The report details how the program works, in a manner that doesn't really reveal too much new for folks who have been following all of the details over the past year, but does confirm the basics of how the Section 702 collections work -- something that many, many people seem to be confused about. In short, the Section 702 program is made up of two different collections of information. The first is the infamous PRISM program, which is not as broad as many people have believed in the past. This is when, under FISA Court approval, various internet companies are given certain "selectors" related to non-US persons, and those companies are compelled to hand over the communications to or from that person: In PRISM collection, the government sends a selector, such as an email address, to a United States-based electronic communications service provider, such as an Internet service provider (“ISP”), and the provider is compelled to give the communications sent to or from that selector to the government. PRISM collection does not include the acquisition of telephone calls. The National Security Agency (“NSA”) receives all data collected through PRISM. In addition, the Central Intelligence Agency (“CIA”) and the Federal Bureau of Investigation (“FBI”) each receive a select portion of PRISM collection. This is different from the much more troubling "upstream" collection, which comes from directly tapping the internet backbone and basically sifting through everything possible to see if any triggers are hit. This is where the infamous "about" triggers are included. As we've been discussing, the NSA doesn't just collect communications to and from targets, but also "about" them -- and that all happens at the upstream level, rather than PRISM. Upstream is also where the NSA is able to collect audio communications as well. Upstream collection differs from PRISM collection in several respects. First, the acquisition occurs with the compelled assistance of providers that control the telecommunications “backbone” over which telephone and Internet communications transit, rather than with the compelled assistance of ISPs or similar companies. Upstream collection also includes telephone calls in addition to Internet communications. Data from upstream collection is received only by the NSA: neither the CIA nor the FBI has access to unminimized upstream data. Finally, the upstream collection of Internet communications includes two features that are not present in PRISM collection: the acquisition of so-called “about” communications and the acquisition of so-called “multiple communications transactions” (“MCTs”). An “about” communication is one in which the selector of a targeted person (such as that person’s email address) is contained within the communication but the targeted person is not necessarily a participant in the communication. Rather than being “to” or “from” the selector that has been tasked, the communication may contain the selector in the body of the communication, and thus be “about” the selector. An MCT is an Internet “transaction” that contains more than one discrete communication within it. If one of the communications within an MCT is to, from, or “about” a tasked selector, and if one end of the transaction is foreign, the NSA will acquire the entire MCT through upstream collection, including other discrete communications within the MCT that do not contain the selector. While PRISM has been the sexy target for complaints due to its name and connection to easy target tech companies, the upstream sifting through the backbone has always been the much more troubling program, and this report confirms that.
Unfortunately, unlike the PCLOB's report on the Section 215 program, here the PCLOB more or less throws up its hands over the possible legal and constitutional issues, insisting that it's probably fine or that violations are "incidental." The EFF has issued a scathing condemnation of the report, noting its most glaring weakness: a failure to recognize that the Constitution requires a warrant to collect any such data in the first place. The PCLOB seems to totally ignore this requirement, as the EFF points out: The board skips over the essential privacy problem with the 702 “upstream” program: that the government has access to or is acquiring nearly all communications that travel over the Internet. The board focuses only on the government’s methods for searching and filtering out unwanted information. This ignores the fact that the government is collecting and searching through the content of millions of emails, social networking posts, and other Internet communications, steps that occur before the PCLOB analysis starts. This content collection is the centerpiece of EFF’s Jewel v. NSA case, a lawsuit battling government spying filed back in 2008.
The board’s constitutional analysis is also flawed. The Fourth Amendment requires a warrant for searching the content of communication. Under Section 702, the government searches through content without a warrant. Nevertheless, PLCOB’s analysis incorrectly assumes that no warrant is required. The report simply says that it “takes no position” on an exception to the warrant requirement when the government seeks foreign intelligence. The Supreme Court has never found this exception.
PCLOB findings rely heavily on the existence of government procedures. But, as Chief Justice Roberts recently noted: "the Founders did not fight a revolution to gain the right to government agency protocols." Justice Roberts’ thoughts are on point when it comes to NSA spying�”mass collection is a general warrant that cannot be cured by government’s procedures. Frankly, it does seem bizarre that the PCLOB fails to even consider the original collection and whether or not that violates the 4th Amendment. The Constitutional analysis in the report seems to leap over that question almost entirely, focusing just on the question of what the NSA hangs onto later. The brief discussion about the actual collection basically just says "well, this is tricky, because we're not looking at a single instance, but rather an entire program -- some of which may be Constitutional and some of which may be not, so we'll just lump it all together and see if it meets the "reasonable" test." That seems... questionable. If any part of the program is unconstitutional then that's a problem. You don't get to lump it all together and say that, on the whole, it's probably Constitutional because most of the searches and collection would likely be allowed. Even as such, the PCLOB says that the program -- especially the backdoor searches on Americans -- pushes the program "close to the line of constitutional reasonableness" but probably not over it. These features of the Section 702 program, and their cumulative potential effects on the privacy of U.S. persons, push the entire program close to the line of constitutional reasonableness. At the very least, too much expansion in the collection of U.S. persons’ communications or the uses to which those communications are put may push the program over the line. The response if any feature tips the program over the line is not to discard the entire program; instead, it is to address that specific feature. And, indeed, nearly all of the "recommendations" are to "address" minor aspects that the PCLOB finds to be potentially troubling, but without making any significant changes to the way either part of the program functions.
For example, concerning those "about" searches, the PCLOB basically says that it would be nice if they were limited, but that the NSA doesn't really have a way to do that, so, oh well, what can you do? With regard to the NSA’s acquisition of “about” communications, the Board concludes that the practice is largely an inevitable byproduct of the government’s efforts to comprehensively acquire communications that are sent to or from its targets. Because of the manner in which the NSA conducts upstream collection, and the limits of its current technology, the NSA cannot completely eliminate “about” communications from its collection without also eliminating a significant portion of the “to/from” communications that it seeks. The Board includes a recommendation to better assess “about” collection and a recommendation to ensure that upstream collection as a whole does not unnecessarily collect domestic communications. Similarly, the PCLOB notes that, despite all of the information the intelligence community was willing to share with it, that did not include details of how many US persons were impacted by the program: The government is presently unable to assess the scope of the incidental collection of U.S. person information under the program. For this reason, the Board recommends several measures that together may provide insight about the extent to which communications involving U.S. persons or people located in the United States are being acquired and utilized. So, in short, on some of the biggest questions in front of the PCLOB, it basically says "well, not much we can do, but would sure be nice if we had more info next time." Blech. Shouldn't those be the point at which the PCLOB says "hey, wait, that's unacceptable and illegal and need to be fixed!"
While at first, it did seem that the report was ignoring the privacy rights of non-US persons, it does actually include a fairly thorough section on such privacy rights, and how those rights actually do have some built in protections under the program. While it's a low bar, it's at least moderately reassuring that the program is not, as some assumed, designed to say "non-US persons have no privacy rights whatsoever." The report also notes international law, and President Obama's newly issued rules for protecting the privacy rights of non-US persons, but notes that those rules have not yet fully been implemented and could change the analysis.
In the end, the report does provide some valuable clarifications and explanation of what's going on -- but is disappointingly weak in the legal and Constitutional analysis. If you're interested in the specific recommendations of the PCLOB, we've included them below, above the embedded report.
Permalink | Comments | Email This Story
EU Publishers Present Their 'Vision' For Copyright: A Permission-Based Internet Where Licensing Is Required For Everything
Furthermore, this infrastructure is well suited to a world of 'mash-ups' where one work will incorporate parts or elements of other works, because the relevant IDs can identify the whole of a work or granular elements of it. As that makes clear, the EPS vision includes being able to pin down every single "granular" part of a mash-up, so that the rights can be checked and -- of course -- licensed. Call it the NSA approach to copyright: total control through total surveillance. The paper helpfully explores how that would work out in various specific situations encountered today. For example, the European publishers want to be able to use licensing to restrict access even to material on the open Internet: Legal clarification is needed about the relationship between hyperlinks and licence terms on the websites (or other platforms) to which they link. It must be clear that rights owners may by their licence terms to "restrict" access to content on an "open website" to a specific category of "the public" (e.g. users who visit the site directly), whether or not accompanied by technical protection measures. So licenses would be able to forbid the use of hyperlinks to jump directly to pages, even though the latter were not locked down by DRM. The EPC is also worried about an "overbroad" interpretation of a general right to browse copyright material without needing an explicit license: Whilst the general proposition that Internet browsing does not require a licence is reasonable, there remains a risk that an overbroad interpretation could mean that activities which ought properly to be licensable (e.g. the consumption of press cuttings) might cease to be so. To tackle that, the EPC wants (pdf) "a new limited neighbouring right to stop unlicensed use of snippets," and also, for good measure, "[h]yperlinking to illegal copies to be treated as an infringement." Given this relentless focus on creating a permission-based Internet, it will come as no surprise that the EPC hates the idea of introducing fair use in Europe: this is an issue which would require considerable evidence-based research in order to make a reasoned evaluation of the benefits of introducing a fair dealing exception compared with the uncertainty and other risks which would be caused by its introduction. That call for "considerable evidence-based research" is rather rich, given the complete absence of it for all the recent changes to European copyright law in favor of publishers. Indeed, as Techdirt has frequently discussed, there is plenty of research to support reducing copyright's term and reach, but when this is brought up, publishers are strangely uninterested in evidence-based policy making, preferring to stick with the dogma-based kind. Naturally, the EPC thinks that instead of fair use, what people really need is more licensing: Europe would be better positioned to reach a dynamic flexibility for increased uses by providing incentives to small scale licensing, both B2B and B2C, and automated licensing solutions. Part IV of the report is entitled "Meeting users' needs in the new media & publishing ecosystem." That's a welcome emphasis, since it finally recognizes that the users are not just some passive recipient of what the publishers decide to throw at them. However, the section's focus is still resolutely on seeking permission for every possible use of copyright material.
For example, one of the areas where publishers are fighting fiercely against granting new copyright exceptions is for text and data mining. The refusal to contemplate anything but licensing as an option led to a group of researchers, SMEs, civil society organizations and open access publishers pulling out of the European Commission's "Licensing for Europe" fiasco. Here's what EPC has to say on the matter: A new exception for text and data mining at EU level carries a huge risk from 'the law of unintended consequences'. A key theme running through our paper is the enabling role of technology in managing copyright. Given the increasing automation of rights management, the full potential of which we have yet to realise, including in the area of specific permissions, access to and use of content, we urge the European Commission to look at practical solutions first for serving the genuine needs of the research community before legislation. Scare-mongering about an exception for text and data mining is bad enough, but it gets worse. In this same section, we read the following concerning the copyright needs of users with a disability: There are undoubted challenges faced by this user group in being able to access digital content although publishers have been investing in voluntary solutions, including via ePub3 and voice-enabled services online. The report then goes on immediately to mention: The Marrakech Treaty is a recent exemplar. It provides a legal framework to facilitate access to published works for persons who are blind, visually impaired or otherwise print disabled. That gives the impression that the Marrakech Treaty was something that publishers backed strongly as a fair way of helping those with disabilities. In fact, quite the reverse is true. To have that hard-won treaty for the visually impaired presented here as an example of how publishers can be relied on to do the right thing by the public is not just misleading but morally repugnant. It shows that despite some fair words in the rest of the "vision" document, in important ways European publishers are just as selfish and cynical as ever.
Follow me @glynmoody on Twitter or identi.ca, and +glynmoody on Google+
Permalink | Comments | Email This Story
Het fenomeen Big Data brengt vele discussies met zich mee. Is er nou sprake van een hype, of is Big Data echt de toekomst? Ondanks dat de meningen hierover verschillen wordt Big Data wel degelijk actief toegepast door veel instanties. Door data te hergebruiken en aan elkaar te koppelen kunnen kruisverbanden gelegd worden. Aan de hand van deze kruisverbanden kunnen weer nieuwe trends en correlaties ontdekt worden, wat in sommige gevallen zelfs financieel voordeel kan opleveren. Dagelijks wordt er ontelbaar veel (digitale) data gecreëerd. Doordat ál deze data bruikbaar kán zijn voor Big Data brengt dit ook een ander gevolg met zich mee: er wordt nog maar zelden data verwijderd. Over dit onderwerp heb ik een stuk geschreven voor een website van Hewlett-Packard. De hele tekst kun je hier lezen.Gerelateerde artikelen
- 17 juni 2013Laatste plaatsen voor onze training: Big Data vs. Privacy
- 20 mei 2013Eendaagse training “Big Data versus privacy” vrijdag 28 juni
- 2 oktober 2012Wat betekent de term Big Data?
- 29 april 2014Big data: hype of trend?
Paris, 2 juillet 2014 — Alors que l'actuelle Commission vit ses derniers jours suite aux dernières élections européennes, elle vient de publier « un plan d'action pour lutter contre les atteintes à la propriété intellectuelle » reprenant plusieurs des concepts figurant dans l'accord ACTA, rejeté en 2012 par le Parlement européen suite à une forte mobilisation citoyenne. Ses propositions pour lutter contre la contrefaçon à « échelle commerciale » s'inspirent également des propositions du rapport Imbert-Quaretta poussées par la France au niveau européen, qui font craindre une implication accrue des intermédiaires techniques dans l'application du droit d'auteur et leur transformation progressive en une police privée du copyright.
En reprenant comme objectif, la lutte contre la contrefaçon « à échelle commerciale », la Commission a choisi de réactiver l'un des pires mécanismes figurant dans l'accord anti-contrefaçon ACTA. Cette expression aux contours flous est en effet susceptible d'englober des activités non-commerciales de partage en ligne et elle introduit une insécurité juridique qui avait été au cœur de la mobilisation citoyenne contre ce texte, jusqu'à son rejet final par les représentants élus du Parlement.
Les mêmes commissaires qui avaient porté l'ACTA, Karel de Gucht et Michel Barnier, semblent envisager cette fois de mettre en œuvre cette lutte contre la contrefaçon « à échelle commerciale » en contournant le Parlement européen. Leur plan envisage en effet de passer par des « mesures non-législatives », impliquant la signature de simples accords entre les représentants des industries culturelles et des intermédiaires techniques, comme les régies publicitaires et les services de paiements en ligne.
Ces dispositions sont directement inspirées des recommandations issues du rapport Lescure de mai 2013 et du rapport Imbert-Quaretta publié récemment en France, que La Quadrature a déjà dénoncé comme susceptible d'entraîner une dérive vers une application extra-judiciaire du droit d'auteur, transformant ces intermédiaires en une police privée du droit d'auteur. La Commission souhaite qu'un tel système soit généralisé au sein de l'Union européenne par le biais de « Memoranda of Understanding » encadrant des ententes contractuelles négociées entre acteurs privés.
La Commission propose également de renforcer la protection de la propriété intellectuelle au niveau international dans le cadre de négociations multilatérales. De tels propos font craindre qu'à nouveau comme avec l'accord ACTA, ou comme pressenti pour les accords CETA et TAFTA, les questions de « propriété intellectuelle » soient traitées de manière opaque dans le cadre d'accords commerciaux, laissant une marge de manœuvre minime aux parlements élus.
Ces annonces sont d'autant plus choquantes que la Commission a lancé fin 2013 une consultation publique sur l'évolution du droit d'auteur dans l'Union européenne. Un nombre sans précédent de réponses a montré l'intérêt que les citoyens européens portent à cette question. Au mépris de la société civile, la Commission a préféré publier son plan de lutte contre la contrefaçon avant le Livre blanc qu'elle s'était engagée à préparer suite à la consultation. Des fuites concernant ce Livre blanc ont de toutes façons déjà montré que la Commission n'envisage que des réformes cosmétiques, tout en recommandant un surcroît de mesures extra-judiciaires.
La Quadrature du Net dénonce ces agissements de la part d'une Commission déjà largement discréditée par son soutien à l'ACTA et qui n'aura su tirer aucune leçon du camouflet qui lui a été infligé en 2012 par le Parlement. La future Commission doit rejeter cette approche répressive et anti-démocratique pour mettre enfin à l'étude une réforme positive du droit d'auteur.
« La Commission européenne paraît penser que les citoyens européens dont la mobilisation a entraîné le rejet de l'accord ACTA n'ont aucune mémoire. Elle va jusqu'à employer les mêmes termes qui figuraient dans l'accord. Mais les mêmes causes produisent les mêmes effets, et la société civile européenne rejettera à nouveau cette vision dangereuse de l'application du droit d'auteur » déclare Lionel Maurel, cofondateur de l'association La Quadrature du Net.
EU Copyright Head Looking To Roll Back UsedSoft Decision, Makes Weak Noises About 'Infinite Contracts'
The European Union has its own revolving door, one that allows lobbyists to enter government agencies in order to directly regulate the same industries they so recently stumped for. Maria Martin-Prat went from directing "global legal policy" for IFPI (the international RIAA) to being the EU Commission's point person for copyright issues.
In the past, Martin-Prat has gone on record as being against any sort of private copying exception to copyright law, stating that: "private copying has no reason to exist and should be limited further than it is." The private copying exception varies from country to country, but in Martin-Prat's mind, the best case scenario is likely "not at all… anywhere." So, why is Martin-Prat, an admitted hardliner on copyright issues, suddenly discussing the unfairness of certain copyright contracts? Speaking at a Westminster Forum seminar, Maria Martin-Prat, EC Head of the Copyright Unit for the Internal Market Directorate General (DG MARKT), said the Commission should look at whether contracts were fair.
She told us that the infinite assignment of rights that authors must agree to in most EU countries to get their work published was what she had in mind.
In the digital era, freelance authors and photographers in many members states have been asked to assign their rights to an intermediary in “infinite” deals. Forever contracts are, indeed, the sort of unfair deal that the EU Commission should take a longer look at. Here in the US, the reversion of copyright back to the creators (for pre-1976 recordings) has prompted record labels to argue that everything created was a "work for hire," and thus belongs to the label in perpetuity. (This argument also took the form of a midnight run to Congress to get copyright law amended in the recording industry's favor.) An infinite contract obviously closes that potential loophole for artists to reclaim their work after a reasonable amount of time.
Seems like a good start, but Martin-Prat continues, dispelling any notion that serious copyright reform will occur under her guidance. The distribution of “the share of the value in the internet” was worth examining said Martin-Prat - particularly “who gets the profits?” Ah, the old "the Internet owes everyone a living" argument, wherein (probably) Google is blamed for every low number on the copyright industries' balance sheets and asked to kick in to make up for the shortfall. Note that Martin-Prat asks "who gets the profits," rather than asking how to divide the profits, which indicates she already has an answer in mind. Why address problems in any logical fashion when you can just use the weight of the EU Commission to make internet services bend to the will of misguided court decisions and nearly two decades' of useless complaining from the recording industry?
Then Martin-Prat steps even further away from copyright moderation and takes a swing at the few remaining rights purchasers of creative works have, citing specifically the UsedSoft decision, which agreed that sold software was a "license" rather than a sale, but despite this distinction, could still be resold. “In both cases the Court was pushing the boundaries of the copyright rules to help the function of the internal market,” she said. “UsedSoft was desperately trying to turn software licensed by a user into a good - so they could enjoy free movement of goods,” she observed. “The Court cut a few corners” in its interpretation, she thought. However, “if we don’t do something at some point the CJEU will keep pushing.” So, it looks as though Martin-Prat will be pushing back on this decision in order to remove something that actually helps sell new software -- the possibility of resale. Whether the copyright industries like it or not, people consider this factor when purchasing new items and if the possibility exists to make something back, it actually encourages a few more sales. There's nothing inherently "unfair" about not being able to profit from every sale, but the industries still think it's just another way they're being screwed -- hence the push to call everything a "license," even if it's a physical good.
Martin-Prat offers to take on an inherently unfair contract (the infinite copyright contract) but only because she has a desire to protect other unfair contracts (you can't resell what your purchase). The first will likely end up riddled with loopholes (for all intents and purposes, most recording contracts may as well be "infinite," considering how hard it is for artists to reclaim their copyrights) and the latter will just help the industries further pare down the few copyright law exceptions that currently exist.
Permalink | Comments | Email This Story
- 21 februari 2013Maak een bewerkersovereenkomst op maat met onze nieuwste generator
- 19 oktober 2012De bewerkersovereenkomst. Wat is dat voor een beest?
- 13 augustus 2013Moet ik logfiles verstrekken als mijn klant erom vraagt?
- 30 januari 2014Cloudsourcing (6) Privacy & security
As All Its Big Trade Agreements Grind To An Awkward Halt, Canada Aims To Make TPP Even More Secretive
Techdirt has commented many times on the unduly secretive nature of the Trans-Pacific Partnership (TPP) talks. Despite earlier claims that everything would definitely be wrapped up last year, things are still dragging on, with the next round of negotiations taking place in Canada. Although it seems hardly possible, the government there apparently wants to make the meeting even less transparent than its predecessors, as this post on the Council of Canadians reports: The only information that has been publicly released is a one-sentence notice posted June 24 on the Department of Foreign Affairs, Trade and Development website stating that "Negotiators, subject matter experts and other officials will meet in Ottawa, Canada, from July 3-12. No ministerial meeting is being scheduled on the margin of the officials meeting in Ottawa."
New Zealand law professor Jane Kelsey has attended many of the rounds as a registered stakeholder, and, when that process ended without any explanation, as an observer. She describes Canada's secrecy as "unprecedented.”
"There can only be one reason for withholding the details: to shut down the remaining minimal access we have to negotiators, a number of whom are happy to meet with us," Kelsey says. "When governments are so afraid of informed public debate, they clearly do not believe they can sell the merits of what they are negotiating." We can only assume Canada is worried that the public might learn either that the talks are in trouble, or that really bad deals are being cut in a desperate attempt to sew things up. A fascinating article in the Canadian title Maclean's offers some insight into why the Canadian politicians are so keen to keep everything under wraps: "Everyone is indulging in a charade where [the TPP] negotiations are going forward. It’s the biggest game in town, but I’m not convinced TPP will see the light of day," says Lawrence Herman, a Toronto-based trade lawyer formerly with Cassels Brock.
The situation is not much more clear with Canada’s agreement-in-principle reached with Europe last October. Officials say CETA is taking longer than anticipated to render into legal text, but observers believe the deal has run into substantive roadblocks.
Also perplexing is why Canada has not ratified the foreign investment protection agreement with China, called FIPA, when the two sides signed the treaty almost two years ago. Putting those facts together, and you have an embarrassing inability of the Canadian government to close any of its high-profile trade agreements, which it has set such great store by. Clearly, the last thing it wants is any leak that might make achieving that even harder for TPP. Of course, if such a total lock-down on the talks is necessary to have even a slim hope of concluding them, that suggests support for the agreement among the TPP nations is extremely precarious. If it weren't, TPP could stand a little public scrutiny of the kind that the Canadians are doing their utmost to avoid.
Permalink | Comments | Email This Story