Tag Archives: internet freedom

New free trade treaty between Mexico, Canada and U.S. backstops digital business safeguards

by Steve Blum • ,


The text hasn’t been published yet, but statements from people involved indicate that online liability protections were included in the final version of a trade agreement between the United States, Canada and Mexico (a draft version is here). Those protections are said to closely follow the language in a 1996 law passed by the U.S. congress that puts responsibility for online content on whoever posts it online, rather than the operator of the platform or server that hosts it. An earlier draft of the treaty certainly does that.

Baking it into a major international treaty means it’ll be difficult, if not impossible, to change this U.S. law, as many in Washington D.C. want to do.

That 1996 law – section 230 of what’s called the communications decency act – says “no provider or user of an interactive computer service shall be treated as the publisher or speaker of any information provided by another information content provider”. At the time, the thinking was that companies that rent out web servers shouldn’t be responsible for policing information that their customers upload. Under the law, they could also take action if they thought third party content was objectionable, without incurring liability.

That protection from civil lawsuits now extends to social media platforms, like Facebook, and content aggregators like Google. Which upsets people in both the democratic and republican parties who want to regulate Internet content because someone else’s version of The Story gets noticed instead of their version of The Story. They can’t do that directly – the first amendment to the U.S. constitution is unmistakably clear on that point – but unleashing the predatory bar can achieve the same end, with an added cash bonus – contingency fee lawyers write big checks to lawmakers.

As the Electronic Freedom Foundation observes, the U.S. has those protections and other countries don’t. And the U.S. is home to the world’s major online companies, and other countries aren’t (those operating behind the Great Fire Wall of China aside). Assuming the new North American trade agreement is ratified, the odds that we’ll continue to enjoy that freedom, and that it’ll be extended to our neighbors, just got a lot better.

California kicks bots off of social media

by Steve Blum • , , ,

You won’t be able to use an anonymous bot to tweet or boost Twitter profiles, or post items on Facebook in California, beginning next year. Or use a bot that pretends to be a person to try to sell something – including a candidate for office – on high traffic websites.

California governor Jerry Brown signed senate bill 1001 into law. Authored by senator Bob Hertzberg, it’s particularly intended to stop automated social media posts that inject comments – fake or otherwise – into political debates.

It only applies to websites that attract at least 10 million unique, U.S. visitors per month. There are a couple of hundred websites that meet that qualification, according to Quantcast.com. The list includes big, California-based platforms, like Google, Youtube, Facebook, Apple and Netflix. But as written, it also applies to out-of-state giants, like Amazon and the New York Times.

SB 1001 makes it…

Unlawful for any person to bot to communicate or interact with another person in California online, with the intent to mislead the other person about its artificial identity for the purpose of knowingly deceiving the person about the content of the communication in order to incentivize a purchase or sale of goods or services in a commercial transaction or to influence a vote in an election.

Using a bot would still be legal, so long as it’s identified as such and the disclosure is “clear, conspicuous, and reasonably designed to inform persons with whom the bot communicates or interacts that it is a bot”.

Online platforms, web hosts and Internet service providers won’t have to do any policing. SB 1001 specifically doesn’t apply to them.

A “bot” is defined as “an automated online account where all or substantially all of the actions or posts of that account are not the result of a person”. It doesn’t appear to apply to customer service bots that websites use to communicate with visitors, but there’s enough wiggle room that the courts will have to decide where to draw the line. That’ll be after the law survives the inevitable challenges on First Amendment and federal preemption grounds.

U.S. supreme court rules on digital privacy, but the real issue is digital property

When most of the data you collect, create, buy or simply passively generate is stored on someone else’s server, what belongs to you and what belongs to the company storing it? What is your property?

That’s the question that the U.S. supreme court wrestled with in yesterday’s decision limiting police use of mobile phone tracking data. Every time a phone communicates with a cell site – which is pretty much all of the time – that contact is recorded by the mobile carrier. A bare 5 to 4 majority of the judges ruled that…

Cell phones and the services they provide are “such a pervasive and insistent part of daily life” that carrying one is indispensable to participation in modern society…an individual maintains a legitimate expectation of privacy in the record of his physical movements as captured through [cell-site location information].

The court decided that cops need to get a search warrant based on probable cause – a relatively high bar to clear – before rummaging through your cell location data, even though that data is, they say, owned by your mobile carrier.

But is it?

In an interesting dissent, the newest member of the U.S. supreme court, Neil Gorsuch, questioned that assumption. He objected to the decision on technical grounds, while at the same time saying, in effect, it didn’t go far enough…

Just because you entrust your data – in some cases, your modern-day papers and effects – to a third party may not mean you lose any Fourth Amendment interest in its contents…few doubt that e-mail should be treated much like the traditional mail it has largely supplanted— as a bailment in which the owner retains a vital and protected legal interest…

At least some of this Court’s decisions have already suggested that use of technology is functionally compelled by the demands of modern life, and in that way the fact that we store data with third parties may amount to a sort of involuntary bailment too…

No one thinks the government can evade [the existing] prohibition on opening sealed letters without a warrant simply by issuing a subpoena to a postmaster for “all letters sent by John Smith” or, worse, “all letters sent by John Smith concerning a particular transaction.” So the question courts will confront will be this: What other kinds of records are sufficiently similar to letters in the mail that the same rule should apply?…

It seems to me entirely possible a person’s cell-site data could qualify as his papers or effects under existing law. Yes, the telephone carrier holds the information. But [federal law] designates a customer’s cell-site location information as “customer proprietary network information” (CPNI), and gives customers certain rights to control use of and access to CPNI about themselves…Plainly, customers have substantial legal interests in this information, including at least some right to include, exclude, and control its use. Those interests might even rise to the level of a property right.

Gorsuch is arguing for a clearer and more fundamental definition of personal property in the digital age. He’s exactly right.

California legislature takes on bots, false news and privacy

by Steve Blum • , , ,

Some bills that would regulate websites, social media and other consumer-facing Internet services are moving ahead in the California legislature. But not all of them.

Assembly bill 3169, carried by James Gallagher (R – Chico), is dead. It would have required “social media Internet web sites” and search engines to be politically neutral. It would have failed any First Amendment test. The assembly privacy and consumer protection committee scrapped it by ignoring it – when the vote was taken, only two members, both democrats, said aye and the rest remained silent.

One of those voting aye, assemblyman Ed Chau (D – Monterey Park), has a couple of privacy bills pending. AB 2511 would put restrictions on web sites and applications that use information about minors; AB 2935 would do the same for information collected by health monitoring devices. Both made it out of committee and are queued up for a floor vote in the assembly.

As originally written, senate bill 1424 by Richard Pan (D – Sacramento) was as dumb an idea as Gallagher’s proposal. It would have required social media platforms to place a warning on news stories containing false information. Besides being completely unworkable, it too would have collapsed at the first mention of the First Amendment. Pan rewrote it to require sites to disclose fact checking and other editorial policies. Even as amended, SB 1424 still looks like an overreach, though. The senate judiciary committee is scheduled to take a look at it today.

Two bills took aim at bots – automated processes that can mimic people, and collect and post information on websites and social media. AB 1950 by Marc Levine (D – San Rafael) would have required sites that use bots to disclose the practice. It was also killed by the assembly privacy and consumer protection committee (although death is never final in the California legislature – anything can happen so long as it’s in session).

SB 1001 by Bob Hertzberg (D – Van Nuys) specifically targets bots that act like people – chatbots, as they’re sometimes called. If a company invites you chat online but doesn’t tell you that, say, Eliza, is just a computer program designed to make you think they care, then they could face consumer fraud charges. It was approved by both the senate judiciary and business, professions and economic development committees, and is awaiting a final blessing from legislative leaders on the appropriations committee before heading to the senate floor.

Police surveillance tech disclosure considered by California legislature

by Steve Blum • , ,

If a police department in California wants to use facial recognition software, or scrape social media platforms looking for evidence of criminal behavior, it would need to disclose the practice and, where practicable, get advance permission from its city council, if a bill working its way through the legislature makes it into law. Senate bill 1186, introduced by senator Jerry Hill (D – San Bruno), would require cities to decide on and publish policies for using “surveillance technology”, which it defines as…

Any electronic device or system with the capacity to monitor and collect audio, visual, locational, thermal, or similar information on any individual or group. This includes, but is not limited to, drones with cameras or monitoring capabilities, automated license plate recognition systems, closed-circuit cameras/televisions, International Mobile Subscriber Identity (IMSI) trackers, global positioning system (GPS) technology, software designed to monitor social media services or forecast criminal activity or criminality, radio frequency identification (RFID) technology, body-worn cameras, biometric identification hardware or software, and facial recognition hardware or software.

Any type of use would have to get blanket approval in advance, although after that it wouldn’t have to be reviewed on a case by case basis. If something unforeseen comes up, involving “danger of death or serious physical injury”, the cops could do whatever they need to do, but would have to disclose it later.

The bill had two hearings, in front of the California senate’s public safety and judiciary committees, where it was approved and sent on to the appropriations committee, with undisclosed amendments pending. Predictably, lawyers are in favor of it and police organisations are opposed. According to the public safety committee’s analysis, there have been 12 past attempts at similar legislation in recent years. Two, also carried by Hill, involving automatic license plate readers and mobile phone intercepts are now law. Most of the rest died in the legislature, although three made it to governor Jerry Brown’s desk and were vetoed. Given the sweeping scope of the current bill, a similar fate seems likely.

Information can’t be stopped and frisked at the border, federal court rules

by Steve Blum • ,

Internet data is not a material thing. That was the ruling from a federal appeals court in Washington, as it told the International Trade Commission – a federal agency involved in policing intellectual property disputes, among other, um, things – to stay out of the business of trying to regulate international Internet traffic

The Tariff Act of 1930 provides the International Trade Commission (“Commission”) with authority to remedy only those unfair acts that involve the importation of “articles”…Here, [the ITC] concluded that “articles” “should be construed to include electronic transmission of digital data…” We disagree.

[The ITC’s] decision to expand the scope of its jurisdiction to include electronic transmissions of digital data runs counter to the “unambiguously expressed intent of Congress.”

“We begin with the text of [the statute].” Here, it is clear that “articles” means “material things”…

We recognize, of course, that electronic transmissions have some physical properties—for example an electron’s invariant mass is a known quantity—but commonsense dictates that there is a fundamental difference between electronic transmissions and “material things.”

The case at issue involved a U.S. company that was sending images of dental patients’ teeth to an affiliate in Pakistan, where custom orthodontic appliances were designed and then transmitted back to a 3D printer in the U.S. In the process the company infringed someone else’s patent, according to the ITC. The remedy was “to order [the company] to stop electronically importing digital models into the United States”.

It’s an obscure dispute, but it has huge implications. Under the ITC’s logic, it could block the transmission of any international data that it believed violated someone’s intellectual property rights. That would have left global Internet traffic to the tender mercies of the predatory bar and patent trolls.

Luckily, two federal judges thought otherwise. But the dispute might not be over: the decision could be appealed to the supreme court. The dissenting judge on the panel offered a possible line of attack…

It is reported that the elusive Higgs boson, a fundamental particle of matter, has been detected by observing its effects. By the same laws of physics, digital matter is most readily observed in its effects. The panel majority’s ruling that such matter is not “material” is contrary to the law of the courts, the Customs agency, and the Commission.

The Higgs boson is the particle that gives other particles mass. It would be ironic if it also gave weight to the idea that information can be blocked, censored or otherwise regulated as if was just cargo in a ship’s hold.

Latest Snowden revelations will push Internet infrastructure and traffic away from U.S.

If there was ever any doubt that there’s no privacy on the Internet, the latest nuggets from Edward Snowden’s trove of documents detailing U.S. electronic spying efforts should remove it. Stories on the ProPublica.org website and in the New York Times show how telecommunications companies have cooperated with the National Security Agency to trawl emails that pass through their systems, regardless of where the messages originate or where they are destined. According to the ProPublica story, AT&T was singled out in the documents for its “extreme willingness to help” the NSA…

In September 2003, according to the previously undisclosed NSA documents, AT&T was the first partner to turn on a new collection capability that the NSA said amounted to a “‘live’ presence on the global net.” In one of its first months of operation, the [AT&T-run surveillance] program forwarded to the agency 400 billion Internet metadata records — which include who contacted whom and other details, but not what they said — and was “forwarding more than one million emails a day to the keyword selection system” at the agency headquarters in Fort Meade, Maryland.

The original documents are posted alongside the ProPublica story, and make for interesting reading. Slide presentations show how an email sent to Brazil from Iran will naturally pass through a commercial server in the U.S., due to “international choke points”, “least cost routing” and other perfectly ordinary technical characteristics of the Internet.

It’s not just compliant telecoms companies that give the NSA this immense trawling capability. It also results from the fundamental architecture of the Internet, which is largely centered in and managed by the U.S.

Expect far greater international pressure to change this status quo as a result of these revelations. Even friendly countries will want alternative data paths that don’t pass through U.S. hands.

Surprisingly, UN broadband report advocates free speech and competitive markets

by Steve Blum • , , ,

Best interests. Common good. Benign intentions. And all that.

The United Nations, in particular its education, science and cultural organisation (UNESCO), has often been criticised for kowtowing to authoritarian, repressive and socialist regimes when media, markets and speech are on the table. At best, it tends to offer up meaningless generalities that offend no one.

So it was a pleasant surprise to read The State Of Broadband 2013: Universalizing Broadband, a report prepared by two UN offshoots, the International Telecommunications Union and UNESCO. Besides being a useful summary of the state of wireline and mobile broadband deployment and adoption around the world, it recommends telecommunications market liberalisation as the best way to improve infrastructure and, crucially, bring down costs for impoverished users in the developing world.

The report also delivers an unambiguous slap to governments that use their control over infrastructure to infringe on basic human rights, particularly freedom of speech…

Freedom is not the inevitable by-product of technological innovation and change. In parallel to the growth of the Internet, more controls and regulations have been applied in many countries. In many cases, these controls do not conform to international standards for justifiable limits on freedom of expression. Too often, they are not transparent, not intended for legitimate purposes, and not proportional to the types of speech they seek to limit.

The authors make a distinction between illegitimate controls on content and expression, and justifiable ones, such as those intended to safeguard children, fight spam or protect consumers. In doing so, they leave a familiar and conventionally diplomatic loophole for oppressive regimes.

But it was published by UN staff, not WikiLeaks or the Cato Institute. For an organisation where effective voting control rests with traditional surveillance states like China and Russia and born again ones like the U.S.A., it’s a remarkable document.

The Internet faces the dark side of the Force

by Steve Blum • , , , ,

International telecommunications diplomacy isn't a pretty business.

“It was a little bit like the Star Wars bar scene,” said FCC commissioner Robert McDowell, as he described his experience as a U.S. representative at last month's World Conference on International Telecommunications (WCIT) in Dubai.

He was part of a delegation that included private sector companies, like Google, as well as a boat load of diplomats and policy wonks. They were up against a solid wall of countries that wanted the International Telecommunications Union – a United Nations organization – to get into the business of regulating the Internet.

Despite promises that the conference wouldn't try to impose international oversight of Internet content or network infrastructure, WCIT turned into a fight over Internet governance. It pitted a handful of countries, including the U.S., that want to keep current freedoms intact, and most of the rest of the world's governments, which, for one reason or another, don't.

He was speaking on a all-star panel of WCIT participants at CES this afternoon. The group included Representative Bob Goodlatte, a Republican from Virgina, congressional staffers John Branscome and David Redl, Eric Loeb from AT&T and Google's Pablo Chavez. Earlier in the day, FCC chairman Julius Genachowski weighed in.

“I think we're seeing two dangerous trends coming together. We're seeing a censorship trend as countries around the world that don't believe in freedom recognize that open communications networks are a challenge to them,” Genachowski said. “We're seeing Internet providers outside of the U.S., including in Europe, that want to solve their business model problems by changing the Internet.”

That unholy alliance almost led to a near unanimous agreement to impose internationally sanctioned government control over Internet content and networks. A last minute overreach by the Iranian government pushed several dozen countries back in the unregulated camp.

They'll try again at the next major ITU treaty meeting, scheduled for October 2014 in South Korea. McDowell calls it a “constitutional convention of the ITU” that could result in a complete re-write of the international telecommunications regulatory structure, for good or ill. The panelists agreed that the battle will continue.

“We have to be in the room, even if we're outvoted,” concluded congressman Goodlatte. “Some people will learn the hard way, but eventually they will learn.”