Comments supporting DMCA jailbreaking exemption

Every three years the US Copyright office, examines whether it will renew certain exemptions to the DMCA. In 2009 we submitted arguments supporting the EFF’s petition for the exemption of  jailbreaking from the DMCA. The Copyright office granted the exemption in 2010 which now expires at the end of 2012.

Although it seems a bit silly to have to do this every three years, we’re going to again file a brief supporting the exemption for jailbreaking, also known as “rooting.” EFF has more information here on the arguments and the process.

Based on feedback from developers around the Mozilla project, the brief will contend that rooting is important because it’s necessary to achieve competitive application performance on Android mobile platforms, to effectively debug applications, and for regression testing.  In addition, it’s even more critical now as mobile devices surpass desktop, and Internet access increasingly comes from mobile platforms.

We plan to file our comments on Friday afternoon. If you have ideas or thoughts that could be incorporated in the brief, please let us know. Alternatively, you can file your own comments, or if your flavor is petitions go here.

the Open Act, What others are saying…

Although it’s great to have a POV, it’s also good to hear what the other side is saying from time to time. This is a handout going around the Hill distributed by pro-sopa interests.

…………………………………………………………………………………………………………………

THE OPEN ACT GOOD FOR GOOGLE BAD FOR COPYRIGHT HOLDERS

Everyone agrees that foreign criminal Internet operators who steal American products and jobs must be stopped. No legitimate Internet service should profit from illegal activity or lead its users to illegal sites. The OPEN Act does nothing to stop this behavior and may even make the problem worse. It does not establish a workable framework, standards or remedies. It is not supported by those it purports to protect. It needs to be scrapped. Stakeholders and Congress need to start over with a fresh look at solving this problem.

Sets dangerous precedents with impossibly high, useless standards. Even a site that openly acknowledges it is entirely composed of illegal material is exempt, as long as the material is added or used by others and not the site owner or operator. This excuses willful blindness and outright complicity in illegal activity. In addition, anyone who takes down one illegal file is immune, even if it’s simply reposted minutes later. Couple these with the virtually impossible requirement to prove that the owner or operator of an elusive foreign site acted willfully, and the OPEN Act remains closed to nearly any claim, but serves as an excuse that something is being done.

Prohibits small business victims from seeking relief. OPEN Act claimants would be required to hire a lawyer with International Trade Commission expertise (among the most expensive bars in the country), come to D.C. to pursue the claim, and post a bond for the issuance of a cease and desist order (that they may not get back). This puts justice out of reach for small business American victims of IP theft.

Allows indefinite delays while the market for American works are “scooped” by foreign criminals. The OPEN Act provides no timing for initiation of an investigation, if an investigation is granted at all. A claim could languish for months or years before any action is taken. And, while the bill requires the ITC to rule on an injunction within 30 days after the start of any investigation, there is absolutely no timing given for the ruling on a temporary cease and desist order – what the bill ironically calls “expedited consideration.” Add on provisions for endless submissions by parties such as Google, hearings, etc., and relief is elusive for victims suffering while foreign site operators are allowed to continue their illegal activity.

Offers an empty toolbox. Typically, when illegal activity is found, the law provides for action against the activity itself. OPEN prohibits action against the site, and doesn’t allow the ITC’s standard exclusion order (available in other ITC claims). OPEN takes away the very tools the ITC has been granted. The relief is so limited it applies only to ad networks that directly share ad revenues with the criminal site (rendering more complicated revenue relationships immune) and only payment processors that transact with customers in the U.S. (allowing transactions for foreign rogue sites to continue with international customers by U.S. providers). And, of course, the White House can throw out an order for any reason, trumping an administrative decision with a political one.

Makes compliance rare. The OPEN Act actually prohibits claimants from seeking a compliance order from the ITC. Instead, it allows only the Attorney General of the U.S. to bring an action against anyone who ignores an order. The victim is left powerless to ensure compliance even if they win.

It’s anticompetitive. The bill’s narrow view of financial transaction provider and Internet advertising service conveniently exempt services such as Google Wallet and Google’s Doubleclick, but include Visa and MasterCard. And, further benefitting Google which has 90% of the search market on the Internet, the bill completely exempts search engines from any responsibility.

The OPEN Act is an excuse, not an answer.

Protected: Dad Madness 2012

This post is password protected. To view it please enter your password below:

Password:

SOPA – the Stop Online Piracy Act – Is It Really Dangerous?

Recently, the Stop Online Piracy Act, 112 HR 3261 (SOPA) was introduced as a bill in the US House of Representatives. This is the House companion to the Senate Protect-IP Act that drew considerable opposition from the tech and First Amendment quarters, so many of the issues remain same. The intent of SOPA is to help combat online piracy. This is a laudable goal; however, the unintended consequences are scary for intermediaries, websites with user generated content, DNS providers, and those of us who rely on the Internet as a vibrant and rich communications network.

SOPA grants IP claimants a lot more power than they currently have to remove allegedly infringing content and expands the scope of people who may be liable by giving:

• the Attorney General the power to compel companies that maintain DNS look-ups to change the tables, also known as domain name filtering. See analysis by Larry Downes.

• IP owners the power to require ad services and payment processors to stop doing business with a site by giving it notice that the site contains allegedly infringing content. See Public Knowledge’s analysis by Rashmi Ranganth.

• the Attorney General injunctive relief power over anyone who allegedly circumvents copyright protections, and anyone who aids in the circumvention. See Public Knowledge’s analysis by jgraham.

The problem is that these are powerful remedies made available based upon unproven assertions and little due process. Imagine you’re a website operator, under SOPA you can get your Paypal payment processing services cut-off merely because someone claimed there’s infringing content or apps on your site. Faced with that choice, it’s an easy decision, remove the content early and often just to be safe.

IP rights are certainly important and need to be respected on the Internet, and there is a very real piracy problem, but SOPA threatens an essential attribute of the Internet – its ability to easily share information without friction and permissions. This doesn’t mean that the Internet should be a lawless expanse void of law or consequences either. The challenge is that SOPA exposes intermediaries to undue financial and legal liability for content in a way that will undoubtedly chill the free flow of content and ideas embodied in both software and media. In addition, the language in the bill is ambiguous leaving it open to abuse by plaintiffs who have already demonstrated aggressive interpretations of the existing DMCA framework. This is why there is so much concern that SOPA represents a real and dangerous threat to the Internet.

Some describe this debate in polemic terms, as Hollywood vs. the Internet, where the Internet slowly becomes managed by dominant media interests. Others have focused on the deleterious impact on human rights. Perhaps Masterswitch writer Tim Wu would see this as part of a larger pattern of how open information ecosystems become closed over time. US House Representative Zoe Lofgren, representing voters in Silicon Valley, warns that this “would mean the end of the Internet as we know it.” It could also just be bad legislation.

If SOPA becomes law, few think it will actually solve the problem. For example, it seems clear that blocking domains is not an effective means to combat piracy because domains can be redirected so easily. A while back Homeland Security asked Mozilla to take-down an add-on without a court order or a finding of liability. Under a SOPA regime, it appears the same incident would allow the putative plaintiffs to petition the Attorney General to issue an injunction compelling take-down based only on a specious claim of contributory infringement. Oddly SOPA makes one really appreciate the DMCA.

Many in the tech and policy communities are organizing to oppose SOPA. What’s most important is that Congress hears from everyone on this, whatever their view.  Plus it’s Tuesday November 8th -voting day- so let your voice be heard. If you want to let Congress know that you oppose the legislation EFF and Public Knowledge have sites set up to easily send your message to Congress.

Additional links to the bill and other commentary can be found below.

Read more of this post

Juxtaposition

In the past few days I saw two messages that I thought were interesting, not sure why but wanted to share them.

The first was a sign in San francisco near the convention center.  My kids asked “why should we be afraid of Google” –it was like someone told them to be afraid of Santa Claus. A quick G search and behold a whole gallery of work from xvala, a street artist.

The second was a daily email I get from Politico, an insider DC political newsletter I like to read.  The subject line read “POLITICO Playbook presented by Google…” and the following text was included in the body of the email:

** A message from Google: Toothpaste, playing cards, and beef jerky may seem like an ordinary shopping list. But to a deployed soldier, a care package with these basics is a big deal. That’s why Meredith Leyva’s nonprofit, eCarePackage.org, lets people thank servicemen by creating custom care packages online. eCarePackage.org is based in Schertz, Texas, but connects to gift-givers around the U.S. using Google AdWords. Americans like Meredith support our troops. And Google is helping. **

Net net, the two messages, their placement,  audiences, and POV are thought provoking.

Homeland Security Request to Take Down MafiaaFire Add-on

From time to time, we receive government requests for information, usually market information and occasionally subpoenas. Recently the US Department of Homeland Security contacted Mozilla and requested that we remove the MafiaaFire add-on.  The ICE Homeland Security Investigations unit alleged that the add-on circumvented a seizure order DHS had obtained against a number of domain names.   Mafiaafire, like several other similar  add-ons already available through AMO, redirects the user from one domain name to another similar to a mail forwarding service.  In this case, Mafiaafire redirects traffic from seized domains to other domains. Here the seized domain names allegedly were used to stream content protected by copyrights of  professional sports franchises and other media concerns.

Our approach is to comply with valid court orders, warrants, and legal mandates, but in this case there was no such court order.  Thus, to evaluate Homeland Security’s request, we asked them several questions similar to those below to understand the legal justification:

• Have any courts determined that the Mafiaafire add-on is unlawful or illegal in any way? If so, on what basis? (Please provide any relevant rulings)
• Is Mozilla legally obligated to disable the add-on or is this request based on other reasons? If other reasons, can you please specify.
• Can you please provide a copy of the relevant seizure order upon which your request to Mozilla to take down the Mafiaafire  add-on is based?

To date we’ve received no response from Homeland Security nor any court order.

One of the fundamental issues here is under what conditions do intermediaries accede to government requests that have a censorship effect and which may threaten the open Internet. Others have commented on these practices already.  In this case, the underlying justification arises from content holders legitimate desire to combat piracy.  The problem stems from the use of these government powers in service of private content holders when it can have unintended and harmful consequences.  Longterm, the challenge is to find better mechanisms that provide both real due process and transparency without infringing upon developer and user freedoms traditionally associated with the Internet.  More to come.

Marching Along – Privacy Forward

A bunch of folks, including Alex Fowler, Sid Stamm, and Mike Hanson to mention only a few, did some nice work developing Mozilla’s comments on the FTC’s  proposed privacy framework.  More details, including the comments, are available on the mozilla.com blog.

I’m still reading through some of the responses, and it’s really interesting seeing the diverse perspectives. Some saying the creation of a comprehensive US privacy framework will stifle innovation, leading to economic collapse and ruin, others suggesting the FTC hasn’t gone far enough.  (+1 to an open government process with a robust debate and competing ideas)

One theme that seems to pervade the narrative unfortunately is the notion that doing right by the user from a privacy perspective is somehow hostile to innovation and business.  This is a false paradigm. (We saw the same themes in the net-neutrality debate, but that’s a different story.)  Innovating in services, managing information while being user centric and respectful aren’t competing values in my view.  What’s right for the user doesn’t mean being hostile (or captive) to commercial motivations, nor should it mean rolling over to the great data slurp in the cloud.

As Eben Moglen recently reminded us, the web is young – some 7,000+ days young.  Thus, there’s so much more to come, and we can’t drive by looking in the rear view mirror.  So when I look forward, and see some of the ideas kicking around that give users both the benefits and control of their information in a “privacy forward” way, within and outside the Mozilla community,  I see lots of opportunity and innovation.

This is pretty exciting, and on a good day, I feel lucky to observe and participate.

Recent Changes in US Crypto Export Rules

On January 7, 2011, the US Government published a final export rule that relaxed export rules on publically available encryption code. Previously, mass market, encryption object code software was subject to US export controls. Under the new rule, issued by the Bureau of Industry and Security (BIS), publicly available, mass market, encryption object code software with a symmetric key length greater than 64-bits is no longer subject to the export control rules. Although the change will not have a limited direct impact on Mozilla because our code already falls under the TSU source code exception, the change is good because it simplifies and reduces the number of rules that might restrict distribution of publicly available, mass market, encryption object code software outside the US.

BIS reasoned that because there are no regulatory restrictions on making such software publicly available, and because, once it is publicly available, by definition it is available for download by any end user without restriction, removing it from the jurisdiction of the Export Administration Regulations (EAR) will have no effect on export control policy. Such policy is merely clarified and confirmed by this final rule.

This rule change follows the guidance of government and export law attorneys like Dan Minutillo (he also represents Mozilla) who argued in a recent California International Law Journal article that the Government should remove publicly available encryption code from the scope of items subject to the EAR based on the interpretation of a September 11, 2009 Advisory Opinion by the Director of Information Technology Controls Division, Office of National Security and Technology Transfer Controls, US  Government.  It seems this 2009 Advisory Opinion can be interpreted to relate directly to a Voluntary Self Disclosure filed by Minutillo on behalf of Mozilla regarding the exchange of code that resulted in a “No Violation Letter” from the US government in Mozilla’s favor.

Read more of this post

New FTC Privacy Proposal

Today the Federal Trade Commission released a proposal describing a new framework for protecting consumer privacy in both online and offline environments. The report reflects the new challenges users, publishers, service providers, and advertisers face in today’s digital environment and incorporates feedback from public roundtables conducted over the past year.  The report acknowledges the shortcomings of the current “notice and consent” framework, but doesn’t abandon it completely, rather it seeks to implement it in a way that makes more sense for users.

While we’ll need more time to digest and evaluate the details, we’re encouraged by what we’ve seen so far.  In particular, the FTC has proposed a set of principles that align well with the Mozilla manifesto and our approach to software development including:

• privacy by design;
• transparency;
• user choice; and
• no surprises.

Of course the devil is often in the details, but the first principles seem right.  The FTC should also be commended for continuing its efforts to seek a comprehensive proposal rather than focusing only on one aspect of the issue.

The Commission has also shown that it understands the complexity and nuance of many of the issues, for example, the blending distinction between PII and non-PII, and the contextual nature of privacy issues.  To that end, the Commission has articulated a robust set of questions on which it is seeking further public feedback.  Comments on the proposal are due on January 13, 2011.

Over the next month, we’ll examine the questions and proposal in more detail and take advantage of this opportunity to share our experience, concerns, and views on the proposed framework.

If you have thoughts about the proposal let us know.

FCC Chairman Genachowski’s Proposal on Net Neutrality

Today, the Chairman of the Federal Communications Commission, Julius Genachowski, issued a statement outlining a proposal to codify the open Internet principles and provide some resolution to the net neutrality debate. If adopted by the FCC in a hearing scheduled for December 21st, the new rules would represent a significant step forward in protecting users and innovation on the Internet.  No doubt, the rules will not be perfect, nor achieve all of the aims sought by net neutrality proponents.  As a whole, they represent major progress and reflect a delicate balance of the concerns of an array of stakeholders with often competing interest.

As proposed, the rules will establish needed non-discrimination, no blocking, and transparency principles for wireline communications.  On the wireless side,  it will establish rules that will prohibit blocking by carriers of lawful web sites or competitive voice, video, or telephony services, and require transparency in network management practices.

We urge the FCC to continue its efforts to promote rules that encourage a single framework regardless of the type of network.  In the long term, there is “one Internet” and the rules should be the same for wired and wireless transport particularly given the importance and growth of wireless Internet access. Nonetheless, we’re pleased by the Commission’s efforts to protect the Internet and the qualities that have made it both so valuable and transformative.

Other Articles:

http://voices.washingtonpost.com/posttech/2010/12/fcc_chair_announces_net_neutra.html