NJ Gubernatorial Candidate Using Monty Python Video Without Authorization In Campaign Commercial

from the double-standards dept

Politicians almost always push for stronger copyright laws or copyright law enforcement -- and yet, time and time and time again we see that when it comes to their own use, they often violate copyright law themselves. I tend to give them the benefit of the doubt: most people who don't pay attention closely simply buy the industry's line about copyright: that it's property and that it's important to keep the industry functioning. Neither is true, of course, but if you don't think about it or pay attention to how copyright really works, you can see how people would believe that.

So here we are again, with yet another politician -- this time US Attorney and current New Jersey gubernatorial candidate Chris Christie -- caught red handed making use of content he most likely had no permission to use. In this case, he used clips from old Monty Python skits in his television commercials (which were also placed online). The chaps who make up Monty Python insist that Christie had no permission to do so and they don't like it (they're considering suing). Now, I tend to think that using a clip in such a manner should be perfectly legal, but given that it is not, it does look pretty bad for a long-term lawyer, current US Attorney and now candidate for governor to be caught flat-out ignoring copyright law.

One could hope that this would be a "teachable moment" to a politician, letting him know that copyright is an issue that isn't quite as clear cut as many politicians make it out to be. And yet, somehow, I doubt that will happen. It's not yet clear if Christie has much of a record on copyright issues (I can't find much), but somehow I doubt he'll suddenly become a fair use crusader.

21 Comments | Leave a Comment..

School Board Tries To Force Newspapers To Reveal Anonymous Online Commenters

from the can't-take-the-heat? dept

Paul Alan Levy writes in to let us know about how a New Jersey School Board is trying to get around the Electronic Communications Privacy Act, which limits what information the government can get about online speakers, in order to find out the identity of some anonymous commenters on a series of newspaper stories about teachers in the district using questionable diploma mills to get "degrees" and qualify for higher salaries.

I contacted Marc Zitomer, the School Board’s lawyer, to get his explanation for the subpoena.

His explanation was that the Board, as a body corporate, has the authority to file suit against members of the public who defame or threaten its staff.  I rather doubt that a school board could file suit for defamatory words that are not "of and concerning" the school board – the of and concerning requirement, after all, is a constitutional requirement under New York Times v. Sullivan.  Moreover, Zitomer conceded that he could not identify any cases in New Jersey where a school board had filed such an action on behalf of its staff.  When I pressed him on these issues, Zitomer claimed that an additional reason for the subpoena was that the Board could take disciplinary action against any of the bloggers who were members of its staff.  But even assuming that the criticism is a proper basis for discipline consistent with the First Amendment, the Board cannot compel the identification of bloggers on that theory without putting forward an evidentiary basis for believing that the bloggers are employees.  It remains to be seen whether Zitomer will be able to do that.

Board member William Bruno has been quoted as justifying its subpoena on the theory that "If they have nothing to hide, what's the problem?"

You always know there's something bad going on when someone busts out the "nothing to hide" line. But, once again, this seems like attempts by thin-skinned officials who can't take the heat trying to expose anonymous commenters as an intimidation technique.

14 Comments | Leave a Comment..

New Jersey Politician Adds Most GPS Devices To Driver Distractions To Ban

from the sigh dept

We've pointed out time and time again how silly it is for politicians to run around trying to ban each and every driver distraction, rather than just focusing on beefing up laws for reckless driving. There have been laws or proposals against driving while talking on a phone, texting, viewing a video screen, faxing, eating, shaving, playing video games and even having sex. And now, Comboman alerts us to a proposal in New Jersey to ban drivers from using GPS devices that require manual programming. Instead, drivers could only use those with voice control features. Next up? Who's going to ban adjusting the radio dial or the air conditioning?

26 Comments | Leave a Comment..

New Jersey Case Looks At Whether Bloggers Can Protect Sources

from the who's-the-media-these-days? dept

There have been a number of cases recently that have tested whether various laws that protect journalists from having to give up their sources also apply to people publishing content online in forums, email groups or blogs. The latest, sent in by someone Anonymous, is taking place in New Jersey, where a woman who revealed a security breach in the software of a company called Too Much Media is being sued for slander in revealing the breach. There are numerous issues with the lawsuit, including the oddity that they're suing for slander for online comments, since slander is for spoken words, whereas libel is normally applied to the written word. It's also odd that they're suing considering the fact that they don't deny the security breach existed, but dispute the claim that customer info (including credit card details) were exposed, because they claim the security breach was brief and no info was compromised. That seems like a pretty weak defense.

However, the real battle seems to be over the attempt to determine how the woman, Shellee Hale, found out about the breach in the first place. She's refusing to give that up, claiming that she has a right to protect her sources, just like any journalist. And while Hale writes multiple different blogs, and has written for many mainstream publications (including the Wall Street Journal and Business Week), Too Much Media claims that she doesn't deserve protections afforded to journalists because she wasn't working for any real publication and is just a blogger. The article quotes someone who says that if the court sides with Hale:

"then everyone is a journalist and the privilege becomes meaningless."

I don't see how that's actually true. In fact, I'd argue the other way. It's not that it becomes meaningless, but that it becomes very, very meaningful -- especially in an era where we're looking for new ways to prop up investigative journalism. If everyone's a journalist, and everyone has a reasonable expectation that their sources are shielded, then we're much more likely to continue to root out corruption. If this protection is somehow reserved for some "special" credentialed people, then it becomes that much harder to expose corruption.

Unfortunately, it appears that the judge in the case is almost entirely computer and internet illiterate, needing to ask for explanations for a variety of things during the court proceedings. He seemed entirely confused by the very concept of people blogging for personal interest:

"Why would a guy put all this stuff on a blog? Does he have nothing better to do?" Locasio asked. "Does he get paid?"

The judge, who apparently is about to retire in a couple months, also didn't understand the difference between blogs, message boards and forums, and was apparently unfamiliar with instant messaging. It's difficult to see why someone entirely unfamiliar with the technology should be able to judge a case like this, where understanding what's happening online is crucial to understanding what the case is really about.

26 Comments | Leave a Comment..

New Jersey The Latest To Try To Regulate Social Networks... For The Children

from the please-make-it-stop dept

We've seen a number of attempts by politicians to use the latest "moral panic" around social networks to pass regulations against them. A popular one at the federal level which still (thankfully) has gone nowhere is DOPA, which would require schools and libraries to block social networks. However, state politicians want to get in on the grandstanding as well. Politicians in New Jersey are pushing a law that would require social networks to include a "report abuse" button on web pages and then would make those social networks responsible to investigate each reported "abuse" or face liability.

The unintended consequences of such a law would be awful. Basically, to protect liability, many "social networks" (and the term may be broadly applied to an awful lot of websites out there today) would most likely just shut down the accounts of those accused of "abuse." From a simple liability standpoint that makes sense. Leaving the account up just opens you up to a lawsuit. Furthermore, the button would likely be abused itself. Don't like someone? Click the "report abuse" button! And, no matter what, it makes no sense to put the burden of investigating things on the sites themselves. Hopefully this law goes nowhere, but don't be surprised to see similar proposals pop up elsewhere as well.

5 Comments | Leave a Comment..

Want To Know Just How Bad Security Is For E-Voting Machines?

from the read-this dept

You may recall earlier this month that a judge in New Jersey barred some researchers from releasing their report into the security vulnerabilities found in e-voting machines from Sequoia that were being used in the state. Sequoia had fought hard to stop the research from even being done in the first place, let alone released, even threatening the researchers with lawsuits. Now, one of the researchers who did the research, Andrew Appel, has released a long report detailing a ridiculous number of security problems with Sequoia's machines. To be honest, it's not clear from the blog post about the report if this is the same one that's being suppressed or not, but it's pretty damning. Because this is an important issue that doesn't necessarily get enough attention, I'm reposting Appel's executive summary of just how screwed up these machines are:

Executive Summary

I. The AVC Advantage 9.00 is easily "hacked" by the installation of fraudulent firmware. This is done by prying just one ROM chip from its socket and pushing a new one in, or by replacement of the Z80 processor chip. We have demonstrated that this "hack" takes just 7 minutes to perform.

The fraudulent firmware can steal votes during an election, just as its criminal designer programs it to do. The fraud cannot practically be detected. There is no paper audit trail on this machine; all electronic records of the votes are under control of the firmware, which can manipulate them all simultaneously.

II. Without even touching a single AVC Advantage, an attacker can install fraudulent firmware into many AVC Advantage machines by viral propagation through audio-ballot cartridges. The virus can steal the votes of blind voters, can cause AVC Advantages in targeted precincts to fail to operate; or can cause WinEDS software to tally votes inaccurately. (WinEDS is the program, sold by Sequoia, that each County's Board of Elections uses to add up votes from all the different precincts.)

III. Design flaws in the user interface of the AVC Advantage disenfranchise voters, or violate voter privacy, by causing votes not to be counted, and by allowing pollworkers to commit fraud.

IV. AVC Advantage Results Cartridges can be easily manipulated to change votes, after the polls are closed but before results from different precincts are cumulated together.

V. Sequoia's sloppy software practices can lead to error and insecurity. Wyle's Independent Testing Authority (ITA) reports are not rigorous, and are inadequate to detect security vulnerabilities. Programming errors that slip through these processes can miscount votes and permit fraud.

VI. Anomalies noticed by County Clerks in the New Jersey 2008 Presidential Primary were caused by two different programming errors on the part of Sequoia, and had the effect of disenfranchising voters.

VII. The AVC Advantage has been produced in many versions. The fact that one version may have been examined for certification does not give grounds for confidence in the security and accuracy of a different version. New Jersey should not use any version of the AVC Advantage that it has not actually examined with the assistance of skilled computer-security experts.

VIII. The AVC Advantage is too insecure to use in New Jersey. New Jersey should immediately implement the 2005 law passed by the Legislature, requiring an individual voter-verified record of each vote cast, by adopting precinct-count optical-scan voting equipment.

Happy voting!

48 Comments | Leave a Comment..

New Jersey Elections Board Says This Election Is Too Important To Allow Outside Observers

from the think-of-what-they-might-see dept

Transparency is key to a functioning democracy. No, we don't always have it, but we absolutely should be striving for it, or you can almost guarantee corruption will take over. That's why we've been so focused on the problems with e-voting machines for so many years, and pushing for increased transparency. Now, some of the researchers who wrote a recent suppressed report, about potential security problems with the Sequoia e-voting machines used in New Jersey, followed the procedures in place to be allowed to view the process by which votes are counted. This is a perfectly legal request. The Elections Board is allowed to offer "Challenger Badges" to those who would like to observe the election process. You would think that some Princeton-associated folks, with knowledge of e-voting, would be exactly the type of people that an Elections Board would want to observe the election, in order to make sure that it was done properly, and to make citizens more comfortable that their votes would be counted.

But, of course, that's not what happened.

Andrew Appel and Grayson Barber had their request rejected as the Elections Board claimed it was "too important" an election to allow in any outside observers. You would think that if the election is so important, having some experts on hand to make sure the process is done in an acceptable manner would be more important. You can understand why they don't want too many people in the room, or don't want anyone who is clearly a partisan activist -- but these are e-voting experts. There's simply no reason not to have them in the room, and rejecting them raises many more questions about New Jersey's process for counting votes.

38 Comments | Leave a Comment..

Judge Won't Allow Researchers To Reveal Report On E-Voting Machines

from the it's-not-like-we-have-an-election-coming-up-that-use-these-machines dept

You may recall that earlier this year, after some serious problems were discovered with Sequoia's e-voting machines in New Jersey, that the state asked a group of independent researchers to investigate the machines and prepare a report. Sequoia threatened to sue the researchers though. Luckily, a court allowed the researchers to investigate the machines, and said that 30 days after the court had received the report, it could be released. However, Sequoia, in its usual "It can't be our fault, no, no!" fashion, has convinced the judge to suppress the report.

Despite the fact that we're a month away from an election that will use these machines that time and time again have been shown to have problems accurately and reliably counting votes, no one is allowed to see the report. Voters in New Jersey won't be told the results of the report until after it's too late to request absentee ballots. As the head researcher on the report notes, even New Jersey's governor and secretary of state are not allowed to read the report and use it to make public policy decisions that would more likely create a fair election. For so many years now, the e-voting companies have dismissed concerns, blocked attempts to investigate, threatened investigators and almost never admitted any fault, despite tons and tons of evidence that the machines simply do not work that well. It's a travesty that this report is being suppressed.

47 Comments | Leave a Comment..

New Jersey Court Says Independent Investigators Can Review E-Voting Machines

from the protect-the-vote dept

Last month, e-voting firm Sequoia threatened both independent researchers and New Jersey election officials if those independent researcher were allowed to inspect Sequoia's e-voting machines. This seemed like a very odd threat for a variety of reasons. Why wouldn't Sequoia want its machines inspected? The very fact that it was threatening legal action seemed like grounds to simply never use Sequoia e-voting machines. Sequoia claimed that existing inspections were enough, despite a history of problems in those inspections. Furthermore, Sequoia's own explanations for the problems with its machines in the primary elections this year were wrong. Ed Felten found that Sequoia's explanations didn't actually explain many of the problems. Unfortunately, though, with the threat of legal action, New Jersey agreed not to have Felten test the machines.

However, a New Jersey state judge has now ruled that it's perfectly reasonable for independent inspectors to review the machines. Unfortunately, she pushed back the date for such inspections until September, meaning that it won't affect this year's presidential election -- which will still use machines that may have problems. So while Sequoia didn't succeed in stopping independent examination of its machines, it did stall the process long enough so that the existing machines will stay in use for this year's elections -- despite the long list of problems that have been discovered with them. Apparently, we're still in beta when it comes to democracy.

8 Comments | Leave a Comment..

New Jersey Says ISPs Need A Subpoena To Give Up Subscriber Info

from the it-really-needed-a-decision? dept

A bunch of folks have sent in the link about the New Jersey Supreme Court ruling that ISPs need a valid subpoena to hand over private info on your account to anyone -- including the police. While people are rightfully cheering this on as an excellent decision, what's troubling is the idea that anyone has felt otherwise. ISPs (and other service providers) shouldn't be handing out your private data without a valid legal reason no matter what -- and that should not have required a legal decision to make clear.

10 Comments | Leave a Comment..

Turns Out New Jersey E-Voting Problems Even Worse Than Originally Thought

from the care-to-explain dept

You may recall that last month, the state of New Jersey asked some top notch computer security researchers, including Ed Felten, to do an independent study of Sequoia's e-voting machines. That's because there were some worrisome discrepancies in the voting totals that the machines released. When Sequoia found out about this it threatened to sue, which seems fairly odd. If the company were confident in the quality of its e-voting machines, why wouldn't it want well-respected security researchers to take a look? However, Sequoia's legal threats worked, and the state of New Jersey nixed plans for that independent review. Sequoia also offered an explanation, claiming that it was all a minor bug, where the machine merely got mixed up about party affiliation -- but the vote totals would match up in the end. Guess what? That turns out to not be true.

Ed Felten has received a bunch of "summary tapes" from the last election in New Jersey, and while many of them do have the vote totals matching up correctly at the end at least two of the summary tapes simply don't add up, meaning that Sequoia's explanation of what went wrong is incorrect. Given how often the company has denied or hidden errors in its machines, despite a ton of evidence, we shouldn't be surprised that it was inaccurate in explaining away this latest problem as well. However, we should be outraged that the company refuses to allow third party researchers to investigate these machines. It's a travesty that any government would use them when they've been shown to have so many problems and the company is unwilling to allow an independent investigation.

28 Comments | Leave a Comment..

More On Sequoia's Legal Threats Against Ed Felten: The Intimidation Worked

from the freedom-to-threaten-lawsuits dept

Yesterday we covered the threats that e-voting firm Sequoia had sent to Ed Felten and to various officials in New Jersey. Unfortunately, it appears those threats worked: the election officials have backed down and agreed not to send Felten the machine to test. News.com has more details on both the reason for the test and Sequoia's response to the whole mess. The reason? Shockingly enough, Sequoia's e-voting machines malfunctioned during the primary in a way that should scare you: it gave two different vote counts. You would think that's a pretty good reason for allowing a qualified, well-respected researcher like Felten to check out the machines. No such luck. Sequoia has tried to explain it away as a bug, but that doesn't explain why the machines shouldn't be tested by a third party.

Sequoia's response to that question is disingenuous, claiming that the company "supports third party reviews and testing of its election equipment." If that's so, then why not Ed Felten? Well, because Sequoia says that the machines have already been through a "rigorous" independent review from an accredited Voting System Test Labs. Ah? Would that be one of the accredited Voting System Test Labs that was barred from further testing for not having proper controls in place and having no evidence that tests were actually conducted? Most of those tests have very limited real-world applicability -- which is what Felten is good at testing. Sequoia also lists out some independent tests in other states that the company was forced into accepting, as if it willingly took part in them. Yet, what the company doesn't explain is what it's so scared of in having Felten test its machine. If the company is confident in the machines, then where's the problem? As a last resort, Sequoia appeals to the fact that such a test would break a licensing agreement, noting that "Licensing agreements are standard practice in the technology industry." That's clearly a cop out. While it may be legally correct, it's no reason not to let a researcher try to figure out if there are any problems with its machines. This isn't some random technology here. This is the technology we're trusting with providing a free and fair election. Sequoia should be ashamed of pulling out legal threats and weak excuses.

20 Comments | Leave a Comment..

E-Voting Firm Threatens Ed Felten If He Reviews Its E-Voting Machine

from the well-that's-comforting dept

Many of the folks around here are surely aware of the name Ed Felten, the Princeton professor who runs the fantastic blog Freedom To Tinker, and who has been involved in a number of important technology news stories over the years. One of the first that brought him to much wider attention in the tech community happened back in 2001. The recording industry had set up a contest, asking anyone to try to hack its SDMI DRM offering. The idea was to prove that SDMI was a perfectly good DRM. But, of course, like every other DRM, it had its faults, and Felten and some of his researchers figured them out. That's where things got ridiculous. Despite the fact that the recording industry had told people to try to hack SDMI, when Felten went to present the paper, he was threatened with a lawsuit for breaking the anti-circumvention clause of the DMCA. Eventually, after a ton of public pressure, the recording industry backed down, but Felten's name was cemented in the minds of many in the tech industry as a fighter for freedom of speech and, more importantly, the freedom to tinker.

It would appear that the folks at Sequoia, one of the big three e-voting firms out there, is somewhat unaware of this aspect of Felten's past. In the past few years, Felten has been one of a few top computer science experts who have been picking apart the problems with e-voting machines. His freedom to tinker with such machines has broken numerous stories revealing serious problems with the machines that many suspected, but were unable to confirm, since the e-voting firms kept the machines so under wraps. In publicizing these flaws, Felten has become one of the go-to guys when various governments are reviewing e-voting machines, so it should come as no surprise that election officials in New Jersey (where Felten lives and works) would be interested in having him run some tests on a Sequoia e-voting machine that they're looking at using in future elections.

This seems perfectly reasonable -- and if you're an e-voting company like Sequoia, it should also be a perfect way to build more trust in your machines, telling people that they've been reviewed by some of the top experts in the field who found nothing wrong with them. Except... that's not how execs at e-voting companies seem to think. Sequoia has, instead, sent a threatening email to Felten, saying that election officials who sent a machine to Felten would be breaking the state's terms of service with Sequoia, and that the company has:

"retained counsel to stop any infringement of our intellectual properties, including any non-compliant analysis. We will also take appropriate steps to protect against any publication of Sequoia software, its behavior, reports regarding same or any other infringement of our intellectual property."

Yes, this is quite reminiscent of the recording industry's threats to Felten in 2001. Hopefully this situation ends similarly -- with Sequoia backing down quite publicly and apologizing. It's disgusting that such a firm would threaten a well-respected researcher with lawsuits just for checking on the security of an e-voting machine. This is worse than the recording industry situation. This is about the sanctity of our democratic elections. For Sequoia, a firm entrusted with our elections, to threaten someone for merely testing its product to make sure it lives up to necessary standards is terribly worrisome. It should call into question any locality that chooses to make use of Sequoia e-voting machines.

34 Comments | Leave a Comment..

Two States, Two Very Different Approaches To VoIP Regulation

from the quacks-like-a-duck dept

For many years, states have been trying to tax VoIP providers as if they were telcos. From the states' perspective, they were using a "quacks like a duck" test, whereby any phone service that acted like a traditional phone service should get taxed like a traditional phone service. Since states rely on tax dollars so much, this feeling was reinforced as people started ditching landline phone service for VoIP providers. However, there are a few problems with this. The reason that telcos are taxed is because of the structure of the telephone system, and the fact that the government more or less handed over rights of way and control of the system to private companies. VoIP providers, however, have the calls travel over the internet, changing the nature of the equation, and meaning that most of the reasons for taxing telcos shouldn't apply. Shouldn't, except for politicians who can't see beyond the money. Yet, taxing VoIP is a doubly bad idea, because VoIP is still an emerging service that is rapidly changing -- offering new services and opportunities that weren't possible on landline offerings. Putting a tax on it could kill a lot of that innovation. Too many states don't see that.

Jeff Pulver is showing the contrast between two states in dealing with VoIP regulatory issues. New Jersey has passed a law saying that it will not regulate VoIP, noting "The proliferation of new technologies and applications and the growth in the number of providers developing and offering innovative services using Internet Protocol is due in large part to a light regulatory touch, including freedom from traditional telephone regulation that these new technologies and services and the companies that offer them have enjoyed in New Jersey.... These economic benefits, including consumer choice, new jobs, and significant capital investment, will be jeopardized and competition minimized by the imposition of traditional State entry and rate regulation on Voice over Internet Protocol service and Internet protocol-enabled service."

Unfortunately, Missouri isn't quite so enlightened. Despite various rulings saying that VoIP should not be taxed, Missouri is trying to bend the rules to make at least some VoIP offerings (mainly those provided by cable companies) classified as telco services that need to be taxed. As Jeff notes, if this works, then expect other states to follow suit and create loopholes for taxing VoIP providers... and then watch as all VoIP related innovation happens elsewhere.

13 Comments | Leave a Comment..