Friday, May 30, 2014
Stephanie K. Pell, Stanford University, Stanford Law School Center for Internet and Society, and Christopher Soghoian, Yale University Yale Information Society Project, are publishing Your Secret Stingray's No Secret Anymore: The Vanishing Government Monopoly Over Cell Phone Surveillance and Its Impact on National Security and Consumer Privacy, in the Harvard Journal of Law and Technology (forthcoming).
In the early 1990s, off-the-shelf radio scanners allowed any snoop or criminal to eavesdrop on the calls of nearby cell phone users. These radio scanners could intercept calls due to a significant security vulnerability inherent in then widely used analog cellular phone networks: calls were not encrypted as they traveled over the air. In response to this problem, Congress, rather than exploring options for improving the security of cellular networks, merely outlawed the sale of new radio scanners capable of intercepting cellular signals, which did nothing to prevent the potential use of millions of existing interception-capable radio scanners. Now, nearly two decades after Congress passed legislation intended to protect analog phones from interception by radio scanners, we are rapidly approaching a future with a widespread interception threat to cellular communications very reminiscent of the one scanner posed in the 1990s, but with a much larger range of public and private actors with access to a much more powerful cellular interception technology that exploits security vulnerabilities in our digital cellular networks.
This Article illustrates how cellular interception capabilities and technology have become, for better or worse, globalized and democratized, placing Americans’ cellular communications at risk of interception from foreign governments, criminals, the tabloid press and virtually anyone else with sufficient motive to capture cellular content in transmission. Notwithstanding this risk, US government agencies continue to treat practically everything about this cellular interception technology, as a closely guarded, necessarily secret “source and method,” shrouding the technical capabilities and limitations of the equipment from public discussion, even keeping its very name from public disclosure. This “source and method” argument, although questionable in its efficacy, is invoked to protect law enforcement agencies’ own use of this technology while allegedly preventing criminal suspects from learning how to evade surveillance.
This Article argues that current policy makers should not follow the worn path of attempting to outlaw technology while ignoring, and thus perpetuating, the significant vulnerabilities in cellular communications networks on which it depends. Moreover, lawmakers must resist the reflexive temptation to elevate the sustainability of a particular surveillance technology over the need to curtail the general threat that technology poses to the security of cellular networks. Instead, with regard to this destabilizing, unmediated technology and its increasing general availability at decreasing prices, Congress and appropriate regulators should address these network vulnerabilities directly and thoroughly as part of the larger cyber security policy debates and solutions now under consideration. This Article concludes by offering the beginnings of a way forward for legislators to address digital cellular network vulnerabilities with a new sense of urgency appropriate to the current communications security environment.Download the article from SSRN at the link.
Charles W. (Rocky) Rhodes IV, has published Speech, Subsidies, and Traditions: AID v. AOSI and the First Amendment in the 2013 Cato Supreme Court Review 363. Here is the abstract.
In a victory for free speech and individual liberty, Agency for International Development v. Alliance for Open Society International, Inc. (AID v. AOSI) — the only First Amendment decision of the Supreme Court’s 2012-13 term — struck down a government funding condition requiring recipients to pledge ideological support for government policies. In this essay, written for the Cato Supreme Court Review, I outline the Court’s prior holdings on the constitutionality of conditions on government funding and other subsidies before examining AID v. AOSI in detail. While I applaud its holding, the dispositive distinction the Court pronounced between funding conditions operating within and without a government program can’t govern every funding condition; otherwise, the government could manipulate the scope and funding for its programs as a subterfuge to regulate its citizens’ beliefs and communications. As with other situations in which the government attempts to alter typical First Amendment expressive protections, the overarching appraisal should necessitate continued judicial acquiescence in traditional regulatory practices. While inside-program limitations are one such tradition in the government funding context, additional complementary traditions exist that must be taken into account to protect public forums and other expressive spheres from government overreach.
Download the article from SSRN at the link.
Pamela Sameulson, University of California, Berkeley, School of Law, is publishing Protecting Privacy Through Copyright Law? in Visions of Privacy in the Modern Age (Marc Rotenberg, ed.; 2014). Here is the abstract.
A quartet of recent copyright cases have extended protection to privacy and other personal interests of individuals depicted in copyrighted works. Victims of so-called revenge porn are also relying on copyright to protect their privacy interests. This short essay revisits the seminal Warren and Brandeis article on "The Right to Privacy," which relied heavily on copyright cases to support the notion that privacy interests were and should be legally protectable. It asks whether Warren and Brandeis would have approved of this renewed direction for copyright law.
Download the essay from SSRN at the link.
Wednesday, May 21, 2014
Sprint has agreed to pay $7.5 million to the U.S. Treasury for violating the FCC's Do Not Call rules and for continuing to call and/or send texts to consumers who had specifically told the company they did not want any communication with the company. Sprint said it has investigated internal policies; under the decree, it must put a compliance program into place to ensure that it does not violate Do Not Call regs again. The FCC notes that the settlement is the largest so far ever paid by a company under such circumstances.
Tuesday, May 20, 2014
JoAnne Sweeny, University of Louisville School of Law has published Sexting and Freedom of Expression: A Comparative Approach in volume 102 of the Kentucky Law Journal (2013/2014). Here is the abstract.
According to a recent poll, one in four American teens could be legally labeled a child pornographer. Nearly thirty percent of teens in this poll admitted to engaging in "sexting," which may expose them to criminal prosecution under existing child pornography laws. "Sexting" is the modern term given to "the practice of sending or posting sexually suggestive text messages and images, including nude or semi-nude photographs, via cellular telephones or over the Internet." It is an increasingly popular practice in the United States and abroad and, according to current child pornography laws, can result in teens serving long prison sentences and having to register as sex offenders. Download the text from SSRN at the link.
Martin Husovec, International Max Planck Research School for Competition and Innovation, is publishing CJEU Allowed Website Blocking Injunctions with Some Reservations in volume 9 of the Journal of Intellectual Property Law and Practice (July 2014). Here is the abstract.
The Court of Justice of the European Union issued its long awaited decision on admissibility of the website blocking injunctions. The ruling generally allows website blocking, but at the same time makes its permissibility dependent on the number of requirements. Because the decision addresses primarily website blocking injunctions which omit to specify exact blocking technology and/or fixed address of the website (so called open-ended injunctions), it is subject to the interpretation to what extent its principles apply also to the website blocking injunctions that are specific. This case note comes to the conclusion that open-ended website blocking injunctions just: (i) be strictly targeted, (ii) at least partially prevent and seriously discourage the access to a targeted website, (iii) not lead to unbearable sacrifices for an access provider, (iv) must give a court in enforcement proceedings a possibility to asses their reasonableness, (v) provide for a possibility for users to challenge the scope of the blocks once the implementing measures are known (§ 56) and (vi) be transparent in their implementation. If the above six conditions are not met, the open-ended website blocking injunction may not be issued. On the other hand, only some of these conditions will probably apply to specific website blocking injunctions.
The full text is not available from SSRN for download.
Eric Descheemaeker, University of Edinburgh School of Law, is publishing Truth and Truthfulness in the Law of Defamation in Les apparences en droit civil (Lionel Smith ed.; Montreal, 2014). Here is the abstract.
This paper provides a comparative overview of two related, but analytically distinct, issues in the law of defamation. The first is whether the true character of a defamatory statement relieves the defendant from liability. On this issue, the civilian and common-law traditions have historically settled on two markedly different stances, the latter accepting the sufficiency of truth simpliciter while the former never did. Some of the reasons for this distinction are explored. Different is the issue of truthfulness, in the sense of belief in truth. Does it, and should it matter, that a defendant believed that what they said was true albeit (prima facie) defamatory? Should we distinguish on the basis of the ‘quality’ of the belief? This paper argues that reasonable truthfulness ought to be recognised as a defence in the law of defamation. De lege lata , the law has never come up with such a general principle, but observation suggests that it has in fact been beating about the bush for a long time, using other analytical tools. Besides, a number of recent developments internationally can be understood as attempts to get closer to the above position.
Download the essay from SSRN at the link.
Saturday, May 17, 2014
Times publisher Arthur Sulzberger, Jr., released a statement at 5 p.m. EDT today stating that the decision to terminate Jill Abramson's employment as the New York Times' executive editor was based on her management style, and not due to a disagreement over pay, or gender issues.
Thursday, May 15, 2014
The FCC has voted, 3-2, to craft a set of regulations for the Internet under which content providers could pay for faster service, but ISPs could not discriminate against providers who did not opt to pay for that service. Critics have already pointed out that, by default, "non-payers" could still find themselves in a "slow lane."
Link to video of the meeting here.
Selection from the news release below.
The FCC has previously concluded that broadband providers have the incentive and ability to act in ways that threaten Internet openness. But today, there are no rules that stop broadband providers from trying to limit Internet openness. That is why the Notice adopted by the FCC todays starts with a fundamental question: “What is the right public policy to ensure that the Internet remains open?” The FCC proposes to rely on a legal blueprint set out by the United States Court of Appeals for the District of Columbia Circuit in its January decision in Verizon v. FCC, using the FCC’s authority to promote broadband deployment to all Americans under Section 706 of the Telecommunications Act of 1996. At the same time, the Commission will seriously consider using its authority under the telecommunications regulation found in Title II of the Communications Act. In addition, the Notice: ? Proposes to retain the definitions and scope of the 2010 rules, which governed broadband Internet access service providers, but not services like enterprise services, Internet traffic exchange and specialized services. ? Proposes to enhance the existing transparency rule, which was upheld by the D.C. Circuit. The proposed enhancements would provide consumers, edge providers, and the Commission with tailored disclosures, including information on the nature of congestion that impacts consumers’ use of online services and timely notice of new practices. ? As part of the revived “no-blocking” rule, proposes ensuring that all who use the Internet can enjoy robust, fast and dynamic Internet access. ? Tentatively concludes that priority service offered exclusively by a broadband provider to an affiliate should be considered illegal until proven otherwise. ? Asks how to devise a rigorous, multi-factor “screen” to analyze whether any conduct hurts consumers, competition, free expression and civic engagement, and other criteria under a legal standard termed “commercial reasonableness.” ? Asks a series of detailed questions about what legal authority provides the most effective means of keeping the Internet open: Section 706 or Title II. ? Proposes a multi-faceted process to promptly resolve and head off disputes, including an ombudsperson to act as a watchdog on behalf of consumers and start-ups and small businesses.
Two female editors-in-chief are out suddenly at prestigious papers, Jill Abramson at The New York Times, and Natalie Nougayrede at Le Monde. Ms. Abramson apparently parted ways with the Times after she asked why her salary and benefits were substantially less than her male predecessor's. Dean Baquet will replace her as the first African-American Times executive editor. More coverage here from The Guardian, here from the New York Times, here from Fox News.
Bruce Etling, Hal Roberts, and Robert Faris, Harvard University, Berkman Center for Internet & Society, have published Blogs as an Alternative Public Sphere: The Role of Blogs, Mainstream Media, and TV in Russia's Media Ecology. Here is the abstract.
Applying a combination of quantitative and qualitative methods, we investigate whether Russian blogs represent an alternative public sphere distinct from web-based Russian government information sources and the mainstream media. Based on data collected over a one-year period (December 2010 through December 2011) from thousands of Russian political blogs and other media sources, we compare the cosine similarity of the text from blogs, mainstream media, major TV channels, and official government websites. We find that, when discussing a selected set of major political and news topics popular during the year, blogs are consistently the least similar to government sources compared to TV and the mainstream media. We also find that the text of mainstream media outlets in Russia (primarily traditional and web-native newspapers) are more similar to government sources than one would expect given the greater editorial and financial independence of those media outlets, at least compared to largely state-controlled national TV stations. We conclude that blogs provide an alternative public sphere: a space for civic discussion and organization that differs significantly from that provided by the mainstream media, TV, and government.
Download the paper from SSRN at the link.
More on the ECJ ruling in Google Spain SL v. Agencia Espanola de Proteccion de Datos (AEPD), Mario Costeja Conzalez in today's New York Times, in an article by Mark Scott.
The European Court of Justice has ruled that a user in a member state of the EU may ask a search engine company (such as Google) to delete links (in search results) to information that the user objects to, if it is irrelevant, incorrect, outdated, or inadequate, and even if the information is truthful.
More coverage here from the New York Times (editorial here), the Daily Mail, the Telegraph, and Digital Journal. A link to the ECJ Press Release here. Link to the ruling here. Link to the Advocate General's opinion, with which the ECJ parted ways, here.
Here is the holding of the Court:
Article 2(b) and (d) of Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data are to be interpreted as meaning that, first, the activity of a search engine consisting in finding information published or placed on the internet by third parties, indexing it automatically, storing it temporarily and, finally, making it available to internet users according to a particular order of preference must be classified as ‘processing of personal data’ within the meaning of Article 2(b) when that information contains personal data and, second, the operator of the search engine must be regarded as the ‘controller’ in respect of that processing, within the meaning of Article 2(d).
Article 4(1)(a) of Directive 95/46 is to be interpreted as meaning that processing of personal data is carried out in the context of the activities of an establishment of the controller on the territory of a Member State, within the meaning of that provision, when the operator of a search engine sets up in a Member State a branch or subsidiary which is intended to promote and sell advertising space offered by that engine and which orientates its activity towards the inhabitants of that Member State. Article 12(b) and subparagraph (a) of the first paragraph of Article 14 of Directive 95/46 are to be interpreted as meaning that, in order to comply with the rights laid down in those provisions and in so far as the conditions laid down by those provisions are in fact satisfied, the operator of a search engine is obliged to remove from the list of results displayed following a search made on the basis of a person’s name links to web pages, published by third parties and containing information relating to that person, also in a case where that name or information is not erased beforehand or simultaneously from those web pages, and even, as the case may be, when its publication in itself on those pages is lawful. Article 12(b) and subparagraph (a) of the first paragraph of Article 14 of Directive 95/46 are to be interpreted as meaning that, when appraising the conditions for the application of those provisions, it should inter alia be examined whether the data subject has a right that the information in question relating to him personally should, at this point in time, no longer be linked to his name by a list of results displayed following a search made on the basis of his name, without it being necessary in order to find such a right that the inclusion of the information in question in that list causes prejudice to the data subject. As the data subject may, in the light of his fundamental rights under Articles 7 and 8 of the Charter, request that the information in question no longer be made available to the general public on account of its inclusion in such a list of results, those rights override, as a rule, not only the economic interest of the operator of the search engine but also the interest of the general public in having access to that information upon a search relating to the data subject’s name. However, that would not be the case if it appeared, for particular reasons, such as the role played by the data subject in public life, that the interference with his fundamental rights is justified by the preponderant interest of the general public in having, on account of its inclusion in the list of results, access to the information in question.
While the ruling, like most ECJ rulings, is narrow, it could have wide consequences, and it leaves many issues unresolved. For instance, how can we reconcile this ruling on privacy with the rights of free specch and free expression guaranteed under the European Charter? If a user in one member states requests removal of links, does that request guarantee removal in all other member states? How can we reconcile the ECJ decision with the laws in other nations, including the US, which like the EU have constitutional or charter provisions that protect freedom of expression as well as privacy, but balance the rights differently?
The case is Google Spain SL v. Agencia Espanola de Proteccion de Datos (AEPD), Mario Costeja Conzalez, decided May 13, 2014.
Wednesday, May 14, 2014
Nico Van Eijk, Institute for Information Law (IViR, University of Amsterdam), has published The Proof of the Pudding is in the Eating: Moving Away from Ideology, Putting Net Neutrality in Practice. Here is the abstract.
The Netherlands is among the few countries that have put specific net neutrality standards in place. It was the first country to do so in the European Union. Contrary to the original European approach, which lacks a material implementation of net neutrality principles, the Dutch parliament decided to take a firmer position and introduced a quite detailed regime on net neutrality. Providers of public electronic communications networks via which Internet access services are delivered and providers of Internet access services shall not hinder or slow down applications or services on the Internet. There is a limited, but important group of exceptions to this rule. Hindering and slowing down Internet traffic is allowed: a. to minimize the effects of congestion, whereby equal types of traffic must be treated equally; b. to preserve the integrity and security of the network and service of the provider in question or the end-user’s terminal; c. to restrict the transmission of unsolicited communication (spam) to end-users, provided that the end-users have given their prior consent for this to be done; and d. to implement a legislative provision or court order. Another very important net neutrality principle was based on incidents of blocked applications such as Skype and on the announcement by mobile operators that they would start charging for applications. The Dutch net neutrality provision also forbids providers of internet access services to charge for internet access services dependent on the services and applications which are offered or used via these services.
The new proposed European rules on net neutrality (as part of the new regulatory package (to be adopted before this summer)) borrow much from the Dutch example. However, are the Dutch rules a success?
The no-blocking/no-charging restriction had an immediate effect on the market, in particular the mobile one. Originally, the mobile providers intended to block or to charge for specific services (Skype, WhatsApp), but they had to abandon the idea due to the new net neutrality rules. This led to a new subscription structure, with a substantially increased emphasis on data traffic. Data bundles are priced more specifically, and existing packages with unlimited data access have been replaced by packages with a specific size (data caps) and speeds. In fact, voice is no longer a dominant factor in the pricing models.
But how did these changes affect the consumer? The no-blocking/no-charging rule more or less killed traditional texting (SMS), but it is too early to tell whether net neutrality has had an effect on the overall costs for mobile broadband. However, a recent study seems to indicate that the overall price levels and options in the Dutch market are in line with the prices in other European countries. We might assume that voice income has been substituted by data income without having a substantial positive or negative effect on the monthly subscription fees.
The new neutrality rules had no effect on the fixed market. Internet service providers on cabled networks have no history of blocking traffic. Only one incident with the slow-down of traffic was reported but turned out to be a ‘misunderstanding’. One should keep in mind that the Dutch fixed broadband market is very competitive with the incumbent operator offering high-speed DSL or fiber and the CATV operators offering high-speed broadband.
The regulator in charge - the Authority for Consumers and Markets - took a first decision on applying the new rules. Passengers on most trains have free internet access. The service, called T-Mobile HotSpot in de trein, is provided by T-Mobile, based on a contract with the Dutch Railways. In order to get the signal into the moving trains, T-Mobile uses its 2G/3G mobile network. The architecture of this network is focused on voice services and on keeping them available under varying circumstances. The rest of the capacity is used for data traffic. Now, the data service (needed for internet access) fluctuates strongly on board, due to the rapid velocity of trains. To counter this, T-Mobile has decided to block all peer-to-peer and streaming services (YouTube, Netflix) and to slow down file transfer. Without these measures there would be congestion and a lack of capacity. Users, having to share the available connection and capacity, would not be able to use the connection in a practical manner.
In two other cases the Authority is investigating the bundling of data packages with free services (i.e. a mobile subscription with ‘free’ access to Spotifiy’). To deal with these cases new guidelines are being drafted by the ministry involved. These guidelines will be out for consultation in April and should enter into force before the summer. New case decisions are expected in June/July/August.
The paper will - in a critical way - examine the Dutch and the new European net neutrality rules, describe the effects on the mobile/fixed market and discuss the cases under investigation. As these case are some of first ones where regulators have been forced to take action in the context net neutrality, the paper will offer an unique added value and contribute to a more realistic approach.
Download the paper from SSRN at the link.
Tuesday, May 13, 2014
CNN and local news media are reporting that someone drove a truck into the lobby of Baltimore ABC News affiliate WMAR, and then began shouting that he was God. The station was immediately evacuated, and and a nearby school is on lockdown. The driver has now barricaded himself inside the station. More here from the Baltimore Business Journal, here from the local CBS affiliate in Baltimore.
Update: Police have taken the driver into custody. More here from WBAL-TV, channel 11.
Monday, May 12, 2014
From Steve Zansberg, Levine, Sullivan, Chair, ABA Forum on Communications Law:
A reminder that the deadline for law students to participate in the 2015 First Amendment and Media Law Diversity Moot Court Competition at next year’s ABA Forum Annual Conference is Friday, May 30.
The Application Form itself is not particularly rigorous; it should require no more than one to two hours to complete. By way of reminder, attached is the flier announcing this year’s competition and highlighting the very substantial benefits associated with participation.
Ryan Calo, University of Washington School of Law; Stanford University Law School, has published Communications Privacy for and by Whom? at 162 University of Pennsylvania Law Review Online 231 (2014). Here is the abstract.
Professor Orin Kerr has proposed an elegant new thought experiment in his piece, The Next Generation Communications Privacy Act. The Article efficiently relays the history and structure of the Electronic Communications Privacy Act of 1986 (ECPA), a law that “grants Internet users a set of statutory privacy rights that limits the government’s power to access a person’s communications and records.” The Article then ably diagnoses what is wrong with ECPA today — namely, that changes in technology and constitutional law over the last quarter century have rendered ECPA outdated. Finally, the Article proposes four plausible principles to guide Congress were it to write a new electronic communications privacy statute from scratch, rather than reform ECPA at the margins, as contemporary advocates propose.
Professor Kerr’s argument is clear, forceful, and fundamentally sound in the sense that his conclusion follows from his premises. The Article also makes a series of quiet assumptions, however, that readers may find controversial.
First, the Article reads as though ECPA exists only to protect citizens from public o)cials. According to its text and to case law, however, ECPA also protects private citizens from one another in ways any new act should revisit. Second, the Article assumes that society should address communications privacy with a statute, whereas specific experiences with ECPA suggest that the courts may be better suited to address communications privacy — for reasons Professor Kerr himself offers. Finally, the Article addresses ECPA in isolation from the Foreign Intelligence Surveillance Act of 1978 (FISA), which seems strange in light of revelations that our government systematically intercepts and stores its citizens’ electronic communications under FISA’s auspices.
Put another way, The Next Generation Communications Privacy Act succeeds marvelously on its own terms, but not necessarily on everyone else’s. Worse still, we do not benefit from Professor Kerr’s powerful insights regarding the issues he omits.
Download the article from SSRN at the link.
A Massachusetts appellate court has issued a third (and it indicates that it hopes the final) ruling in the case of Mt. Ivy Press v. Misha Defonseca (born Monique de Wael). The press published Ms. Defonseca's Holocaust memoir, Misha: A Memoire of the Holocaust Years in 1997, in which Ms. Defonseca told a tale of having lost her parents in a concentration camp, lived with wolves and killing a German soldier. Investigation later showed these stories to be false. Ms. Defonseca was Catholic, and although her parents did die at the hands of the Nazis, it was because they were members of the Resistance.
In 1998, Ms. Defonseca and her ghost writer, Vera Lee, sued and won a $32 million judgment against Mt. Ivy Press for failing to turn over profits from sales of the book. Mt. Ivy's publisher, Jane Daniel, then began to investigate Ms. Defonseca's story and discovered that it was untrue. She asked the courts to reverse the $22.5 million judgment against her as to Ms. Defonseca, which they have now done. The judgment against her with regard to Ms. Lee, however, remains in place.
The case is Mt. Ivy Press, L.P. v. Defonseca, 2014 Mass. App. LEXIS 42.
Friday, May 9, 2014