreeable language that ultimately tells the public nothing about its horrible insides.

If you haven’t been following the news and haven’t heard of SOPA, just pop those letters into Google and watch your screen explode with results.  The bill proposes to end online piracy of movies, books, television shows, music, etc. by criminalizing the streaming/transmittal of such copyrighted content.

Now again, this might sound like a good idea at first.  Online piracy is costing our country’s economy millions of dollars in taxes, not to mention even higher figures for those who produce the material.  SOPA would likely impede a lot of it by way of the bill’s strict criminal penalties.

However, the trade off is far worse as passing it would undoubtedly change the way the internet is used forever, or at least until SOPA is repealed.  The internet under SOPA would no longer be a place for the free exchange of ideas; rather it will become a commercial venue for companies to reap high revenue while leaving users with a world wide web more akin to a television set than the internet we know today.

How would SOPA do this?  Before we get to that answer, it’s important to first discuss the way television works.  Yes, I’m aware everyone out there knows how to work a television, but humor me.  Television delivers content to viewers via a fixed one way path.  It’s fixed in the sense that what we see on T.V. is controlled completely by the stations and studios that produce and broadcast the programming we see.  In this sense, other than our ability to change channels, viewers have no control over the content that will appear from the television.  The T.V. is a fixed medium in which corporations have full control of both the content and advertising that is transmitted.  Sure, people can buy cable or spend money on getting premium channels like HBO, but in general everything that we see has been carefully vetted and controlled.

The internet as it is today, on the other hand is the exact opposite of television.  It’s a non-fixed medium in which any user may create, post, and view the content created and posted by other users.  It’s a medium in which corporations and the general public are on equal footing in terms of reach, in that anyone who has an internet connection can view both a commercial website or a person’s personal web page without having to pay anything extra to do it.  There’s no barrier to entry, anyone can post anything, as long as it doesn’t violate our country’s law.

This is where SOPA comes in.  If the bill somehow were to pass, the stiff penalties it carries would change the internet into a slightly more interactive television set.  You see, SOPA would make it a criminal offense for anyone to post copyrighted material.

Copyright content is vast: it’s not just movies, T.V. shows, or music; it’s also pictures, poems, news articles, short stories, pretty much any type of content that can be created by people can also be copyrighted.

For example, if one were to change their profile picture on Facebook to an image of Optimus Prime from Transformers and the image is one that has been copyrighted by Hasbro, the current owner of the Transformers property, that Facebook user’s page could be shut down.  And if everyone on Facebook did the same, under SOPA, all of Facebook could be shutdown too for copyright infringement.

YouTube, forget about it, that site would be down faster than a piñata full of hundred dollar bills at a birthday party.  SOPA would also make it illegal for sites to even link to pages that contain copyright infringing materials.  This means a search engine, like Google, could no longer bring up all the pages that it finds for us every day.  Furthermore, even if someone were to try to go directly to a website with some infringing content, under the broad language of SOPA, internet service providers would be required to block access to those websites.

So what kind of internet would we be left with it SOPA were to pass?  We’d be left with a television that we can type on.  It would be an internet run by corporations, where any time we want content, we’d have to go directly to the only source that produced it.  We’d have to suffer through their advertisements, registration requirements, and in all likelihood we’d also probably have to pony up some cash on top of it all.

The message here is a simple one: SOPA is bad for the internet.  But of course, that’s just my opinion.  Though in this case, I’d find it hard to imagine if anyone other than a corporation would disagree with me on this point.

Incoming search terms for the article:

Thanks to the Internet, We Are All Now Criminals

Share on TwitterSubmit to StumbleUpon

How many contracts did you enter into this year? Can you count off the top of your head? If you signed a car purchase agreement, a lease, or a mortgage, I’m sure you remember those. Maybe you joined some type of club or organization, or started a new job, which required you to enter into formal agreements with another party.

But if you’re a computer user, the contracts whose terms you bothered to learn, or even remember entering, are almost certainly a small fraction of the total number of legally-binding agreements you entered.

Here’s a better question: how many times did you click “I agree” when visiting a website or installing a piece of software? I’m going to guess it’s more than you can count. And how many times did you read the entire agreement you purportedly just agreed to? If you’re anything like me, and the vast majority of people, you probably read none of them. After all, if you did, it’s what you’d spend most of your life doing.

An example: the simple act of buying music, which once upon a time involved walking into a store, picking the CD you want, and exchanging it for money with the clerk behind the counter. You might have gone through the whole process without saying a word, let alone signing a contract (though, technically, you’re still entering one, it just happens that the whole thing is performed as quickly as it’s formed). The fact is, we probably enter into more formal legal agreements in a year than our grandparents did in their lifetimes.

A very interesting article in the Wall Street Journal talks about some of the issues associated with the fact that we enter hundreds of legal agreements each year without bothering to familiarize ourselves with their terms. And thanks to the Computer Fraud and Abuse Act, which makes it a crime to access any computer system without the authorization of the owner, and the expansive interpretation of that law that the Justice Department and federal courts have settled on, breaking any one of these agreements could, in theory, be a criminal act.

This happened a few years ago. You may remember the “MySpace suicide” case, in which a woman set up a fake MySpace account, posing as a teenage boy. She then befriended a teenage girl who her daughter considered to be an enemy. The girl fell in love with this fictional boy. The woman then revealed the whole thing to be a ruse. Tragically, the victim of this sick prank took her own life.

Because the state in which this occurred, as well as the federal government, had no laws against so-called “cyber-bullying” at the time, a clever federal prosecutor charged her with a violation of the Computer Fraud and Abuse Act. His argument was that setting up a fake account violated MySpace’s terms of service, and in accessing a website in violation of its terms, the woman was accessing a computer system “without authorization,” which amounted to a criminal violation of the CFAA.

She was actually convicted, though her conviction was later overturned on appeal.

Since then, there have been many other cases of people being charged with crimes after they accessed a work computer after being fired, set up fake Facebook accounts, and other things that most of us wouldn’t consider to be the stuff of criminal liability.

Now, most of the conduct that gave rise to these cases was bad, and the law shouldn’t completely ignore it, when it causes actual harm. But that’s why we have civil lawsuits. By criminalizing such a wide range of conduct, we’re actually trivializing crime.

I should also note that I’m not terribly worried that the FBI is going to start arresting married people who join dating sites (that’s against most dating sites’ terms of service), or teenagers who use Google (that site’s terms of service say that you can’t use it unless you’re of the legal age to enter a contract – 18 in most jurisdictions).

What I am worried about is that the CFAA might become a catch-all criminal statute for federal prosecutors to use when they don’t have any real evidence against a defendant, but they “just know” that the defendant did something wrong.

One of the many running themes of my blogging over the last couple years has been the need to avoid vague criminal statutes. Imagine if there were a law on the books which made a crime “punishable by whatever sentence the Court sees fit” to do “anything the government doesn’t like.”

Obviously, I’m not saying that this is likely to happen anytime soon, but with infinitely-elastic laws like the CFAA in existence, I’m not saying that it couldn’t ever happen, either.

For that reason, I agree with Orin Kerr of the Volokh Conspiracy, on his argument that the CFAA needs a serious re-work. Obviously, we want to punish legitimate crimes that can be committed through computers, like identity theft and espionage; but the CFAA, or another law altogether, could accomplish that goal while being much narrower in scope.

Incoming search terms for the article:

The Approaching Wave Of Cybersquatting and Internet Scammers Thanks To .XXX

Share on TwitterSubmit to StumbleUpon

Call me old fashioned, but I don’t like the idea of new domain names, especially when people get to pick whatever words they want to place at the end of their web address.  I grew up with .com and dang it, that’s all I want to see.  An open season on internet domain names will just lead to chaos.

And yes, I’m aware that my lead-in paragraph was a little more obtuse than usual this time, but I assure you there’s a point to be made here.  And that point is about curbing internet misrepresentation.

You may be wondering though how being able to pick whatever internet domain name you can imagine would lead to some form of fraudulent misrepresentation.  Well, the answer is simple: internet traffic redirection, or in this case it would be more apt to call it internet traffic misdirection.  If you’re still uncertain about what I mean, well just sit on your hands and wait until October 28th when the opt-out period for the domain name .xxx comes to an end.

Yes, my point, I know, I’m getting to it, but first just bear with me for a paragraph more so I can lay some background on you before diving into the incoherent future to come for the internet.

Now most of you may already be aware of the current space crisis facing .com domain names.  Basically, they are simply running out and there may soon be a severely insufficient dearth of available and coherent web addresses for newcomers to register in the future.  Much like the Y2K problem we experienced at the turn of millennium, the .com problem was one that most early internet engineers simply couldn’t fathom.  Who could have known that the internet would change our lives like it has and become the multi-billion dollar industry it is today?

So, to remedy the dwindling number of .com web addresses, the Internet Corporation for Assigned Names and Numbers (ICANN), the group in charge of regulating web addresses, decided to open up the domain name spectrum to every Tom, Dick, and Sally looking to carve out their own custom web address online.  And so begins our tale of future woe.

You see, with the domain name spectrum open, cybersquatters, scammers, and information phishers the world over now have new ways to rip off and irritate consumers and legitimate companies alike.  By registering popular web addresses before true owners, cyber thieves and extortionists can redirect those unsuspecting web surfers to their fake and/or unrelated websites for all manner of foolery.  We’re talking everything from identity theft to simply giving people the wrong information they need.  And the .xxx domain name will be the very first wave of web addresses to show us this plan in action.

As you can probably already guess, “.xxx” is a domain name that has been designated for the adult entertainment industry.  Its sunrise period already began on September 7, while general availability begins December 6, where anyone can register a web address with the sexy domain.  However, the problem is that if you own a .com or any other web address domain, your web address name can easily be registered under a .xxx domain.  This could lead to some very embarrassing and/or dangerous situations for website owners and customers if a scammer buys out an identical .xxx web address.

ICANN has allowed those who own a registered trademark on their name to opt their name out of the available .xxx domain name list.  However, this opt-out phase only last until October 28, 2011 and is a feature only available to block out registered trademarks, and even then will only last 10-years before a renewal is required.  If you have a registered trademark and you want it out of the .xxx domains, then I suggest you opt out immediately.

So what can you do if you forget to take your trademark out of the running?  Well, nothing basically.  Even if you have a huge budget for legal representation, winning a domain name lawsuit is nigh impossible if the current holder of the disputed web address holds that address legitimately by the book.

See the chaos now?  Bet keeping web addresses to .com doesn’t seem like that bad of an idea anymore, huh?

Internet Anonymity and the First Amendment

Share on TwitterSubmit to StumbleUpon

Computer typing with a bag on headFederal courts have repeatedly held, to the point that it can probably be considered settled law, that the First Amendment gives people commenting on the Internet the right, albeit a limited one, to anonymity. The reasoning is that anonymity allows a person to express views without fear of reprisals by people who disagree, and that for the government to compel an anonymous commenter would have a chilling effect on speech, thereby violating their First Amendment rights.

But what happens when an “anonymous” poster on the Internet says something that might be legally actionable, such as defamation or fraud? The issue of the constitutional right to Internet anonymity usually comes up when someone wants to sue an anonymous speaker for defamation.

Here’s how the procedure usually goes: on a website blog, or blog comment, an anonymous poster says something that might be grounds for a lawsuit – usually it’s something defamatory about someone else. The subject of that statement hears about it somehow, and decides they want to sue whoever wrote the comment. Of course, you can’t sue someone if you don’t know who they are. So, the plaintiff will file a lawsuit against the person who wrote the defamatory statement, naming the speaker as an anonymous or “Doe” defendant (the plaintiff will be identified as “John Doe” until their identity can be ascertained). Once the lawsuit is filed, they will then serve the relevant website or Internet service provider (ISP) with a subpoena, demanding that they reveal the identity of the person who made the anonymous post. At that point, the major constitutional issue is whether or not the court should enforce that subpoena.

The Electronic Frontier Foundation (via the Volokh Conspiracy) has a good analysis of the basics of this issue. Basically, if you want to sue an anonymous poster for defamation, you have a few initial hurdles you must first clear. The biggest one is convincing a court that your rights, which were allegedly violated by the speaker’s words, outweigh the speaker’s First Amendment right to speak anonymously.

However, a federal court has recently thrown something of a wrench into this doctrine, holding that the privacy protections that apply to defendants in cases brought by private litigants do not apply to lawsuits brought by the federal government. In this case, the SEC brought a lawsuit against the owner of an anonymous email address, which the government alleged was being used to promote certain stocks in an illegal “pump and dump” scheme.

While I certainly don’t condone fraudulent manipulation of stock prices, I find this ruling somewhat disturbing. Even if the result is appropriate, the means by which the court arrived at it are unsettling. In other words, I think that this person was engaging in illegal and immoral activities, and his identity should have been unmasked. However, I don’t think the court should have dispensed with the test that balances the interests of the parties.

This sets what I believe to be a dangerous precedent, in which the government can unmask an anonymous writer without more than a suspicion that their writings might be unlawful. While the guy who was fraudulently manipulating stock prices certainly deserves whatever punishment he got, the next person subject to this power might not be so clearly guilty.

For example, what if the government wants to unmask the identity of someone who writes under a pseudonym, and touts extreme and unpopular political views, which the government believes might lead to violence, even though the speaker never advocates violence? While there may certainly be a governmental interest in keeping an eye on such a person, there is no question that they have a right to express their views, no matter how strange or extreme those views may be.

If speakers know that their identity can be easily unmasked, they may well decide that they shouldn’t take the risk of expressing their views online, which definitely isn’t what free speech is about.

This story is also an object lesson to ordinary internet users, and it’s something we’ve known since Al Gore invented the Internet: anonymity online is 100% illusory. There is basically no such thing as “anonymous” speech on the Internet. I’m not praising or criticizing that fact – I’m just saying that, by the Internet’s very nature and architecture, it’s impossible to be completely anonymous online.

So, if you are about to make a “brilliant” comment on a YouTube video, here’s some advice: before you click “post” ask yourself if you would want everyone in the world knowing the name of the person behind your online handle. If not, maybe it’s best to keep your thoughts to yourself. I’m not saying you shouldn’t express opinions. All I’m saying is that, in the modern world, you should never assume that you are truly anonymous, because you probably aren’t.

Incoming search terms for the article:

Yet Another Reason to Secure Your Wi-Fi Network: Child Porn Charges

Share on TwitterSubmit to StumbleUpon

By now we all know that privacy and the internet mix just about as well as water and BP.  Previously we have blogged about privacy concerns and technology, specifically how police need a warrant to search e-mails.  But did you know that you could get accused for internet activity that you didn’t even do, or weren’t even aware of?

That’s exactly what happened in a recent New York case regarding unsecured wi-fi internet connections and privacy rights.

In Buffalo, New York, police raided the house of a man because they suspected he was downloading child pornography.  After viewing the man’s wi-fi internet activity, they believed that he might be responsible for the downloads, which were traceable to the user screen name “Doldrum”.

It turns out he wasn’t “Doldrum” at all- after further investigation, the police discovered that Doldrum was actually a neighbor who had been mooching download time off of the man’s unsecured wireless wi-fi.  In this case, the man was found to be innocent.  However, the police stated that the unfortunate situation might have been avoided if he had protected his internet connection with a password (which of course he didn’t).

On a much broader note, the Buffalo case does raise some very relevant issues regarding wi-fi usage and citizen’s privacy rights.  That is, do the police have the right to obtain information from unsecured wi-fi internet activities?  If you are using a neighbor’s unsecured internet connection (which is completely commonplace nowadays), who is responsible for activities such as illegal downloads?  As this case illustrates, it can initially be difficult to tell who is responsible for what when it comes to openly shared and unsecured wireless wi-fi connections.

Just a quick refresher on our privacy rights:  according to the U.S. Constitution, we all have the 4th Amendment right to be free from illegal searches in places and things in which we have a “reasonable expectation of privacy”.  If a reasonable expectation of privacy exists, then police must first obtain a warrant to conduct a search.

So the question now becomes, when using someone else’s unsecured wi-fi connection, do we have a reasonable expectation of privacy?

Regarding the use of unsecured wi-fi internet connections, courts have held that we have little to no expectation of privacy.  What?  Is that surprising?  In a 2010 Oregon case, U.S. vs. Ahrndt, defendant John Henry Ahrndt was also found guilty for downloading child pornography using his neighbor’s unsecured network  (case summary here; click here for a nice analysis of the case).  Ahrndt unsuccessfully tried to argue that his privacy rights were violated when the police rummaged through his internet activity.

The court in Ahrndt compared unsecured wi-fi connections to cell phone conversations.  There the court stated that cell phone users have almost no reasonable expectation of privacy because cell phone calls can easily be intercepted.

Similarly, an even lesser degree of privacy expectation exists for wi-fi connections not secured by a password.  Not only are unsecured wireless wi-fi networks easily intercepted, they seem to almost invite outside users to use the network.  It’s as if the words “unsecured network” translate into, “go ahead, feel free to use me”.

The court in the Ahrndt case also commented on other data such as shared iTunes files (Ahrndt had saved the files using iTunes).  Using some pretty colorful descriptions, the court stated that “when a person shares files on iTunes over an unsecured wireless network, it is like leaving one’s documents in a box marked `take a look’”.  So, we don’t really have a reasonable expectation of privacy in using any unsecured wi-fi, and especially not in shared files.  Duh.

Now, some might argue that the average person would reasonably expect that their internet activity is private.  It has been pointed out that securing your wi-fi with a password is not exactly all that easy.  Although wireless routers come with instructions on how to password-secure your connection, for some reason many people can’t actually figure out those instructions.  Many are not even aware that you can protect your wi-fi with a password.

That’s a compelling argument, but I don’t think it would survive as a defense in court if the police come at you with evidence of illegal internet activity.  And that’s exactly what happened in both the Buffalo case and the Ahrndt case.  Neither of the responsible culprits had any privacy expectations when they downloaded child pornography using another person’s unsecured connection- and that’s why the police were able to nab them.

So the moral of the story is- well, a few points:

1)      Please do password-protect your wireless wi-fi.  While you might not be doing dirt on your connection, one of your neighbors or a person sitting in a car near your home might be- and you just might get caught up in the blindfolded, long-armed sweep of Lady Justice as she does her thing.

2)      Stop committing heinous internet crimes (I’m talking to your neighbor, not you of course).

3)      To the wireless router providers out there like Comcast, etc., please do something about your password instructions that are printed in a manual.  Very few people actually read instruction manuals anymore, because people don’t read anymore (Steve Jobs would agree with that).  I’ll bet that if you simply provide a video walkthrough of how to password-protect, and then broadcast it on any one of your 80,000 T.V. channels or post it on YouTube, everyone would know how to do it.

Until next time, let’s all remember: e-mail privacy rights > unsecured wireless wi-fi privacy rights (unless you are sending illegal e-mails using your neighbor’s wi-fi).

Incoming search terms for the article: