Anonymity can be a very useful thing. Iranian dissidents use anonymity preserving systems in order to browse the web without suffering under the watchful eye of the state security apparatus. Likewise, FBI agents investigating child pornographers browse the Web using systems like Tor, so that the bad guys don't see a fbi.gov address in the web server access logs.
Bloggers, whistleblowers, and our founding fathers all made use of anonymity in order to freely speak unpopular or dangerous information.
While anonymity is arguably as American as apple pie, that hasn't stopped Apple Corp. from continuing its war against all things anonymous.
In 2004, AppleInsider, a Mac rumor blog, published (presumably leaked) information about a forthcoming Apple product. The company went to court in order to try and force the blog to reveal their anonymous sources. AppleInsider turned to the Electronic Frontier Foundation, who successfully convinced the court to apply California's journalist shield law to bloggers. The court eventually forced Apple to pay the EFF a cool $700,000 in legal fees.
Apple still hates anonymity
Even after that rather expensive lesson, it seems that Apple still has no love for those who seek anonymity.
In a recent filing with the copyright office, Apple has argued that consumers who wish to jailbreak their mobile phones and change the device's unique serial number must be drug dealers or other criminals.
[E]ach iPhone contains a unique Exclusive Chip Identification (ECID) number that identifies the phone to the cell tower. With access to the BBP via jailbreaking, hackers may be able to change the ECID, which in turn can enable phone calls to be made anonymously (this would be desirable to drug dealers, for example) or charges for the calls to be avoided.
Remember that the only way a US consumer can legitimately use an iPhone (at least in Apple's eyes) is to sign up for service with AT&T: A company that willingly (and illegally) violated the privacy of millions of Americans by allowing the US National Security Agency to spy on their calls, text messages, emails and web browsing activity.
To therefore argue that drug dealers are the main beneficiaries of iPhone anonymity is a pretty disgraceful lie. David Hayes, Apple's bigshot IP lawyer at Fenwick and West who wrote this letter should be ashamed of himself.
There is a semi-decent chance that I will be either employed or engaged in consulting work half-time starting in September, which could make it difficult for me to blog (particularly given the style and tone that I tend to use). Thus, I want to take this opportunity now, while I still have the freedom to fully express my thoughts, to reflect on this process, and thank the many who assisted me.
First, I originally had the idea for the exemption request in May or so of last year. In the process of writing a law paper on the hacking of subsidized electronic goods by consumers, I spent a lot of time studying the cell-phone unlocking exemption that Jennifer Granick had won back in 2006. I think it would be fair to say I was inspired by her actions.
The DMCA process is one of the few ways through which an individual can actually make a difference to impact federal cyber law and copyright policy. It doesn't matter how many former Senate staffers you have working for your cause, nor are donations to PACs a necessary requirement for access. As someone with both a desire to make a difference, and a lack of money/access, the appeal was clear.
Writing up the request
My exemption submission simply wouldn't have been possible without the assistance of a skilled legal team, lead by Phil Malone at the Harvard cyberlaw clinic. While lay-persons do submit requests every year, they are never taken seriously (and when you read some of them, you understand why). The process is fairly straight-forward, but still requires some knowledge of the specifics of the DMCA.
I had the idea for both the consumer and researcher exemptions, and probably provided around 50-60% of the text in the original exemption request comment and in our reply letter. After reading Slashdot every day for the past 14 years, it was easy for me to dig up citations to all the past instances of failed media stores, a task which would have taken a clinical intern significanly more time.
I gather that most clinical clients do not participate as much, nor directly contribute as much to the final work product. However, since I know the DMCA fairly well, and knew the specifics of situation which we were examining, I think my participation helped quite a bit. Plus, it is (for a copyright policy geek) quite a fun activity.
However -- my participation alone was not enough. Phil Malone and Arjun Mehra turned my rantings of repeated industry abuse and a plea for relief into a compelling legal document. To be clear -- while I strongly encourage technologists and copyright activists to get involved with the DMCA exemption process, you really are wasting your time without the assistance of tech-savvy lawyers.
Arguing for the exemptions in DC
Before going to DC in May to argue in-person for my exemption requests, I went to a Federal Trade Commission town-hall focused on DRM. This event was something of a trial run, with many of the same characters who would later show up in DC.
The industry folks who argued on behalf of DRM at that event, were frankly, clueless shills masquerading as experts, and as such, they seemed to do a good enough job revealing their ignorance that I didn't need to do much to help.
As one copyright expert tried to warn me ahead of time, most of the people at the FTC town hall were on the "B-team", while the industry would make sure to send the "A-team" to the DMCA exemption hearing.
Unfortunately, I didn't really listen to him, and so when I did go to Washington to argue for my exemptions before the Copyright Office, I was a tad bit over-confident.
An important note for future copyright geeks: If you are considering asking for a DMCA exemption, and end up arguing for it in person, do not under-estimate Steve Metalitz, the industry's main attack dog on DMCA related issues. He is very good, and very quick on his feet. Unless you are a seasoned lawyer, do not allow him to drag you into the weeds in a discussion of the specifics of copyright law -- stick to issues of consumer harm and industry abuse.
The hearing itself was thrilling, exciting, and sort of like a court room -- with a panel of judges (well, copyright office lawyers) on a podium at the front of the room, and with the "good guys" (me) and the "bad guys" (Metalitz and someone from Time Warner) at two tables, seperated by an aisle.
My only real regret from the hearing was not having a hot-shot lawyer sit next to me, who I could defer to on legal related questions. It wasn't until the hearing was over that I looked back, and saw that both Wendy Seltzer and Fred von Lohmann had snuck into the hearing after it started, and had thus been watching it from the back row.
While I handled things pretty well, on questions relating to the specifics of section 1201, I wasn't as strong. Luckily, the Copyright Office attorneys didn't really hammer me with legal questions, and focused the questions on topics that I could actually provide expert testimony.
A word on timing and legal clinics
A DMCA exemption is a perfect, small, self-contained project for Law School legal clinics. Exemption requests are due in the fall, optional reply comments are due in the spring, the hearings are in the late spring, and then question reply comments are due over the summer. The entire process, from start to finish, is over in less than 9 months. Furthermore, it is something that can be done by a single (supervised) clinical intern.
As a result, it is not terribly surprising that university law clinics are now playing an increasingly prominent role in the DMCA exemption process.
Unfortunately, it does not appear that the copyright office realizes the role that these clinics play (and the students who provide the manpower). As a result, the DMCA exemption hearings were scheduled for May 1 at Stanford, and May 6,7, 8 in Washington DC. For those of you not (or no longer) in academia -- this is right before, or during the middle of final exams for many law students.
Had the copyright office scheduled the hearings two or three weeks earlier, they would have made the lives of the clinical students much easier. I know from my own experience that it was very difficult to get much in the way of time as I tried to prepare for the hearings from Arjun Mehra (my clinical student) and Phil Malone (who teaches classes in addition to his role running the clinic, and thus had class projects and term papers to grade).
Likewise, sending out questions during the middle of the summer, when the clinical students are off working internships is not particularly helpful. Luckily, Berkman has a few fantastic students who are interning at our cyberlaw clinic for the summer. As a result, I was able to get the help of another fantastic clinical student, Rachel Gozhansky, who helped in drafting our reply to the Copyright Office's questions.
I am not sure if the two other clinics were able to gather the student summer labor necessary in order to work on the responses to the copyright office's questions.
Given the increasingly important role that law school clinics are playing in the DMCA process, I hope that the Copyright Office will consider the realities of the academic calendar for future DMCA exemption rulemakings.
Tomorrow (Friday) at 5PM EST, we must submit our reply to the Copyright Office's questions regarding our request for two exemptions to the Digital Millennium Copyright Act.
Over the past week, we have worked feverishly to prepare the following draft, which I now feel is in pretty good shape.
Summary: Create a funny or interesting mashup of some of the FTC DRM town hall testimony. The creators of the best videos (judged by me) will have money ($100, $50 and $25) donated to the Electronic Frontier Foundation in their name. What are you waiting for?
Harvard Law Professor Charlie Nesson has been fighting to get the Tenenbaum v. RIAA trial streamed on the Internet. In its argument against this request, the RIAA has claimed that:
"[The video footage] will be readily subject to editing and manipulation by any reasonably tech-savvy individual. Even without improper modification, statements may be taken out of context, spliced together with other statements and broadcast (sic) rebroadcast as if it were an accurate transcript. Such an outcome can only do damage to Petitioner's case."
The idea of Internet users remixing the RIAA lawyers' words into subversive and biting political satire sounds like a great idea. So, why don't we see if we can do the same thing with some of the rather extreme positions expressed at the recent FTC DRM town hall meeting.
The Speakers
As some of you may have heard, the US Federal Trade Commission recently held a town hall meeting to discuss issues related to Digital Rights Management technology. While the talks went on for an entire day, the most interesting (and heated) discussions happened at the "DRM in Action" panel, in which I participated. Also there were Prof. J. Alex Halderman of the University of Michigan, Rashmi Rangnath, a staff attorney at Public Knowledge, Debbie Rose, an intellectual property fellow for the Association for Competitive Technology (ACT), and Patrick Ross, co-founder and Executive Director of the Copyright Alliance.
The FTC taped the entire session, and has made it available via online streaming video. To make things a little bit more viral video-friendly, I've downloaded the entire session, cut it up into smaller videos for each speaker, and uploaded them to Vimeo. Since the videos were recorded and made available by the FTC, they are (I believe) in the public domain, and thus this re-distribution should be kosher.
While all of the speakers were interesting, it was Debbie Rose whose testimony blew my mind. Before she went to work for ACT, Debbie worked as as a Counsel for the House Subcommittee on Courts, the Internet & Intellectual Property, and played a major role in drafting the Digital Millennium Copyright Act.
The DMCA is of course the very same law that is a perpetual thorn in the side of many researchers and innovators.
I've included a few of Debbie Rose's choice moments before on the DRM panel here. They're less than a minute each, and will be sure to cause a strong reaction (laughter, tears, or perhaps a simple WTF???).
The Contest
I have uploaded all of the videos to Vimeo for your viewing/viral embedding pleasure (see below). If you're interested in downloading the videos in a format that is more mashup friendly, a 200Mb .zip can be downloaded here.
The contest works as follows. People of the Internet are free to download these videos, edit the footage, and mash them up with anything else (remember your fair use rights). Upload the resulting videos/songs to the video/media/whatever sharing site of your choice, and then write a comment to this blog post with a link to your entry. To make things easier, if the content site offers tagging functionality, please tag your entry with "ftc drm mashup".
On June 1, 2009, the contest will end. In the days that follow, I will judge the entries, and pick the three that I find to be the most awesome (factors include the level of humor, creativity and impact). I will donate $100 to the Electronic Frontier Foundation in the name of the 1st place winner, $50 in the name of the 2nd place winner, $25 in the name of the third place winner, and then $1 each in the names of the next 23 best entrants. If I don't get any/enough submissions, I will still donate $200 to the EFF.
If you really want your name to be associated with my $200 donation, but you don't want to make a mashup... leave a comment in this blog post, and I'll include it anyway.
There are some absolute gems amongst the videos, and you are by no means restricted to using the videos of Debbie Rose's (I just happen to think they're the funniest, and so I've highlighted them).
Small Print
This contest/activity is not affiliated with or sponsored by the Electronic Frontier Foundation. I just happen to think that they are awesome.
Likewise, this is not something I am doing with the consent/approval of my employers at the Berkman Center -- this is being done in my own time, wearing my own hat. If for some reason someone dislikes what I've done and decides to lawyer-up, please send the cease and desist letter directly to me, and not to the Berkman folks.
I am not making any money out of this contest and the the $200 is coming out of my pocket. This is simply an activism related activity.
Finally, I am not a lawyer, and nothing in this blog post should be read as legal advice.
The Videos
This video contains just the footage of Debbie during the longer back-and-forth discussion which the next video shows in full.
I like the idea of having an open wifi access point in my house. It makes me feel warm and fuzzy to know that people can use my excess bandwidth - something I've paid for, but am not really using.
However, there are a few major problems with simply leaving your access point unlocked.
1. Security - Anyone sitting outside your house instantly has a way of bypassing your firewall and getting access to your local network. This makes it much easier for you to get hacked.
2. Privacy - Anyone sitting outside your house can sniff your wifi network, and see the packets flying back and forth between your laptop in the living room, and the access point. Given that not all internet traffic is encrypted, this is a bad bad thing (do you really want someone to know which google queries you're submitting)?
3. Network Speed - While you may be happy to let your excess bandwidth get used by the folks next door - do you really want those dirty hippy freeloaders to get priority on your network, or at the least, do you want to have to compete with their downloads?
Which is why I now have 2 wifi routers.
I have a Buffalo 54G router which runs dd-wrt, a neato linux based customizable router, which runs an encrypted wifi network - this is the network that my own laptop and various wireless devices connect to. This device runs as the main router for the house, does all traffic shaping, firewalling, etc.
I have another el-cheapo wifi router plugged into the buffalo. This no-name router is left open, unlocked, and advertises itself as "Anarchy Free Wireless".
The linux-wifi router allows me to set a virtual vlan, so that the el-cheapo router doesn't get to see my internal network. Traffic from the no-name router is sent directly to the Internet connection. Do not pass go, do not collect 200 dollars.
On top of all of this, I have Quality of Service set on the linux router, so that the freeloaders across the street get the dregs of my Internet connection. Whatever I have left over, they can use - but if I need it, I get priority. This is exactly how it should be.
There were a few reasons I wanted to set this up - at the least, I shouldn't have to reveal my wifi password to friends that come over for a cup of coffee. Just because you want to check your email from my living room, it doesn't mean you should be able to later port-scan my home network from the comfort of your car.
But best of all - I now have quasi plausible deniability. For sure, this hasn't been proven in court yet, but it at least puts me on better ground than if my network were locked. If the G-Men ever show up at my house again (assuming it's for something that I didn't actually attach my name to, unlike last time), I can quite reasonably claim that it wasn't me, and that it must have been one of the hippy art students across the street.
Plus, in theory, I might be able to qualify as a common carrier under the DMCA. Given that I don't keep any logs at all on my wifi routers, I have absolutely no way of knowing who is using my open network - and just like a Tor exit node, I may be able to ignore DMCA threats - or at least explain that it wasn't me, and that I don't know who it was.
