Category Archives: Law: Internet Law

I Expect We’ll Get Crap Like this Daily

Donald Trump wants to ‘close up’ the Internet:

In a speech at the U.S.S. Yorktown in Mount Pleasant, South Carolina, on Monday, Trump referenced the use by ISIS of social media as a recruitment tool. He recommended a discussion with Bill Gates to shut off parts of the Internet.

“We’re losing a lot of people because of the Internet,” Trump said. “We have to go see Bill Gates and a lot of different people that really understand what’s happening. We have to talk to them about, maybe in certain areas, closing that Internet up in some way. Somebody will say, ‘Oh freedom of speech, freedom of speech.’ These are foolish people. We have a lot of foolish people.”

Well, count me as one of the foolish I guess. Although not quite so foolish as to think Bill Gates runs parts of the Internet.

PS. To those offended by the headline: what else am I supposed to call it? Bullshit?

Posted in Law: Free Speech, Law: Internet Law, Trump | 5 Comments

Why the Attempt to Enjoin the IANA Transfer is Baseless

The Attorney Generals of four right-wing states sued today to block the transfer of the US’s control over IANA to ICANN.  Here’s a link to the plaintiffs’ complaint and request for declaratory and injunctive relief.

And here’s my very quick take on the lawsuit: The APA claim is bogus.  I think they lack standing for the property claim. The property claim is also meritless, as the government is not giving away any property it “owns”.  The US is letting go of a contractual right to veto alterations to the data in a computer file (the root zone file) held on a privately owned machine.  There is no intellectual property right because the contents of the file are in the public domain, and US law would not recognize this as a compilation copyright.  What’s at issue in the IANA transfer is the loss of the US government’s right to veto authoritative changes to the file, not to own the contents.

In any case, the proposed transfer doesn’t harm the defendants in any way now, and their complaint fails to say that it does.  Plaintiffs only give extremely speculative allegations of possible future damage. Indeed, the most they can come up with in para 22 of their complaint is that “Plaintiffs will lose the predictability, certainty, and protections that currently flow from federal stewardship of the Internet and instead be subjected to ICANNs unchecked control.”  While I am more sympathetic than most about the dangers of being subject to ICANN’s unchecked control, the fact remains that in the absence of any clear threat by ICANN do something that would harm the plaintiffs in some way this is far too speculative a harm to be recognized by a US judicial system that is allergic to speculative harm. The same argument applies to the claim that ICANN might – no sign at all it will – increase fees to GSA for .gov, which might – no clear sign it would – be passed on as a cost to the plaintiffs. (para 29).

More generally, the complaint takes a surprisingly collectivist view of private property given that it was filed by some of the more right-wing state officials in the land.  My computer is not a public forum.  Yet, by claiming that “the internet” has been “established” by the US as a public forum, the plaintiffs seem to want to (in effect) nationalize every computer on the Internet, or at least all the US ones. See for example paras 32 and 35-36 of the complaint which refer to the private use of private computers, but try to turn the computers and the uses into something that requires licenses or which government could control.

Count 3 is bogus because the Commerce Department’s act isn’t a rule in either form or substance.  It might arguably be an adjudication – I wrote an article arguing that other related actions should be seen as adjudications (but the courts didn’t bite).  NTIA has always taken the view that changes to the IANA relationship are just contract negotiation, like buying paperclips, and those don’t require notice and comment and are not adjudications either; instead it’s just purchasing (I thought the $0 cost of the purchase orders was odd, but that failed to convince enough people.) In any case, not renewing the contract is even less an action than altering it.

Count 4 – the claim that the government is lacking statutory authorization for its actions – is a little more interesting.  It has two problems, however: first, the plaintiffs lack the standing to bring it.  Second, if it is correct, it likely proves too much, for if getting rid of the Root Zone File was lacking authority, so too was maintaining it.  So were this to go forward, the result would be to say the government couldn’t do any of the things it has done in the ICANN/IANA space … which is exactly the result that the plaintiffs are suing to prevent.

Count 5, the tortious interference with contractual relations claim, founders on the absence of any non-speculative damages.  US tort law requires you have damages to prevail on a tort claim.

In the long run, this claim cannot succeed.  Whether the parties might be able to scare a judge into throwing a spanner in the works while he or she figures things out, I don’t know, but even if they do I just don’t see any way for this lawsuit to prevail in the long run.

Posted in ICANN, Internet, Law: Internet Law | 1 Comment

My New Paper May Make Some of My Friends Angry

Building Privacy into the Infrastructure: Towards a New Identity Management Architecture comes to what I fear some of my friends in the privacy community will find to be an unacceptable conclusion.

I’ll be presenting it at the Privacy Law Scholars Conference in Washington next week. Hopefully, since many attendees are in fact friends, they won’t bring brickbats.

Posted in Cryptography, Econ & Money, Law: Internet Law, Law: Privacy, Surveillance, Talks & Conferences | Leave a comment

Microsoft Sues to Kill or Reduce ECPA Gag Orders

Microsoft filed suit today seeking a judicial declaration that 18 U.S.C. § 2705(b) violates its First Amendment Rights, and the Fourth Amendment rights of the subjects of the orders.

I think this lawsuit is a Big Deal, and Microsoft has the right of it on moral grounds. On legal grounds it has a good arguable case, although the law is not so clear that I can call it a slam dunk. This excellent article by Steve Lohr in the NYT gives the outline, and quotes a soi-disant expert.

Perhaps the most interesting, if disturbing, fact is this one:

From September 2014 to March 2016, Microsoft received 5,624 federal demands in the United States for customer information or data. Nearly half — 2,576 — were accompanied by secrecy orders.

And of those secrecy orders, more than two-thirds contained no fixed end date. I.e. unless Microsoft were to go to court later to challenge them in individual proceedings, they orders would on their own terms last forever.

The text of Microsoft’s complaint is worth reading as it is very well done. Here’s the first paragraph:

Microsoft brings this case because its customers have a right to know when the government obtains a warrant to read their emails, and because Microsoft has a right to tell them. Yet the Electronic Communications Privacy Act (“ECPA”) allows courts to order Microsoft to keep its customers in the dark when the government seeks their email content or other private information, based solely on a “reason to believe” that disclosure might hinder an investigation. Nothing in the statute requires that the “reason to believe” be grounded in the facts of the particular investigation, and the statute contains no limit on the length of time such secrecy orders may be kept in place. 18 U.S.C. § 2705(b). Consequently, as Microsoft’s customers increasingly store their most private and sensitive information in the cloud, the government increasingly seeks (and obtains) secrecy orders under Section 2705(b). This statute violates both the Fourth Amendment, which affords people and businesses the right to know if the government searches or seizes their property, and the First Amendment, which enshrines Microsoft’s rights to talk to its customers and to discuss how the government conducts its investigations—subject only to restraints narrowly tailored to serve compelling government interests. People do not give up their rights when they move their private information from physical storage to the cloud. Microsoft therefore asks the Court to declare that Section 2705(b) is unconstitutional on its face.

Update: For an argument that courts will deny Microsoft’s facial challenge on the grounds that the claims can only be asserted ‘as applied’ — very much an emphasis of recent Supreme Court decisions disfavoring as facial challenges to statutes, see Jennifer Daskal at Just Security, A New Lawsuit from Microsoft: No More Gag Orders!. It’s more pessimistic than I would be, but not implausible.

Update2: Microsoft’s statement.

Posted in Civil Liberties, Law: Constitutional Law, Law: Free Speech, Law: Internet Law, The Media | Leave a comment

Kewl

The HTTP 451 Error Code for Censorship Is Now an Internet Standard.

I believe this action of the IETF is consistent with the claims I made in my article Habermas@discourse.net: Toward a Critical Theory of Cyberspace, 116 Harv. L. Rev. 749 (2003).

Posted in Law: Internet Law, Writings | Leave a comment

From Anonymity to Identification

The inaugural issue of the Journal of Self-Regulation and Regulation is out, and it includes an article of mine, From Anonymity to Identification. The article is adapted from a talk I gave in Heidelberg last December. I’m in good company: other authors in this issue are Markus Beckedahl, Jeanette Hofmann, Marianne Kneuer, Milton L. Mueller, Ekkehart Reimer, William Binney, Kai Cornelius, Myriam Dunn Cavelt, Sebastian Harnisch and Wolf J. Schünemann.

The full text of this open-access journal is available online, including a .pdf of From Anonymity to Identification. As Larry Solum likes to say, download it while it’s hot.

Here’s the abstract for “From Anonymity to Identification”:

This article examines whether anonymity online has a future. In the early days of the Internet, strong cryptography, anonymous remailers, and a relative lack of surveillance created an environment conducive to anonymous communication. Today, the outlook for online anonymity is poor. Several forces combine against it: ideologies that hold that anonymity is dangerous, or that identifying evil-doers is more important than ensuring a safe mechanism for unpopular speech; the profitability of identification in commerce; government surveillance; the influence of intellectual property interests and in requiring hardware and other tools that enforce identification; and the law at both national and supranational levels. As a result of these forces, online anonymity is now much more difficult than previously, and looks to become less and less possible. Nevertheless, the ability to speak truly freely remains an important ‘safety valve’ technology for the oppressed, for dissidents, and for whistle-blowers. The article argues that as data collection online merges with data collection offline, the ability to speak anonymously online will only become more valuable. Technical changes will be required if online anonymity is to remain possible. Whether these changes are possible depends on whether the public comes to appreciate and value the option of anonymous speech while it is still possible to engineer mechanisms to permit it.

Posted in Law: Internet Law, Surveillance, Writings | Leave a comment