I had originally agreed to write one piece — Identity Cards and Identity Romanticism — and then the book’s editor, the incomparably wonderful Ian Kerr, asked me to write a survey of US law on anonymity. I thought it would be do-able, and I very much wanted to repay Ian for all his many kindnesses over the years.

But it wasn’t easy. The problem wasn’t so much that the US law in the area is chaotic, I’m used to that. Nor was it mainly that (after I’d agreed) they sent me an outline of the topic they hoped I would cover, a list which went well outside my comfort zone into areas like criminal procedure and juries, because I’m up for learning new things. No, the problem was the @#$@# word limit. I had to compress everything into tiny little spaces. I hated doing that. I found it excruciating, in fact. And it results in generalizations which while not, I hope, erroneous are on occasion not as precise as I’d ideally like.

Anonymity and the Law in the United States

This book chapter for “Lessons from the Identity Trail: Anonymity, Privacy and Identity in a Networked Society” (New York: Oxford University Press, 2009) — a forthcoming comparative examination of approaches to the regulation of anonymity edited by Ian Kerr — surveys the patchwork of U.S. laws regulating anonymity and concludes the overall U.S. policy towards anonymity remains primarily situational, largely reactive, and slowly evolving.

Anonymous speech, particularly on political or religious matters, enjoys a privileged position under the U.S. Constitution. Regulation of anonymous speech requires a particularly strong justification to survive judicial review but no form of speech is completely immune from regulation. Anonymity is presumptively disfavored for witnesses, defendants, and jurors during criminal trials; the regulation of anonymity in civil cases is more complex. Plaintiffs demonstrating sufficiently good cause may proceed anonymously; conversely, defendants with legitimate reasons may be able to shield their identities from discovery.

Despite growing public concern about privacy issues, the United States federal government has developed a number of post 9/11 initiatives designed to limit the scope of anonymous behavior and communication. Even so, the background norm that the government should not be able to compel individuals to reveal their identity without real cause retains force. On the other hand, legislatures and regulators seem reluctant to intervene to protect privacy, much less anonymity, from what are seen as market forces. Although the law imposes few if any legal obstacles to the domestic use of privacy-enhancing technology such as encryption it also requires little more than truth in advertising for most privacy destroying technologies.

I do think there’s some value to a survey like this, especially in a collection where it will appear right next to similar surveys from lawyers in other countries. So I’m not sorry to have done it. But it’s a little more of a laundry list than my usual work.

This is the suit that motivated the immunity provisions of the FISA amendments. But they were drafted in a very very odd way that leaves some substantial daylight for challenges. And the great lawyers at EFF have done a first-rate job of running for daylight.

[Disclosure: In addition to serving on EFF’s Advisory Board, I had a minor role in assisting the EFF legal team on one of the issues.]

Could I have been seriously mistaken? The evidence is pretty damning: President Bush has just nominated him to be on the Privacy and Civil Liberties Oversight Board.

There are, fortunately, three other possibilities.

First, the Privacy and Civil Liberties Oversight Board could have had all of its jurisdiction taken away, so this is a meaningless appointment. (Indeed, for a long time the Bush administration made sure that it never met.) But surely that’s not it: the Board actually has more heft than it used to, thanks to amendments in H.R. 1 passed last year.

Second, the appointment could be a lame duck’s petard planted under the next administration: ‘Take that Obama! Not only will we burrow into the senior ranks of the bureaucracy, but we’ll stack the independent oversight board with people who’ll give you tsursis! Heh heh heh.’ After all, the appointment won’t take effect until the Senate acts, and it lasts for five years. That means basically none of anything Dempsey does while on Board will be on Bush’s watch.

Or, maybe, it’s one of these:

The topic was the strange — and to my mind wrongly decided — decision ordering massive disclosure of user YouTube video-viewing records in Viacom v. Google. For a very good explanation of most of the problems with the decision see EFF’s Kurt Opsahl’s discussion at Court Ruling Will Expose Viewing Habits of YouTube Users.

Based on the cursory discussion in the decision, I don’t think the Judge read the Video Privacy Protection Act (aka “the Bork Bill”) right.

The decision is, if anything, worse than Opsahl says, in that the court also orders disclosure of information relating to “private” videos — videos marked for limited distribution — including the title and information about who uploaded them. While it may be the case that some of these videos are trying to share copyright protected materials under the radar, it is undoubtedly the case that many of these videos are (1) truly private and of very limited distribution and (2) the author would be identifiable from the associated information ordered to be disclosed. (The order also is opaque as to what sort of precautions if any Viacom would be required to take to prevent leakage of this data.)

There are some procedural obstacles to getting an immediate interlocutory appeal of this decision, but assuming they can be surmounted I think there’s a strong chance of reversal before the 2nd Circuit.

This is only one of the first in what is sure to be a long series of fishing expeditions in the increasingly elaborate databases being created about our online behavior. It will get worse once our ISPs start tracking our every move in order, they will say, to better advertise to us. Video viewing records have the peculiar advantage of being protected by an unusually powerful statute, the so-called ‘Bork Bill’. Many other records won’t have that (although some will have ECPA), and that is an issue which needs urgent attention.

I would like to thank Michael for inviting me to be a guest. It is an honor. His kind, generous and ridiculously positive introduction is much appreciated. It might have set expectations that will leave most readers surprised, disappointed, even disgusted with my posts. But this will not stop me.

True to this prediction, I will start with a confession. I am Belgian. (1) But do not worry. None of my posts will be about Belgium (except this one, too late now).

Most people think Belgium is pretty insignificant. The Daily show expressed this sentiment in a couple of episodes where John Stewart suddenly screamed that he “hates” Belgium.(2) The irony being that it is absurd to hate Belgium. Why would anyone hate something so small and harmless? (mind you, this is a cunning tactic that has been very effective for us)

To Belgium’s defense, a quick note on one of Belgium’s many wonderful accomplishments [drums rolling]: the Belgian identity card. This prestigious, much lauded project was introduced a few years ago (notice the Microsoft connection).

In fact, I was about to use my very own “electronic-Belgian-ID-card” to file Belgian taxes on line the other day. But I changed my mind upon discovering that I need to buy a card reader for my pc (or wait for a 24 code card to be mailed by snail mail). Also, recollection of the security and privacy issues did not help either. Yesterday, a new report was presented at the e-Identity conference in the Hague further detailing the huge security issues involved. Hey, at least its better for our government to fail than not to try at all. Or is it? Solutions for the card are in the works. So are the invoices by the various e-security companies. This brings me back to filing my taxes.

More about Belgium, European soccer, copyright law & the music industry, taxes and laments on the strong euro in future post.

(1) note by author: country still exists until further notice, June 13 2008.
(2) a link to the clip would of course be more effective but could not locate it on the Web

Don’t have time to post about this except to say that this is potentially a really big deal both for location privacy and for the use of routine pen-register orders to get much more than a phone number — if the FBI has really been doing this stuff.

This article describes important questions. We need the answers.

Basically, these two celebs claim a right of privacy and a violation of their right of publicity because a store they shop at has been blabbing the details of their purchases.

I’m interested in this because back when I was writing one of the early articles about digital certificates, The Essential Role of Trusted Third Parties in Electronic Commerce, 75 Ore. L. Rev. 49 (1996), I had a heck of a time finding relevant law on the subject of the ownership of transaction information, a problem that persisted into the writing of The Death of Privacy?, 52 STAN L. REV. 1461 (2000). I finally concluded that for ordinary transactions, where there was no special duty of confidentiality (e.g. lawyer, doctor) or celebrity with a special right of publicity, the basic rule was that customer and merchant both own the facts and can do what they wish with them.

The right of publicity claim is a narrow one: the shop can’t claim endorsement by the celebrity (e.g. by using their images in an ad), but that doesn’t amount to a gag order. For example, the shopkeeper can certainly brag to customers so long as s/he doesn’t imply or claim an endorsment.

But the privacy claim? Absent either a contractual or legal duty, it’s just not there. Maybe it should be, but that will take a change in the law.

What’s a band to do if it hasn’t got the cash to make its own music video and lives in a country with extremely high levels of CCTV? Well, Get Out Clause used state CCTV cameras and their rights to access information to create this clip,

Unable to afford to make their own music video the band set up and performed their music in front of 80 of the 1,300 CCTV cameras used by British state security - one camera was even on a bus…

Now comes the good part: the band used the UK Data Protection Act - that’s the UK equivalent of US reader’s access to information laws - to request all the footage the state collected of them…

And then they turned the footage into a music video.

(The song is ok, but not as inventive as their social engineering.)

In 2003, the chief librarian of the city of Santa Cruz, Calif., was able to warn her patrons about whether the FBI had served a National Security Letter (NSL) demanding information about who was reading what books. She managed that task despite specific provisions in the USA Patriot Act at the time that prohibited librarians or booksellers from revealing to anyone that they’d been issued an NSL.

So, how did the librarian get the word out? By regularly reporting to the library board that no NSL had been issued to any of the city’s 10 branches, which was perfectly legal. Everyone knew that if the chief librarian failed to report that nothing had happened, then indeed an NSL had been served.

I like it. Better yet, it would be hard to legislate around this workaround…

Prohibits the government from getting around FISA’s court order requirement by wiretapping an individual overseas when it is really interested in a person in the U.S. with whom that supposed foreign target is communicating.

In other words, the amendment would stop spying on you and me in the guise of a foreign terrorism case. Senate doesn’t care.

The DINOs voted to undermine the Fourth Amendment: Rockefeller, Feinstein, Johnson, Landrieu and Lincoln.

GWB is the primary reason why the country is in two wars, an economic slump, and a civil liberties disaster. But the Senate bears much of the blame too.