[Analysis] After Brexit, EU leaders start soul-searching

van EU Observer - 2 uur 23 min geleden
The general public and financial markets are waiting for the EU's response to the British shock. But when leaders meet at next week's summit, there will be more questions than answers.
Categorieën: Europees nieuws

Proprietary Algorithms Are Being Used To Enhance Criminal Sentences And Preventing Defendants From Challenging Them

van TechDirt - 9 uur 31 min geleden

When law enforcement agencies want to know what people are up to, they no longer have to send officers out to walk a beat. It can all be done in-house, using as many data points as can be collected without a warrant. Multiple companies offer "pre-crime" databases for determining criminal activity "hot spots," which allow officers to make foregone conclusions based on what someone might do, rather than what they've actually done.

Not that's it doing much good. For all the time, money, and effort being put into it, the databases seem to be of little utility.

Many law enforcement agencies use software to predict potential crime hot spots, and the police in Kansas City, Mo., and other places have used data to identify potential criminals and to try to intervene.


In Chicago, where there has been a sharp rise in violent crime this year, the police have used an algorithm to compile a list of people most likely to shoot or be shot. Over Memorial Day weekend, when 64 people were shot in Chicago, the police said 50 of the victims were on that list.

So much for "intervention." Having a list of people who have a higher risk of being shot doesn't mean much when all it's used for is confirming the database's hunches. However, these same databases are being put to use in a much more functional way: determining sentence lengths for the criminals who have been arrested.

When Eric L. Loomis was sentenced for eluding the police in La Crosse, Wis., the judge told him he presented a “high risk” to the community and handed down a six-year prison term.

The judge said he had arrived at his sentencing decision in part because of Mr. Loomis’s rating on the Compas assessment, a secret algorithm used in the Wisconsin justice system to calculate the likelihood that someone will commit another crime.

We're locking up more people for more years based on criminal activity they'll no longer have the option of possibly performing. This is nothing new. Sentencing enhancement is based on a lot of factors, not all of them confined to proprietary databases. But what is new are the algorithms used to determine these sentence enhancements, most of which belong to private companies who are completely uninterested in sharing this crucial part of the equation with the public.

In Mr. Loomis' case, the software determined he would be likely to engage in further criminal activity in the future. A so-called "Compas score" -- provided by Northpointe Inc. -- resulted in a six-year sentence for eluding an officer and operating a vehicle without the owner's consent. His lawyer is challenging this sentence enhancement and going after Northpointe, which refuses to release any information about how the Compas score is compiled.

What Northpointe has released are statements that confirm the code is proprietary and that the Compas score is "backed by research" -- although it is similarly unwilling to release this research.

The problem here isn't so much the use of algorithms to determine sentence lengths. After all, state and federal guidelines for sentence lengths are used all of the time during sentencing, which includes factors such as the likelihood of future criminal activity. But these guidelines can be viewed by the public and are much more easily challenged in court.

The use of private contractors to provide input on sentencing renders the process opaque. Defendants can't adequately challenge sentence enhancements without knowing the details of the "score" being presented by prosecutors to judges. The algorithms' inner workings should either be made available to defendants upon request, or the "score" should be determined solely by government agencies, where the data and determining factors can be inspected by the public.

We're now in the unfortunate situation where companies are telling judges how long someone should be locked up -- using data which itself might be highly questionable. The feeling seems to be that if enough data is gathered, good things will happen. But as we can see from Chicago's implementation of this technology, the only thing it's done so far is add confirmation bias toetags to the ever-increasing number of bodies in the city's morgues.

The use of locked-down, proprietary code in sentencing is more of the same. It undermines the government's assertion that prison sentences are a form of rehabilitation and replaces it with the promise that criminal defendants will "do the time" so they can't "do the crime" -- all the while preventing those affected from challenging this determination.

Permalink | Comments | Email This Story
Categorieën: Technieuws

Oculus Reverses DRM Course After Public Backlash

van TechDirt - 10 uur 40 min geleden

Weeks back, Karl Bode wrote about the curious position Oculus Rift had taken in updating its software to include system-checking DRM. VR headset technology and game development, experiencing the first serious attempt at maturity in years, needs an open ecosystem in which to develop. What this DRM essentially did was remove the ability for games designed to run on the Rift from running on any other VR headset, with a specific targeting of community-built workarounds like Revive, which allowed HTC Vive owners to get Rift games running on that headset. Oculus, it should be noted, didn't announce the DRM aspect of the update; it just spit out the update and the public suddenly learned that programs like Revive no longer worked.

The backlash, to put it mildly, was swift and severe. Oculus having been acquired by Facebook likely didn't help what were already negative perceptions, supercharging the outcry with allegations of the kind of protectionism and the lack of care for the public that Facebook has enjoyed for roughly ever. Still, many saw the whole thing as peons screaming at a feudal lord: Oculus would simply ignore the whole thing. Just weeks ago, in fact, Oculus was working journalists at E3 in defense of the DRM.

The problem, [Oculus Head of Content Jason] Rubin said, comes with the wholesale distribution of a hack like Revive to the whole community, rather than to a few individuals. "[A personal hack] is a far cry difference from an institutional tool made and distributed to a mass number of people to [support other headsets], strip out DRM, strip out platform features and the like. For an individual to do that for themselves, that would be all right. Mass distribution is an entirely different situation."

No explanation on why the level of access to the workaround makes all the difference appears to have been offered, but it seems likely that the company didn't want to appear to be going after gamers and tinkerers, only larger development outfits. If so, the attempt didn't work, because software like Revive was in high demand. This is to be expected, as VR is just now starting to sprout from the seeds laid long ago, with impressive but limited options for both hardware and games to run on that hardware. Those limitations mean that any attempt at exclusivity being tied to hardware that is relatively expensive walls off each of the gardens and limits access and interest. For a technology still in its early stages, this would only stifle growth. Hence, the anger from the public.

Anger which appears to have worked, contrary to what some had thought. As silently as Oculus rolled out the DRM, it has now spit out an update which rolls it back. The world found out about it not from Oculus itself, which curiously didn't want to capitalize on some good press for once, but from Revive's development team.

The Oculus team has reversed course on one of its most unpopular decisions since launching the Rift VR headset in April: headset-specific DRM. After weeks of playing cat-and-mouse to block the "Revive" workaround, which translated the VR calls of Oculus games to work smoothly and seamlessly inside of the rival HTC Vive, Oculus quietly updated its hardware-specific runtime on Friday and removed all traces of that controversial DRM.

What's more, Oculus didn't mention the change in its runtime update notes, which are curiously future-dated one day forward on Saturday, June 25. The news instead broke when Revive's head developer posted a note on the project's Github download page. "I've only just tested this and I'm still in disbelief," the unnamed LibreVR developer wrote. Accordingly, the Revive team has since removed the patch's DRM-disabling feature, which had later been implemented as an extreme measure to make Oculus games play on the HTC Vive.

It appears that even when Oculus chooses to listen to its fans and potential customers, it can't be bothered to do so publicly. This strips its ability to claim credit for the move, credit which it desperately needs after several negative news cycles. Still, the company's PR ineptitude aside, it's a nice lesson in what public backlash and shaming can do to pressure a company to be a little more open.

Permalink | Comments | Email This Story
Categorieën: Technieuws

DailyDirt: More Robot Servants Will Be Nice...

van TechDirt - 12 uur 10 min geleden
Robots are getting better at performing complex tasks all the time. It won't be too long before they can drive cars and deliver packages (and replace about a quarter of a million human workers who drive for UPS/FedEx/USPS/etc). The technology isn't quite there yet, but it doesn't seem to be too far off in the future. However, we're nowhere near seeing a Rosie the Robot servant, predicted in the 1960s, but we're getting closer. Check out these marginally helpful robots for the home that could beat flying cars and pneumatic tube transportation to becoming a reality. After you've finished checking out those links, take a look at our Daily Deals for cool gadgets and other awesome stuff.

Permalink | Comments | Email This Story
Categorieën: Technieuws

Post Gag Order, Lavabit Founder Reveals Non-Secret That Feds Were After Ed Snowden's Emails

van TechDirt - 13 uur 29 min geleden
Want some unsurprising news? Apparently a three year gag order has just lapsed, allowing Ladar Levison, the founder and former operator of Lavabit, the secure email service Ed Snowden famously used, to finally say that yes, the feds asked him to turn over his encryption key in order to access Ed Snowden's emails. Lavabit founder Ladar Levison can finally confirm that Edward Snowden was the target of the 2013 investigation, which led to the shutdown of the Lavabit email service. The original case concerned law enforcement’s authority to compel the disclosure of an SSL/TLS private key, which belonged to Lavabit, and was used to protect the communications of all 410,000 customers, when only one of those customers was the subject of a criminal investigation. After three years, and five separate attempts, the federal judge overseeing the case has granted Mr. Levison permission to speak freely about investigation. The recently delivered court decision unseals the vast majority of the court filings, and releases Mr. Levison from the gag order, which has limited his ability to discuss the proceedings until now.

Mr. Levison has consistently relied on the First Amendment in his court filings, which sought to remove the gag orders entered against him. He argued that such orders are an unconstitutional restraint against speech, and an afront to the democratic process. He plans to use his newfound freedom to discuss the case during a planned presentation on Compelled Decryption at DEF CON 24 in Las Vegas, NV.
Of course, the fact that the feds were after Snowden isn't exactly news. First off, it's what everyone assumed the second the site shut itself down. But, more importantly, earlier this year, a redaction failure revealed it directly: Still, it's good that the gag order has finally been lifted, and it's great that Levison is now going to talk about these issues more widely. He also notes plans to create a legal defense foundation to help with similar cases: In order to continue the fight, Mr. Levison is forming the Lavabit Legal Defense Foundation (or “LavaLegal”), a non-profit organization founded to, among other things, protect service providers from becoming complicit in unconstitutional activities, and fight secret attempts aimed circumventing digital privacy or impinging upon the right of those involved to speak of the experience. The foundation will be funded by donations from people and organizations all over the world that want to help protect digital privacy and bolster our collective defense against government overreach.

Permalink | Comments | Email This Story
Categorieën: Technieuws

Guy Who Passed Around Image Of Turkish President As Gollum Given Suspended Sentence, Loses Custody Of His Kids

van TechDirt - vr, 06/24/2016 - 23:08
Remember this image? That's the meme that was (and still is) passed around on social media (rather gently) mocking Turkish President Recep Tayyip Erdogan for looking kinda like Gollum from the Lord of the Rings trilogy. Or, not even Gollum, but his nicer alter ego, Smeagol. Last we wrote about this, a Turkish court was assembling an expert panel to determine if that image is insulting to Erdogan. Since then, of course, we've learned just how insanely thin-skinned Erdogan is, having filed an average of over 100 actions against people for insulting him per month (how does he get any actual work done?).

The Gollum case, however, is partially done, with one person accused of passing around the meme, Rifat Cetin, given a 1 year jail sentence, but having it suspended for five years -- meaning if he breaks no other laws in the next five years, he won't have to go to jail. He does, however, lose custody of his kids, which seems pretty damn harsh for sending around a simple (and not very insulting) internet meme. And this is actually a different case than the one we discussed earlier -- it's just that there were multiple lawsuits over the same image.

Cetin is going to appeal, not on the basis of "WTF, I don't even..." which should be the standard here, but on the technicality that Erdogan was actually Prime Minister at the time the image was posted, rather than President -- and the law is only against insulting the President.

Either way, all this has done, of course, is get more people to post and share that image over and over and over again. You'd think that "growing a thicker skin" might be a better overall strategy. But, then again, I'm not the President of Turkey, so what do I know?

Permalink | Comments | Email This Story
Categorieën: Technieuws

Super Slimey: Comodo Tries To Trademark 'Let's Encrypt' [Updated]

van TechDirt - vr, 06/24/2016 - 21:45
See the update at the end

Almost two years ago, we excitedly wrote about the announcement behind Let's Encrypt, a free certificate authority that was focused on dramatically lowering the hurdles towards protecting much more of the internet with HTTPS encrypted connections. It took a while to launch, but it finally did and people have been gobbling up those certificates at a rapid rate and getting more and more of the web encrypted. This is a good thing.

Unfortunately, it appears the old guard of certificate authorities doesn't like this very much. Comodo, which has provided certificates for quite some time (and, in fact, is where Techdirt's certificate comes from) has apparently, somewhat ridiculously, been trying to trademark versions of "Let's Encrypt." The most troubling one is the one on purely "Let's Encrypt," but the other two (Comodo Let's Encrypt and Let's Encrypt with Comodo) are equally problematic -- especially since (as Comodo admits directly) it's never used that phrase in offering its existing certificates.

This seems like a clear situation where Comodo is seeking to confuse the market -- and thus the clear case where trademark law actually makes some sense. As we've said basically forever, trademark is quite different than copyrights and patents, in that it was really designed as a consumer protection law, to keep consumers from being tricked into buying something that they believe is from a different entity. Trademarks are widely and frequently abused, but there are times where the original intent of consumer protection makes sense, and this seems like one of them. What's incredible is that when Let's Encrypt reached out to Comodo about this, the company refused to abandon the attempt to trademark these names. Since March of 2016 we have repeatedly asked Comodo to abandon their “Let’s Encrypt” applications, directly and through our attorneys, but they have refused to do so. We are clearly the first and senior user of “Let’s Encrypt” in relation to Internet security, including SSL/TLS certificates – both in terms of length of use and in terms of the widespread public association of that brand with our organization.

If necessary, we will vigorously defend the Let’s Encrypt brand we’ve worked so hard to build. That said, our organization has limited resources and a protracted dispute with Comodo regarding its improper registration of our trademarks would significantly and unnecessarily distract both organizations from the core mission they should share: creating a more secure and privacy-respecting Web. We urge Comodo to do the right thing and abandon its “Let’s Encrypt” trademark applications so we can focus all of our energy on improving the Web.
At the very least, this kind of stupid stunt has me reconsidering if we should ever use Comodo's certificates on our site going forward. We've been a happy Comodo customer for many years, but I hate supporting bullies. Update: And... of course, after this goes public, Comodo suddenly backs down. Of course that doesn't explain why it refused to do so when asked months ago.

Permalink | Comments | Email This Story
Categorieën: Technieuws

New T-Shirt: Home Cooking Is Killing Restaurants

van TechDirt - vr, 06/24/2016 - 21:13

Limited time offer: Support Techdirt and get a Home Cooking Is Killing Restaurants t-shirt or hoodie!

In the 80s, the BPI launched its now-iconic campaign to combat an early form of copyright infringement: Home Taping Is Killing Music.

Of course, as it turned out, that wasn't true — music is alive and well — and the notion that taping songs from the radio for personal use should qualify as copyright infringement is questionable to begin with (even if it's not at all surprising that record labels saw it that way). Naturally, the campaign was and is ripe for parody (Techdirt friend Dan Bull even made a whole song about it) and our favorite is a simple alternative version...

And so we introduce a new t-shirt (or hoodie!) from Techdirt: Home Cooking Is Killing Restaurants:

Just like our last t-shirt, we're offering this one via Teespring as a limited-time campaign. From now until July 4th, you can get the Home Cooking Is Killing Restaurants design on a men's or women's t-shirt or a high-quality hoodie in a variety of colors — so order yours today!

Permalink | Comments | Email This Story
Categorieën: Technieuws

Dweezil Zappa Renames His Tour Again: Dweezil Zappa Plays Whatever The F@%k He Wants; The Cease & Desist Tour

van TechDirt - vr, 06/24/2016 - 20:41
Oh boy. A few weeks back, we wrote about the absolutely ridiculous story in which the four children of Frank Zappa appear to be fighting over the Zappa name. The story is somewhat complex and involved and is actually somewhat more nuanced than the unfortunately-all-too-typical "heirs of famous artist fight over splitting up the proceeds of that artist's legacy." In that original article, we noted that the dispute seemed to focus on two specific claims: first that the Zappa Family Trust (run by Ahmet and Diva, but to which all four children are beneficiaries) had a trademark on the tour name "Zappa Plays Zappa," under which Dweezil Zappa had toured for years. After some fairly public back and forth online, it became clear that there was an underlying dispute that had simmered for years here: Frank's wife Gail, who had controlled the ZFT, had trademarked Zappa Plays Zappa and charged Dweezil to use it, but had (according to Dweezil) then reneged on an agreement to share the proceeds from merchandise sales. Ahmet insisted that he'd allow Dweezil to continue to use the name for just $1, but it didn't seem that there was any interest in clearing up the older dispute about merch sales, or to allow Dweezil to get some of the proceeds from ongoing merch sales.

The trademark claim seemed... at least possible, though there were arguments for either side, including a fairly strong one that Dweezil had every right to use that name without needing to license it. But the really ridiculous claim was that the family trust could stop Dweezil from playing Frank Zappa's songs. The ZFT had a convoluted -- and simply wrong -- interpretation of copyright law, to argue that Section 115 of the Copyright Act doesn't apply to Frank Zappa's music, because it's part of a "dramatic work." This is basically a nonstarter and would almost certainly be laughed out of court if it ever got there. Such a theory would basically upend decades upon decades of rather settled law concerning the ability to perform cover songs.

But, now it appears that the Zappa Family Trust also has some ridiculously nutty trademark theories as well. That's because to avoid the trademark issue, Dweezil originally changed the tour name to "Dweezil Zappa Plays Frank Zappa." Not nearly as catchy, as everyone agrees, but functional. Apparently, Ahmet and the ZFT lawyers sent a laughably wrong cease and desist letter to Dweezil claiming that merely using the name Zappa was trademark infringement: This week, a lawyer for the trust informed Dweezil’s lawyer that the name Dweezil Zappa Plays Frank Zappa infringed on the trust’s trademarks of the terms “Zappa” and “Frank Zappa.” This is just wrong. In the response from Dweezil's lawyers, they pointed out that this was nominative fair use: "the use of 'Frank Zappa' merely serves to accurately describe the nature of the show and is in no way misleading or defamatory." Since no one's published the full letters -- just snippets -- I don't know why they mention defamation in there, but that's a whole different legal minefield.

Either way, to avoid having to deal with that threat, Dweezil has changed the name of the tour yet again so that it's now: 50 Years of Frank: Dweezil Zappa Plays Whatever the F@%k He Wants – The Cease and Desist Tour. Really. Dweezil also notes that "Yes there will be CEASE AND DESIST 2016 tour shirts" on the tour (along with additional merchandise unrelated to the Zappa Family Trust). I will say that as a legal nerd, I really, really want a Dweezil Zappa t-shirt that says "cease and desist" if anyone happens to be going to one of the shows (unfortunately, the tour isn't coming anywhere near me, though it is playing the town I grew up in -- but I doubt I can convince my parents to go). If anyone is going to one of the shows and feels like hooking me up with a t-shirt, contact me please.

In the end, this whole thing, like so many intellectual property debates, seems almost entirely pointless. Intellectual property just becomes something that people fight over because they can, and it makes it difficult for people to step back and take a look at the bigger picture to recognize just how stupid the whole thing looks. It's hard to think of any sane or logical reason why Dweezil shouldn't be able to go out on tour as Zappa Plays Zappa. The idea that trademark should get involved in any of this would only make sense in the most ridiculous of trademark scenarios -- one where greed seems to be leading over basic common sense.

Permalink | Comments | Email This Story
Categorieën: Technieuws

As CBS/Paramount Continue Lawsuit Over Fan Film, It Releases Ridiculous & Impossible 'Fan Film Guidelines'

van TechDirt - vr, 06/24/2016 - 19:47
We've been covering the still going lawsuit by CBS and Paramount against Axanar Productions for making a crowdfunded fan film that they claim is infringing because it's looking pretty good. Things got a little weird last month when the producer of the latest Star Trek film, JJ Abrams, and its director, Justin Lin, basically leaked a bit of news saying that after they had gone to Paramount, the studio was going to end the lawsuit. At the time, Paramount said that it was in "settlement discussions" and that it was "also working on a set of fan film guidelines."

We pointed out that we were concerned about what those guidelines might entail, and worried that they would undermine fair use. In the meantime, as settlement talks continued, the case moved forward. I'm still a little surprised that the two sides didn't ask the court for more time to continue settlement talks, as that's not that uncommon, and it's something that a judge often is willing to grant if it looks like the two sides in a dispute can come to an agreement. But, without that, the case has continued to move forward with ongoing filings from each side.

In the meantime, however, the StarTrek.com website, run by CBS and Paramount, has now posted those "fan film guidelines" and they are absolutely ridiculous. The Axanar team sums it up nicely by saying that: The CBS "Guidelines" for Fan Films basically make it impossible for fan films to continue as they have. The first item, for example, completely rules out Axanar's plan for a feature length fan film: The fan production must be less than 15 minutes for a single self-contained story, or no more than 2 segments, episodes or parts, not to exceed 30 minutes total, with no additional seasons, episodes, parts, sequels or remakes. And there's another one that's clearly targeted at Axanar: The fan production must be a real “fan” production, i.e., creators, actors and all other participants must be amateurs, cannot be compensated for their services, and cannot be currently or previously employed on any Star Trek series, films, production of DVDs or with any of CBS or Paramount Pictures’ licensees. I don't quite see how or where that fits into fair use's rules...

Another one clearly targeted at Axanar -- which raised over a million dollars in Kickstarter and IndieGoGo crowdfunding campaigns: CBS and Paramount Pictures do not object to limited fundraising for the creation of a fan production, whether 1 or 2 segments and consistent with these guidelines, so long as the total amount does not exceed $50,000, including all platform fees, and when the $50,000 goal is reached, all fundraising must cease. That seems rather limiting.

Some of the other terms are more reasonable, but it seems clear that these guidelines are pretty specifically designed to cut off an Axanar style fan film, and seem to be trying to cut off a lot more than fair use almost certainly allows. While for the sake of the folks working on Axanar, I still hope that this settles amicably, it might be a lot nicer to have Axanar be able to win a fair use claim in court over this.

Permalink | Comments | Email This Story
Categorieën: Technieuws

Daily Deal: G-BOOM Wireless Bluetooth Boombox

van TechDirt - vr, 06/24/2016 - 19:42
A portable speaker with powerful sound, the G-BOOM Wireless Bluetooth Boombox lets you take your music anywhere and play it for 6 hours straight. You can connect via bluetooth or via a standard headphone jack. It features a 2.1 speaker configuration (two full-range drivers & one tweeter), dual rear-firing bass ports, and MAXX AUDIO digital sound processing for optimum bass. It's on sale now in the Techdirt Deals Store for $80.

Note: The Techdirt Deals Store is powered and curated by StackCommerce. A portion of all sales from Techdirt Deals helps support Techdirt. The products featured do not reflect endorsements by our editorial team.

Permalink | Comments | Email This Story
Categorieën: Technieuws

Tying Rights To Useless 'Terrorist Watchlists' Is A Terrible Idea

van TechDirt - vr, 06/24/2016 - 18:40

No matter how you may feel about the Second Amendment or firearms themselves, there's no way you can feel comfortable with access to Constitutional rights being predicated on something as worthless as the government's ever-expanding "you might be a terrorist" lists.

But that's what's being sought by legislators. In the wake of the Orlando shooting, politicians are searching for answers to unpredictable violent acts, and have seized on the FBI's multiple investigations of the shooter as a potential terrorist for deciding who can or can't obtain a gun. A "dramatic" sit-in by Congressional reps hoped to force the issue, even though it ended up pushing nothing forward at all.

Some legislators want gun ownership tied to terrorist watchlists -- the same watchlists that have turned 4-year-olds into suspected terrorists and designated entire families as suspicious simply because a single member somewhere in the branches of the family tree is under investigation.

This kneejerk reaction not only would eliminate rights but also any form of due process. As it stands now, there's very little chance anyone wrongly designated as a suspected terrorist by the US government will be able to remove themselves from these lists. A recent court decision about the TSA's "no fly" list has at least raised the redress procedure to "extremely difficult" from its previous status as "nonexistent."

But that's only one of the government's terrorist watchlists. Another watchlist contains thousands of Americans with no known ties to any terrorist group. The fact that these known unknowns comprise 40% of the watchlist is only part of the problem.

As we've seen from the FBI's neverending series of terrorist investigations, the government is more than happy to create all the "terrorists" it needs to ensure a steady flow of income to certain agencies and a steady decline in civil liberties for the rest of us.

Even if the list used to deny gun purchases is limited to those deemed too dangerous to board an aircraft (but not dangerous enough to arrest), rights will be denied to thousands who've never done anything wrong. The no fly list is a debacle as anyone but the TSA (and those pushing this legislation) will admit. The no fly list has, in the past, contained both people no one would normally consider unfit for gun ownership (Sen. Ted Kennedy, Rep. John Lewis), as well as an 18-month-old toddler. Accurate, it is not, and yet, legislators are more than willing to strip a right away from citizens based on an incredibly flawed database. Logic has no place in gun control arguments, though, as Rep. John Lewis is one of the legislators leading the charge, even though he should know personally how worthless and inaccurate the no fly list is.

What's even more disconcerting is the number of politicians who believe multiple rights should be stripped from those on watchlists. Senator Joe Manchin actually let these words tumble out of his mouth during an interview with MSNBC.

Really, the firewall we have right now is due process. It’s all due process. So we can all say we want the same thing, but how do we get there? If a person is on a terrorist watch list, like the gentleman, the shooter in Orlando? He was twice by the FBI — we were briefed yesterday about what happened — but that young man was brought in twice. They did everything they could. The FBI did everything they were supposed to do. But there was no way to keep him on the nix list or keep him off the gun-buy list, there was no way to do that.

So can’t we say that if a person’s under suspicion there should be a five-year period of time that we have to see if good behavior, if this person continues the same traits? Maybe we can come to that type of an agreement, but due process is what’s killing us right now.

Due process is "killing" Americans. And he's not the only one who feels this way. Senator Dianne Feinstein believes Americans are born with only one inalienable right: the right to earn their other rights by "proving their innocence."

Dems now expect Americans to "prove your innocence" before taking advantage of Constitutional rights. https://t.co/LZAH8RTbEU

— Robby Soave (@robbysoave) June 23, 2016

Dems now expect Americans to "prove your innocence" before taking advantage of Constitutional rights.

All the while, legislators are tossing out catchy slogans like, "No Fly, No Buy" with zero awareness of the implications of that action. Others claim such a law would have prevented the Orlando shooting, similarly unaware of the fact that the shooter wasn't on a terrorist watchlist when he purchased his guns.

If lawmakers want to prevent suspected terrorists from purchasing guns, they need to base this on something far better maintained and narrowly defined than our current terrorist watchlists. The ones we have operate as dragnets -- bulk surveillance but for human beings. These lists already eliminate due process. They shouldn't be used to further diminish citizens' rights just because the perpetrator in the latest mass shooting was the subject of a terrorism investigation.

Permalink | Comments | Email This Story
Categorieën: Technieuws

EU cannot oblige the UK to trigger exit procedure

van EU Observer - vr, 06/24/2016 - 18:27
The UK in not under any legal obligation to immediately trigger Article 50 on withdrawal talks, as some British leaders are trying to buy time.
Categorieën: Europees nieuws

Judge Says FBI Can Hack Computers Without A Warrant Because Computer Users Get Hacked All The Time

van TechDirt - vr, 06/24/2016 - 17:39

The FBI's use of a Network Investigative Technique (NIT) to obtain info from the computers of visitors to a seized child porn site has run into all sorts of problems. The biggest problem in most of the cases is that the use of a single warrant issued in Virginia to perform searches of computers all over the nation violated the jurisdictional limits set down by Rule 41(b). Not coincidentally, the FBI is hoping the changes to Rule 41 the DOJ submitted last year will be codified by the end of 2016, in large part because it removes the stipulation that limits searches to the area overseen by the magistrate judge signing the warrant.

For defendant Edward Matish, the limits of Rule 41 don't apply. He resides in the jurisdiction where the warrant was signed. He had challenged the veracity of the data obtained by the NIT, pushing the theory that the FBI's unexamined NIT was insecure (data obtained from targets was sent back to the FBI in unencrypted form) and info could have been altered in transit.

It's not much of a legal theory as any person performing these alterations would have had to know someone was performing long-distance acquisitions of identifying computer information and the IP addresses normally hidden by the use of Tor.

But that questionable legal theory is nothing compared to those handed down in Judge Henry Coke Morgan Jr.'s denial [pdf] of several motions by Matish. As the judge sees it, the FBI really didn't even need a warrant. Morgan Jr. says there's no expectation of privacy in an IP address, even if Tor is used to obscure it, which follows other judges' conclusions on the same matter. However, Morgan Jr. goes much further.

Morgan Jr. hints at the Third Party Doctrine but refuses to consider the fact that this information was not obtained from third parties, but rather directly from the user's computer via the FBI's hacking tool.

The Court recognizes that the NIT used in this case poses questions unique from the conduct at issue in Farrell. In Farrell, the Government never accessed the suspect's computer in order to discover his IP address, whereas here, the Government deployed a set of computer code to Defendant's computer, which in turn instructed Defendant's computer to reveal certain identifying information. The Court, however, disagrees with the magistrate judge in Arterburv. who focused on this distinction, see No. 15-cr-182, ECF No. 42. As the Court understands it, Defendant's IP address was not located on his computer; indeed, it appears that computers can have various IP addresses depending on the networks to which they connect. Rather, Defendant's IP address was revealed in transit when the NIT instructed his computer to send other information to the FBI. The fact that the Government needed to deploy the NIT to a computer does not change the fact that Defendant has no reasonable expectation of privacy in his IP address.

This reading of the Third Party Doctrine closely aligns with how the DOJ prefers it to be read. If someone knowingly or unknowingly turns over identifying info to a third party, it now belongs to the government -- even if the government obtains it directly through a search/seizure, rather than approaching third parties.

But more disturbing than this is Judge Morgan Jr.'s declaration that no expectation of security is the same thing as no expectation of privacy -- first highlighted by Joseph Cox of Motherboard.

“It seems unreasonable to think that a computer connected to the Web is immune from invasion,” Morgan, Jr. adds. “Indeed, the opposite holds true: in today's digital world, it appears to be a virtual certainty that computers accessing the Internet can—and eventually will—be hacked,” he writes, and then points to a series of media reports on high profile hacks. He posits that users of Tor cannot expect to be safe from hackers.

If hackers can break into computers and extract information, then law enforcement can do the same thing without fear of reprisal or suppression of evidence. Morgan Jr. equates it to "broken blinds" on a house window, where previous rulings have said it's perfectly fine for passing police officers to peer into windows that don't completely obscure the house's interior.

[I]n Minnesota v. Carter, the Supreme Court considered whether a police officer who peered through a gap in a home's closed blinds conducted a search in violation of the Fourth Amendment. 525 U.S. 83, 85 (1998). Although the Court did not reach this question, id at 91, Justice Breyer in concurrence determined that the officer's observation did not violate the respondents' Fourth Amendment rights. Id at 103 (Breyer, J., concurring). Justice Breyer noted that the "precautions that the apartment's dwellers took to maintain their privacy would have failed in respect to an ordinary passerby standing" where the police officer stood.

But that flies directly in the face of his previous determination that there's no expectation of privacy in IP addresses, even if a person takes steps to obscure that identifying info. Tor may be imperfect and can be compromised, but applying Morgan Jr.'s analogy to this situation means it's OK for the FBI to not only peer into the interior of a house, but to break the blinds in order to look inside.

The world Judge Morgan Jr. prefers is clear: that law enforcement should not be bound by the constraints of legal activity and, in fact, should be allowed to deploy hacking tools simply because computers get hacked every day. It's a judicial shrug that says the good guys should be able to do everything criminals do because the ends justify the means. Morgan Jr. explicitly states that "the balance weighs heavily in favor of surveillance" in cases like these (child pornography prosecutions) because of the criminal activity involved.

The ends will justify the means in cases like these, if Morgan Jr. is overseeing them. Even if you are sympathetic to the judge's belief that certain crimes call for more drastic law enforcement responses, the fact is that if given this judicial pass, law enforcement will not confine its use of jurisdiction-less warrants and invasive tech tools to only the worst of the worst. We need look no further than the deployment of a Stingray device to track down someone who stole $57 worth of fast food to see how this will play out in real life. The decision -- if it stands -- opens citizens up to a host of invasive, warrantless searches, just because security breaches are common and the pursuit of criminal suspects is more important than protecting citizens from government overreach.

Permalink | Comments | Email This Story
Categorieën: Technieuws

Post-Brexit Gibraltar will 'never' be part Spanish

van EU Observer - vr, 06/24/2016 - 17:27
People in Gibraltar may feel that English and Welshmen are dragging them out of the EU. But Gibraltar's leader rejected a Spanish proposal for shared sovereignty.
Categorieën: Europees nieuws

De Week

van Bits of Freedom - vr, 06/24/2016 - 17:14

I love you, ben je poreus en big data vs kleine mensen. De interwebs zijn groot. Niet elke tweet wordt gezien, niet elke blog wordt gelezen. Daarom een stukje service van ons naar jou toe: mooie, ontroerende, zorgwekkende en/of hilarische linkjes over internetvrijheid die we deze week ontdekten en graag met je delen.

De if-I-were-you-I-would-reads

    • Dit weekend is op de Correspondent de documentaire Citizenfour te bekijken, een film die je absoluut een keer gezien moet hebben! Je kunt er ook over verder praten met Peter Koop en onze eigen Rejo Zenger.
    • Over wie of wat zou dit citaat gaan? “One of the failure modes was this really hysterical tendency for it to say, ‘I love you’ whenever it got confused
    • Door de abstracte term big data vergeten we soms dat het gewoon over mensen gaat. De originele titel is van dit stuk slaat dan ook de spijker op z’n kop: Big Data is actual small, personal and very human“.
    • Micah Lee van The Intercept vergelijkt drie versleutelde messaging apps voor je: Signal, Allo en WhatsApp. Als je nog meer tips wilt om je eigen privacy beter te beschermen kan je altijd onze Toolbox gebruiken. Trouwens, Tactical Tech heeft ook een nieuwe toolkit uitgebracht, hij heeft ‘Holistic Security‘.
    • Deze zaterdag vieren we de verjaardag van George Orwell door webcams en camera’s te versieren met feesthoedjes. Doe je ook mee? Misschien doet Mark Zuckerberg ook mee, hij plakt wel zijn webcam af.
    • “Everybody has become porous.” Marshall McLuhan FTW!
    • In het geval van een onontkoombaar ongeluk, wil je dan liever een zelfrijdende auto waarbij de inzittende omkomt of waarbij de passant op straat omkomt? Het antwoord op die vraag blijkt sterk af te hangen van of jij de eigenaar bent van die auto of niet. En de kopers van die auto’s sturen de vraag in de markt, maar dat kan weer vergaande consequenties hebben voor de rest van de samenleving. In the Guardian een interessant stuk over ethische vraagstukken rondom zelfrijdende auto’s.
    • Handig! Firefox gaat ons eindelijk van context laten switchen binnen de browser zelf, dus je hoeft niet meer cookies te delen tussen werk- en privégebruik van je browser.
Categorieën: Technieuws

Scottish nationalists seize Brexit opportunity

van EU Observer - vr, 06/24/2016 - 16:49
A second independence referendum is on the table, Scotland's first minister Sturgeon said in the wake of the UK's vote to leave the EU.
Categorieën: Europees nieuws

[Ticker] Big firms warn of jobs cuts in UK

van EU Observer - vr, 06/24/2016 - 16:25
Big companies and banks are issuing warnings they may move some jobs out of the UK following a referendum to exit the European Union, reports The Guardian newspaper. Investment bank JP Morgan says it may relocate jobs. Others like BASF and UK Steel are less explicit but say the EU exit has created a climate of business uncertainty. The British pound's value plunged to a 30-year low Friday.
Categorieën: Europees nieuws

[Ticker] UK to remain vital to US interests, says White House

van EU Observer - vr, 06/24/2016 - 16:23
The US government in a statement said the UK, regardless of its decision to withdraw from the EU, will remain "a vital cornerstone of US foreign, security, and economic policy". It said relations with the EU will also continue as usual. "The United Kingdom and the European Union will remain indispensable partners of the United States," it said.
Categorieën: Europees nieuws

[Ticker] Spain targets Gibraltar

van EU Observer - vr, 06/24/2016 - 15:29
Spain's acting foreign minister Jose Manuel Garcia-Margallo said the future of the British enclave Gibraltar is in doubt following the UK decision to withdraw from the EU. "The Spanish flag on the Rock is much closer than before," he said. He proposed setting up a joint-sovereignty system so that both nations can lay claim to the island.
Categorieën: Europees nieuws