San Francisco - The FBI has withdrawn an unconstitutional national security letter (NSL) issued to the Internet Archive after a legal challenge from the American Civil Liberties Union (ACLU) and the Electronic Frontier Foundation (EFF). As the result of a settlement agreement, the FBI withdrew the NSL and agreed to the unsealing of the case, finally allowing the Archive's founder to speak out for the first time about his battle against the record demand.

"The free flow of information is at the heart of every library's work. That's why Congress passed a law limiting the FBI's power to issue NSLs to America's libraries," said Brewster Kahle, founder and Digital Librarian of the Internet Archive. "While it's never easy standing up to the government -- particularly when I was barred from discussing it with anyone -- I knew I had to challenge something that was clearly wrong. I'm grateful that I am able now to talk about what happened to me, so that other libraries can learn how they can fight back from these overreaching demands."

The NSL was served on the Archive -- a digital library recognized by the state of California -- and its attorneys in November of 2007. The letter asked for personal information about one of the Archive's users, including the individual's name, address, and any electronic communication transactional records pertaining to the user. Kahle, who is also a member of EFF's Board of Directors, decided to fight the NSL because it exceeded the FBI's limited authority to issue such demands to libraries.

The Archive responded to the letter by handing over only publicly available documents and simultaneously filing a lawsuit challenging the letter. This lawsuit is the first known challenge to an NSL served on a library since Congress amended the national security letter provision in 2006 to limit the FBI's power to demand records from libraries.

The NSL included a gag order, prohibiting Kahle from discussing the letter and the legal issues it presented with the rest of the Archive's Board of Directors or anyone else except his attorneys, who were also gagged. The gag also prevented the ACLU and EFF from discussing the NSL with members of Congress, even though an ACLU lawyer who represents the Archive recently testified at a congressional hearing about the FBI's misuse of NSLs.

"This is a great victory for the Archive and also the Constitution," said Melissa Goodman, staff attorney with the ACLU. "It appears that every time a national security letter recipient has challenged an NSL in court and forced the government to justify it, the government has ultimately withdrawn its demand for records. In the absence of much needed judicial oversight – and with recipients silenced and the public in the dark – there is nothing to stop the FBI from abusing its NSL power."

"A miscarriage of justice was prevented here because the Archive decided to fight the unlawful demand for information and unconstitutional gag," said EFF Staff Attorney Marcia Hofmann. "The big question is, how many other improper NSLs have been issued by the FBI and never challenged?"

NSLs are secretly issued by the government to obtain access to personal customer records from Internet Service Providers, financial institutions, and credit reporting agencies. In almost all cases, recipients of the NSLs are forbidden, or "gagged," from disclosing that they have received the letters. The ACLU has challenged this Patriot Act statute in federal court in two other cases where the judges found the gags unconstitutional: one involving an Internet Service Provider (ISP); the second a group of librarians. In the ISP case, the district court invalidated the entire NSL statute. The U.S. Court of Appeals for the Second Circuit is expected to hear oral arguments in the government's appeal of that case next month.

Since the Patriot Act was passed in 2001, relaxing restrictions on the FBI's use of the power, the number of NSLs issued has seen an astronomical increase, to nearly 200,000 between 2003 and 2006. EFF's investigations have uncovered multiple NSL misuses, including an improper NSL issued to North Carolina State University.

Last year Representative Jerrold Nadler (D-NY) introduced H.R. 3189, the "National Security Letters Reform Act of 2007." Senator Russell Feingold (D-WI) introduced a Senate bill of the same name (S. 2088). Both bills are aimed at narrowing the statute by enacting limits on when and how NSLs can be used and bringing the gag order provision in line with the Constitution.

In addition to Goodman and Hofmann, attorneys on the case are Jameel Jaffer and Danielle Tully of the ACLU National Security Project, Ann Brick of the ACLU of Northern California, and Kurt Opsahl of EFF.

For the newly unsealed documents (still partially redacted):
http://www.eff.org/cases/archive-v-mukasey?docs

For more information about this case:
http://www.eff.org/cases/archive-v-mukasey

For more information on NSLs:
http://www.eff.org/issues/foia/07656JDB

Contacts:

For Brewster Kahle:
Paul Hickman
Internet Archive
info@archive.org

Rebecca Jeschke
Media Coordinator
Electronic Frontier Foundation
press@eff.org

James Freedland or Rachel Myers
Media Relations
American Civil Liberties Union
media@aclu.org

San Francisco - The Electronic Frontier Foundation (EFF) and the law firm of Sheppard Mullin Richter & Hampton Thursday filed a motion to dismiss a lawsuit brought against the operator of the popular online encyclopedia Wikipedia, arguing that federal law immunizes it against suits over statements made by its users.

Literary agent Barbara Bauer filed a complaint in New Jersey Superior Court in January against Wikipedia posters as well as the site itself, claiming in part that the Wikimedia Foundation was liable for statements identifying her as one the "dumbest of the twenty worst" agents and that she had "no documented sales at all." In court papers filed Thursday, Wikimedia argues that under Section 230 of the Communications Decency Act, operators of "interactive computer services" such as Wikipedia cannot be held liable for users' comments. In addition, Wikimedia argues that the statements are protected speech under the First Amendment and New Jersey law.

The ability to utilize the collaborative input of its users without fear of costly lawsuits is essential to Wikipedia's ongoing success, said Wikimedia Foundation General Counsel Mike Godwin.

"We provide a platform through Wikipedia for smart citizens to give their knowledge back to a larger culture," Godwin said. "Our ability to offer citizens that platform is what's at stake in this case."

Since it was signed into law over a decade ago, courts across the country have consistently applied the protections of Section 230 broadly, fulfilling Congress' intent "to preserve the vibrant and competitive free market that presently exists for the Internet and other interactive computer services, unfettered by Federal or State regulation."

"Congress passed Section 230 of the Communications Decency Act in order to protect websites' operators like Wikipedia from suits like this one," said James Chadwick of Sheppard Mullin. "It's simple but it's fundamental: Congress has decided that Internet censorship isn't the answer, so websites aren't liable for statements posted by their users."

Section 230's blanket protection of sites like Wikipedia does not mean that alleged defamation on the Internet cannot be challenged in court. Instead, the law requires that litigants direct their efforts at the speakers themselves and not the forums where statements were made.

"Wikipedia continues to be a tremendous resource for people around the globe," added EFF Senior Staff Attorney Matt Zimmerman. "Without strong liability protection, it would be difficult for Wikipedia to continue to provide a platform for user-created encyclopedia content."

For the full motion to dismiss: http://www.eff.org/files/filenode/wikimedia/motiontoquashmemo-wikimedia....

Contacts:

Matt Zimmerman
Senior Staff Attorney
Electronic Frontier Foundation
mattz@eff.org

Mike Godwin
General Counsel
Wikimedia Foundation
mgodwin@wikimedia.org

James Chadwick
Partner
Sheppard Mullin Richter & Hampton
jchadwick@sheppardmullin.com

San Francisco - The Electronic Frontier Foundation (EFF) and a broad coalition, including civil rights groups, professional associations and technologists, called on Congress today to hold oversight hearings on the Department of Homeland Security's search and seizure of electronic devices at American borders.

The press has widely reported disturbing stories about U.S. citizens subject to intrusive searches of their laptops and cell phones. But a recent court decision found that customs officials can search travelers' computers at the border without suspicion or cause. In a letter sent to the House and Senate Homeland Security and Judiciary committees today, the coalition urges lawmakers to consider passing legislation to prevent abusive search practices by border agents and to protect all Americans from suspicionless digital border inspections.

"Our computers, cell phones, and other electronic devices hold a vast amount of personal information like financial data, health histories, and personal emails and letters," said EFF Staff Attorney Marcia Hofmann. "In a free country, the government cannot have unlimited power to read, seize, and store this information without any oversight."

So far, the Department of Homeland Security has refused to release its policies and procedures for conducting these intrusive searches. EFF and the Asian Law Caucus have filed suit against the Department of Homeland Security to obtain the information through the Freedom of Information Act.

"Your privacy could be at risk even if you don't travel yourself. Your financial institution, your insurer, and other enterprises hold extensive personal data about you and your family," said EFF Senior Staff Attorney Lee Tien. "If agents of those groups travel internationally, your information could be exposed to officials at the border or potentially copied and stored in government databases. Americans should know how and why electronic data is seized and kept by the government, and who is able to access it at the border and in the years afterwards."

In addition to EFF, the coalition signing today's letter includes more than 40 organizations and individuals, including the Association for Corporate Travel Executives, the American Civil Liberties Union, the National Association of Criminal Defense Lawyers, the Rutherford Institute, and prominent technologists such as Bruce Schneier and Whitfield Diffie.

For the full letter to Congress:
http://www.eff.org/press/archives/2008/05/01/border-search-open-letter

For more on EFF's suit on border searches:
http://www.eff.org/cases/foia-litigation-border-searches

Contacts:

Marcia Hofmann
Staff Attorney
Electronic Frontier Foundation
marcia@eff.org

Lee Tien
Senior Staff Attorney
Electronic Frontier Foundation
tien@eff.org

San Francisco - The Electronic Frontier Foundation (EFF) is urging Microsoft Corporation to fix the problems it will cause when it shuts down the MSN Music validation servers, making it impossible for customers to transfer their music files to new computers or even upgrade their operating system.

In an open letter sent to Microsoft Chief Executive Officer Steve Ballmer today, EFF outlines five steps Microsoft must take to make things right for MSN Music customers -- including a issuing a public apology, providing refunds or replacement music files, and launching a substantial publicity campaign to make sure all customers know their options.

"MSN Music customers trusted Microsoft when it said that this was a safe way to buy music, and that trust has been betrayed," said EFF Staff Attorney Corynne McSherry. "If Microsoft is prepared to treat MSN Music customers like this, is there any reason to suppose that future customers won't get the same treatment?"

MSN Music sold song downloads encumbered with digital rights management (DRM), allowing the music to be played only on approved devices. If you upgraded your computer or operating system, you needed to "reauthorize" your music files with MSN Music's DRM server. But last week, Microsoft announced that it would deactivate those servers because of the complexity of maintaining the technology -- meaning that customers face losing the ability to play their purchased music if they get a new computer or if the hard drive crashes on the old one. Microsoft's only suggestion for customers so far is to export all purchases onto a CD and then recopy it back onto new computers.

"Microsoft is asking its customers to spend more time, labor, and money to make degraded copies of music that was purchased in good faith," said EFF Executive Director Shari Steele. "This outcome was easily foreseeable from the moment Microsoft chose to wrap MSN Music files in DRM. Microsoft customers should not have to pay for Microsoft's bad business decisions."

EFF's letter also calls on Microsoft to eliminate DRM from its Zune music service now -- or at least to publicly commit to compensating future customers for the inevitable future DRM debacles.

"With MSN Music, Microsoft has admitted just how expensive, clumsy, and unfair DRM is. It's time for Microsoft to reject this sloppy technology, and for customers to demand something better," McSherry said.

For the full open letter:
http://www.eff.org/press/archives/2008/04/28/microsoft-open-letter

Contact:

Corynne McSherry
Staff Attorney
Electronic Frontier Foundation
corynne@eff.org

San Francisco - The Electronic Frontier Foundation (EFF) has found that the Federal Bureau of Investigation (FBI), which claims that National Security Letters (NSLs) take too long and that it needs the authority to conduct surveillance without judicial oversight, delayed its own investigation of a student suspected of links to terrorism by employing an improper NSL to seek information on the suspect, at the direction of FBI Headquarters. The FBI failed to report the misuse for almost two years.

EFF's report comes as the House Judiciary Committee prepares for a Tuesday hearing on the misuse of NSLs. The Senate Judiciary Committee will hold another hearing on Wednesday.

"This report raises important questions about the FBI's use of these very powerful investigative tools," said EFF Senior Staff Attorney Kurt Opsahl. "Congress should determine why FBI headquarters insisted on an improper NSL instead of using the appropriate tools, and why the FBI failed to report the misuse for almost two years."

In the report, EFF used documents obtained through a Freedom of Information Act (FOIA) request coupled with public information to detail the bizarre turns in the FBI's investigation of a former North Carolina State University student. Over the span of three days in July of 2005, FBI documents show that the bureau first obtained the educational records of the suspect with a grand jury subpoena. However, at the direction of FBI headquarters, agents returned the records and then requested them again through an improper NSL.

As expanded by the PATRIOT Act, the FBI can use NSLs to get private records about anyone's domestic phone calls, e-mails and financial transactions without any court approval -- as long as it claims the information could be relevant to a terrorism or espionage investigation. However, NSL authority does not allow the government to seek educational records, and the university refused the request. The FBI finally obtained the documents again through a second grand jury subpoena. Later in July of 2005, FBI Director Robert Mueller used the delay in gathering the records as an example of why the FBI needed administrative subpoena power instead of NSLs so investigations could move faster.

"The FBI consistently asks for more power and less outside supervision," said Opsahl. "Yet here the NSL power was misused at the direction of FBI headquarters, and only after review by FBI lawyers. Oversight and legislative reforms are necessary to ensure that these powerful tools are not abused."

Report on the Improper Use of an NSL to NC State University:
http://www.eff.org/issues/foia/report-nsl-ncstate

Key FBI documents:
http://www.eff.org/files/filenode/07656JDB/charlotte.pdf

For more on National Security Letters:
http://www.eff.org/issues/foia/07656JDB

Contact:

Kurt Opsahl
Senior Staff Attorney
Electronic Frontier Foundation
kurt@eff.org

San Francisco - The Electronic Frontier Foundation (EFF) urged a federal judge Monday to allow an important government surveillance lawsuit to have its day in court, despite the government's attempt to bury the case using the state secrets privilege.

The case is Al-Haramain Islamic Foundation v. Bush, which alleges that federal agents illegally wiretapped calls between the charity and its lawyers. The government has asked U.S. District Court Judge Vaughn Walker to dismiss the case, contending that the litigation jeopardizes state secrets. But in an amicus brief filed Monday, EFF argues that the Foreign Intelligence Surveillance Act (FISA) was written to allow cases like this one to proceed with appropriate security precautions.

"Federal surveillance law already provides clear procedures that allow cases like Al-Haramain v. Bush to proceed fairly and securely, and those procedures trump the Administration's claims of blanket secrecy," said EFF Senior Staff Attorney Kurt Opsahl. "By trying to use the state secrets privilege as a shield against any litigation over the legality of its warrantless wiretapping, the administration is essentially telling the other branches 'just trust us.' But when Congress passed FISA, it entrusted judges with the responsibility of deciding the legality of the executive branch's surveillance operations."

This is the government's second attempt to dismiss the Al-Haramain case. The first motion to dismiss reached the 9th U.S. Circuit Court of Appeals, which returned the case to Judge Walker's court to consider the FISA issue.

Judge Walker is also the presiding judge in Hepting v. AT&T -- EFF's class-action lawsuit accusing the telecommunications company of violating customers' rights by illegally assisting the National Security Agency in widespread domestic surveillance.

For the full amicus brief:
http://www.eff.org/files/filenode/att/alharamainamicus1806.pdf

For more on Al-Haramain v. Bush:
http://www.eff.org/cases/al-haramain

Contact:

Kurt Opsahl
Senior Staff Attorney
Electronic Frontier Foundation
kurt@eff.org

Los Angeles - The Electronic Frontier Foundation (EFF) and San Francisco law firm Keker & Van Nest filed briefs in federal court Monday on behalf of eBay seller Troy Augusto, defending his right to resell promotional CDs ("promo" CDs) that he buys from secondhand stores in the Los Angeles area.

Augusto, who does business as "Roast Beast Music" on eBay, was sued in May 2007 by Universal Music Group (UMG), the largest record company in the world, for 26 eBay auction listings involving UMG promo CDs. At issue is whether the "promotional use only, not for resale" labels on these CDs can trump a consumer's right to resell copyrighted materials that they own, guaranteed by copyright law's "first sale" doctrine.

For decades, major labels have distributed promo CDs for free to tastemakers and music industry insiders in an effort to create buzz for upcoming releases. These promo CDs often make their way into secondhand stores, where Augusto purchases them for resale on eBay. UMG stamps its promo CDs with labels declaring that the CDs may not be resold and remain the property of UMG. The "first sale" doctrine in copyright law, however, makes it clear that once the copyright owner sells or gives away a CD, DVD, or book, the recipient is entitled to resell it without needing further permission. The summary judgment brief filed Monday argues that UMG gives up ownership of these promo CDs when it mails them unsolicited to thousands of people without any intention of their return. Accordingly, the first sale doctrine permits purchasers to resell these CDs.

"If UMG is able to stop resale of CDs just by putting 'not for resale' labels on them, then there is nothing to stop other restrictive labels from appearing on CDs, books, and DVDs," said EFF Senior Intellectual Property Attorney Fred von Lohmann. "Record companies are not entitled to strip consumers of their first sale rights simply by putting labels on their products."

A hearing on the motion for summary judgment is expected in early May 2008.

For the full brief filed Monday:
http://www.eff.org/files/filenode/umg_v_augusto/AugustoMSJBrief.pdf

For more on UMG v. Augusto:
http://www.eff.org/cases/umg-v-augusto

Contacts:

Fred von Lohmann
Senior Intellectual Property Attorney
Electronic Frontier Foundation
fred@eff.org

Joseph C. Gratz
Attorney
Keker & Van Nest, LLP
jgratz@kvn.com

San Francisco - The Electronic Frontier Foundation (EFF) won another battle against the government Friday over the release of information about a campaign to change federal surveillance law.

A federal judge ordered the Department of Justice (DOJ) and the Office of the Director of National Intelligence (ODNI) to provide to EFF by April 21, 2008, records about telecom industry lobbying of their offices.

Congress is currently considering granting immunity to telecommunications companies that participated in unlawful electronic surveillance on millions of ordinary Americans as part of changes to the Foreign Intelligence Surveillance Act (FISA). Officials at the DOJ and ODNI have been vocal supporters of the immunity proposal. Using the Freedom of Information Act (FOIA), EFF asked the DOJ and ODNI for any documents reflecting telecom carriers' efforts to avoid legal responsibility for their role in the government's surveillance operations, but the agencies failed to comply with EFF's requests.

"We went to court over the release of these documents because they could play a critical role in the national debate over telecom immunity. Denying Americans access to this information is not only unconscionable, but also illegal," said EFF Staff Attorney Marcia Hofmann. "We're pleased the judge recognized that time is of the essence here and ordered these agencies to follow the law."

In November, another federal judge ordered ODNI to comply with a similar EFF request. Documents released as a result of that case detailed high-level battles over changes to FISA, featuring key members of Congress and Director of National Intelligence Mike McConnell.

EFF also represents the plaintiffs in Hepting v. AT&T, a class-action lawsuit brought by AT&T customers accusing the telecommunications company of violating their rights by illegally assisting the National Security Agency in widespread domestic surveillance. There are nearly 40 legal cases that have arisen from the warrantless surveillance currently pending in the Northern District of California courts.

For the judge's full order:
http://www.eff.org/files/filenode/foia_C0705278/040408_order.pdf

For more on EFF v. ODNI and DOJ:
http://www.eff.org/issues/foia/cases/C-07-05278

For more on Hepting v. AT&T:
http://www.eff.org/nsa

Contact:

Marcia Hofmann
Staff Attorney
Electronic Frontier Foundation
marcia@eff.org

San Francisco - On Friday, April 4, at 9 a.m., the Electronic Frontier Foundation (EFF) will urge a federal judge to speed the government's release of information about a campaign to change federal surveillance law to benefit telecommunications companies.

Congress is currently considering granting immunity to telecoms that participated in unlawful electronic surveillance on millions of ordinary Americans. But the Office of the Director of National Intelligence (ODNI) and the Department of Justice (DOJ) have failed to comply with a Freedom of Information Act (FOIA) request for documents reflecting telecom carriers' efforts to avoid legal responsibility for their role in the government's surveillance operations.

U.S. District Judge Jeffrey S. White has already issued a tentative ruling granting EFF's request for a preliminary injunction against the government. In November, another federal judge ordered ODNI to comply with a similar EFF request.

EFF also represents the plaintiffs in Hepting v. AT&T, a class-action lawsuit brought by AT&T customers accusing the telecommunications company of violating their rights by illegally assisting the National Security Agency in widespread domestic surveillance.

WHAT:
EFF v. ODNI and DOJ

WHEN:
9 a.m.
Friday, April 4

WHERE:
U.S. District Court, Northern District of California
Courtroom 2, 17th Floor
450 Golden Gate Ave.
San Francisco CA

For the judge's tentative ruling:
http://www.eff.org/files/filenode/foia_C0705278/033108_tentative_ruling....

For more on EFF v. ODNI and DOJ:
http://www.eff.org/issues/foia/cases/C-07-05278

For more on Hepting v. AT&T:
http://www.eff.org/nsa

Contacts:

Marcia Hofmann
Staff Attorney
Electronic Frontier Foundation
marcia@eff.org

Rebecca Jeschke
Media Coordinator
Electronic Frontier Foundation
press@eff.org

San Francisco - The Electronic Frontier Foundation (EFF) along with the National Security Archive urged a federal appeals court Wednesday to strike down the National Security Letter (NSL) provision of the Electronic Communications Privacy Act.

The federal surveillance law, as expanded by the PATRIOT Act, allows the FBI to use NSLs to get private records about people's communications without any court approval, as long as it claims the information could be relevant to a terrorism or espionage investigation. The FBI also has broad discretion to place recipients of NSLs under indefinite gag orders, barring them from saying anything about the demands.

A federal judge has already found that the NSL statute is unconstitutional, but the government appealed the ruling. In an amicus brief filed Wednesday, EFF and the National Security Archive argue that the excessive secrecy surrounding the use of NSLs undermines government accountability and enables widespread misuse of authority.

"The Justice Department's internal watchdog has documented the FBI's systematic, Bureau-wide misuse of NSLs," said EFF Staff Attorney Marcia Hofmann. "NSL gag orders aren't just an unconstitutional restriction on free speech -- they also allow problems like these to fester and grow."

This week is national Sunshine Week, a non-partisan initiative to celebrate the principles of open government. Both EFF and the National Security Archive work to uncover information on government matters of public interest, as openness proves to be a check against government abuses.

"The FBI's ability to issue gag orders without meaningful judicial oversight means there is no check on overreaching by the FBI," said National Security Archive Staff Counsel Kristin Adair. "This kind of secrecy does not make us safer. It simply allows the government to cover up abuses and mistakes."

For the full amicus brief: http://www.eff.org/files/filenode/doe_v_ashcroft/doevmukaseyamicus031908...

For more on Sunshine Week:
http://www.eff.org/sunshine

For more on EFF's work on NSL misuse: http://www.eff.org/issues/foia/07656JDB

Contacts:

Marcia Hofmann
Staff Attorney
Electronic Frontier Foundation
marcia@eff.org

Kristin Adair
Staff Attorney
National Security Archive

Washington, D.C. - This morning the House of Representatives passed a compromise surveillance bill that does not include retroactive immunity for phone companies alleged to have assisted in the NSA's warrantless wiretapping program. The bill would allow lawsuits like the Electronic Frontier Foundation's case against AT&T to proceed while providing specific security procedures allowing the telecom giants to defend themselves in court.

The House bill succeeded 213 to 197 despite the president's threat to veto any bill that does not include immunity.

"We applaud the House for refusing to grant amnesty to lawbreaking telecoms, and for passing a bill that would allow our lawsuit against AT&T to proceed fairly and securely," said Electronic Frontier Foundation (EFF) Senior Staff Attorney Kevin Bankston. "Amnesty proponents have been claiming on the Hill for months that phone companies like AT&T had a good faith belief that the NSA program was legal. Under this bill, the companies could do what they should have been able to do all along: tell that story to a judge."

The Senate is expected to consider the House bill when it returns from recess on Monday, March 31. House and Senate staff are expected to spend much of the break negotiating over differences between the new House bill and a previous Senate bill that includes immunity provisions.

"This newly-passed House bill represents a true compromise on the amnesty issue: customers whose privacy was violated would get their day in court, while the companies would be allowed to defend themselves despite the Administration's broad demands for secrecy," said EFF Legal Director Cindy Cohn. "We look forward to assisting the Senate in its consideration of this compromise solution, which EFF believes is the only reasonable response to the White House's attempt to evade court review of its illegal spying program and the phone companies' collaboration in it."

EFF represents the plaintiffs in Hepting v. AT&T, a class-action lawsuit brought by AT&T customers accusing the telecommunications company of violating their rights by illegally assisting the National Security Agency in widespread domestic surveillance. The Hepting case is the leading case aimed at holding telecoms responsible for knowingly violating federal privacy laws with warrantless wiretapping and the illegal transfer of vast amounts of personal data to the government.

Contacts:

Kevin Bankston
Senior Staff Attorney
Electronic Frontier Foundation
bankston@eff.org

Cindy Cohn
Legal Director
Electronic Frontier Foundation
cindy@eff.org

San Francisco - Electronic Frontier Foundation (EFF) has won reexamination of a bogus online gaming patent from the U.S. Patent and Trademark Office (PTO) -- the fifth successful reexamination request from EFF's Patent Busting Project.

Sheldon F. Goldberg was awarded the illegitimate patent for online gaming systems that use tournament-style play, advertising, and real-time updates of ladder-rankings in multi-player games. Goldberg has used this bogus patent to coerce licensing fees from numerous small businesses.

In the reexamination request, EFF along with Paul Grewal and Brad Waugh of Day Casebeer Madrid & Batchelder show that the technology covered by the Goldberg patent had been widely disseminated in the public domain for years before Goldberg made his claim. The Patent Office took quick action on the request, recognizing this substantial new question of patentability less than a month after the request was filed.

"The patent process was designed to encourage invention, investment, and disclosure and was not meant to be used as a tool to threaten legitimate businesses," said EFF Intellectual Property Fellow Emily Berger. "Reexamination proceedings like these are essential in protecting the public from patents that should never have been granted in the first place."

This reexamination request is part of EFF's Patent Busting Project, which combats the chilling effects bad patents have on public and consumer interests. So far, the project has killed one patent covering a system and method of creating digital recordings of live performances. Four more reexaminations, including this one, are under review by the USPTO due to the Patent Busting Project's efforts.

"Undeserved patents cause significant harm to innovation and competition in the information age," said Paul Grewal. "We are pleased that the PTO recognized the substantial questions of patentability raised in EFF's request and look forward to the PTO's ultimate decision on the merits."

Students from the Cyberlaw Clinic at the Berkman Center for Internet and Society at Harvard Law School also carried out extensive research for the reexamination request, helping locate much of the critical evidence of prior use of technologies covered by Goldberg's patent. Members of the Netrek online gaming community also provided technical analysis and legal declarations that figured prominently in the PTO's decision to grant EFF's reexamination request.

For the full reexamination order:
http://w2.eff.org/patent/wanted/sheldon/reexam/goldberg-reexam-granted.P...

For more on the Patent-Busting Project:
http://www.eff.org/patent/

Contacts:

Emily Berger
Intellectual Property Fellow
Electronic Frontier Foundation
emily@eff.org

Paul Grewal
Partner
Day Casebeer Madrid & Batchelder
pgrewal@daycasebeer.com

San Francisco - Today the leadership of the House of Representatives circulated a draft surveillance bill rejecting the president's demand that Congress immunize telecoms that illegally participated in the NSA's warrantless wiretapping program.

Rather than granting immunity, the bill would respond to the phone companies' complaints that they cannot defend themselves by clarifying that they can present evidence about the wiretapping to the court under appropriate security procedures, even when the Executive Branch claims that such evidence is barred by the state secrets privilege.

"We applaud the House leadership for taking a courageous stand against the president and refusing to grant amnesty to lawbreaking telecoms. The House bill would represent a true compromise on the amnesty issue: customers whose privacy was violated would get their day in court, while the companies would be allowed to defend themselves despite the Administration's broad demands for secrecy," said EFF Senior Staff Attorney Kevin Bankston. "Immunity proponents have been claiming on the Hill for months that these companies had a good faith belief that the NSA program was legal. Under this bill, the companies could do what they should have been able to do all along: tell that story to a judge."

EFF represents the plaintiffs in Hepting v. AT&T, a class-action lawsuit brought by AT&T customers accusing the telecommunications company of violating their rights by illegally assisting the National Security Agency in widespread domestic surveillance. The Hepting case is the leading case aimed at holding telecoms responsible for knowingly violating federal privacy laws with warrantless wiretapping and the illegal transfer of vast amounts of personal data to the government.

For the full draft of the bill:
http://www.eff.org/files/filenode/nsaspying/H3773AMD_002_xml.pdf

For more on NSA spying:
http://www.eff.org/issues/nsa-spying

Contact:

Kevin Bankston
Senior Staff Attorney
Electronic Frontier Foundation
bankston@eff.org

Washington D.C. - Three powerful House Commerce Committee Chairmen strongly urged their colleagues Thursday to defer acting on requests for retroactive immunity and to demand more information from the White House and the telecommunications companies in the wake of disclosures by another whistleblower that the government apparently has been granted an open gateway to wireless communications by a major telecommunications company.

Babak Pasdar, a computer security consultant, has gone public about his discovery of a mysterious "Quantico Circuit" while working for an unnamed major wireless carrier. Pasdar believes that this circuit gives the U.S. government direct, unfettered access to customers voice calls and data packets. These claims echo the disclosures from retired AT&T technician Mark Klein, who has described a "secret room" in an AT&T facility.

The White House is putting heavy pressure on lawmakers to grant the telecoms immunity from lawsuits over the spying as part of Foreign Intelligence Surveillance Act (FISA) legislation pending in Congress. But in today's letter -- written by John Dingell, Chairman of the House Committee on Energy and Commerce; Ed Markey, Chairman of the House Subcommittee on Telecommunications and the Internet; and Bart Stupak, Chairman of the Subcommittee on Oversight and Investigations -- the congressmen argue lawmakers must not "vote in the dark" on the immunity issue when "profound privacy and security risks" are involved.

"When you put Mr. Pasdar's information together with that of AT&T whistleblower Mark Klein, there is troubling evidence of telecom misconduct in massive domestic surveillance of ordinary Americans," said Cindy Cohn, Legal Director of the Electronic Frontier Foundation (EFF). "Congress needs to have hearings and get some answers about whether American telecommunications companies are helping the government to illegally spy on millions of us. Retroactive immunity for telecom companies now ought to be off the table in the ongoing FISA debate."

EFF represents the plaintiffs in Hepting v. AT&T, a class-action lawsuit brought by AT&T customers accusing the telecommunications company of violating their rights by illegally assisting the National Security Agency in widespread domestic surveillance. The Hepting case is just one of many suits aimed at holding telecoms responsible for knowingly violating federal privacy laws with warrantless wiretapping and the illegal transfer of vast amounts of personal data to the government.

For the full letter:
http://www.eff.org/files/newwhistleblower.pdf

For more on the telecoms' role in warrantless spying:
http://www.eff.org/issues/nsa-spying

Contacts:

Cindy Cohn
Legal Director
Electronic Frontier Foundation
cindy@eff.org

Kurt Opsahl
Senior Staff Attorney
Electronic Frontier Foundation
kurt@eff.org

Phoenix, AZ - On Wednesday, March 5 at 2 p.m., the Electronic Frontier Foundation (EFF) will urge a federal judge in Phoenix to block the recording industry’s effort to sue two Arizona residents for simply having music files in a “shared” folder on their computer.

The Recording Industry Association of America (RIAA) is seeking thousands of dollars in damages from the defendants in the case, Pamela and Jeffery Howell, for alleged unauthorized distribution of copyrighted digital music. However, instead of proving that the Howells actually distributed music files, the RIAA claims only that they had songs in the "shared" folder of peer-to-peer file-sharing software Kazaa -- without any proof that anyone other than their own investigators actually downloaded the songs from them.

EFF's Senior Staff Attorney Fred von Lohmann will argue at Wednesday's hearing that the RIAA cannot take this shortcut in its lawsuit campaign.

"This amounts to suing someone for attempted copyright infringement -- something the Copyright Act simply does not allow," said EFF Senior Staff Attorney Fred von Lohmann. "If the RIAA wants to keep bringing these suits and collecting big settlements, then they have to follow the law and prove their case. It's not enough to say the law could have been broken. The RIAA must prove it actually was broken."

WHAT:
Atlantic Records, et al. v. Howell

WHEN:
Wednesday, March 5, 2008
2pm

WHERE:
U.S. District Court
401 West Washington Street, Courtroom #504
Phoenix, AZ 85003-2118

For more about the case:
http://www.eff.org/deeplinks/2008/01/eff-files-brief-atlantic-v-howell-r...

For EFF's amicus brief:
http://www.eff.org/files/filenode/atlantic_v_howel/EFF_amicus_atlantic_h...

Contact:

Fred von Lohmann
Senior Intellectual Property Attorney
Electronic Frontier Foundation
fred@eff.org

San Francisco - A federal district court judge in San Francisco today rescinded a controversial order that disabled the "wikileaks.org" domain name which had -- until two weeks ago -- pointed to Wikileaks, a website designed to give whistleblowers a forum for posting materials of public concern.

This week, the Electronic Frontier Foundation (EFF) moved to intervene in the case, along with the American Civil Liberties Union (ACLU), and the American Civil Liberties Union Foundation of Northern California and the Project on Government Oversight (POGO). In a hearing in federal court today, EFF and its fellow intervenors and amici argued that the order infringed on the First Amendment rights of Internet users who have an interest in accessing material of public concern on the site. Ruling from the bench, Judge Jeffrey White cited concerns about the First Amendment, the effectiveness of disabling the wikileaks.org domain name, and the court's own jurisdiction over the case as reasons to dissolve his previous orders.

"We're very pleased that Judge White recognized the serious constitutional concerns raised by his earlier orders," said EFF Senior Staff Attorney Matt Zimmerman. "Attempting to interfere with the operation of an entire website because you have a dispute over some of its content is never the right approach. Disabling access to an Internet domain in an effort to prevent the world from accessing a handful of widely-discussed documents is not only unconstitutional -- it simply won't work."

Wikileaks permits third parties to post corporate and government documents that they believe expose wrongdoing. For example, in the past year individuals have posted materials documenting alleged human rights abuses in China and political corruption in Kenya.

The lawsuit began earlier this month, when Swiss bank Julius Baer filed suit against Wikileaks for hosting allegedly leaked documents regarding personal banking transactions of Julius Baer customers. Also sued was Wikileaks' domain name registrar, Dynadot LLC. On February 15, following a stipulation between Julius Baer and Dynadot, the court issued a permanent injunction, disabling the wikileaks.org domain name and preventing that domain name from being transferred to any other registrar.

In addition to dissolving the permanent injunction, which permits the wikileaks.org domain name to be reactivated, the court also declined to extend a previous temporary restraining order requiring Wikileaks to disable access to 14 disputed Julius Baer documents.

Joining the EFF, ACLU, and POGO motion to intervene was Wikileaks user Jordan McCorkle. The papers were filed in consultation with and on behalf of the intervenors by Steven Mayer of the law firm of Howard Rice Nemerovski Canady Falk & Rabkin. Other attorneys on the case include Christopher Kao and Shaudy Danaye-Elmi of Howard Rice; Zimmerman, Cindy Cohn, and Kurt Opsahl of EFF; and Aden Fine and Ann Brick of the ACLU and ACLU-Northern California, respectively.

For the full order:
http://www.eff.org/files/filenode/baer_v_wikileaks/wikileaks102.pdf

For more on the Wikileaks case:
http://www.eff.org/cases/bank-julius-baer-co-v-wikileaks

Contact:

Matt Zimmerman
Senior Staff Attorney
Electronic Frontier Foundation
mattz@eff.org

San Francisco - The Electronic Frontier Foundation (EFF), the American Civil Liberties Union (ACLU), and the American Civil Liberties Union Foundation of Northern California (ACLU-Northern California) Tuesday filed a motion to intervene in a lawsuit where a federal judge ordered the disabling of one of the domain names associated with "Wikileaks," a website designed to give whistleblowers a forum for posting materials of public concern.

In early February, Swiss bank Julius Baer filed suit in federal district court against Wikileaks for hosting 14 allegedly leaked documents regarding personal banking transactions of Julius Baer customers. Also sued was Wikileaks' domain name registrar, Dynadot LLC. On February 15, following a stipulation between Julius Baer and Dynadot, the court issued a permanent injunction, disabling the wikileaks.org domain name and preventing that domain name from being transferred to any other registrar.

"Dynadot's private agreement to disable access to its customer's domain name -- and the court's endorsement of that agreement -- raise serious First Amendment concerns," EFF Senior Staff Attorney Matt Zimmerman. "This unwarranted injunction should remind everyone who hosts critical information on the Web that such information may only remain accessible as long as your service provider or registrar is willing to stand up for you against obviously overreaching legal attacks."

Wikileaks permits third parties to post corporate and government documents that they believe expose wrongdoing. For example, in the past year individuals have posted materials documenting alleged human rights abuses in China and political corruption in Kenya. The court's order effectively prevents readers who are only familiar with Wikileaks through the wikileaks.org domain name from accessing any material on the site.

"Julius Baer's private dispute regarding a former employee's alleged violation of a confidentiality agreement does not warrant this attempt to block access to all material hosted on Wikileaks," said Zimmerman. "The First Amendment rights of readers who have a legitimate interest in the materials posted on the website simply cannot be treated as acceptable collateral damage to the bank's claims."

In the papers filed Tuesday, the intervenors -- including the EFF, the ACLU, the Project on Government Oversight (POGO), and Wikileaks user Jordan McCorkle -- asked the court for permission to intervene in order to dissolve the injunction disabling the wikileaks.org domain name. The papers were filed in consultation with and on behalf of the intervenors by Steven Mayer of the law firm of Howard Rice Nemerovski Canady Falk & Rabkin. Other attorneys on the case include Christopher Kao and Shaudy Danaye-Elmi of Howard Rice; Zimmerman, Cindy Cohn, and Kurt Opsahl of EFF; and Aden Fine and Ann Brick of the ACLU and ACLU-Northern California, respectively.

At 9:00 a.m. on Friday, February 29, a federal judge in San Francisco will hear arguments regarding a related issue: whether to extend a temporary restraining order aimed at preventing the further distribution of the 14 disputed Julius Baer documents. A hearing to address Tuesday's motion to intervene and subsequent motion to dissolve the domain name permanent injunction has not yet been scheduled.

For information regarding the February 29 hearing, please contact press@eff.org.

For the full motion to intervene:
http://www.eff.org/files/filenode/baer_v_wikileaks/motiontointervene.pdf

For more on this case:
http://www.eff.org/cases/bank-julius-baer-co-v-wikileaks

Contact:

Matt Zimmerman
Senior Staff Attorney
Electronic Frontier Foundation
mattz@eff.org

Washington, D.C. - The Electronic Frontier Foundation (EFF) filed suit against the Department of Justice (DOJ) today, demanding information about communications between the DOJ's former top privacy official and Google, the official's current employer.

Jane C. Horvath was named the DOJ's first Chief Privacy and Civil Liberties Officer in February of 2006. At that time, Google was fighting a massive DOJ subpoena asking for the text of every query entered into the search engine over a one-week period. The DOJ request -- part of a court battle over the constitutionality of a law regulating adult materials on the Internet -- ignited a national debate about Internet privacy.

The DOJ later scaled back its request, and a judge eventually allowed access to only 5000 random Google search queries. In a subsequent news article, Horvath was publicly critical of the DOJ's initial subpoena, saying she had privacy concerns about the massive request for information. Horvath's new job as Google's Senior Privacy Counsel was announced in August of 2007.

EFF asked the DOJ for information about communications between Horvath and Google with a Freedom of Information Act (FOIA) request as Horvath prepared to leave the agency, but the DOJ has not responded to the request more than six months after it was submitted.

"Google has an unprecedented ability to collect and retain very personal information about millions of Americans, and the DOJ and other law enforcement agencies have developed a huge appetite for that information," said EFF Senior Counsel David Sobel. "We want to know what discussions DOJ's top privacy lawyer had with Google before leaving her government position to join the company."

EFF's suit demands records of all correspondence, email, or other communications between Horvath and Google, and asks the court to order the DOJ to immediately process the documents for release.

This FOIA lawsuit is part of EFF's FLAG Project, which uses FOIA requests and litigation to expose the government's expanding use of technologies to invade privacy. Previous EFF FOIA requests have uncovered misuse of National Security Letters (NSLs) by the FBI, as well as improper FBI access to email from an entire computer network.

For the full complaint against the DOJ:
http://www.eff.org/files/filenode/doj_google/foia_complaint_filed.pdf

For more on EFF's FLAG Project:
http://www.eff.org/issues/foia

Contact:

David Sobel
Senior Counsel
Electronic Frontier Foundation
sobel@eff.org

San Francisco - A team including the Electronic Frontier Foundation (EFF), Princeton University, and other researchers have found a major security flaw in several popular disk encryption technologies that leaves encrypted data vulnerable to attack and exposure.

"People trust encryption to protect sensitive data when their computer is out of their immediate control," said EFF Staff Technologist Seth Schoen, a member of the research team. "But this new class of vulnerabilities shows it is not a sure thing. Whether your laptop is stolen, or you simply lose track of it for a few minutes at airport security, the information inside can still be read by a clever attacker."

The researchers cracked several widely used disk encryption technologies, including Microsoft's BitLocker, Apple's FileVault, TrueCrypt, and dm-crypt. These "secure" disk encryption systems are supposed to protect sensitive information if a computer is stolen or otherwise accessed. However, in a paper and video published on the Internet today, the researchers show that data is vulnerable because encryption keys and passwords stored in a computer's temporary memory -- or RAM -- do not disappear immediately after losing power.

"These types of attacks were often thought to be in the realm of the NSA," said Jacob Appelbaum, an independent computer security researcher and member of the research team. "But we discovered that on most computers, even without power applied for several seconds, data stored in RAM seemed to remain when power was reapplied, We then wrote programs to collect the contents of memory after the computers were rebooted."

Laptops are particularly vulnerable to this attack, especially when they are turned on but locked, or in a "sleep" or "hibernation" mode entered when the laptop's cover is shut. Even though the machines require a password to unlock the screen, the encryption keys are already located in the RAM, which provides an opportunity for attackers with malicious intent.

The research released today shows that these attacks are likely to be effective against many other disk encryption systems because these technologies have many architectural features in common. Servers with encrypted hard drives are also vulnerable.

"We've broken disk encryption products in exactly the case when they seem to be most important these days: laptops that contain sensitive corporate data or personal information about business customers," said J. Alex Halderman, a Ph.D. candidate in Princeton's computer science department. "Unlike many security problems, this isn't a minor flaw; it is a fundamental limitation in the way these systems were designed."

In addition to Schoen, Appelbaum, and Halderman, the research team included William Paul of Wind River Systems, and Princeton graduate students Nadia Heninger, William Clarkson, Joseph Calandrino, Ariel Feldman as well as Princeton Professor Edward Felten, the director of the Center for Information Technology Policy and a member of EFF's Board of Directors.

The researchers have submitted the paper for publication and it is currently undergoing review. In the meantime, the researchers have contacted the developers of BitLocker, which is included in some versions of Windows Vista, Apple's FileVault, and the open source TrueCrypt and dm-crypt products, to make them aware of the vulnerability. One effective countermeasure is to turn a computer off entirely, though in some cases even this does not provide protection.

For the full paper "Lest We Remember: Cold Boot Attacks on Encryption Keys," a demonstration video, and other background information:
http://citp.princeton.edu/memory/

Contacts:

Seth Schoen
Staff Technologist
Electronic Frontier Foundation
seth@eff.org

Jacob Appelbaum
Computer Security Researcher
jacob@appelbaum.net

J. Alex Halderman
Princeton University
jhalderm@cs.princeton.edu

San Diego - The Electronic Frontier Foundation (EFF) is pleased to announce the winners of its 2008 Pioneer Awards: the Mozilla Foundation and its Chairman Mitchell Baker, University of Ottawa Professor Michael Geist, and AT&T whistleblower Mark Klein.

The award ceremony will be held at 7pm, March 4th at the San Diego Marriott Hotel and Marina in conjunction with the O'Reilly Emerging Technology Conference (ETech). Michael Robertson -- founder and CEO of MP3.com, Linspire, MP3Tunes and Gizmo5 -- will give the awards' keynote address: "What to Expect When You're Expecting...To Be Sued."

Mitchell Baker is the Chairman of the Mozilla Foundation, which is dedicated to promoting openness, innovation, and opportunity on the Internet through its sponsorship of the open-source Mozilla project. The Mozilla Foundation provides grants, legal services, and other support for development projects involving the Firefox browser, the Thunderbird email application, and other Mozilla software. Baker was previously the attorney at Netscape responsible for all legal issues related to product development and intellectual property protection. During that time she wrote the Netscape and Mozilla Public Licenses.

Dr. Michael Geist is a law professor at the University of Ottawa. Last year, he led the public protest to proposed Canadian copyright law changes that would have devastated consumers' technology rights. The groundswell of opposition caused the government to rethink and ultimately cancel introducing the legislation. Geist serves on the Privacy Commissioner of Canada's Expert Advisory Board and on the Canadian Digital Information Strategy's Review Panel. Geist is also an internationally syndicated columnist on technology law and writes a popular blog on the Internet and intellectual property issues.

Mark Klein is a retired AT&T telecommunications technician who blew the whistle on the government's warrantless surveillance program. When news reports of the illegal spying surfaced in December of 2005, Klein realized that he had been witness to -- and participated in setting up -- massive surveillance technology that violated the rights of millions of Americans. In early 2006, Klein brought EFF authenticated documents showing how AT&T diverted customers' communications to a room controlled by the National Security Agency. EFF now represents AT&T customers in a class-action lawsuit over the illegal spying.

"The Pioneer Award winners this year show us how one person can truly make a difference in our digital world," said EFF Executive Director Shari Steele. "It's hard work to protect freedom, and we are so grateful for the invaluable contributions of Mitchell, Michael, and Mark."

Since 1991, the EFF Pioneer Awards have recognized individuals and organizations that have made significant and influential contributions to the development of computer-mediated communications and to the empowerment of individuals in using computers and the Internet. Past winners include World Wide Web inventor Tim Berners-Lee, Linux creator Linus Torvalds, and security researcher Bruce Schneier, among many others.

The winners of the 17th annual Pioneer Awards were nominated by the public and then chosen by a panel of judges. This year's panel includes Kim Alexander (President and founder, California Voter Foundation), Esther Dyson (Internet court jester and blogger, Release 0.9; founding chairman of ICANN; former chairman of EFF), Mitch Kapor (President, Kapor Enterprises; co-founder and former chairman EFF), Drazen Pantic (Co-director, Location One), Barbara Simons (IBM Research [Retired] and former president ACM), James Tyre, (Co-founder, The Censorware Project; EFF policy fellow) and Jimmy Wales, (Founder, Wikipedia; co-founder, Wikia; chair emeritus of the Wikimedia Foundation).

TCHO is the Platinum Sponsor for the 2008 Pioneer Awards ceremony. TCHO is a new chocolate company for a new generation of chocolate enthusiasts. Founded by Wired co-founder Louis Rossetto and legendary chocolatier and former technologist Timothy Childs, TCHO will sample a "beta release" of their dark chocolate during the awards ceremony. Attendees are invited to taste two different formulas and vote for their favorite. Feedback directly influences the national release bar. Learn more about TCHO at: http://www.tcho.com

Bronze sponsors of the event include Atomic PR, Barracuda, JibJab, MOG, and Three Rings.

Tickets to the Pioneer Awards ceremony are $35. If you plan to attend, RSVP to events@eff.org. You can also pay for your tickets in advance at http://secure.eff.org/pioneerfundraiser. Members of the media interested in attending the event should email press@eff.org.

For more on attending the Pioneer Awards:
http://www.eff.org/awards/pioneer

Contacts:

Katina Bishop
Associate Director of Development
Electronic Frontier Foundation
katina@eff.org

Rebecca Jeschke
Media Coordinator
Electronic Frontier Foundation
press@eff.org