Report: Facebook tracks all visitors, even if you’re not a user and opted out

Facebook tracks the Web-browsing activities of all visitors to the facebook.com domain even if they are not a Facebook user, according to new research from Europe. The report updates work from earlier this year, which found that Facebook’s updated privacy policy breached EU law.

The research has been commissioned by the Belgian data protection agency, which is investigating Facebook. It was a collaboration between the Interdisciplinary Centre for Law and ICT/Centre for Intellectual Property Rights (ICRI/CIR) at the University of Leuven and the Department of Studies on Media, Information, and Telecommunication (SMIT) of the Vrije Universiteit Brussels.

This newly found tracking, used to provide targeted advertising, is carried out through Facebook’s social widget, the Like Button. A cookie is placed in the browser when someone visits any page in the facebook.com domain, including sections that do not require an account. For visitors that are not Facebook users, the cookie contains a unique identifier, and it has an expiration date of two years. Facebook users receive additional cookies that identify them uniquely. Once those cookies have been set, Facebook will receive them for every subsequent visit to a website that uses Facebook’s social widget. That applies whether or not the Facebook user is logged in to his or her account and whether or not the visitor to the third-party site actually uses the social widget.

Verizon CEO Pushing Congress For ‘Bipartisan’ Consensus That Government Should Never, Ever Stand Up To Broadband Duopolists

As part of a last ditch effort to derail the FCC’s net neutrality rules, you might recall that Senator John Thune and Representative Fred Upton earlier this year pushed an amendment to the Communications Act that they professed would codify net neutrality into law as part of a “bipartisan” proposal crafted after a painstaking public conversation. What the ISP-dictated amendment actually did was effectively gut FCC authority, pushing forth net neutrality rules significantly weaker than the already-flimsy 2010 rules Verizon sued to overturn.

Thune, Upton and the mega ISPs hoped their effort would go something like this: table some incredibly weak net neutrality rules under the pretense of consumer welfare, make a few minor concessions, then pass a still-flimsy amendment that would have killed the Title II push in the cradle. The problem is that most neutrality supporters in Congress saw this fairly-shallow ploy for what it was (or at the very least feared the wrath of a SOPA-fueled internet grassroots community). As such, Thune and Upton have had trouble getting neutrality supporters to sign off on the idea — especially without the help of fellow Senate Commerce Committee member Bill Nelson:

“On Wednesday, (Nelson) reiterated what he’s been saying for weeks: That he’s open to working with Republicans on a “truly bipartisan” bill aimed at preventing Internet providers from speeding up, slowing down or blocking Web sites. But he’ll only cooperate, he said, “provided such action fully protects consumers, does not undercut the FCC’s role and leaves the agency with flexible, forward-looking authority to respond to the changes in this dynamic broadband marketplace.”

Except that’s not happening, because that’s precisely what Thune and friends don’t want. Enter Verizon, who like AT&T and Comcast, has been desperately trying to gut FCC authority for years (and had been succeeding until recently). While Verizon did sue to overturn the 2010 rules, it wasn’t the rules themselves the telco was taking aim at (after all, it co-wrote them, and the rules had the full support of companies like AT&T and Comcast). Verizon hoped a legal win would not only gut the rules, but also FCC authority moving forward. That backfired spectacularly, given the FCC only shifted to Title II after Verizon’s lawsuits repeatedly showed you can’t regulate ISPs like common carriers — without first declaring they’re common carriers. The entire shift to title II is, quite literally, thanks to Verizon.

Fast forward to this week, and Verizon CEO Lowell McAdam fired off a letter to Thune, Upton and the other leaders of the House and Senate Commerce committees (pdf), urging Congress to take the reins and punish the FCC for standing up to wealthy broadband companies begin updating “outdated and broken” telecom law. To hear Verizon’s version of history, everything was going great until the FCC came along and decided to destroy the Internet:

“The broadband and mobile markets are America’s greatest ongoing success stories: 20 years of bipartisan light-touch policy consensus has led to more than $1.2 trillion in private investment, resulting in a transition from 128 kilobit dial-up connections and analog wireless voice networks in the late 1990’s to today’s near-ubiquitous 4G mobile data coverage and fixed broadband networks capable of streaming simultaneous HD movies. The FCC claimed it was addressing concerns about an open Internet, something that Congress could and can – address with clarity and finality in a two-page bipartisan bill. Instead, the FCC went far beyond open Internet rules, engaging in a radical and risky experiment to change the very policy that resulted in the United States leading the world in the Internet economy.”

Like Thune and Upton, McAdam continues to bandy around the word “bipartisan” when what they’re actually pushing is anything but. In short, Verizon wants the FCC’s authority gutted and all policy making moving forward under the authority of a Congress slathered in telco lobbying cash. Not only does McAdam want Congress to push flimsy net neutrality rules, Verizon is pushing hard for a total rewrite of the 1996 Telecom Act — because the Title II rules Verizon’s successfully used to build a massive wireless empire are “outdated and broken”:

“At its root, these are all symptoms of a problem: the existing legal regime and its accompanying regulatory processes are outdated and broken. Congress last established a clear policy framework almost 20 years ago, well before most of today’s technology was even developed. As a result, regulators are applying early 20th century tools to highly dynamic 21st century markets and technologies. Inefficiencies and collateral damage are inevitable. It is time for Congress to re-take responsibility for policymaking in the Internet ecosystem.”

And by “take responsibility,” Verizon actually means it’s time for Congress to take Verizon campaign contribution cash and write new laws ensuring that broadband industry regulators have the strength of babies, the freedom and authority of an asylum inmate, and the budget of a high-school prom committee.

The real irony of course is that regulators wouldn’t keep intervening in Verizon’s market if the telco didn’t consistently engage in behavior that made it necessary. Again, the FCC only shifted to Title II after Verizon sued to overturn its 2010, industry-friendly net neutrality rules. Similarly, the entire net neutrality conversation wouldn’t be happening if Verizon didn’t have a long, proud history of trying to block every technological innovation it deemed a threat. If Verizon’s honestly looking to affix blame for the regulatory policy chaos of the last few years, it doesn’t have to look very far.

Link (Techdirt)

Australia Outlaws Warrant Canaries

In the US, certain types of warrants can come with gag orders preventing the recipient from disclosing the existence of warrant to anyone else. A warrant canary is basically a legal hack of that prohibition. Instead of saying “I just received a warrant with a gag order,” the potential recipient keeps repeating “I have not received any warrants.” If the recipient stops saying that, the rest of us are supposed to assume that he has been served one.

Lots of organizations maintain them. Personally, I have never believed this trick would work. It relies on the fact that a prohibition against speaking doesn’t prevent someone from not speaking. But courts generally aren’t impressed by this sort of thing, and I can easily imagine a secret warrant that includes a prohibition against triggering the warrant canary. And for all I know, there are right now secret legal proceedings on this very issue.

Australia has sidestepped all of this by outlawing warrant canaries entirely:

Section 182A of the new law says that a person commits an offense if he or she discloses or uses information about “the existence or non-existence of such a [journalist information] warrant.” The penalty upon conviction is two years imprisonment.

Expect that sort of wording in future US surveillance bills, too.

Link (Bruce Schneier)

Encryption is the REAL threat – Head Europlod

Europe’s top cop has taken to the BBC to once again slam encryption as the biggest threat to counter-terrorism and law enforcement.

Europol Director Rob Wainright said encrypted communications gave plods across the continent the biggest headaches, and his main gripe was with the IT companies that provide them.

“We are disappointed by the position taken by these tech firms and it only adds to our problems in getting to the communications of the most dangerous people that are abusing the internet,” he said.

He told the civil liberties committee of the European Parliament the same thing last November. Now he says there is “a significant capability gap” that must be closed.

“It’s changed the very nature of counter-terrorist work from one that has been traditionally reliant on having good monitoring capability of communications to one that essentially doesn’t provide that anymore,” he told the Beeb.

However, Wainright himself will not get his hands on any of that “capability”. According to Europol’s website, the organisation itself “has neither the technical equipment nor the legal authorisation to wiretap or monitor members of the public by any technological means”.

“Any information being analysed by Europol is provided directly by the co-operating law enforcement agencies. Europol’s principal role is to gather, analyse and re-distribute data,” he said in the interview.

That hasn’t stopped EU countries beefing up Europol with a new European Internet Referral Unit to find, identify and potentially remove websites used by terrorist groups.

National leaders across the EU have been calling for increased access to private communications since the Charlie Hebdo attacks in Paris. The European Council hopes the new unit will be up and running by June.

Meanwhile, tech companies will continue to boost end-to-end encryption after the Snowden revelations created a business case, as consumers demanded their communications be secured.

Dutch MEP Sophie In’t Veld said she found his comments (which echo those of UK PM David Cameron) extremely worrying. “What is next? Having a lock on the front door of your home being a criminal offence? Banning people from protecting their private communications is unacceptable in a democratic society. We are really on a slippery slope here.”

“Not only individual citizens have a right to privacy, but journalists, politicians, lawyers, whistleblowers, NGOs, etc must be able to communicate freely, safely and knowing they are unobserved,” she added.

“There seems to be no limit to the appetite of secret services to know EVERYTHING about us, without being subject to any meaningful kind of oversight or bound by laws,” continued In’t Veld.

“He believes all of this is caused by the ‘revelations’ on NSA mass surveillance. “One would think it was the secret and illegal mass surveillance itself, not the fact it was revealed, that has breached trust,” said In’t Veld.

Link (The Register)

Two feds who investigated Silk Road accused of stealing from it, too

Two federal agents whose work helped to shut down the Silk Road online drug marketplace have been accused of stealing from the Darknet market during the investigation. The criminal complaint, unveiled today, reveals a remarkable level of corruption within the investigation into the drug marketplace, which hosted more than $200 million in transactions.

Government prosecutors have charged former DEA agent Carl Force and former Secret Service agent Shaun Bridges with wire fraud and money laundering. Force is also charged with stealing government property and “conflict of interest.”

The government had multiple investigations into Silk Road. Force and Bridges both worked on one based out of Baltimore. Force was the lead undercover agent in charge of communicating with Dread Pirate Roberts (DPR), the operator of the Silk Road site, while Bridges was a computer forensics expert.

Link (Ars Technica)

How The TPP Agreement Could Be Used To Undermine Free Speech And Fair Use In The US

We’ve been writing a lot about the Trans Pacific Partnership (TPP) agreement over the past few years. There are many, many problems with it, but the two key ones are the intellectual property chapter and the investment chapter. Unlike some who are protesting TPP, we actually think that free trade is generally a good thing and important for the economy — but neither the intellectual property section nor the investment chapter are really about free trade. In many ways, they’re about the opposite: trying to put in place protectionist/mercantilist policies that benefit the interests of a few large legacy industries over the public and actual competition and trade. We’ve already discussed many of the problems of the intellectual property chapter — which is still being fought over — including that it would block the US from reforming copyright to lower copyright term lengths (as even the head of the Copyright Office, Maria Pallante has argued for).

And, last week, Wikileaks leaked the investment chapter, which is focused on corporate sovereignty provisions, officially known as “investor state dispute settlement” or “ISDS” (named as such, in part, because the negotiators know it sounds boring, so they hope the public won’t pay attention). As people go through the details and the fine print, they’re finding some serious problems with it. Sean Flynn has a very in-depth look at how the combination of these two chapters — the IP chapter and the investment chapter — could very likely threaten fair use (and, with it, undermine the First Amendment).

The full details as to how are a bit tricky to understand, because it involves digging through the leaked versions of both chapters, and understanding some of the subtle language choices, but it’s a serious concern. Flynn’s article also goes through the history of how such corporate sovereignty provisions have been expanded and increasingly used over the past decade or so. But the key part is this: the investment chapter certainly can (and will) be read to cover intellectual property as well, including the idea that a company can invoke the ISDS process if it feels its “intellectual property” has been “expropriated” in some manner. The word “investment” in the investment chapter is defined incredibly broadly and explicitly includes “intellectual property” as well as “other tangible or intangible, movable or immovable property.” It also, importantly, notes that an investment, for the purpose of ISDS, covers:

every asset that an investor owns or controls, directly or indirectly, that has the characteristics of an investment, including such characteristics as the commitment of capital or other resources, the expectation of gain or profit, or the assumption of risk.

Now, it’s no secret that the legacy entertainment industry is no fan of fair use (even if they often rely on it themselves). While fair use is officially part of the law in the US, the entertainment industry just recently fought very hard to block it in the UK and Australia, arguing (ridiculously) that fair use would harm innovation.

Even where there are very strong arguments for fair use — such as in helping the blind access works — the entertainment industry has twisted the so-called “three step” test from the Berne Agreement to argue that that is the most that is allowed for fair use. The three step test is actually really about limiting fair use, rather than enabling it. It is in the Berne agreement (as a relatively recent addition) as one possible “exception” to copyright, but not the only one. However, the haters of fair use like to pretend that it is the only one allowed under that agreement.

Under the three step test, “exceptions” to copyright occur when there are:

limitations and exceptions to exclusive rights to (Step 1) certain special cases (Step 2) which do not conflict with a normal exploitation of the work and (Step 3) do not unreasonably prejudice the legitimate interests of the rights holder

And, of course, in the US, fair use goes way beyond that already. And, as Flynn points out, it appears from the leaked text of TPP, the US would now be opening itself up to an ISDS challenge from a foreign owned company (remember: Universal Music is owned by a French company, Sony Music is owned by a Japanese company and Warner Music is owned by Russians…) that the fair use doctrine itself “expropriates” its “intellectual property” rights by going beyond the three steps test. Here’s Flynn:

And here is a major one lurking in the shadows. Many copyright intensive industries are hostile to the U.S. fair use doctrine and many of the decisions of courts emanating from it. There have been arguments raised from time to time that the doctrine or its applications are contrary to the so-called Berne 3-step test requiring that limitations and exceptions to rights be limited to certain special cases, not conflict with a normal exploitation of the work and not unreasonably prejudice the legitimate interests of the author (see this rebuttal from Gervais et al.). No other country has attempted to sue the U.S. or the nearly dozen other countries around the world that have fair use. But will the content industry be so reticent with such challenges in the future? With the TPP ISDS chapter, they will not have to in 40% of the global economy.

And this isn’t so far fetched. As we’ve been discussing, under existing ISDS/corporate sovereignty provisions in NAFTA, Eli Lilly is currently suing Canada for $500 million because Canada refused to grant it some patents. Eli Lilly is arguing that this “expropriated” Eli Lilly’s “intellectual property” and took away its “expected profits.”

Is it that difficult to believe that a recording studio or movie studio might make a similar argument on a fair use determination on one of its copyright-covered works?

And, if fair use is undermined, so is free speech. As we’ve noted, the Supreme Court itself has long argued that current fair use doctrine is a necessary “safety valve” in making sure that copyright does not violate the First Amendment. In other words, fair use is a key part of your First Amendment rights.

And yet… the USTR is basically putting in place a plan and system to undermine this, because the big copyright players are among the very few people who are allowed to see the negotiating text and to “advise” the USTR on what should be in it. Once again, it would seem like the most obvious way to deal with this would be for the USTR to release the negotiating documents, so that the public would be aware of what’s being negotiated, and could discuss the possible consequences — like how the current rules have the potential to undermine fair use and free speech. But, for reasons that the USTR still will not explain (perhaps because they reveal the USTR’s true reasoning for such provisions), it refuses to do so.

Link (Techdirt)

Prosecutor Declines to Prosecute Himself

Although it is surprisingly difficult to find solid news reporting out of Zambia, several different sources including AFP have reported that the country’s Director of Public Prosecutions decided recently to drop nine corruption charges pending against a highly placed official, namely himself:

Zambia’s top prosecutor … stunned a magistrate when he refused to prosecute himself on charges of abuse of office and declared himself a free man.

“I am the Director of Public Prosecution of the Republic of Zambia and I have decided to enter a nolle prosequi against all the charges,” Mutembo Nchito told the magistrate from the dock, using the Latin term for refusing to pursue a case.

He did not apologize to himself for ruining his reputation, but then he did not bring the charges in the first place. They were apparently brought by former finance minister Newton Ng’uni, and that does seem a little irregular but Ng’uni may have been concerned that Nchito would not do the right thing on his own. Or the charges may have been politically motivated, but who the hell knows.

Link (Lowering The Bar)

Ridiculous Ruling In Ireland Requires ISP To Kick Those Accused (Not Convicted) Of File Sharing Off The Internet

There just seems to be something about the way that some people’s brains function (or not) when the word “piracy” is introduced. Over in Ireland, there’s been an incredibly long running battle over whether or not internet access providers need to kick people off the internet if they’ve been accused (not convicted) of file sharing three times. Such “three strikes” rules have been put in place in a few countries, and the evidence shows that they don’t work at all. Not even in the slightest. They don’t slow down the rates of piracy for any extended period of time (sometimes they show a very brief drop before people figure out other ways). They certainly don’t lead more people to buy content. France, famously, led the way with the very first three strikes law, which the country has already dropped.

Over in Ireland, the fight over three strikes has been going on for nearly a decade. Back in 2008, the recording industry sued Eircom, the large Irish ISP, claiming that the company was required by lawto implement a three strikes regime. Eventually, in an effort to avoid legal costs, Eircom caved andagreed to implement a three strikes plan, but with a condition: the recording industry also had to pressure competing ISPs to implement a similar plan so that Eircom customers didn’t go fleeing. The recording industry did just that. The ISPs pushed back and seemed to be vindicated when the Irish Data Protection Commission ruled that a three strikes plan violated consumer privacy, and Irish judges found no legal basis for such rules.

Of course, the recording industry fought back, and a court flat out rejected the Data Protection Commission’s findings, and insisted there wasn’t any privacy issue at all with three strikes.

And, thus, we get back to the lawsuits against ISPs with a judge now ruling against ISP UPC and making some rather astounding statements in the process. The judge, Brian Cregan, appears to have become a true believer in the myths that the recording industry is spreading, and to him “piracy” seems to justify any and all punishment, without any clear concern as to whether or not anyone’s actually broken the law, or whether or not three strikes plans even work. These quotes are fairly astounding:

Mr Justice Cregan said that there was “wholesale theft” taking place on the UPC network. He said that the constitutional rights of “a whole class of persons are not just being infringed but are being destroyed”. The downloading of music for free is destroying the intellectual property rights of creative artists and should be a matter of great concern in any civilised society, he said.

Except, that’s not true. Copyright infringement and “theft” are two separate (and very different) things. And, no constitutional rights are “being destroyed” at all. If someone’s rights are being harmed via copyright infringement, those individuals or companies have every right to bring legal cases against those who are the ones actually engaging in infringement. Arguing that ISPs should automatically cut people off of the entire internet based merely on accusations (that have a long history of not being accurate) would seem to be “destroying” the due process rights of many more people than any copyright infringement. Besides, I would also think that “a matter of great concern to any civilized society” would be things like “due process” and better enabling communications and access to information for all — like the internet does. But, no. If you happen to download a song you like without paying for it, apparently you should be barred from the internet.

“The current generation of writers, performers and interpreters of music cannot have their livelihoods destroyed by advances in technology which allow persons to breach their constitutional rights with impunity.”

Two points on this. Any realistic look at “the current generation of writers, performers and interpreters of music” would recognize that it is an amazing time to be a creative personbecause of the internet. Thanks to the internet, artists no longer are solely reliant on giant gatekeepers to pick them out of everyone else. Instead, they can use these platforms to create, to connect with fans, to promote, to distribute and to monetize their works. More words are being written, more videos are being filmed and more music is being recorded today than any time in history. It’s difficult to see how one can possibly square that reality with this fantasy world of Judge Cregan’s in which he believes that writers, performers and musicians are in trouble.

The reality is that it’s merely the business models of the old gatekeepers that have been challenged. But that is the nature of the free market. If you cannot keep up with the changing times, you go out of business. But Cregan has apparently decided that the world should always look like it did briefly in the 1980s, and the internet upsets all of that, so clearly, it’s the internet that should go.

Not only did Judge Cregan decide that UPC needs to put in place a three strikes plan, but that it should have to cover most of the costs itself, apparently blaming the technology itself for the struggles of the legacy recording industry:

Mr Justice Cregan said the cost of setting up this system had been put at between €800,000 and €940,000, three-quarters of which UPC had argued should be paid for by the music companies.

The judge said however given the music companies’ constitutional rights “are being destroyed” by UPC’s customers, he believed UPC should pay 80 per cent and the music companies the rest.

Cregan is apparently so sure of himself on this issue — despite what appears to be an astounding confusion over what’s actually happening in the world, that he further rejected UPC’s argument that this is a matter for the legislature, not the courts. Instead, Cregan seems to believe that the courts can magically will into place a new regulation kicking people off the internet. He further rejected requests to refer this matter to the European Court of Justice, insisting that his interpretation of the law is plenty.

Link (Techdirt)

Judge Suggests Attorney General Jim Hood Is Unconstitutionally Threatening Google ‘In Bad Faith’

About a month ago, we noted that a federal court had granted a temporary injunction blocking a subpoena issued by Mississippi Attorney General Jim Hood, demanding all sorts of information from Google. At the time, the judge only said that Google’s argument was “stronger” than Hood’s, but said a full ruling would come out in time. That full ruling is now out, and boy, does it make Jim Hood’s anti-Google vendetta look questionable — specifically saying that there is “significant evidence of bad faith” on the part of Hood to try to use his government position to unconstitutionally coerce Google into making changes to its service that it has no legal obligation to make.

If you don’t recall, Hood has a long-standing obsession with Google, despite having an astounding level of ignorance about how the search engine actually operates. In his anti-Google rants, Hood makes statements that are blatantly false and repeatedly argues that Google is to blame merely because its search engine finds websites that Hood’s office doesn’t like and doesn’t think should exist at all. And that doesn’t even touch on the now known fact that the MPAA secretly funded Hood’s investigation and wrote nearly every word of the threatening letters sent to Google.

While Hood and various MPAA supporters have insisted that he’s clearly in the right, at least federal judge Henry Wingate doesn’t see much to support that. Hood tried desperately to keep this issue out of federal court, using a variety of claims, including the so-called “Younger Abstention” which argues that federal courts should stay out of certain issues. However, as Wingate notes, that only applies in three specific cases, none of which apply to Hood’s campaign against Google — and, even if any of them did apply, there’s a further exception for “bad faith” — and Wingate is pretty convinced that Hood is acting in bad faith:

Moreover, even if the Younger elements were satisfied here, the court would not be required to abstain here because an exception to the application of the doctrine applies. Indeed, federal courts may disregard the Younger doctrine when a state court proceeding was brought in bad faith or with the purpose of harassing the federal plaintiff… Google has presented significant evidence of bad faith, allegedly showing that Attorney General Hood’s investigation and issuance of the subpoena represented an effort to coerce Google to comply with his requests regarding content removal. As previously discussed, the Attorney General made statements, on multiple occasions, which purport to show his intent to take legal action against Google for Google’s perceived violations. When Google declined to fulfill certain requests, the Attorney General issued a 79-page subpoena shortly thereafter. The court is persuaded that this conduct may evidence bad faith on the part of the Attorney General.

Link (Techdirt)

UK school group threatens to call police on kids playing adult games

A group of school principals in Cheshire, England is warning parents that they will be on the lookout for evidence that children in their care have access to adult video games at home and will “contact the Police and Children’s Social Care” if they are made aware of it.

The Nantwich Education Partnership, which represents 16 schools in Cheshire, sent a note to parents last month expressing concern that “several children have reported playing, or watching adults play games which are inappropriate for their age and have described the levels of violence and sexual content they have witnessed.” The letter specifically cites Call of Duty, Grand Theft Auto, and Dogs of War (which we assume is a misnamed mangling of God or War or Gears of War) as inappropriate, and also warns parents that children should not have access to Facebook or WhatsApp accounts before they are old enough.

“Access to these games OR to some social media sites such as those above increases early sexualized behaviours (sometimes harmful) in children AND leaves them vulnerable to grooming for sexual exploitation or extreme violence,” the letter reads (as reprinted by The Daily Mail). “If your child is allowed to have inappropriate access to any game or associated product that is designated 18+ we will are [sic] advised to contact the Police and Children’s Social Care as it is neglectful.”

Link (Ars Technica)