It’s a few weeks old, but be sure to check out Cory Doctorow’s excellent explanation for why copy protection can never work:
[Encryption] works brilliantly. You can download an email privacy program that uses standard, public encryption algorithms to scramble your email so that only its intended recipients can read them. You know that messages can only be read by the authorised sender and the authorised receiver because you are the only ones who know have the key.
It’s great for email, but it can never work for movies, TV shows or music, because in the case of “copy protection” the receiver is also the person that the system is meant to guard itself against.
Say I sell you an encrypted DVD: the encryption on the DVD is supposed to stop you (the DVD’s owner) from copying it. In order to do that, it tries to stop you from decrypting the DVD.
Except it has to let you decrypt the DVD some of the time. If you can’t decrypt the DVD, you can’t watch it. If you can’t watch it, you won’t buy it. So your DVD player is entrusted with the keys necessary to decrypt the DVD, and the film’s creator must trust that your DVD player is so well-designed that no one will ever be able to work out the key.
This is a fool’s errand. Because the DVD player has the key, it’s always possible that it can be extracted by academics, hardened hackers – or just kids who are in it for the glory.
Doctorow makes an analogy to the speed of light, but I think a better analogy is that DRM systems are to computer science what perpetual motion machines are to physics. Anyone who says he’s got an unbreakable DRM scheme is either clueless or lying. Yet DRM snake-oil salesmen, like the charlatans who periodically claim to have invented a perpetual motion machine (or infinite compression algorithms), are perpetually coming up with clever new ways to obfuscate the fundamental impossibility of what they’re trying to accomplish. If you make a system complicated enough, it can be difficult to explain its flaws in laymen’s terms. But that doesn’t mean it doesn’t have them, or that they aren’t fatal.
This is just appalling. You cannot win a PR battle from a defensive crouch.
A top Democratic leader opened the door Tuesday to granting U.S. telecommunications companies retroactive legal immunity for helping the government conduct electronic surveillance without court orders, but said the Bush administration must first detail what those companies did.
House Majority Leader Steny Hoyer, D-Md., said providing the immunity will likely be the price of getting President Bush to sign into law new legislation extending the government’s surveillance authority. About 40 pending lawsuits name telecommunications companies for alleged violations of wiretapping laws. Democrats introduced a draft version of the new law Tuesday without the immunity language.
If Congress passes legislation giving the president expanded wiretapping authority, and he vetoes it because it doesn’t include a get out of jail card for AT&T, that
should be a PR disaster for the Republicans. The Democrats should be thrilled to go on the campaign trail saying “Mr. President, we passed legislation giving you the authority you requested. It’s not our fault you chose to put the interests of your friends in the telecom industry ahead of protecting American lives.”
Yet for some reason, the Democratic leadership seems to have chosen a strategy of preemptive surrender, where they announce in advance that they’re so terrified of a veto that they’ll give the president basically whatever he wants as long as he promises to sign it. Under those circumstances, the president obviously isn’t going to budge an inch.
The text of the RESTORE Act is here. It’s not quite as bad as I’d feared from media reports, but it still has some serious flaws. The most frustrating thing about it is that it starts off really well. The first substantive provision is:
Notwithstanding any other provision of this Act, a court order is not required for the acquisition of the contents of any communication between persons that are not United States persons and are not located within the United States for the purpose of collecting foreign intelligence information, without respect to whether the communication passes through the United States or the surveillance device is located within the United States.
In my opinion, they should have just cut the bill off there. The whole thing would have been 3 pages long, it would have taken away the White House’s most potent talking point, and it would have gotten the enthusiastic endorsement of people like me.
Instead, it goes on to create this elaborate, cumbersome, and arguably unconstitutional “blanket warrant” process for eavesdropping on calls between an American and a non-American. I have yet to see any coherent explanation for why such a provision is necessary.
A significant amount of the bill is devoted to detailing a variety of reports and audits that various parts of the executive branch are required to submit about the government’s surveillance activities. While more oversight is rarely a bad thing, I’m frankly not that enthusiastic about these provisions because I’m worried they’ll be perceived as a substitute for individualized warrants. Moreover, I think there’s a good argument to be made that genuinely foreign surveillance activities
shouldn’t be subject to the same level of scrutiny as domestic surveillance. So to the extent that all these reporting requirements blur the line between domestic and foreign surveillance, I think that could be a bad thing.
I continue to be baffled by the politics of all this. I imagine the Democratic leadership thinks they’re going to buy peace with the White House by compromising and giving them some of what they want. But that’s not how this administration works. They’ve
never shown any willingness to meet critics halfway. (See, for example, Max Cleland) If the Democrats give the president anything less than everything on his wish list, they’ll be loudly denounced as soft on terrorism. So if they’re going to get attacked anyway, they might as well at least make their base happy by passing a bill that’s strongly supportive of civil liberties.
This is not that bill. The ACLU is endorsing Rush Holt’s alternative legislation, so perhaps that’s the legislation advocates of civil liberties should be demanding.
I find it amazing that people would make an argument like this with a straight face:
Brian Darling, director of Senate relations at the conservative Heritage Foundation, told Cybercast News Service that he expects “the White House will threaten to veto this.”
“Some elements are problematic for anti-terrorism,” he said, particularly the lack of a provision that would grant retroactive immunity for telecommunications companies that provided information to the government and may have done so illegally.
“It should be retroactive,” said Darling. “These companies are getting sued because they were trying to be helpful … to hunt down people who are abusing our telecommunications system to carry out acts in the United States.”
This sounds like a marvelous legal principle: firms can ignore the law and compromise their customers’ civil liberties with impunity, as long as they were “trying to be helpful.” Come to think of it, why do we need warrants at all? Instead, let’s just have the FBI and the NSA issue “certificates of helpfulness” in exchange for their customers’ private information. I mean, the nice man from the NSA would never ask for information he wasn’t allowed to have, would he?
In an interesting post today, Glenn Fleishman explores what AT&T’s purchase of 700 MHz spectrum from Aloha Partners today means for Verizon. While my conspiracy theory radar tingles a bit, I had this same thought earlier today. No point in paraphrasing; enter the blockquote.
AT&T spends $2.5b for 12 MHz across 200m people in the 700 MHz band: Let’s talk two-steps-ahead. In the terms for the C Block licenses that Google wanted very open and Verizon and AT&T wanted to have cell-spectrum-like restrictions, AT&T did a volte-face and said it would agree to most of the openness that Google wanted. Huh, I said, I wonder what made them do that? Well, it’s gamesmanship. AT&T was obviously already in a position to acquire Aloha Partners’s licenses.
This means that AT&T is reverse-encumbering the other band. While the C Block involves more bandwidth and greater coverage, Verizon is now in a worse position because of the lack of device and application lock-in if they choose to bid in 700 MHz as AT&T will already have holdings. AT&T can have the flexibility to deploy different services in the different 700 MHz blocks. I think.
AT&T can now focus on bidding on the A and B blocks, which can compliment their Aloha acquisition and which don’t come with open-access restrictions. So did AT&T pull off a Machiavellian ploy to saddle Verizon with an open access mandate?
The Restore Act is generating a lot of media interest. I just finished an interview with WTOP in DC. Tomorrow, I’ll be speaking with KMOX in Saint Louis at 8:40 AM (Central), WLAP in Lexington, Kentucky at 10:35 (Eastern), and on WABC in New York City at 11:10 (Eastern). All of them appear to have live Internet feeds (albeit in irritating proprietary formats) in case any TLF readers want to listen in.
On a note related to Jerry’s post on “L’iPhone” I’d like to point out Thomas Hazlett’s “How the ‘walled garden’ promotes innovation” in the September 26 Financial Times. The piece discusses the virtues of closed and controlled technological ecosystems and how the “walled garden” can often be a prosperous and vibrant one. Best paragraph from the piece:
Unbundling phones from networks is suggested as a policy fix in the US. European phones, working with different Sim cards across carriers and borders, are the model. Innovation in the European Union is said to flourish. But the iPhone came first to the US, as did the BlackBerry and advanced broadband networks using CDMA data formats. That is not surprising given that US networks are afforded wide latitude in designing their systems. Licenses in the EU mandate a GSM standard. What is recommended as “open” in fact deprives customers of a most basic cellular choice: technology.
Of course the real closed vs. open debate is whether we want an open
economy. Open, that is, to varying business models–rather than one that is closed to any service or product that technophiles might describe with the now-curse-words “proprietary” or “closed source.” The techno-intelligentsia may value the notion of taking a phone from network to network, or being able to install Skype on anything with processor, but it turns out that most people couldn’t care less. Ultimately that’s what matters. The systems that are adopted shouldn’t be chosen by uber-geeks and regulators, but by every-day consumers.
I love my iPhone. Despite what others might say, it is the most innovative mobile phone in a decade. I also think innovators should be rewarded, which is why I’m fine with the iPhone being locked to AT&T’s network. As a result, Apple gets a cut of my (and every other iPhone owner’s) wireless bill.
France might be left behind when it comes to this innovation, however. That country has laws similar to the wireless Carterfone rules Tim Wu, Skype, and others have advocated for the U.S. Locked phones in France must be unlocked by the carrier upon user request, and wireless carriers must also sell unlocked versions of their mobile phones. As a result, Apple is considering keeping the iPhones off French shelves indefinitely.
To me it’s clear that forced access laws limit innovation. I think folks who propose such rules want to have their cake and eat it, too. That is, they want the innovation that comes from entrepreneurs acting in a free market (and often fueled by exclusive deals such as the one between Apple and AT&T), and they also want the forced openness of networks. They think that the latter will have no impact on the former; that innovators will innovate regardless of the incentives. The iPhone snag in France, however, shows that incentives do matter.
Geoffrey Stone has a great review of Jack Goldsmith’s book that makes it crystal clear that we’re dealing with an administration that has nothing but contempt for the rule of law and the separation of powers:
As it implemented its “go-it-alone” conception of executive authority, the administration “rejected any binding legal constraints” on the president’s power. Whenever anyone suggested consulting Congress on such matters as detention, interrogation, habeas corpus, military commissions, or surveillance, Addington’s invariable response was, ” ‘Why are you trying to give away the President’s power?’ ”
The most critical issue Goldsmith encountered involved the “torture memos,” which purported to provide a “legal basis for what President Bush later confirmed were ‘alternative interrogation procedures used at secret locations.’ ” Consistent with the administration’s extreme view of presidential authority, the memos argued that the Torture Act of 1994 — which made it unlawful for government officials to engage in torture — violated the president’s inherent constitutional power as commander in chief to authorize torture. According to Goldsmith, CIA interrogators viewed these memos as a ” ‘golden shield’ ” that would insulate them against criminal liability.
Although no head of the Office of Legal Counsel had ever overturned an opinion issued by the office in the same administration, Goldsmith concluded that the extreme assertion of presidential authority in the torture memos had “no foundation” in any “source of law.” They rested entirely on “one-sided legal arguments” and were nothing more than unreasoned assertions of “sheer power.” Goldsmith decided he had a legal and constitutional responsibility to withdraw the torture opinions.
At the same time he informed Atty. Gen. Ashcroft that he was withdrawing the opinions (Ashcroft, by the way, was “supportive” of Goldsmith’s conclusion), he also submitted his resignation, in part “to ensure that my withdrawal” of the torture memos “would stick.” The timing, he believed, “would make it hard for the White House to reverse my decision without making it seem like I had resigned in protest.” He was right, and it worked.
Goldsmith, it should be emphasized, has described himself as not being especially concerned with civil liberties. Yet he found it necessary to resign after only 10 months on the job. The same story can be told of other officials—Jim Comey, John Ashcroft himself—who were hardly left-wingers, but who ultimately were unable to stomach the Bush administration’s cavalier disregard for the constitution. The only people who are still in the White House at this point are people who weren’t disturbed by the president’s theory that he can pretty much do whatever he wants regardless of what Congress or the Supreme Court say. Why on Earth would Congress want to encourage this kind of behavior by giving the executive branch even more power to spy on Americans without court oversight?
I think I’ve made this point before, but it’s worth making again:
Two months after insisting that they would roll back broad eavesdropping powers won by the Bush administration, Democrats in Congress appear ready to make concessions that could extend some crucial powers given to the National Security Agency.
Administration officials say they are confident they will win approval of the broadened authority that they secured temporarily in August as Congress rushed toward recess. Some Democratic officials concede that they may not come up with enough votes to stop approval.
This isn’t how Congress works, and a reporter from the
New York Times should know better. If the leadership of the majority party in Congress doesn’t want a particular piece of legislation to come to the floor, it’s extraordinarily difficult for other members of Congress to bring it to the floor. As I understand it, the primary mechanism in the House is a discharge petition, which requires the signatures of the majority of members of Congress. According to Wikipedia, only 47 piece of legislation have received the required majority in the last 70 years, and only two of those have become law. In other words, by and large if the leadership doesn’t want a piece of legislation to move, it doesn’t move.
And then there’s the Senate, where in addition to the usual prerogatives of leadership, any 41 members of the Senate can stop legislation with a filibuster. I find it extraordinarily hard to believe that the Democratic leadership couldn’t find at least one of these mechanisms to stop a bad FISA bill. The more likely explanation is that the leadership simply doesn’t consider this issue important enough to risk giving Republicans a campaign issue next year. Which is fine; that’s the sort of political calculation the congressional leadership is supposed to make. But if that’s what’s going on, then reporters should call a spade a spade, and not let the leadership get away with making lame excuses.
The Technology Liberation Front is the tech policy blog dedicated to keeping politicians' hands off the 'net and everything else related to technology.