We’re just under a month away from OneWebDay 2008, and the Washington, DC OneWebDay planning committee would like to invite you to participate. Susan Crawford, an Internet legal scholar and CDT Policy Fellow, started OneWebDay four years ago to promote the Internet and keep it vibrant, in the same way that Earth Day promotes taking care of the environment. The Internet is under a lot of pressure, from inadequate connectivity and the digital divide to censorship. When the Internet is in the news, it is usually to highlight one of the feared aspects of the Internet, rather than the positive transformative power of the Internet. OneWebDay is intended to create a town square of sorts where people far and wide can come together to celebrate and protect the Internet- keeping it innovative, open and free.

On September 22nd, there will be events all over the world, from London to Melbourne to Tunisia and all across the United States, in honor of OneWebDay. The Washington, DC  group working on OneWebDay has been creating an E-Democracy Time Capsule, and we are looking for your help finding the best of the political Web. Washington, DC is an ideal place to talk about e-democracy, and highlight that e-democracy is a national and international issue. There’s no reason that democracy and government needs to stay centered in DC online. This year, the election is showing the power of the Internet in democracy. Most people do not have easy access to their government, and the Internet allows users to get information and often to influence policy in a way that citizens would not otherwise be able to do.

(more…)

The Department of Justice is about to issue new Attorney General Guidelines that govern FBI criminal and intelligence investigations.

The new Guidelines would reportedly weaken the standards in existing Guidelines for use of some intrusive investigative techniques. Currently, the FBI has to have “reasonable suspicion” of criminality to open a full criminal investigation and it has to have some kind of a lead to start a preliminary inquiry — sort of a mini-investigation to run down the lead and decide whether to open a full criminal investigation. According to recent reports, the new Guidelines would permit the FBI to conduct an “assessment” of possible criminal activity or a threat to national security without having any lead at all. While doing that “assessment,” FBI agents would be empowered to use investigative techniques that had previously been reserved for full investigations and preliminary inquiries when there was evidence of crime: the agents could follow a person around, question friends and business colleagues about the person (and misrepresent themselves as persons other than FBI agents while conducting those interviews), and recruit secret informants to provide information about the person and his or her activities.

(more…)

The Olympics are well into their second week. Although we’ve seem some inspiring performances from athletes like swimmer Michael Phelps and gymnast Nastia Liukin, it’s sad that these games have been mired in controversy from the beginning: the IOC’s lack of will or ability to hold China to its promise to improve its human rights record as a condition of winning the Olympic bid, China’s violent crackdown on Tibetan demonstrators, ugly protests during the global Olympic torch relay, the apparently underage Chinese gymnasts, and – “dear” to CDT’s heart – the surveillance of Beijing hotel guests’ communications and the Chinese government’s unwillingness to make the Internet totally free of censorship for foreign journalists.

President Bush, though going on to be the guest of Chinese President Hu Jintao, first made it known that the United States still has “deep concerns” about the Chinese government’s human rights record. There is no doubt that U.S. presidents and other government leaders need to be consistently outspoken against the human rights abuses of other countries. But the U.S. can’t just be a leader in words; we must also be a leader in deeds. It’s no secret that other nations look to the U.S. and our Western allies to practically define “human rights” through our policies and actions. Yet President Bush speaks out of both sides of his mouth: decrying the human rights record of the Chinese government while defending, for example, the NSA’s warrantless wiretapping and the abridgement of rights of Guantanamo Bay detainees.

In recent weeks, CDT has been fighting to keep the U.S. government from becoming a leader in Internet censorship, doing battle with the Federal Communications Commission and its efforts to censor television and the Internet. We filed a brief in the U.S. Supreme Court arguing that the Commission should not be able to fine broadcasters hundreds of thousands of dollars for airing “fleeting expletives” – that is, one-time utterances of curse words – but also that it no longer makes sense from a technological or policy perspective to allow the FCC to censor broadcast content when the First Amendment doesn’t allow such government overreaching in other media.

Moreover, at the same time that the constitutional foundation for the FCC’s 30-year-old broadcast censorship authority is withering, we’re also concerned about the FCC’s recent attempts to branch out into the Internet. We filed comments with the FCC arguing that its proposal to censor a free nationwide wireless Internet access network would be unconstitutional.

The FCC justifies both policies by claiming that it’s protecting children. CDT is not an advocate for profanity or pornography, but rather an advocate for free speech and the proper role of the government in private lives, especially when parents have the responsibility and the ability, using technological means, to control their children’s media consumption. Pulling at people’s heartstrings by using “The Children” as an excuse for exerting government control is precisely what China does when Westerners criticize its media policies. In fact, the vice president of the Beijing Olympic organizing committee, defending China’s Internet censorship during the Olympic games, was quoted as saying, “We promised free access except for a few websites that jeopardize our security and the healthy growth of our youth.”

Somehow, U.S. government leaders fail to see that our own government-mandated censorship diminishes our standing to challenge the human rights abuses of other nations, and at the same time increases the risk that repressive regimes will use U.S. policies to justify their own human rights violations. The same Chinese Olympic official further rationalized his country’s actions: “That’s an assessment made by the authorities of which sites are good and which are not good for our youth. It’s like what any other country does.”

America’s leaders must no longer speak out of both sides of their mouths – our domestic actions must match our global human rights rhetoric.

The newest State of the Net report from Consumer Reports has concluded that several major online risks- including spyware infections- are declining in precedence. Unfortunately, spyware still cost the country 3.6 billion dollars over the last six months, with over half a million households being forced to replace computers because of spyware.

While this is an intimidating figure, it in fact represents a 54% decline in the rate of serious spyware problems, even though a third of respondents didn’t install anti-spyware programs (about the same as last year). Unfortunately, the rate of serious spyware infections is not falling at the same rate as serious spam and virus incidents.

Consumer Reports credits the progress being made against spyware and other online threats to consumer education, improved user tools, and government involvement. Of course, the spyware developers are working to come up with new ways to circumvent consumer precautions. One in 14 households had a serious spyware incident, and spyware developers are taking advantage of new platforms, such as cell phones.

Like last year, we are pleased to see progress being made in the flight against spyware, and hope that legal and technical solutions to spyware continue to be pursued.

August is traditionally a slow time in D.C., with Congress out of session and most policymakers looking to escape town for some vacation. But the early part of the month has already seen some significant developments for Internet policy.

First, on August 1, the FCC voted 3-2 to adopt a controversial enforcement action against Comcast for interfering with BitTorrent traffic. As I noted in July, CDT has reservations about the legal basis for the FCC’s assertion of authority to engage in such enforcement. But the kind of tactics Comcast was using pose a real threat to the openness of the Internet, and the FCC’s decision marks the first time the government has stepped in to impose some concrete limits. It’s too early to judge the full impact — in part because the agency has not yet released the actual text of the order — but clearly this is a landmark development in the public debate over Internet neutrality and network management.

Second, on August 4, the 2nd U.S. Circuit Court of Appeals issued an important decision in the case involving Cablevision’s proposed “remote storage” digital video recorder (DVR). CDT helped organize an amicus brief in the case back in 2007, because the lower court ruling that the DVR would infringe copyright threatened to cast a major cloud of copyright risk over services that provide data storage remotely.
(more…)

An article in the Washington Post today reported on the use by health and life insurers of identifiable prescription drug records to make coverage decisions. This data is actually acquired by companies that act as data brokers or analysts on behalf of insurers, and individuals applying for insurance consent to having their prescription drug data gathered and used for this purpose. The article further notes that the gathering of this data will be even easier when this information is stored in electronic health records.

This article exposes the limits of relying on individual consent to protect sensitive health information. The companies mentioned in the article (Ingenix, Milliman) who mine this data all claim to have relied on consent to obtain sensitive prescription drug histories. It’s no surprise that these individuals consented to having this information gathered about them – they had no other choice. When you need health or life insurance, or if you are seeking medical care, you will sign whatever form is put in front of you.

The article also exposes the limits of the federal privacy rules under the Health Insurance Portability and Accountability Act of 1996 (HIPAA), which gives the federal government no basis to go after Ingenix or Milliman or any other intermediary entity for any misuse of health information or data breaches.

If the public doesn’t trust that electronic health record systems will protect their privacy, we will never make further progress toward achieving an interconnected health data system that improves care. This article demonstrates clearly that patient consent is not the answer. Instead, we need clear limits on uses of an individual’s health information that are applicable to “downstream” entities that use or hold this information, as well as aggressive monitoring and enforcement of the law.

Last week I had the privilege to attend the 72nd meeting of the Internet Engineering Task Force (IETF), the Internet’s longest-established technical standardization body. CDT has long been engaged in the work of the IETF and other standards bodies, with an eye towards both increasing public interest input into standards processes and fostering understanding among Internet technologists, policymakers and advocates.

The IETF describes itself as a “large open international community of network designers, operators, vendors, and researchers.” It has no membership. Anyone who wants to attend a meeting or submit a proposal for a new protocol or standard is welcome to do so. The organization is comprised purely of volunteers.
(more…)

China’s Public Security Bureau has just ordered all hotels in Beijing and Shanghai —including the most well known U.S.-owned brands— to install government software that spies on all Internet traffic by hotel guests coming to watch the summer Olympic games. The goal is not only to spy on foreign media but also to chill any plans for demonstrations or communications between China’s dissidents and foreign officials.

The hotel owners are naturally outraged; however, if they refuse to comply they are essentially signing a financial death warrant. The Chinese government has warned of financial penalties, suspending access to the Internet, or the loss of an operating license for any hotel that tries to buck the system.

Welcome to the quicksand that is the Chinese Internet. The outrage is well placed but hardly unexpected; earlier this year the U.S. State Department warned travelers to the Olympics that “they have no reasonable expectation of privacy in public or private locations” in China. The fact that China is now reneging on its promise to allow a free media and an open Internet during the Olympics is hardly a surprise.
(more…)

In a victory for free speech, a federal appeals court ruled this week that the Federal Communications Commission stepped out of bounds when it issued an unprecedented $550,000 fine against CBS for airing Janet Jackson’s infamous breast-bearing “wardrobe malfunction” during the 2004 Super Bowl halftime show.

Echoing the seminal opinion by Second Circuit Court of Appeals on a related matter, the Third Circuit held that the FCC violated the Administrative Procedure Act (APA) when it changed its enforcement policy to regulate even one-off or “fleeting” indecent images without sufficient prior notice or justification. The Court noted that prior to 2004, the FCC had a policy of not sanctioning broadcasters for single utterances of swear words and brief flashes of nudity or other “indecent” material.
(more…)

Last week we blogged about the continuing congressional pressure facing ISPs regarding their involvement in behavioral advertising. Embarq has replied to the letter that Rep. Dingell, Rep. Barton, and Rep. Markey sent last week inquiring about the company’s trials of a new system that tracks the Web sites subscribers visit and uses that data to serve targeted advertisements to those subscribers. Press reports had indicated that Embarq was partnering with online ad network NebuAd for the test. According to a separate Embarq letter released yesterday, the trial involved 26,000 subscribers in Gardner, Kansas, and only 15 subscribers opted out.

One of the most troubling aspects of Embarq’s response concerns its approach to notice and consent. Embarq states that the company “posted a notice in the Privacy Policy that appeared on Embarq’s website.” As our recently-released legal analysis pointed out, such notice is most likely inadequate to meet the requirements set out in wiretapping laws, including the Federal Wiretap Act. This law requires an ISP to obtain its subscribers’ consent before intercepting or disclosing their communications—a standard that does not appear to have been met by Embarq.
(more…)