EFFector Online Newsletter

EFFector       Vol. 15, No. 23       August 3, 2002     ren@eff.org

A Publication of the Electronic Frontier Foundation     ISSN 1062-9424

In the 223rd Issue of EFFector:

For more information on EFF activities & alerts: http://www.eff.org/

To join EFF or make an additional donation:
  http://www.eff.org/support/
EFF is a member-supported nonprofit. Please sign up as a member today!


Electronic Frontier Foundation Action Alert

(Issued: August 2, 2002)

Representative Howard Berman has introduced legislation that would grant copyright holders near-immunity from the law while attacking a citizen's computer. The bill protects copyright holders from legal action stemming from denial-of-service attacks on people whom they suspect of using material in an unauthorized way on a peer-to-peer (P2P) network. In a ridiculously vague caveat, Berman's bill graciously says that the availability of your other files may not be impaired unless "reasonably necessary."

Exempting a single industry from civil and criminal penalties is unprecedented. This kind of vigilantism is explicitly prohibited by law; Rep. Berman wants to make sure that the law doesn't apply to copyright holders. Don't let him get away with it!

Your voice makes a difference! Tell Congress that this legislation is ridiculous; here's what you can do:

- end -

Back to table of contents


Director Successful in Challenge to ICANN's Obstruction

Electronic Frontier Foundation Media Release

For Immediate Release: Saturday, August 3, 2002

Los Angeles - Internet Corporation for Assigned Names and Numbers (ICANN) Director Karl Auerbach recently prevailed in his lawsuit against ICANN, gaining access to records management had improperly withheld for more than 18 months. Rejecting ICANN's claim that it could impose vague and broad restrictions on Auerbach's access, Judge Dzintra Janavs ordered ICANN to provide the records within a week.

"I'm pleased that I will finally be able to do what I was elected to do - to oversee ICANN's activities," said Auerbach, who the Electronic Frontier Foundation (EFF) represented.

Auerbach began asking for corporate records in November 2000, shortly after he was voted as the North American Elected Director of ICANN. After ICANN management delayed for nine months, it granted Auerbach conditional access to corporate records if he signed a "policy" -- which the Board of Directors had not ratified -- that placed his ability to access and copy the records at ICANN's sole discretion.

"California law is clear that directors must oversee the operations of a non-profit corporation," explained Auerbach's lead attorney, James Tyre. "We are pleased the judge recognized that ICANN was essentially trying to deny Mr. Auerbach his rightful access under the law."

The court's tentative ruling stated that ICANN's inspection procedures "unreasonably restrict directors' access to corporate records and deprive directors of inspection rights afforded them by law."

"Auerbach's intent to reform ICANN is not a legitimate basis for limiting his role as director," said EFF Legal Director Cindy Cohn. "Today's headlines exposing rampant corporate fraud demonstrate the need for careful oversight by directors."

For this release:

http://www.eff.org/Cases/Auerbach_v_ICANN/20020729_eff_icann_pr.html

For the court's ruling:
http://www.eff.org/Cases/Auerbach_v_ICANN/20020729_superior_court_ruling.html

Documents related to the Auerbach v. ICANN case:
http://www.eff.org/Cases/Auerbach_v_ICANN/

- end -

Back to table of contents

On July 25, 2002, Representative Howard Berman (D-Cal.) introduced a bill in the House of Representatives that would give copyright owners the right to violate the law in their efforts to stop the unauthorized circulation of their works on peer-to-peer networks. EFF opposes the bill as drastically misguided and overbroad.

The EFF agrees with Rep. Berman that, like the rest of us, copyright owners are entitled, within the bounds of the law, to use technological self-help measures to protect their assets. No legislation is necessary for that. What the Berman P2P Bill does is permit copyright owners to go further and violate the law. This unprecedented power has never been granted even to law enforcement, much less to a single industry.

The proposed law amounts to government-sanctioned vigilantism -- copyright owners are given the power to ignore the law in pursuit of those that they decide are guilty. There is no warrant requirement, no trial, no prior notice to the targets, no due process, and very little recourse for innocent bystanders caught in the cross-fire.

While the bill attempts to put some limits on this vigilante right, the limitations are a poor substitute for the thousands of laws that it sweeps aside. The Berman P2P Bill is not a sensible solution to the digital copyright dilemma. If passed, it will result in anarchy on the Internet and will harm innocent bystanders.

The Bill's Provisions

Rep. Berman claims that his proposal is narrowly tailored and intended to give copyright owners relief from "anti-hacking" laws as they try to stop copyright infringement on P2P networks. The actual language of the proposal tells a different story.

The Berman P2P Bill grants copyright owners and their agents the right to break any law, state or federal, civil or criminal, in the course of "disabling, interfering with, blocking, diverting, or otherwise impairing" the availability of his or her copyrighted works on a public peer-to-peer (P2P) file trading network. This power may be used to stop any unauthorized P2P activity, even if the activity does not violate copyright laws. This unprecedented power is limited by only 5 conditions:

*the attacker may not "alter, delete, or otherwise impair the integrity of any computer file or data" on the targeted computer (in other words, the bill authorizes only "denial of service" (DoS) and other attacks against the availability of files, rather than attacks that damage files and data);

*the attacker must not impair the availability of files on a targeted computer other than the works that the attacker owns, except as "reasonably necessary";

*the attacker may not cause "economic loss" (but is free to cause any other kind of loss) to any person other than the targeted file trader;

*the attacker may not cause "economic loss of more than $50 per impairment" to the targeted file trader; and

*the attacker must notify the Attorney General seven days before deploying the "impairment technology" for the first time, but need not notify a targeted person before launching an attack.

Innocent Bystanders Caught in the Cross-Fire

So long as the copyright owner and its agents stay within these vague limits, they are completely immune from liability under any and all laws.

So, for example, if you use a cable modem, you might end up as collateral damage in the copyright wars. Most cable modem users are on a shared connection with their neighbors. So if the RIAA launches a denial of service (DoS) attack on the teenager next door, it may also impair your access to the Internet. Even the police would be powerless to stop the RIAA's attack, unless you can show that you suffered "economic loss" or that the RIAA attack went beyond what was "reasonably necessary."

ISPs, network administrators, and Internet users generally will also suffer under the Berman P2P Bill, as the Internet is flooded with an ever-changing hailstorm of legally encouraged "attacks." The vigilante right created by this bill would extend to any copyright owner. Accordingly, every hacker who happened to be an photographer, musician, software vendor or author would be entitled to deploy his or her own homebrew "impairment technology" seven days after posting a note to the Attorney General.

As with most efforts to substitute vigilantism for the rule of law, this is a recipe for anarchy.

Conclusion

EFF opposes the Berman Bill, and encourages all Internet users to contact their Representatives and Senators to express their own opposition to the measure.

http://www.eff.org/IP/P2P/20020802_eff_berman_p2p_bill.html

- end -

Back to table of contents


On July 15, 2002, the House of Representative passed the Cyber Security Enhancement Act in a vote of 385 to 3. The bill makes several important changes to current law. For instance, the bill:

For a detailed analysis of these and other provisions of the CSEA, please visit:

http://www.eff.org/Privacy/Surveillance/20020802_eff_csea_analysis.html

- end -

Back to table of contents


EFFector is published by:

The Electronic Frontier Foundation
454 Shotwell Street
San Francisco CA 94110-1914 USA
+1 415 436 9333 (voice)
+1 415 436 9993 (fax)
  http://www.eff.org/

Editor:
Ren Bucholz, Activist
  ren@eff.org

To Join EFF online, or make an additional donation, go to:
  http://www.eff.org/support/

Membership & donation queries: membership@eff.org
General EFF, legal, policy or online resources queries: ask@eff.org

Reproduction of this publication in electronic media is encouraged. Signed articles do not necessarily represent the views of EFF. To reproduce signed articles individually, please contact the authors for their express permission. Press releases and EFF announcements & articles may be reproduced individually at will.

To change your address, plese visit http://action.eff.org/subscribe/. From there, you can update all your information. If you have already subscribed to the EFF Action Center, please visit http://action.eff.org/action/login.asp.

To unsubscribe from the EFFector mailing list, send an email to with the word "Remove" in the subject.

(Please ask ren@eff.org to manually remove you from the list if this does not work for you for some reason.)

Back issues are available at:
  http://www.eff.org/effector

To get the latest issue, send any message to effector-reflector@eff.org (or er@eff.org), and it will be mailed to you automatically. You can also get it via the Web at:
  http://www.eff.org/effector/current.html

Back to table of contents

Return to EFFector Newsletters Index


[*]   EFF Welcome Page

Please send any questions or comments to webmaster@eff.org