It ended not with a bang, but a whimper. Thanks to a strategy of strategic amelioration of rules whenever they looked about to be struck down, combined with judicious promises not to prosecute people who were otherwise covered by the letter of the law, the US government has dodged the whole hail of bullets that was the Bernstein cryptography case. The proceedings produced a great opinion — Bernstein v. U.S. Dept. of Justice, 176 F.3d 1132 (9th Cir. 1999), but it was withdrawn, Bernstein v. U.S. Dept. of Justice, 192 F.3d 1308 (9th Cir. 1999) pending an en banc hearing that never happened. Then it was remanded.
Now comes news that, the Bernstein Cryptography Case Is Dismissed.
Chicago, 15 October 2003 - The longest-running court case against the government’s encryption regulations has come to an end, for now.The regulations were challenged by Daniel J. Bernstein, a professor of mathematics, statistics, and computer science at the University of Illinois at Chicago. Bernstein filed his lawsuit in February 1995 and won four court decisions against the constitutionality of the government’s previous regulations.
In an October 2002 court hearing on the current encryption regulations, Department of Justice attorney Tony Coppolino told the court that the government would not enforce several portions of the regulations.
“I can assure you that the regulatory authority does not want [researchers who are collaborating at conferences] sending us an e-mail every time they change something in an algorithm,” Coppolino told the court. Coppolino also said that commmercial book publishers and assembly-language publishers did not need to obtain licenses.
As observers predicted after the hearing, Chief Judge Marilyn Hall Patel of the United States District Court for the Northern District of California relied on the government’s promises and dismissed Bernstein’s case without deciding the constitutionality of the current regulations.“If and when there is a concrete threat of enforcement against Bernstein for a specific activity, Bernstein may return for judicial resolution of that dispute,” Patel wrote, after citing Coppolino’s “repeated assurances that Bernstein is not prohibited from engaging in his activities.”
“I hope the government sticks to its promises and leaves me alone,” Bernstein said in a statement today acknowledging Patel’s decision. “But if they change their mind and start harassing Internet-security researchers, I’ll be back.”
As noted in this message to Dave Farber’s list, the net result of dismissing the Bernstein case is that the leading case on cryptography rights is the 6th circuit decision in Junger v. Daley, 209 F.3d 481 (6th Cir. 2000) — a case brought by Peter D. Junger, a law professor. That case holds,
Because computer source code is an expressive means for the exchange of information and ideas about computer programming, we hold that it is protected by the First Amendment.
I’ve written a fair amount about the regulation of cryptography, but I’ll confess that I was dubious about Junger’s decision to press the case. The complaint felt too much like a put-up job. I thought one could teach a law course just fine without the source code. It didn’t feel strong as compared to a complaint by a mathematician like Bernstein who clearly had an interest in teaching and publishing his thesis. I was wrong. Junger was right, and he’s more than entitled to the slight note of vindication in his posting.
Mozilla.org released Mozilla 1.5 and the faster, newer, not-quite-yet-better Mozilla Firebird 0.7 today. I’ve been using Moz 1.5 betas and I like them enormously, except that they are a little slow in closing down windows. Firebird’s earlier versions show enormous promise, but so far I’m not ready to make the switch. Although, since Moz 1.5 is said to be the last version of the integrated suite, I expect I’ll be switching to Firebird as it gets close to 1.0.
Because my weather report in the left column is not customized for every user, I feel pretty confident that it’s not covered by the latest over-the-top Microsoft patent. So, the scare headline over at Slashdot: Microsoft patents your local weather report, is slightly exaggerated—but only slighlty. This does seem like a radically over-broad patent. There must surely be tons of prior art on per-user customization using state information
Assuming that there is prior art on the use of user-set state info in a network (and UIDs?), I’ll venture a guess that the patent isn’t saved by narrowing its subject matter to applications with “topical groupings of customization options [that] relate to one or more of: news, sports, financial matters, entertainment, science and technology, life, and weather” if only on the grounds of obviousness. But I should say that I’m emphatically not a patent lawyer….
Note that the ICANNWatch site which I co-edit runs on the Slash:http://slashcode.com/ engine and does allow per-user customization of which RSS feeds you’d like to read. So it’s probably at risk in the unlikely event this patent were (a) valid and (b) asserted against it…
On March 1, 2003, the Immigration and Naturalization Service became part of the U.S. Department of Homeland Security and its functions were divided into various bureaus of that department. There’s the Bureau of Citizenship and Immigration Services. Services mind you. And there’s the U.S. Immigration and Customs Enforcement (ICE). But underneath the new coat of paint, it’s still the same loathsome and arbitrary bureaucracy. Read those two links and gnash your teeth.
Or maybe (here’s a horrible thought), now that it’s got that Homeland Security vibe, it’s getting worse.
To be the nation’s preeminent law enforcement agency, dedicated to detecting vulnerabilities and preventing violations that threaten national security. Established to combat the criminal and national security threats emergent in a post 9/11 environment, ICE combines a new investigative approach with new resources to provide unparalleled investigation, interdiction, and security services to the public and to our law enforcement partners in the federal and local sectors.ICE Core Values
Integrity
We will adhere to the highest standards of honesty and conduct.
Courage
We will be accountable for our actions; we will do the right thing even when it is not the easy thing; and we will always fulfill our duties with courage.
Excellence
We will strive for excellence in all things, aspiring to the highest standards of performance, professionalism, and leadership.
Yah, right.
Here’s a particularly nice, illustrated, explanation of how a typical identity theft scam works. It starts with a fairly convincing looking email “from” e-bay, that directs you to a website that looks legit…but isn’t. It harvests your data, and your life is never the same again.
I’m adding disLEXia: cybercrime/-security sightings to my monitoring list.