EFFector Vol. 19, No. 45 December 21, 2006 editor@eff.org
A Publication of the Electronic Frontier Foundation
ISSN 1062-9424
In the 406th Issue of EFFector:
- Lawsuit Demands Answers About Government's Secret 'Risk
Assessment' Scores
- Help EFF Investigate Invasive Travel Screening
Program
- Computer Security Expert Edward W. Felten Joins EFF
Board of Directors
- Celebrate EFF's Sweet 16 on January 11!
- Visit EFF at Macworld, January 9-12!
- Akaka-Sununu Bill Corrects Many Bad Aspects of Real ID
Act
- State AGs Reach Settlement on Sony BMG Rootkit
Debacle
- DRM Fading for Music: The Year in Review
- Nominate a Pioneer for EFF's 2007 Pioneer Awards!
- miniLinks (11): Privacy Alert Network
- Administrivia
For more information on EFF activities & alerts:
http://www.eff.org/
Make a donation and become an EFF member today!
http://eff.org/support/
Tell a friend about EFF:
http://action.eff.org/site/Ecard?ecard_id=1061
effector: n, Computer Sci. A device for producing a desired
change.
: . : . : . : . : . : . : . : . : . : . : . : . : . : . :
* Lawsuit Demands Answers About Government's Secret 'Risk
Assessment' Scores
Millions of U.S. Travelers Affected by Giant Data-Mining
Program
Washington, D.C. - The FLAG Project at the Electronic
Frontier Foundation (EFF) filed suit against the Department
of Homeland Security (DHS) in federal court this week,
demanding immediate answers about an invasive and
unprecedented data-mining system deployed on American
travelers.
The Automated Targeting System (ATS) creates and assigns
"risk assessments" to tens of millions of citizens as they
enter and leave the country. In November, DHS announced
that the program would launch on December 4, but Homeland
Security Secretary Michael Chertoff later admitted that the
program had already been in operation for several years.
"The news of this secret program sparked a nationwide
uproar. DHS needs to provide answers, and provide them
quickly, to the millions of law-abiding citizens who are
worried about this 'risk assessment' score that will follow
them throughout their lives," said EFF Senior Counsel David
Sobel.
Under ATS, individuals have no way to access information
about their "risk assessment" scores or to correct any
false information about them. But while you cannot see your
score, it will be made readily available to untold numbers
of federal, state, local, and foreign agencies. The
government will retain the data for 40 years.
While the publicly available information about ATS is
disturbing enough, there are many critical details the
government did not disclose. For example, DHS has not
announced what the consequences might be of a "risk
assessment" score that indicates an individual might be a
threat. EFF's suit demands an urgent and expedited response
to the Freedom of Information Act (FOIA) request filed
earlier this month, including all Privacy Impact
Assessments for the ATS, all records that describe redress
for individuals who believe the system includes inaccurate
information, and all records that discuss potential
consequences for travelers as a result of the system.
"ATS is precisely the sort of system that Congress sought
to prohibit with the Privacy Act of 1974," said Sobel. "DHS
needs to abide by the law and give Americans the
information they deserve about this dangerous program."
Congressional leaders have indicated that they are likely
to convene hearings on ATS when the new Congress convenes
in January. EFF's lawsuit cites that pending oversight as
an additional reason why DHS must release details about the
system on an expedited basis.
For the FOIA complaint filed against the Department of
Homeland Security:
http://www.eff.org/Privacy/ats/ats_complaint.pdf
For more on the ATS program and other travel screening
issues:
http://www.eff.org/privacy/travel/
For this release:
http://www.eff.org/news/archives/2006_12.php#005045
: . : . : . : . : . : . : . : . : . : . : . : . : . : . :
* Help EFF Investigate Invasive Travel Screening Program
The invasive Automated Targeting System (ATS) described
above was only recently revealed to the public, and EFF is
attempting to document the system's effect on law-abiding
individuals.
If you have experienced difficulties when entering or
leaving the United States, we'd like to hear from you. We
are particularly interested in hearing from folks who have
had repeated problems or have been told by government
agents that they are on a "list" or that there is some
unexplained "problem" that needs to be resolved. Please
share your story with us by writing to and
providing as much detail as possible. We will treat all
responses confidentially and may contact you to follow-up.
For more on ATS:
http://www.eff.org/privacy/travel
: . : . : . : . : . : . : . : . : . : . : . : . : . : . :
* Computer Security Expert Edward W. Felten Joins EFF Board
of Directors
Princeton Professor Behind Important E-voting Vulnerability
Research
San Francisco - The Electronic Frontier Foundation (EFF)
welcomes the newest member of its Board of Directors,
computer security expert Edward W. Felten. A professor of
Computer Science and Public Affairs at Princeton
University, Felten recently demonstrated the ability to
manipulate results on a Diebold electronic voting machine -
- showing that the equipment was extremely vulnerable to
"vote-stealing" attacks that would undermine the accuracy
of vote counts.
Felten's research interests include computer security and
privacy -- especially relating to media and consumer
products -- and technology law and policy. He has published
about 80 papers in the research literature and two books.
Felten was the lead computer science expert witness for the
Department of Justice in the Microsoft antitrust case. He
has also testified before the Senate Commerce Committee on
digital television technology and regulation and before the
House Administration Committee on electronic voting.
Felten is the founding Director of Princeton's Center for
Information Technology Policy, and his weblog, at freedom-
to-tinker.com, is widely regarded for its commentary on
technology, law, and policy. In 2004, Scientific American
magazine named Felten to its list of 50 worldwide science
and technology leaders.
"EFF confronts critically important issues on the cutting
edge of technology and freedom," said Felten. "My research
and EFF's work have often intersected over the years, and
I'm very pleased to take the next step and join the board
as we strive to keep the digital world innovative, free,
and secure."
In 2001, Felten and EFF sued the Recording Industry
Association of America and the Secure Digital Music
Initiative in a case challenging the constitutionality of
the Digital Millennium Copyright Act (DMCA). EFF honored
Felten with a Pioneer Award in 2005, which recognizes those
who have made outstanding contributions to the development
of computer-mediated communications and empower individuals
in using computers and the Internet. He had previously
served on EFF's advisory board.
"I have always been a huge fan of Ed's work, using his
technical expertise to expose weak and vulnerable
technologies to those of us more technically challenged,"
said EFF Executive Director Shari Steele. "I'm delighted to
have him join EFF's Board of Directors."
Other members of EFF's executive board include Brad
Templeton, John Perry Barlow, David Farber, John Gilmore,
Brewster Kahle, Joe Kraus, Lawrence Lessig, and Pamela
Samuelson.
For Professor Felten's website:
http://www.cs.princeton.edu/~felten/
For this release:
http://www.eff.org/news/archives/2006_12.php#005047
: . : . : . : . : . : . : . : . : . : . : . : . : . : . :
* Celebrate EFF's Sweet 16 on January 11!
All teenagers have big dreams for their sweet 16, and EFF's
no different: we want to throw the Best Party Ever, we want
a new car, and we want to secure your digital rights.
We're kidding about the car, but please do join EFF for a
birthday bash to celebrate 16 years fighting for your
rights. The party will be on January 11, 7-10 PM at 111
Minna Gallery in San Francisco. DJ Ripley and Kid Kameleon
will be keeping the dancefloor hopping all night long.
A $20 donation gets you in the door. No one will be turned
away for lack of funds, and all proceeds go toward our work
defending your digital freedom.
What:
EFF Sweet 16 Party
When:
January 11, 2007
7-10 PM
Where:
111 Minna Gallery
111 Minna Street
San Francisco, CA
94105
www.111minnagallery.com
Tel: (415) 974-1719
This fundraiser is open to the general public. 21+ only,
cash bar.
Please RSVP to events@eff.org
For DJ Ripley:
http://djripley.blogspot.com/
For Kid Kameleon:
http://www.kidkameleon.com/
: . : . : . : . : . : . : . : . : . : . : . : . : . : . :
* Visit EFF at Macworld, January 9-12!
EFF will be at the Macworld Conference & Expo in San
Francisco, California. We'll be in booth 3102, so please
stop by and grab some swag during exhibit hours -- we look
forward to seeing you!
For more about Macworld:
http://www.macworldexpo.com
: . : . : . : . : . : . : . : . : . : . : . : . : . : . :
* Akaka-Sununu Bill Corrects Many Bad Aspects of Real ID
Act
In 2005, Congress hastily passed legislation that rolled
back privacy rights and moved the country towards a
national ID system. The REAL ID Act states that drivers'
licenses will only be accepted for "federal purposes"--like
accessing planes, trains, national parks, and court houses--
if they conform to certain uniform standards. The law also
requires a vast national database linking all of the ID
records together. Estimated costs of $12 billion or more
will be passed on to the states and, ultimately, average
citizens in the form of increased DMV fees or taxes.
Thankfully, new bipartisan legislation could correct some
of REAL IDs many flaws and add critical privacy and civil
liberties safeguards. With the "Identification Security
Enhancement Act of 2006," Senators Daniel Akaka (D-HI) and
John Sununu (R-NH) would cancel most of the standardization
that might have led to a national ID card, call for more
flexible standards, require encryption of the data itself,
and prohibit the use of ID data by third parties.
For more information on the problems with the Real ID Act:
http://www.eff.org/Privacy/ID/RealID/
For this post:
http://www.eff.org/deeplinks/archives/005048.php
: . : . : . : . : . : . : . : . : . : . : . : . : . : . :
* State AGs Reach Settlement on Sony BMG Rootkit Debacle
Over a year since infecting CD purchasers' computers with
flawed copy protection software, Sony BMG has reached a
settlement with several state attorneys general (AGs) over
the rootkit debacle. We've reviewed the Texas settlement
agreement, which appears to be similar to agreements
reached in other states, and it looks like the AGs used
their investigatory and enforcement powers to obtain
important additional relief for consumers.
Among other things, the settlement requires Sony BMG to
compensate consumers whose computers were damaged by the
XCP or Media Max software and to continue providing the
settlement benefits obtained in the private litigation for
an additional six months (through June 30, 2007).
Equally important are Sony BMG's future obligations. If
Sony uses DRM on its CDs in the future, it will have to
provide detailed pre- and post-sale disclosures to
customers, provide an easy uninstaller, and notify
consumers if it finds security flaws in the software.
Well done, AGs!
The Texas agreement is available here:
http://www.oag.state.tx.us/newspubs/releases/2006/121406sony_afj.pdf
Background regarding the Sony BMG litigation is available
here:
http://www.eff.org/IP/DRM/Sony-BMG
For this post:
http://www.eff.org/deeplinks/archives/005046.php
: . : . : . : . : . : . : . : . : . : . : . : . : . : . :
* DRM Fading for Music: The Year in Review
Almost exactly one year ago, we predicted the beginning of
the end for DRM on digital music. Now EMI has announced the
release of the new Norah Jones single on Yahoo! Music in
DRM-free MP3 format (many will remember that Yahoo! has
been urging the major labels to give up DRM).
So let's pause to recap the year in music DRM's slow
demise, including:
* Rhapsody and Napster begin streaming to any browser;
* Major labels all give up on CD copy protection in US
market in the wake of the Sony-BMG rootkit debacle;
* Major labels abandon DRM-laden SACD and DVD-A
formats;
* Sony-BMG releases Jessica Simpson song in MP3;
* Disney's Hollywood Records releases Jesse McCartney
album as MP3s;
* EMI artist Lily Allen releases new track as MP3;
* EMI releases Norah Jones and Reliant K tracks as
MP3s;
* eMusic becomes the #2 online music store selling
nothing but MP3 files from independent labels.
Here's to more of the same in 2007. As we said in December
2005, "Once the DRM is gone, we can see what a real,
robust, competitive digital music marketplace looks like."
For this post and related links:
http://www.eff.org/deeplinks/archives/005039.php
: . : . : . : . : . : . : . : . : . : . : . : . : . : . :
* Nominate a Pioneer for EFF's 2007 Pioneer Awards!
EFF established the Pioneer Awards to recognize leaders on
the electronic frontier who are extending freedom and
innovation in the realm of information technology. This is
your opportunity to nominate a deserving individual or
group to receive a Pioneer Award for 2007.
The International Pioneer Awards nominations are open both
to individuals and organizations from any country.
Nominations are reviewed by a panel of judges chosen for
their knowledge of the technical, legal, and social issues
associated with information technology.
How to Nominate Someone for a 2007 Pioneer Award:
You may send as many nominations as you wish, but please
use one email per nomination. Please submit your entries
via email to pioneer@eff.org. We will accept nominations
until January 15, 2007.
Simply tell us:
1. The name of the nominee,
2. The phone number or email address or website by which
the nominee can be reached, and, most importantly,
3. Why you feel the nominee deserves the award.
Nominee Criteria:
There are no specific categories for the EFF Pioneer
Awards, but the following guidelines apply:
1. The nominees must have contributed substantially to the
health, growth, accessibility, or freedom of computer-based
communications.
2. To be valid, all nominations must contain your reason,
however brief, for nominating the individual or
organization and a means of contacting the nominee. In
addition, while anonymous nominations will be accepted,
ideally we'd like to contact the nominating parties in case
we need further information.
3. The contribution may be technical, social, economic, or
cultural.
4. Nominations may be of individuals, systems, or
organizations in the private or public sectors.
5. Nominations are open to all (other than current members
of EFF's staff and board or this year's award judges), and
you may nominate more than one recipient. You may also
nominate yourself or your organization.
6. Persons or representatives of organizations receiving an
EFF Pioneer Award will be invited to attend the ceremony at
EFF's expense.
More on the EFF Pioneer Awards:
http://www.eff.org/awards/pioneer/
: . : . : . : . : . : . : . : . : . : . : . : . : . : . :
* miniLinks
The week's noteworthy news, compressed.
~ Privacy Alert Network
Bill Scannell's new service alerts you to new privacy
issues and guides you to take action.
http://privacyalertnetwork.net/network.html
~ Has Australia Banned Linking?
No, says Kim Weatherall -- but an Australian Federal Court
has ruled that linking to an infringing file has a legal
risk.
http://weatherall.blogspot.com/2006_12_01_weatherall_archive.html#116650943490838832
~ Fighting for Private Email
The Warshack case, and why email should be as
constitutionally protected as snail mail.
http://www.startribune.com/789/story/884388.html
~ Questions Asked Over ATS
Edward Hasbrouck summarizes the concerns the EU, the Senate
and travelers have over the Automated Targeting System.
http://hasbrouck.org/blog/archives/001197.html
~ Bill Gates on the Future of DRM
"Huge problems" with DRM; he suggests people "should just
buy a CD and rip it."
http://www.techcrunch.com/2006/12/14/bill-gates-on-the-future-of-drm/
~ Data Mining Is No Good for Fighting Terrorism
The Cato Institute's Jim Harper and a chief scientist with
IBM's data-mining group explain why in this report.
http://www.cato.org/homepage_item.php?id=436
~ Generic Infringement Letters Case Dismissed
A 28-year old lawyer gets a case thrown out in the 9th
Circuit for cookie-cutter patent troll letters.
http://www.law.com/jsp/article.jsp?id=1166004320259
~ Labels Seek Lower Royalty Rate
The RIAA says music publishers and songwriters deserve
lower mechanical royalty rates.
http://www.hollywoodreporter.com/hr/search/article_display.jsp?vnu_content_id=1003466811
~ Judge Posner Speaks in Second Life
Judge Posner: "I'd like to hear from the raccoon."
http://williampatry.blogspot.com/2006/12/transcript-of-judge-posner-in-second.html
~ The Wonderful World of Disney
Interesting article about the life of Walt Disney and his knack for recognizing a
good story.
http://www.newyorker.com/fact/content/articles/061211fa_fact
~ Hollywood's Congressman to Head Key Committee
Howard Berman will head up Judiciary's Internet and IP
subcommittee in the House.
http://www.latimes.com/business/la-fi-berman11dec11,0,3985003.story?track=tothtml
: . : . : . : . : . : . : . : . : . : . : . : . : . : . :
* Staff Calendar
For a complete listing of EFF speaking engagements (with
locations and times), please visit the full calendar: <
http://www.eff.org/calendar/
December 29 - Seth Schoen speaking at the 23rd Chaos
Computer Conference, 8:30 PM - 9:30 PM, in Berlin, Germany:
http://events.ccc.de/congress/2006/Home
: . : . : . : . : . : . : . : . : . : . : . : . : . : . :
* Administrivia
EFFector is published by:
The Electronic Frontier Foundation
454 Shotwell Street
San Francisco CA 94110-1914 USA
+1 415 436 9333 (voice)
+1 415 436 9993 (fax)
http://www.eff.org/
Editor:
Derek Slater, Activist
derek@eff.org
Membership & donation queries:
membership@eff.org
General EFF, legal, policy, or online resources queries:
information@eff.org
Reproduction of this publication in electronic media is
encouraged. Signed articles do not necessarily represent
the views of EFF. To reproduce signed articles
individually, please contact the authors for their express
permission.
Press releases and EFF announcements & articles may be
reproduced individually at will.
Current and back issues of EFFector are available via the
Web at:
http://www.eff.org/effector/
This newsletter is printed on 100% recycled electrons.
