On Baase p 228 is a list of justifications for file sharing. The
fourth item in the bulleted list is the "negative right",
or liberty, to be generous (positive rights are entitlements; negative
rights are freedoms). Stallman believes this putative right to share
software with others rises to the
level of an obligation, or duty; that is, we're all obligated to help others with their computers by sharing our free software. He does not claim
this rises to the level of
a "positive right" to receive assistance. He has argued that using
copyrighted software forces you to fail at this obligation, and is
therefore wrong; I do not believe he has ever argued that sharing
copyrighted software is right.
p 237: "Some people in the free-software movement do not believe that copyright should protect software at all"
It is not clear that RMS has ever argued that software copyright should not exist (though he has argued that software patents should not exist).
He was suspended for insubordination on July 9, 2008,
apparently for refusing to turn over router passwords. There are GOOD
reasons for limiting access to such passwords on a need-to-know basis,
BUT refusing to turn them over might be going pretty far. (However,
there are some mitigating factors, including the fact that there was an
open speakerphone call in progress at the time Childs was asked for the
passwords).
Childs did nothing to damage the network, and the network was never down at any time.
Childs had some past history: he committed a burglary at age 17 and spent 4 years in prison. He was arrested by SF police on Saturday, July 12, on four counts of computer tampering. There has not been any public explanation. He is still in prison. He refused to give the police valid passwords at his arrest (such refusal is protected by the 5th Amendment). He did give the passwords to the mayor of SF, on July 21.
The city's main claim is that Childs was arrested because he placed
the city systems in jeapordy. However:
The biggest concern to computing professionals is that San Francisco then created a
laundry list of criminal allegations against Childs that in fact are standard practices:
Childs seems to have been "security-conscious to the point of paranoia".
But most good computer-security people are!
In opposing bail reduction for Childs, the city's attorneys wrote in July 2008:
Final four charges (pretty close to the original, but none of the
tantalizing allegations of the bail-reduction motion making it in): one
of "disrupting or denying computer services" (by not revealing the
passwords) and three of "providing a means of accessing a computer,
computer system, or computer network". There are no charges (in
February) of network tampering; these appeared in court documents in
July and August 2008 though. ("Network tampering" appears to have been
replaced by the three modem charges.)
It is indeed possible that Childs decided not to have configurations
written to flash memory for "job security"; ie so that, if there was a
problem, he would be irreplaceable. Alternatively, it could have been
because Childs was having conflicts with management and wanted them to
know they couldn't work without him. There is no evidence, though, of
this.
Congress shall make no law ... abridging the
freedom of speech, or of the press;
But they can abridge "offensive" speech. For example:
sexual material , including pornography (though that is a perjorative term)
Miller v California, Supreme Court 1973: 3-part guideline:
For the internet, COMMUNITY STANDARDS is the problem: what community?
As the Internet became more popular with "ordinary" users, there was mounting concern that it was not "child-friendly". This led in 1996 to the Communications Decency Act (CDA) (Baase p 151)
The CDA was extremely broad.
From the CDA:
WHICH COMMUNITY?
On the internet, you cannot tell how old someone is
Butler v Michigan, 1957: SCOTUS struck down a law making it illegal to sell material (pornography) in Michigan that might be harmful to minors.
CDA was widely viewed as an attempt by Congress to curry favor with a "concerned public", but knowing full well it was unlikely to withstand court scrutiny.
It did not. Supreme court ruled unanimously in 1997 that the censorship provisions were not ok. too vague did not use "least-restrictive means"
Child Online Protection Act (COPA), 1998: still stuck with "community standards" rule Set up commission, that later wanted some of google's query data.
CIPA: Child Internet Protection Act, 2000 (Baase, p 158) Schools that want federal funding have to install filters.
Filters are sort of a joke, though they've gotten better. However, they CANNOT do what they claim. They pretty much have to block translation sites and all "personal" sites, as those can be used for redirection.
SCOTUS upheld CIPA in 2003.
The Chicago Public Library gave up on filters, but did install screen covers that make it very hard for someone to see what's on your screen. This both protects patron privacy AND protects library staff from what might otherwise be a "hostile work environment"
Baase has more on the library situation, p 157
Batzel v Cremers:
One piece of the CDA survived: section 230:
No provider or user of an interactive computer service shall be treated as the publisher or speaker of any information provided by another information content provider. [Wikipedia]
Why is this there?
Note that there is no limit of Section 230 to any particular
area of law, eg libel.
Note also that §230 addresses "publisher" liability and "author" liability. Another form, not exempted, is "distributor" liability.
History of this as applies to protecting minors from offensive material
District court only, New York State (Does anyone remember compuserve?) Giant pre-Internet BBS available to paid subscribers. The "rumorville" section, part of the Journalism Forum, was run by an independent company, Don Fitzpatrick Associates. Their contract guaranteed DFA had "total responsibility for the contents". Rumorville was in essence an online newspaper; essentially it was an expanded gossip column about the journalism industry. I have no idea who paid whom for the right to be present on CompuServe.
1990: Cubby Inc and Robert Blanchard plan to start a competing online product, Skuttlebut. This is disparaged in Rumorville. Cubby et al sue DFA & Compuserve for libel.
Compuserve argued they were only a distributor; they escaped liability. In fact, they escaped with Summary Judgement! The court ruled that they had no control at all over content. They are like a bookstore, or a distributor.
While CompuServe may decline to carry a given publication altogether, in reality, once it does decide to carry a publication, it will have little or no editorial control over that publication's contents. This is especially so when CompuServe carries the publication as part of a forum that is managed by a company unrelated to CompuServe.
CompuServe has no more editorial control over such a publication than does a public library, book store, or newsstand, and it would be no more feasible for CompuServe to examine every publication it carries for potentially defamatory statements than it would be for any other distributor to do so.
It was and is generally accepted that distributors have no liability for content (unless it can be proven that they encouraged the content).
(we'll come back to "distributor liability" later.)
Stratton Oakmont v Prodigy: New York state court, 1995. On a financial matters forum called "Money Talk," a Prodigy user (never identified) posted about Daniel Porush, the president of Stratton Oakmont, a financial services company. The remarks called Porush a "soon to be proven criminal" and that Stratton Oakmont was a "cult of brokers who either lie for a living or get fired"
Prodigy claimed the Compuserve defense in their motion for summary judgement.
Prodigy lost, because they promised to monitor for bad behavior on the board. At the very least, they CLAIMED to the public that they reserved the right to edit or remove messages. This was in fact part of Prodigy's family-oriented marketing. Prodigy was trying to do "family values" editing (including the deletion of profanity), and it cost them.
In legal terms, Prodigy was held to "publisher liability" rather than the weaker "distributor liability" because they CLAIMED to exercise editorial judgement.
Prodigy did have some internal confusion about whether they were for the "free expression of ideas" or were "family safe"
Prodigy's policy was to ban individual attacks, but not group attacks; anti-semitic rants did appear and were not taken down.
After Prodigy lost their motion for summary judgement, the case was settled; Prodigy issued a public apology. In Wall Street versus America by Gary Weiss, the claim is made
that the settlement did not involve the exchange of money. See http://books.google.com/books?id=iOhGkYqaEdwC&pg=PA213&lpg=PA213&dq=wall+street+versus+america+porush&source=b...t=result, page 215: "No money changed hands. No money had to change hands."
Weiss also points out that four years later "... Porush and his
partners were all carted off to federal prison. In 1999, Porush and
other Stratton execs pleaded guilty to securities fraud and money
laundering for manipulating a bunch of Stratton IPOs... Stratton really
was a den of thieves. Porush really was a criminal." [italics in original]
Enter the CDA. Section 230 was intended to encourage
family-values editing.
Whether this was specifically to encourage providers to remove profanity & obscenity, the nominal targets of the CDA, or whether it was just a compensatory free-speech-positive clause in an overall free-speech- very-negative law is not clear.
Most of Congress did not expect the CDA to withstand judicial scrutiny.
Congressional documents suggest fixing Stratton Oakmont precedent was the primary purpose of section 230. However, arguably the reason for fixing Stratton Oakmont was to protect ISPs and websites that did try to provide a "family-friendly" environment.
He claims:
Smith had a dispute with Batzel [either about payments for work, or about Batzel's refusal to use her Hollywood contacts to help Smith sell his movie script].
Smith sent his allegations about Batzel in an email to Ton Cremers, who ran a stolen-art mailing list. Smith found Cremers through a search engine. This is still 1999.
Smith claimed in his email that some of Batzel's paintings were likely stolen by the Nazis. (p 8432 of the decision, Absolute Page 5)
Smith sent the email to securma@museum-security.org
Cremers ran a moderated listserv specializing in this. He included Smith's email in his next release. Cremers exercised editorial control both by deciding inclusion and also by editing the text as necessary.
He included a note that the FBI had been notified.
Normal address for Cremer's list was: securma@x54all.nl
Smith's emailed reply to someone when he found out he was on the list:
I [was] trying to figure out how in blazes I could have posted me [sic] email to [the Network] bulletin board. I came into MSN through the back door, directed by a search engine, and never got the big picture. I don't remember reading anything about a message board either so I am a bit confused over how it could happen. Every message board to which I have ever subscribed required application, a password, and/or registration, and the instructions explained this is necessary to keep out the advertisers, cranks, and bumbling idiots like me.
Some months later, Batzel found out and contacted Cremers, who contacted Smith, who continued to claim that what he said was true. However, he did say that he had not intended his message for posting.
On hearing that, Cremers did apologize to Smith.
Batzel disputed having any familial relationship to any Nazis, and stated the artwork was not inherited.
Batzel sued:
Cremers filed for:
He lost on both counts. (Should he have? We'll return to the jurisdiction one later.)
This was the Section 230 case that set the (famous) precedent.
IS cremers like an ISP here? The fact that he is editing the list he sends out sure gives him an active role, and yet it was Prodigy's active-editing role that the CDA section 230 was arguably intended to protect.
Why does Communications Decency Act have such a strong free-speech component? Generally free speech is something the indecent are in favor of.
The appellate case was heard by the 9th Circuit (Federal Appellate court in CA, other western states); a copy is at http://cs.luc.edu/pld/ethics/BatzelvCremers.pdf.
(Page numbers in the sequal are as_printed/relative).
Judge Berzon:
[Opening (8431/4)] There is no reason inherent in the technological features of cyberspace why First Amendment and defamation law should apply differently in cyberspace than in the brick and mortar world. Congress, however, has chosen for policy reasons to immunize from liability for defamatory or obscene speech "providers and users of interactive computer services" when the defamatory or obscene material is "provided" by someone else.
Note the up-front recognition that this is due to Congress.
Section 230 was first offered as an amendment by Representatives Christopher Cox (R-Cal.) and Ron Wyden (D-Ore.). (8442/15)
Congress made this legislative choice for two primary reasons. First, Congress wanted to encourage the unfettered and unregulated development of free speech on the Internet, and to promote the development of e-commerce. (8443/16) ...
(Top of 8445/18) The second reason for enacting § 230(c) was to encourage interactive computer services and users of such services to self-police the Internet for obscenity and other offensive material
[extensive references to congressional record]
(8447/20): In particular, Congress adopted § 230(c) to overrule the decision of a New York state court in Stratton Oakmont, 1995
Regarding question of why a pro-free-speech clause was included in an anti-free-speech law (or, more precisely, addressing the suggestion that section 230 shouldn't be interpreted as broadly pro-free-speech simply because the overall law was anti-free-speech):
(8445/18, end of 1st paragraph): Tension within statutes is often not a defect but an indication that the legislature was doing its job.
The District court limited this to ISPs. The Circuit court argued that (a) Cremers was a provider of a computer service, and (b) that didn't matter because he was unquestionably a USER.
8450/23, at [12] Critically, however, § 230 limits immunity to information "provided by another information content provider."
Here's one question: was Smith "another content provider"? You can link and host all you want, provided others have created the material for online use.
The other question is whether Cremers was in fact partly the "provider", by virtue of his editing.
Answer to first question:
8450/23, 3rd paragraph: Obviously, Cremers did not create Smith's e-mail. Smith composed the e-mail entirely on his own. Nor do Cremers's minor alterations of Smith's e-mail prior to its posting or his choice to publish the e-mail (while rejecting other e-mails for inclusion in the listserv) rise to the level of "development."
More generally, the idea here is that there is simply no way to extend immunity to Stratton-Oakmont-type editing, or to removing profanity, while failing to extend immunity "all the way".
Is that actually true?
The Court considers some other partial interpretations, but finds they are unworkable.
Second point:
8584/27, 3rd paragraph Smith's confusion, even if legitimate, does not matter, Cremers maintains, because the §230(c)(1) immunity should be available simply because Smith was the author of the e-mail, without more. We disagree. Under Cremers's broad interpretation of §230(c), users and providers of interactive computer services could with impunity intentionally post material they knew was never meant to be put on the Internet. At the same time, the creator or developer of the information presumably could not be held liable for unforeseeable publication of his material to huge numbers of people with whom he had no intention to communicate. The result would be nearly limitless immunity for speech never meant to be broadcast over the Internet.
The case was sent back to district court to determine this point (which it did, in Cremer's favor).
8457/30, at [19] We therefore ... remand to the district court for further proceedings to develop the facts under this newly announced standard and to evaluate what Cremers should have reasonably concluded at the time he received Smith's e-mail. If Cremers should have reasonably concluded, for example, that because Smith's e-mail arrived via a different e-mail address it was not provided to him for possible posting on the listserv, then Cremers cannot take advantage of the §230(c) immunities.
Judge Gould partial dissent in Batzel v Cremers:
Quotes:
The majority gives the phrase "information provided by another" an incorrect and unworkable meaning that extends CDA immunity far beyond what Congress intended.
(1) the defendant must be a provider or user of an "interactive computer service"; (2) the asserted claims must treat the defendant as a publisher or speaker of information; and (3) the challenged communication must be "information provided by another information content provider."2 The majority and I agree on the importance of the CDA and on the proper interpretation of the first and second elements. We disagree only over the third element.3
Majority: part (3) is met if the defendant believes this was the author's intention. This is convoluted! Why does the author's intention matter?
The problems caused by the majority's rule would all vanish
if we focused our inquiry not on the author's [Smith's] intent,
but on the defendant's [Cremers'] acts [pld: emphasis added here and in sequel]
So far so good. But then Gould shifts direction radically:
We should hold that the CDA immunizes a defendant only when
the defendant took no active role in selecting the questionable
information for publication.
How does this help Prodigy with family-friendly editing or Stratton-Oakmont non-editing? Why not interpret (3) so the defendant is immunized if the author did intend publication on internet?
Gould: A person's decision to select particular information for distribution on the Internet changes that information in a subtle but important way: it adds the person's imprimatur to it
No doubt about that part. But Congress said that chat rooms, discussion boards, and listservs do have special needs.
And why then add the "and users" lanuage to the bill? These aren't users.
Gould:
If Cremers made a mistake, we should not hold that he may escape all
accountability just because he made that mistake on the Internet.
Should this liability be there, in light of §230? Does §230 mean
that a company cannot be found liable as publisher or speaker for email
created by employees?
Arguably, the main issue here is a "hostile work environment", which
is a none-of-the-above in terms of publisher, author, or distributor
liability. This is an important point regarding the extent of §230
immunity. Companies are not being found liable as publisher or author, but rather for "tolerating" the authorship.
Since this case, there have been MANY others decided by application of this decision. See eff.org's section on Free Speech, http://www.eff.org/issues/free-speech.
There have also been many attacks on Section-230 immunity. Some limitations may come, someday.
Publisher liability (except when eliminated by §230) exists even without knowledge of defamatory material's inclusion:
Distributor liability is not exempted by §230. It is liability for knowingly
distributing defamatory material. However, in Zeran v AOL, the courts
found that prior notice doesn't automatically make for distributor
liability.
Most likely approach to attack §230 immunity (2007): distributor liability.
spam
1996: aol v Cyber Promotions (Baase, p 161)
Note that CP sued aol for blocking CP's spam!
Eventually AOL sued CP.
Intel-Hamidi case: Ken Hamidi sent email to 30,000 intel employees. Intel sued. It eventually reached the California Supreme Court, who ruled in Hamidi's favor.
Harris Interactive sued the Mail Abuse Prevention System, for blocking their opinion-poll email. One interesting claim by Harris is that they were "turned in" to MAPS by a competitor. Harris dropped the suit.
CAN-SPAM act
People have a right to send email. Sort of. Maybe not companies, though.
All these categories are things that, once upon a time, private individuals seldom if ever got caught up in.
p 166:
Commodity-Futures Trading Commission (CFTC):
they required that, if you wrote about commodity futures,
you needed a license. The regs were originally intended to cover
traders, but CFTC applied them to newsletters too, and then the web. (These latter rules were deleted in 2000.)
New York State outlawed not only the direct sale of wine from out-of-state-wineries to New Yorkers, but also the advertising. What about web pages?
p 176: political campaign laws. Anything you do that is "coordinated" with a political campaign is considered to be a contribution. These are subject to limitations, and to reporting requirements.
McCain-Feingold: you cannot even mentioning a candidate's name or face within 60 days of an election.
In 2004, the Federal Election Commission was ordered by a judge to write rules extending the McCain-Feingold rules to the Internet.
How would this affect bloggers? Would they be silenced?
Note that the opposing candidates are VERY likely to file complaints.
2006 FEC rules on the internet: it's ok as long as you aren't paid, EVEN IF political activity is "in coordination with" the candidate.
2007: Supreme court struck down the McCain-Feingold restriction on issue ads.
Home selling: if you list your house online, do you need a real-estate license?
There have been attacks on the Section 230 defense, but courts have been unwilling to date to allow exceptions, or to restrict coverage to "traditional ISPs" where there is zero role in selection of the other material being republished.
There is still some question though about what happens if you do actively select the material. Cremers played a very limited editorial role. What if you go looking for criticism of someone and simply quote all that? And what if you're a respected blogger and the original sources were just Usenet bigmouths?
EFF: One court has limited Section 230 immunity to situations in which the originator "furnished it to the provider or user under circumstances in which a reasonable person...would conclude that the information was provided for publication on the Internet...."
Be wary, too, of editing that changes the meaning. Simply deleting some statements that you thought were irrelevant but which the plaintiff thought were mitigating could get you in trouble!
This was a §230 case that expanded the rules to include at least some distributor liability.
Someone posted a fake ad for T-shirts with tasteless slogans related to the Oklahoma City bombing, listing Kenneth Zeran's home number. Zeran had nothing to do with the post (although it is not clear whether the actual poster used Zeran's phone intentionally). For a while Zeran was getting hostile, threatening phone calls at the rate of 30 per hour.
Zeran lost his initial lawsuit against AOL.
Zeran appealed to the 4th circuit, arguing that § 230 leaves intact "distributor" liability for interactive computer service providers who possess notice of defamatory material posted through their services.
Publisher liability: liability even without knowledge of defamatory material's inclusion:
Distributor liability: liability for knowingly distributing defamatory material
Zeran argued that AOL had distributor liability once he notified them of the defamatory material.
Zeran lost. In part because he "fails to understand the practicalimplications
of notice liabililty in the interactive-computer-service context". The
court also apparently felt that AOL was still acting more as publisher
than distributor, at least as far as §230 was concerned.
Still to be resolved: what if I quote other defamatory speakers on my blog in order to "prove my point"? Batzel v Cremers doesn't entirely settle this; it's pretty much agreed Cremers did not intend to defame Batzel.
There's also the distributor-liability issue left only partly settled in Zeran.
Barrett v. Rosenthal, Nov. 20, 2006: California supreme court affirms core §230 ruling
Rosenthal posted statements on Internet newsgroups about two doctors who operated Web sites aimed at exposing fraud in alternative medicine. Her posts quoted an allegation by Tim Bolen that one of the doctors engaged in "stalking".
From www.gannett.com/go/newswatch/2006/november/nw1130-3.htm
In the case before the California Supreme Court, the doctor [Barrett] claimed
that by warning Rosenthal that Bolen's article was defamatory,
she "knew or had reason to know" that there was defamatory content
in the publication. Under traditional distributor liability law,
therefore, Rosenthal should therefore be responsible for the substance
of Bolen's statements, the doctor claimed.
The court rejected the doctor's interpretation, saying that the statute
rejects the traditional distinction between publishers and distributors,
and shields any provider or user who republishes information online.
The court acknowledged that such "broad immunity for defamatory
republications on the Internet has some troubling consequences,"
but it concluded that plaintiffs who allege "they were defamed
in an Internet posting may only seek recovery from the original
source of the statement."
Barrett could still sue Bolen. But Bolen might not have had any
money, and Barrett would have to prove that Bolen's original email, as distributed by Bolen, was defamatory. If Bolen sent it privately, or with limited circulation, that might be difficult.
See also wikipedia article http://en.wikipedia.org/wiki/Barrett_v._Rosenthal
Rosenthal was arguably even more of an Ordinary User than Ton Cremers.
Jane Doe v MySpace: §230 applies to liability re physical harm
Jane Doe acting on behalf of Julie Doe, her minor daughter She was 13 when she created a myspace page, 14 when she went on a date with someone age 19 who then assaulted her. On the face of it, Doe claims that the suit is about MySpace failing to protect children, or for failing to do SOMETHING. But the court held that it's really about lack of liability for Julie Doe's posting. Note that this isn't libel law at all. The court argued that:
It is quite obvious that the underlying basis of Plaintiff's claims is that, through postings on MySpace, *** and Julie Doe met and exchanged personal information which eventually led to ... the sexual assault.
Therefore the case is in fact about publication, and therefore MySpace is immune under Section 230.
A selected few "sucks" sites. Search for (large company name) + "sucks" to find more.
mcspotlight.org |
mclibel |
uopsucks.com (university of phoenix) |
placeholder site, but see here |
walmartsucks.com |
placeholder site |
walmartsucks.org |
you betcha! |
gmsucks.net |
domain lookup error |
lyingscumbags.com |
Ah, but there are anti-GM sites! |
fordREALLYsucks.com |
going strong! |
intelsucks.org |
weird site; maybe just humor? |
microsoftsucks.org |
tied to applesucks.org |
applesucks.org |
tied to microsoftsucks.org |
linuxsucks.com |
placeholder |
linuxsucks.org |
can't connect |
whylinuxsucks.org |
a serious site on linux improvement |
The McLibel case
[NB: why are Morris & Steel identified above by their occupations?]
They were distributing pamphlets claiming:
Note that their story had NOTHING to do with the internet!
Morris & Steel raised £35,000 for their defense, most of which apparently went to paying for transcripts.
From mcspotlight.org/case/trial/story.html:
Mr Justice Bell took two hours to read his summary to a packed court room. He ruled that Helen and Dave had not proved the allegations against McDonald's on rainforest destruction, heart disease and cancer, food poisoning, starvation in the Third World and bad working conditions. But they had proved that McDonald's "exploit children" with their advertising, falsely advertise their food as nutritious, risk the health of their most regular, long-term customers, are "culpabably responsible" for cruelty to animals, are "strongly antipathetic" to unions and pay their workers low wages.
And so, Morris & Steel were held liable for £60,000 in damages.
McDonalds had to hire spies to infiltrate London Greenpeace to get names of members involved.
Morris & Steel raised £35,000 for their defense, most of which apparently went to paying for transcripts.
On 15th February 2005, the European Court of Human Rights in Strasbourg declared that the mammoth McLibel case was in breach of the right to a fair trial and right to freedom of expression.
"Libel Terrorism": a play on "libel tourism", the practice of suing for Libel in the UK (or another friendly venue, though it's hard to beat the UK's "defendant must prove truth" doctrine, plus the "plaintiff need not prove malice" part)
New York now has the Libel Terrorism Protection Act.
Case: Sheikh Khalid bin Mahfouz v Rachel Ehrenfeld
Rachel Ehrenfeld wrote Funding Evil,
a rather polemical book about how terrorist organizations gain funding
through drug trafficking and other illegal strategies. The book
apparently alleges that Sheik Khalid bin Mahfouz is a major participant
in terrorist fundraising. Mahfouz sued in England, although the
book was not distributed there (however, 23 copies were ordered online
from the US).
Ehrenfeld countersued in New York, asking for the UK suit to be
declared unenforceable. She lost, on the grounds that the New York
court had no jurisdiction over Mahfouz. (Did they need it?)
In 2008 New York passed the Libel Terrorism Protection Act (which is somewhat awkwardly titled!)
gatt.org, and cyberhoax (compare wto.org)
Is this funny? Or serious?
Are there legitimate trademark issues?
Note that it keeps changing.
Try to find the links that are actually there.
gatt.org links and Dow's Acceptable Risk seem pretty permanent.