China’s Public Security Bureau has just ordered all hotels in Beijing and Shanghai —including the most well known U.S.-owned brands— to install government software that spies on all Internet traffic by hotel guests coming to watch the summer Olympic games. The goal is not only to spy on foreign media but also to chill any plans for demonstrations or communications between China’s dissidents and foreign officials.

The hotel owners are naturally outraged; however, if they refuse to comply they are essentially signing a financial death warrant. The Chinese government has warned of financial penalties, suspending access to the Internet, or the loss of an operating license for any hotel that tries to buck the system.

Welcome to the quicksand that is the Chinese Internet. The outrage is well placed but hardly unexpected; earlier this year the U.S. State Department warned travelers to the Olympics that “they have no reasonable expectation of privacy in public or private locations” in China. The fact that China is now reneging on its promise to allow a free media and an open Internet during the Olympics is hardly a surprise.
(more…)

In a victory for free speech, a federal appeals court ruled this week that the Federal Communications Commission stepped out of bounds when it issued an unprecedented $550,000 fine against CBS for airing Janet Jackson’s infamous breast-bearing “wardrobe malfunction” during the 2004 Super Bowl halftime show.

Echoing the seminal opinion by Second Circuit Court of Appeals on a related matter, the Third Circuit held that the FCC violated the Administrative Procedure Act (APA) when it changed its enforcement policy to regulate even one-off or “fleeting” indecent images without sufficient prior notice or justification. The Court noted that prior to 2004, the FCC had a policy of not sanctioning broadcasters for single utterances of swear words and brief flashes of nudity or other “indecent” material.
(more…)

Last week we blogged about the continuing congressional pressure facing ISPs regarding their involvement in behavioral advertising. Embarq has replied to the letter that Rep. Dingell, Rep. Barton, and Rep. Markey sent last week inquiring about the company’s trials of a new system that tracks the Web sites subscribers visit and uses that data to serve targeted advertisements to those subscribers. Press reports had indicated that Embarq was partnering with online ad network NebuAd for the test. According to a separate Embarq letter released yesterday, the trial involved 26,000 subscribers in Gardner, Kansas, and only 15 subscribers opted out.

One of the most troubling aspects of Embarq’s response concerns its approach to notice and consent. Embarq states that the company “posted a notice in the Privacy Policy that appeared on Embarq’s website.” As our recently-released legal analysis pointed out, such notice is most likely inadequate to meet the requirements set out in wiretapping laws, including the Federal Wiretap Act. This law requires an ISP to obtain its subscribers’ consent before intercepting or disclosing their communications—a standard that does not appear to have been met by Embarq.
(more…)

The blogosphere pumped up the volume on the news that YouTube was being forced, under court order, to fork over its “logging database,” in the course of Viacom’s billion-dollar copyright lawsuit against the Google-owned video site. Remember that this logging database records every Leave It To Beaver rerun (as well as ALL other videos) you’ve watched on YouTube. The database doesn’t identify you by name, but it does contain your IP address and your “OutlawBikerSpike” user name.

Since that initial hue-and-cry, the suits at Viacom and Google hunkered down and reached an agreement–called a stipulation–in which Viacom agrees to accept YouTube user data in an anonymized format. That doesn’t stop Viacom from knowing how many times Leave it to Beaver reruns have been watched, but it does keep the company from knowing it was you doing all that late-night nostalgic viewing.

This is the hoped-for scenario proffered by my colleague David Sohn in his earlier blog post on this subject:

It seems likely, however, that Viacom doesn’t actually need to link specific videos to specific users. Viacom’s goal, presumably — and more on that in a moment — is to try to show that providing access to infringing video is a crucial and perhaps dominant aspect of YouTube’s business. For that purpose, aggregate and/or anonymous data (i.e., not linked or linkable to actual login IDs or IP addresses) should be perfectly sufficient. Viacom shouldn’t actually need specific login IDs or IP addresses at all. Significantly, Google says it is asking Viacom to let it anonymize the data before turning it over. Hopefully Viacom will agree that anonymous data is sufficient.

Viacom also took steps to ensure a potential PR fiasco never reached critical mass. The company sent a letter to the Electronic Frontier Foundation and promised to inform EFF if the conditions of the stipulation changed in ways that would effect how the logging data was handled.

This report was prepared and published prior to the Senate passing of FISA.

CRS Report RL34566, July 7, 2008.

From the report’s summary:

The current legislative and oversight activity with respect to electronic
surveillance under the Foreign Intelligence Surveillance Act (FISA) has drawn
national attention to several overarching issues. This report briefly outlines three
such issues and touches upon some of the perspectives reflected in the ongoing
debate. These issues include the inherent and often dynamic tension between national
security and civil liberties, particularly rights of privacy and free speech; the need for
the intelligence community to be able to efficiently and effectively collect foreign
intelligence information from the communications of foreign persons located outside
the United States in a changing, fast-paced, and technologically sophisticated
international environment or from United States persons abroad, and the differing
approaches suggested to meet this need; and limitations of liability for those
electronic communication service providers who furnish aid to the federal
government in its foreign intelligence collection. Two constitutional provisions, in
particular, are implicated in this debate — the Fourth and First Amendments. This
report briefly examines these issues and sets them in context.

Freedom House held a Capitol Hill briefing July 15th on global Internet freedom. Rep. Chris Smith (R-NJ) and Jules Maaten of the European Union Parliament discussed their joint efforts to pass legislation aimed at promoting online free expression and privacy in repressive countries like China.

CDT is generally supportive of the goals of Rep. Smith’s Global Online Freedom Act (GOFA). We agree that statutorily creating a State Department office dedicated to Internet freedom and mandating annual reports on the Internet human rights practices of various countries are good ideas. But we believe other provisions of the bill will likely not be effective and may even be counterproductive. For example, storing user data outside a country is not a fool-proof way of avoiding that country’s assertion of jurisdiction over the information; and requiring disclosure of filtered search terms may create a “race to the bottom” when repressive regimes realize what’s not being filtered.
(more…)

There has been quite a bit of attention paid in the past week to statements by FCC Chairman Kevin Martin about possible FCC action against Comcast for interfering with some of its subscribers’ BitTorrent uploads. The idea appears to be that the agency could find Comcast’s actions inconsistent with principles set forth in the FCC’s 2005 broadband Policy Statement; order Comcast to refrain from such behavior going forward; and require more disclosure by Comcast of the details of its network management practices.

(Editor’s Note: For CDT’s prior blog posts on the Comcast/network management issue please click here, here, and here.)

CDT is no fan of the particular network management tactics Comcast was using. We think that efforts to manage congestion should apply evenly to all traffic based on objective criteria like usage volume, not single out specific applications. They also should be transparent. Comcast’s practices failed both tests. Still, we’re not exactly popping champagne corks at the apparent prospect of FCC action. An actual FCC order on this topic — particularly one characterized as an “enforcement action,” which is how Martin was quoted — raises significant concerns.
(more…)

These past two weeks have seen a flurry of activity concerning ISP participation in online behavioral advertising. On July 8, CDT released a legal memo explaining how ISPs partnering with third parties to intercept and use Internet traffic content may violate federal and state wiretapping laws. NebuAd, one such third party, issued both its own legal analysis and a response to CDT’s memo later that day.

On July 9, representatives for CDT and NebuAd were among the speakers before the Senate Commerce Committee discussing the “Privacy Implications of Online Advertising.” Both CDT’s memo and the Senate hearing garnered much-needed press attention on this worrisome extension of online behavioral advertising practices. CDT’s privacy concerns with such ISP involvement in behavioral advertising are detailed in the testimony of CDT President Leslie Harris.

Also on July 9, Richard Blumenthal, the Connecticut Attorney General, released a letter to the Senate Commerce Committee urging federal action to cut off ISP involvement in online behavioral advertising unless there is “prior and explicit consumer approval.” Blumenthal called on Congress to strengthen both the Cable Communications Policy Act and the Electronic Communications Privacy Act to “emphatically and effectively ban tracking by Internet service providers and third party marketers.” involvement

Yesterday (July 15), House Reps. John D. Dingell, Joe Barton, and Edward J. Markey released a letter to Embarq both expressing concern over the ISP’s involvement in online behavioral advertising and seeking answers to nine specific questions regarding Embarq’s trial with NebuAd. The letter notes that the Congressmen are particularly “concerned that Embarq may not have directly notified the subscribers involved in the test that their Web use was being analyzed and profiled.” Among other things, the Congressmen asked Embarq to provide details on its trial, describe the notice given to subscribers, explain any analysis conducted as to this business model’s legality, and detail the opt-out procedures available to subscribers during the trial. The letter requests a response from Embarq by July 21.

Tomorrow (July 17), the House Subcommittee on Telecommunications and the Internet will continue to press the issue by holding a hearing on “What Your Broadband Provider Knows About Your Web Use: Deep Packet Inspection and Communications Laws and Policies.” Alissa Cooper will be testifying on behalf of CDT.

There has been some controversy lately about what a letter from Rep. Capuano of the Franking Committee means for House members’ Web presence. The Franking Committee, which in part regulates members’ communications so they don’t appear to endorse a particular product, service or ideology, are looking into how members should be able to use the Internet, and have sent a letter to the Committee on House Administration with a few recommendations.

Some are claiming that these recommendations would prohibit House members from posting to any unapproved website, and would need to have each post individually approved. Our friends at the Sunlight Foundation have started a reasonable campaign to ensure that Members can use new social media- like Twitter (home of the ‘tweet’). Capuano has responded, saying that the critics have it all wrong, and that the recommendations are an effort to open up the rules to let Members use third-party services for video (i.e. hosting official videos on YouTube, then embedding them on their house.gov page). Speaker Pelosi has also weighed in, reminding those who are concerned that she has a notable presence on social networks and uses new web services- and that they want to make that more common.

It’s good that the Franking Committee is looking at the ways members can use the Internet. The same way that the public is discovering new ways to communicate with each other and breaking down barriers, legislators can use these new services to transparency’s advantage. But Franking rules exist for a reason, and Congress members are held to a higher standard- their messages shouldn’t lead to the commercialization of the Congress and they need to make sure their material stays ADA compliant in ways that YouTube doesn’t make easy.

I hope that they see the possible uses for sites like Twitter and YouTube. We’ve seen how the new Web services can be used in elections, and maybe soon we’ll see them get used in the legislative process. The fact that there is confusion about existing rules and the proposed recommendations show that some work still needs to be done, but it clearly is not as bad as the most ardent critics suggest. Hopefully this dialog on Congressional Internet use will continue, and we can work out some guidelines on how to help members use the Internet- to everyone’s advantage.

This report provides a brief look at the FCC budget for the last three years, followed by an overview of the Commission and its mandate, structure, strategic plan, and proposals for both procedural and substantive changes.

CRS Report RL 32589, May 13, 2008

From the Report’s Summary:

Although the FCC has restructured over the past few years to better reflect the
industry, it is still required to adhere to the statutory requirements of its governing
legislation, the Communications Act of 1934. The 1934 Act requires the FCC to
regulate the various industry sectors differently. Some policymakers have been
critical of the FCC and the manner in which it regulates various sectors of the
telecommunications industry — telephone, cable television, radio and television
broadcasting, and some aspects of the Internet. These policymakers, including some
in Congress, have long called for varying degrees and types of reform to the FCC.
Most proposals fall into two categories: (1) procedural changes made within the FCC
or through Congressional action that would affect the agency’s operations or (2)
substantive policy changes requiring Congressional action that would affect how the
agency regulates different services and industry sectors.