EFFector Vol. 19, No. 7 February 17, 2006
A Publication of the Electronic Frontier Foundation ISSN 1062-9424
In the 368th Issue of EFFector:
- Action Alert: Don't Let Congress Rubberstamp the Wiretaps
- Sony BMG Settles Up with Music Fans for Copy-Protection Debacle
- Internet Companies Need Code of Conduct in Authoritarian Regimes
- EFF Challenges Clear Channel Recording Patent
- Who Wants to Kick Macrovision's Tires?
- TSA Grounds Secure Flight For Now
- It's Not Too Late - Nominate a Pioneer for EFF's Pioneer Awards!
- miniLinks (12): Google Desktop Banned in Universities, Hospitals
- Administrivia
Action Alert: Don't Let Congress Rubberstamp the Wiretaps
In the face of intense lobbying from the White House, Congress is wavering on whether to conduct a full investigation of the NSA's illegal domestic spying program. Some in Congress, like Senator Pat Roberts, chair of the Senate Intelligence committee, are even proposing legislation to legalize the NSA's fishing expedition into the communications of ordinary Americans. Yet the Administration has still not revealed the full scope of the spying program or explained why the current laws regulating electronic surveillance are inadequate. Furthermore, according to press reports, the illegal spying program that some politicians now want to legalize has been unsuccessful at its stated purpose of tracking down terrorists. Instead, the program has violated, and continues to violate, the privacy of countless innocent Americans.
Congress is supposed to be a check on the President's power, not a silent accomplice in the violation of our civil liberties. Visit our Action Center today and call on your Congress members to support a full investigation of the NSA domestic spying program. Also tell them to oppose any legislation that would expand the government's ability to conduct surveillance without a search warrant.
Call your representative with our Action Center:
http://action.eff.org/site/Advocacy?alertId=212&pg=makeACall
More on the wiretaps, and EFF's legal case to stop them:
http://www.eff.org/legal/cases/att/
Reports of Congressional compromises:
http://www.forbes.com/entrepreneurs/feeds/ap/2006/02/16/ap2533120.html
Sony BMG Settles Up with Music Fans for Copy-Protection Debacle
EFF Urges Consumers to Claim Clean CDs and Extra Downloads
San Francisco - The Electronic Frontier Foundation (EFF) is urging music fans who purchased Sony BMG music CDs containing flawed digital rights management (DRM) to submit their claims now for clean CDs and extra downloads as part of a class action lawsuit settlement.
"This settlement gives consumers what they thought they were buying in the first place -- clean, safe music that will play on their computers and their iPods as well as their stereo systems," said EFF Staff Attorney Kurt Opsahl.
Anyone who purchased Sony BMG CDs that included First4Internet XCP and SunnComm MediaMax software can receive the same music without DRM. Some will also get downloads of other Sony BMG music from several different services, including iTunes. Music fans have through the end of the year to participate in the settlement, and they should receive their compensation within six to eight weeks of submitting their claim forms. Customers can find out more about the settlement and how to submit their claims at http://www.eff.org/sony .
The problems with the Sony BMG CDs surfaced when security researchers discovered that XCP and MediaMax installed undisclosed--and in some cases, hidden--files on users' Windows computers, potentially exposing music fans to malicious attacks by third parties. The infected CDs also communicated back to Sony BMG about customers' computer use without proper notification.
In addition to compensating consumers, Sony BMG was forced to stop manufacturing CDs with both First4Internet XCP and SunnComm MediaMax software. The settlement also waives several restrictive end user license agreement (EULA) terms and commits Sony BMG to a detailed security review process prior to including any DRM on future CDs.
"This settlement got music fans a fair shake in exchange for a raw deal," said EFF Staff Attorney Corynne McSherry. "If you were upset about this DRM debacle, submitting your claim is one way to show the entertainment industry that you want to be treated with respect and fairness."
EFF and its co-counsel--Green Welling LLP, Lerach, Coughlin, Stoia, Geller, Ruchman and Robbins, and the Law Offices of Lawrence E. Feldman and Associates--along with a coalition of other plaintiffs' class action counsel, reached the settlement after negotiations with Sony BMG in December of 2005.
To submit your claim:
http://www.eff.org/sony
For litigation documents and frequently asked questions:
http://www.eff.org/IP/DRM/Sony-BMG/
For this release:
http://www.eff.org/news/archives/2006_02.php#004413
Internet Companies Need Code of Conduct in Authoritarian Regimes
EFF Calls for Limits on Data Collection and Retention
San Francisco In the midst of Congressional hearings about how U.S. Internet companies do business in China, the Electronic Frontier Foundation (EFF) is calling for the industry and government to work together to develop simple guidelines to decrease the harm done by participating in authoritarian regimes.
"Without careful thought, even well-meaning Internet companies can become the handmaidens of state repression. Internet routers can be turned into powerful wiretapping tools," said EFF Activism Coordinator Danny O'Brien. "Web servers and search engines can become honeypots of personal data, plundered by state police to identify dissidents."
In an open letter to the Subcommittee on Africa, Global Human Rights, and International Operations and the Subcommittee on Asia and the Pacific, EFF says the best course of action for companies concerned about human rights violations and censorship is to avoid repressive countries all together. However, EFF believes that companies deciding to go forward can mitigate some of the harm.
"In considering how these companies might construct their services to best serve global human rights, we believe that simple guidelines, consciously followed, could significantly limit the damage caused by corporate engagement with these regimes," said EFF Legal Director Cindy Cohn.
EFF's letter gives five courses of action for companies and the US government to consider, including restricting the collection and storage of personal data in oppressive regimes, "bearing witness" and documenting acts of state control, innovating around censorship, and offering encrypted connections to their web services by default.
The joint Subcommittee hearing, "The Internet in China: A Tool for Suppression?" took place on Wednesday.
For EFF's open letter:
http://www.eff.org/deeplinks/archives/004410.php
For this release:
http://www.eff.org/news/archives/2006_02.php#004411
EFF Challenges Clear Channel Recording Patent
Illegitimate Patent Locks In Artists and Threatens Innovators
San Francisco - The Electronic Frontier Foundation (EFF) filed a challenge Monday to an illegitimate patent from Clear Channel Communications. The patent -- for a system and method of creating digital recordings of live performances -- locks musical acts into using Clear Channel technology and blocks innovations by others.
Clear Channel claims that its patent creates a monopoly on all-in-one technologies that produce post-concert live recordings on digital media and has threatened to sue anyone who makes such recordings with a different system. This has forced bands like the Pixies into using Clear Channel's proprietary technology, and it hurts investment and innovation in new systems developed by other companies.
"Clear Channel shouldn't be able to intimidate artists with bogus intellectual property," said EFF Staff Attorney Jason Schultz. "We hope the Patent Office will take a hard look at Clear Channel's patent and agree that it should be revoked."
The request for reexamination filed with the United States Patent and Trademark Office shows that a company named Telex had in fact developed similar technology more than a year before Clear Channel filed its patent request. EFF, in conjunction with Theodore C. McCullough of the Lemaire Patent Law Firm and with the help of students at the Glushko-Samuelson Intellectual Property Clinic at American University's Washington College of Law, wants the patent office to revoke the patent based on this and other extensive evidence.
"The patent system serves an important public purpose in our economy," said Schultz. "Keeping illegitimate patents out of that system helps up-and-coming artists and entrepreneurs succeed for all of us."
The Clear Channel patent challenge is part of EFF's Patent Busting Project, aimed at combating the chilling effects bad patents have on public and consumer interests. Illegitimate patents currently in effect could prevent you from building a hobbyist website or even streaming a wedding video to your friends. The Patent Busting Project seeks to document the threats and fight back by filing requests for reexamination against the worst offenders.
For the full reexamination request:
http://www.eff.org/patent/wanted/clearchannel/CC_reexam.pdf
For more on the evidence against Clear Channel:
http://www.eff.org/patent/wanted/patent.php?p=clearchannel
For this release:
http://www.eff.org/news/archives/2006_02.php#004406
Who Wants to Kick Macrovision's Tires?
In the wake of the scandals regarding the XCP and MediaMax CD copy protection mechanisms used by Sony-BMG and several independent labels, EFF asked EMI if it would allow security researchers to examine the Macrovision copy protection technologies that it uses. The goal would be to verify that Macrovision's CD copy protection software does not create security vulnerabilities for music fans. Although EMI and Macrovision claim confidence in the security of the technology, there's nothing like independent testing to verify such claims. And unless EMI and Macrovision waive their DMCA and EULA claims, researchers could face legal action for certain kinds of security testing.
Responding to our open letter, EMI has invited security researchers interested in doing security testing on its CD copy protection technologies to come forward. EMI won't give blanket approval to any research, but the company is "happy to assist in advancing legitimate, focused research."
We at EFF would like to take EMI up on its offer. If you are a researcher interested in doing security testing on Macrovision's CD copy protection software, please contact fred@eff.org.
For more on the Sony CD copy protection scandal:
http://www.eff.org/IP/DRM/Sony-BMG/
For EFF's open letter to EMI:
http://www.eff.org/deeplinks/archives/004293.php
For EMI's response:
http://eff.org/IP/DRM/EMI_response.pdf
TSA Grounds Secure Flight For Now
Citing data security concerns, the TSA last Thursday informed a Senate committee that its controversial Secure Flight program would be delayed indefinitely. In written testimony, the Government Accountability Office also noted that Secure Flight "may not be adequately protected against unauthorized access and use or disruption."
The Secure Flight Program, billed as an improvement to the current Computer Assisted Passenger Pre-Screening (CAPPS), has raised enormous privacy and security concerns from the start. Unlike CAPPS, in which airline employees compare passenger information against a government-supplied no-fly list, the Secure Flight program envisions placing that responsibility squarely in the hands of government officials. Since the program was announced, the TSA has been caught repeatedly lying to Congress about its use of information provided by commercial data brokers.
In September, EFF launched an effort to uncover the scope of the TSA's use of commercial data, assisting travelers who flew during a "test period" identified by the TSA to request information from the agency under the Freedom of Information Act. EFF continues to review the results of that investigation.
For more on TSA's announcement:
http://www.nytimes.com/2006/02/10/politics/10passenger.html
For more on Secure Flight and EFF's investigation of it:
https://secure.eff.org/site/SPageServer?pagename=ADV_secureflight
For more on CAPPS:
http://www.eff.org/Privacy/cappsii/
It's Not Too Late - Nominate a Pioneer for EFF's Pioneer Awards!
EFF established the Pioneer Awards to recognize leaders on the electronic frontier who are extending freedom and innovation in the realm of information technology. This is your opportunity to nominate a deserving individual or group to receive a Pioneer Award for 2006.
The International Pioneer Awards nominations are open both to individuals and organizations from any country. Nominations are reviewed by a panel of judges chosen for their knowledge of the technical, legal, and social issues associated with information technology.
This year's award ceremony will be held in Washington, DC, in conjunction with the Computers, Freedom and Privacy conference (CFP), which takes place in early May.
How to Nominate Someone for a 2006 Pioneer Award:
You may send as many nominations as you wish, but please use one email per nomination. Please submit your entries via email to pioneer@eff.org. We will accept nominations until February 1, 2006.
Simply tell us:
1. The name of the nominee;
2. The phone number or email address or website by which the
nominee can be reached, and, most importantly; and
3. Why you feel the nominee deserves the award.
Nominee Criteria:
There are no specific categories for the EFF Pioneer Awards,
but the following guidelines apply:
- The nominees must have contributed substantially to the health, growth, accessibility, or freedom of computer-based communications.
- To be valid, all nominations must contain your reason, however brief, for nominating the individual or organization and a means of contacting the nominee. In addition, while anonymous nominations will be accepted, ideally we'd like to contact the nominating parties in case we need further information.
- The contribution may be technical, social, economic, or cultural.
- Nominations may be of individuals, systems, or organizations in the private or public sectors.
- Nominations are open to all (other than current members of EFF's staff and executive board or this year's award judges), and you may nominate more than one recipient. You may also nominate yourself or your organization.
- Persons or representatives of organizations receiving an EFF Pioneer Award will be invited to attend the ceremony at EFF's expense.
More on the EFF Pioneer Awards:
http://www.eff.org/awards/pioneer/
miniLinks
miniLinks features noteworthy news items from around the Internet.
Google Desktop Banned in Universities, Hospitals
Data stored at Google for any length of time is "too long,"
administrators say.
http://news.com.com/2100-1032_3-6040120.html
Curse of the Rootkit
Andrew Lack, CEO of Sony BMG is ousted. Bad publicity over
its DRM is cited as one of the reasons.
http://biz.yahoo.com/ap/060210/germany_sony_bmg_ceo.html?.v=7
Don't Want iPods, Happy to Take Hollywood's Dollar
Senators are refusing IPac's free culture iPods -- even
though they take far more money from the entertainment
industry without a qualm.
http://ipaction.org/blog/2006/02/ipac-calls-on-senators-to-return.html
Department of Home Directory Security
Homeland Security officials told Sony in "fo
rceful terms"
that rootkits weren't helping the fight to secure America's
PCs.
http://www.computerworld.com/securitytopics/security/story/0,10801,108793,00.html
Human Rights Protesters, Business Groups Like EFF's Code
of Conduct for China
Do we need government intervention, or might Internet
companies be able to save themselves?
http://www.technewsworld.com/story/86mHt2RMHl3WZA/Liberties-Group-Calls-for-I-Biz-Conduct-Code.xhtml
Patriot Search
A search engine that lets you report yourself to the
authorities -- before someone else does.
http://blog.outer-court.com/patriot/
Chinese Government Removes Over 2,000 Websites
"Unhealthy" domestic sites closed down because "they had too
much sex, violence or politics."
http://australianit.news.com.au/articles/0,7204,18066845%5E15342%5E%5Enbv%5E15306-15319,00.html
Why Google Took the Wrong Course Over China
EFF's Brad Templeton on making a statement by your absence.
http://ideas.4brad.com/node/355
Anonymizer Offering Free Software to Chinese Citizens
Maybe Google and co. could expand their downloadable
software collections?
http://anonymizer.com/consumer/media/press_releases/02012006.html
Rootkits Hidden on German DVDs by Hollywood
The clumsy, frustrating, innovation-impeding DRM on DVDs
just got a bit more malicious.
http://www.f-secure.com/weblog/archives/archive-022006.html#00000810
If I Had a Root Server
Fascinating thought experiment on the threats to privacy and
security posed by DNS root server ownership, by former ICANN
board member Karl Auerbach.
http://www.cavebear.com/cbblog-archives/000232.html
Headlines Copyrightable? Get a Clue
Agence France Presse's attempts to assert copyright in their
news stories' titles get shrift shorter than the headlines.
News courtesy of William Patry.
http://williampatry.blogspot.com/2006/02/please-google-tm-that-headline.html
Administrivia
EFFector is published by:
The Electronic Frontier Foundation
454 Shotwell Street
San Francisco CA 94110-1914 USA
+1 415 436 9333 (voice)
+1 415 436 9993 (fax)
http://www.eff.org/
Editor:
Derek Slater, Activist
derek@eff.org
Membership & donation queries:
membership@eff.org
General EFF, legal, policy, or online resources queries:
information@eff.org
Reproduction of this publication in electronic media is encouraged. Signed articles do not necessarily represent the views of EFF. To reproduce signed articles individually, please contact the authors for their express permission. Press releases and EFF announcements & articles may be reproduced individually at will.
Current and back issues of EFFector are available via the Web at:
http://www.eff.org/effector/
