FreshRSS

Zobrazení pro čtení

Jsou dostupné nové články, klikněte pro obnovení stránky.

Senate Approves Section 702 Reauthorization, Keeps Only The Bad Stuff

The government had a few years to sort this out, but as usual, the final call came down to the last minute. Shortly after Section 702 expired at midnight, April 19, the Senate pushed through a two-year reauthorization — one pretty much free of any reforms.

This happened despite there being a large and vocal portion of the Republican party seeking to curb the FBI’s access to these collections because some of their own had been subjected to the sort of abuse that has become synonymous with the FBI’s interaction with this particular surveillance program.

The reauthorization passed to the Senate from the House had been stripped of a proposed warrant requirement and saddled with an especially expansive definition of the term “electronic communication service provider.” Here’s how Senator Ron Wyden explained it while speaking out against the amendment:

Now, if you have access to any communications, the government can force you to help it spy. That means anyone with access to a server, a wire, a cable box, a wifi router, a phone, or a computer. Think about the millions of Americans who work in buildings and offices in which communications are stored or pass through.

After all, every office building in America has data cables running through it. These people are not just the engineers who install, maintain and repair our communications infrastructure; there are countless others who could be forced to help the government spy, including those who clean offices and guard buildings. If this provision is enacted, the government could deputize any one of these people against their will, and force them to become an agent for Big Brother.

For example, by forcing an employee to insert a USB thumb drive into a server at an office they clean or guard at night.

This could all happen without any oversight. The FISA Court won’t know about it. Congress won’t know about it. The Americans who are handed these directives will be forbidden from talking about it. And unless they can afford high priced lawyers with security clearances who know their way around the FISA Court, they will have no recourse at all.

So, instead of reform, we’re getting an even worse version of what’s already been problematic, especially when the FBI’s involved. As the clock ticked down on this vote (but not really: the FISA court had already granted the Biden administration’s request to keep the program operable as-is until 2025), attempts were made to strip the bill of this dangerous addition and add back in the warrant requirement amendment that had failed in the House.

None of this worked, as Gaby Del Valle reports for The Verge:

Sens. Ron Wyden (D-OR) and Josh Hawley (R-MO) introduced an amendment that would have struck language in the House bill that expanded the definition of “electronic communications service provider.” Under the House’s new provision, anyone “who has access to equipment that is being or may be used to transmit or store wire or electronic communications.” The expansion, Wyden has claimed, would force “ordinary Americans and small businesses to conduct secret, warrantless spying.” The Wyden-Hawley amendment failed 34-58, meaning that the next iteration of the FISA surveillance program will be more expansive than before.

Both Sens. Paul and Dick Durbin (D-IL) introduced separate amendments imposing warrant requirements on surveilling Americans. A similar amendment failed in the House on a 212-212 vote. Durbin’s narrower warrant requirement wouldn’t require intelligence agencies to obtain a warrant to query for those communications, though it requires one to access them.

The version headed to the president’s desk is the worst version. The rush to push this version of the bill through possibly gained a little urgency when two unnamed service providers informed the government they would stop complying with FISA orders pretty much immediately if the Senate didn’t renew the program.

One communications provider informed the National Security Agency that it would stop complying on Monday with orders under Section 702 of the Foreign Intelligence Surveillance Act, which enables U.S. intelligence agencies to gather without a warrant the digital communications of foreigners overseas — including when they text or email people inside the United States.

Another provider suggested that it would cease complying at midnight Friday unless the law is reauthorized, according to the people familiar with the matter, who spoke on the condition of anonymity to discuss sensitive negotiations.

We’ll never know how empty these threats might have been or if the Intelligence Community would have even noticed the brief interruption in the flow of communications. Section 702 has been given a two-year extension in the form approved by the Senate, superseding the FISA Court’s blessing of one more year of uninterrupted spying if discussions over renewal blew past the April 19, 2024 deadline.

If you’re a fan of bipartisan efforts — no matter the outcome — well… enjoy your victory, I guess. But there’s nothing about this renewal debacle that can actually be called a win. Unless you’re the FBI, of course. Then it’s all gravy.

96% Of Hospitals Share Sensitive Visitor Data With Meta, Google, and Data Brokers

Od: Karl Bode

I’ve mentioned more than a few times how the singular hyperventilation about TikTok is kind of silly distraction from the fact that the United States is too corrupt to pass a modern privacy law, resulting in no limit of dodgy behavior, abuse, and scandal. We have no real standards thanks to corruption, and most people have no real idea of the scale of the dysfunction.

Case in point: a new study out of the University of Pennsylvania (hat tip to The Register) analyzed a nationally representative sample of 100 U.S. hospitals, and found that 96 percent of them were doling out sensitive user visitor data to Google, Meta, and a vast coalition of dodgy data brokers.

Hospitals, it should be clear, aren’t legally required to publish website privacy policies that clearly detail how and with whom they share visitor data. Again, because we’re too corrupt as a country to require and enforce such requirements. The FTC does have some jurisdiction, but it’s too short staffed and under-funded (quite intentionally) to tackle the real scope of U.S. online privacy violations.

So the study found that a chunk of these hospital websites didn’t even have a privacy policy. And of the ones that did, about half the time the over-verbose pile of ambiguous and intentionally confusing legalese didn’t really inform visitors that their data was being transferred to a long list of third parties. Or, for that matter, who those third-parties even are:

“…we found that although 96.0% of hospital websites exposed users to third-party tracking, only 71.0% of websites had an available website privacy policy…Only 56.3% of policies (and only 40 hospitals overall) identified specific third-party recipients.”

Data in this instance can involve everything including email and IP addresses, to what you clicked on, what you researched, demographic info, and location. This was all a slight improvement from a study they did a year earlier showing that 98 percent of hospital websites shared sensitive data with third parties. The professors clearly knew what to expect, but were still disgusted in comments to The Register:

“It’s shocking, and really kind of incomprehensible,” said Dr Ari Friedman, an assistant professor of emergency medicine at the University of Pennsylvania. “People have cared about health privacy for a really, really, really long time.” It’s very fundamental to human nature. Even if it’s information that you would have shared with people, there’s still a loss, just an intrinsic loss, when you don’t even have control over who you share that information with.”

If this data is getting into the hands of dodgy international and unregulated data brokers, there’s no limit of places it can end up. Brokers collect a huge array of demographic, behavioral, and location data, use it to create detailed profiles of individuals, then sell access in a million different ways to a long line of additional third parties, including the U.S. government and foreign intelligence agencies.

There should be hard requirements about transparent, clear, and concise notifications of exactly what data is being collected and sold and to whom. There should be hard requirements that users have the ability to opt out (or, preferably in the cases of sensitive info, opt in). There should be hard punishment for companies and executives that play fast and loose with consumer data.

And we have none of that because our lawmakers decided, repeatedly, that making money was more important than market health, consumer welfare, and public safety. The result has been a parade of scandals that skirt ever closer to people being killed, at scale.

So again, the kind of people that whine about the singular privacy threat that is TikTok (like say FCC Commissioner Brendan Carr, or Senator Marsha Blackburn) — but have nothing to say about the much broader dysfunction created by rampant corruption — are advertising they either don’t know what they’re talking about, or aren’t addressing the full scope of the problem in good faith.

Funniest/Most Insightful Comments Of The Week At Techdirt

This week, both our winners on the insightful side come in response to our post about Google blocking news sites in California because of bad link tax laws, and specifically in reply to a commenter who suggested the link tax would just be “Google giving back” money. In first place, it’s an anonymous reply:

What. Any money google earns through ads on their own products is purely from value of googles services. The links the the news sites do not contain the news itself. That’s like saying the yellow pages is pizza. And Chinese food. And Mexican.

In case this is not blindly obvious: that’s bat shit crazy.

The news sites have their content. And google is only making it easy for people to get to it. If the news sites can’t make any money off it: That’s like Restaurants blaming the yellow pages for them going out of business.

And in second place, it’s Stephen T. Stone making a different version of the point:

Irrelevant. To charge for links is to undercut the basic functionality of the Internet for the sake of profit. Google, Twitter, Facebook, or any other interactive web service or website should have no obligation to pay for the right to link to a newspaper’s website.

For editor’s choice on the insightful side, we start out with one more comment on that post, this time from another anonymous commenter making a very simple and important point:

Taxes disincentivize the taxed behavior. If you tax links, you’re disincentivizing linking. This is not rocket surgery.

Next, it’s still another anonymous commenter, this time on our post about the possibility of a TikTok ban, in reply to a commenter trying to shift the burden of proof and demand a “debunking” of fears about TikTok:

You can’t “debunk a concern”. People will have a moral panic over whatever they like in service of any number of agendas.

The actual problem, though, is that’s all you have: Concern, and claims. Bring evidence of privacy issues unique to TikTok, and/or influence issues caused by TikTok (while not ignoring the First Amendment). Then others can support or debunk your evidence with additional evidence. That’s how this works. Make a testable claim, then test it, then show your work and the evidence produced by testing. It is no one else’s job to counter things that don’t exist, but lucky you, articles like the one above are already doing just that.

Over on the funny side, our first place winner is NotTheMomma with a comment about other child safety laws that would block sites:

Come on now, Mike, this will work, look at how prohibition went? Most of these people pushing for this were alive then.

In second place, it’s bonk with another comment about TikTok panic, and people comparing it to fentanyl:

I heard from a friend’s friend that they had a brother that was so addicted to social media he died. It took the paramedics ten minutes to dislodge the smartphone he had snorted, but he had already perished at that point.

For editor’s choice on the funny side, we’ve got two more anonymous comments. The first is another response to “TikTok as fentanyl”:

Projection?

… I’m starting to think that the folks in charge are just projecting their own insecurities brought on by years of just believing whatever entity was waving money in their face.

Finally, it’s a comment about the rise of “chemtrail” legislation:

WHEREAS, it is documented, among those within the pseudoscience of bullshitery, that the Earth is flat, and that the Earth is at the center of the universe.

WHEREAS, the constant Pi is commonly referred to as an irrational number, it will from now on be known as 3.

We have the best science, no one has better science than we do. Did you land on the moon? No? Hahaha

That’s all for this week, folks!

This Week In Techdirt History: April 14th – 20th

Five Years Ago

This week in 2019, Starz was going after tweets about a TorrentFreak article, then issuing a laughably unbelievable excuse and apology. The EU nations, as expected, rubber stamped the copyright directive, while the Parliament moved on to the terrorist content regulations and quickly pushed those through too. We learned some more about ICE’s fake university sting operation, while Motel 6 was set to pay out another $12 million for handing guest info to ICE. And Facebook and a very, very bad week on the privacy front, while the Sixth Circuit dumped a lawsuit attempting to hold Twitter responsible for the Pulse nightclub shooting.

Ten Years Ago

This week in 2014, we looked at the lessons from the suspicion and denial around the NSA and the Heartbleed vulnerability, and how the agency could certainly still be using it. The Guardian and the Washington Post won Pulitzers for their Snowden coverage, leading to some backlash that got pretty bizarre. Hollywood was pressuring Australia to make ISPs act as copyright cops, Eli Lilley was pressuring Canada to approve a patent on a useless drug, and General Mills was trying out quite a legal theory about what you can agree to by “Liking” a page on Facebook.

Fifteen Years Ago

This week in 2009, Google turned off uploads in Korea rather than abide by a requirement to identify and disclose users, some new research was being misrepresented to claim that “Twitter makes you immoral”, and there was one of many examples of Amazon’s DRM turning a Kindle into a paperweight. An activist group was using bogus DMCA claims to take down videos exposing its use of fake “concerned citizens”, while a news station was doing the same to hide the fact that it fell for an April Fool’s prank. And the Coldplay/Satriani copyright fight continued, with Coldplay’s filing that denied any copying.

Senate Must Follow House’s Lead In Passing Fourth Amendment Is Not For Sale Act

The Fourth Amendment exists for a reason. It’s supposed to protect our private possessions and data from government snooping, unless they have a warrant. It doesn’t entirely prevent the government from getting access to data, they just need to show probable cause of a crime.

But, of course, the government doesn’t like to make the effort.

And these days, many government agencies (especially law enforcement) have decided to take the shortcut that money can buy: they’re just buying private data on the open market from data brokers and avoiding the whole issue of a warrant altogether.

This could be solved with a serious, thoughtful, comprehensive privacy bill. I’m hoping to have a post soon on the big APRA data privacy bill that’s getting attention lately (it’s a big bill, and I just haven’t had the time to go through the entire bill yet). In the meantime, though, there was some good news, with the House passing the “Fourth Amendment is Not For Sale Act,” which was originally introduced in the Senate by Ron Wyden and appears to have broad bipartisan support.

We wrote about it when it was first introduced, and again when the House voted it out of committee last year. The bill is not a comprehensive privacy bill, but it would close the loophole discussed above.

The Wyden bill just says that if a government agency wants to buy such data, if it would have otherwise needed a warrant to get that data in the first place, it should need to get a warrant to buy it in the market as well.

Anyway, the bill passed 219 to 199 in the House, and it was (thankfully) not a partisan vote at all.

Image

It is a bit disappointing that the vote was so close and that so many Representatives want to allow government agencies, including law enforcement, to be able to purchase private data to get around having to get a warrant. But, at least the majority voted in favor of the bill.

And now, it’s up to the Senate. Senator Wyden posted on Bluesky about how important this bill is, and hopefully the leadership of the Senate understand that as well.

Can confirm. This is a huge and necessary win for Americans' privacy, particularly after the Supreme Court gutted privacy protections under Roe. Now it's time for the Senate to do its job and follow suit.

[image or embed]

— Senator Ron Wyden (@wyden.senate.gov) Apr 17, 2024 at 3:30 PM

‘Lol, No’ Is The Perfect Response To LAPD’s Nonsense ‘IP’ Threat Letter Over ‘Fuck The LAPD’ Shirt

We’ve had plenty of posts discussing all manner of behavior from the Los Angeles Police Dept. and/or the LAPD union here at Techdirt. As you might imagine if you’re a regular reader here, the majority of those posts haven’t exactly involved fawning praise for these supposed crimefighters. In fact, if you went on a reading blitz of those posts, you might even come away thinking, “You know what? Fuck the LAPD!”

Well, if you wanted to display your sentiments while you went about your day, you might go over to the Cola Corporation’s website to buy one particular shirt it had on offer there before they completely sold out.

Now, it’s not uncommon for misguided entities to issue intellectual property threat letters over t-shirts and apparel, even when it is of the sort that is obviously fair use. Given that, you might have thought it would be the Los Angeles Lakers that sent a nastygram to Cola Corp. After all, the logo in question is clearly a parody of the LA Lakers logo.

Nope!

It was the Los Angeles Police Foundation via its IMG representatives. The LAPF is something of a shadow financier of the LAPD for equipment, including all manner of tech and gear. We have no idea how an entertainment agency like IMG got in bed with these assbags, but it was IMG sending the threat letter you can see below, chock full of all kinds of claims to rights that the LAPF absolutely does not and could not have.

If you can’t see that, it’s a letter sent by Andrew Schmidt, who represents himself as the Senior Counsel to IMG Worldwide, saying:

RE: Request to Remove Infringing Material From www.thecolacorporation.com
Dear Sir/Madam:

I am writing on behalf of IMG Worldwide, LLC (“IMG”), IMG is the authorized representative of Los Angeles Police Foundation CLAPF) LAPF is one of two exclusive holders of intellectual property rights pertaining to trademarks, copyrights and other licensed indicia for (a) the Los Angeles Police Department Badge; (b) the Los Angeles Police Department Uniform; (c) the LAPD motto “To Protect and Serve”; and (d) the word “LAPD” as an acronym/abbreviation for the Los Angeles Police Department (collectively, the “LAPD IP”). Through extensive advertising, promotion and the substantial sale of a full range of licensed products embodying and pertaining to the LAPD IP, the LAPD IP has become famous throughout the world; and as such, carries immeasurable value to LAPF.

We are writing to you regarding an unauthorized use of the LAPD IP on products being sold on your website, www.thecolacorporation.com (the “Infringing Product”). The website URL and description for the Infringing Product is as follows:
https://www.thecolacorporation.com/products fack-the- lupd pos-1&sid=435934961&&variant=48461787234611 FUCK THE LAPD
For the avoidance of doubt, the aforementioned Infringing Product and the image associated therewith are in no way authorized or approved by LAPF or any of its duly authorized representatives.

This letter hereby serves as a statement that:

  1. The aforementioned Infringing Product and the image associated therewith violate LAPF’s rights in the LAPD IP
  2. These exclusive rights in and to the LAPD IP are being violated by the sale of the Infringing Product on your website at the URL mentioned above;
  3. [Contact info omitted]
  4. On information and belief, the use of the LAPD IP on the Infringing Products is not authorized by LAPF, LAPF’s authorized agents or representatives or the law.
  5. Under penalty of perjury, I hereby state that the above information is accurate and I am duly authorized to act on on behalf of the rights holder of the intellectual. property at issue I hereby request that you remove or disable access the above-mentioned materials and their corresponding URL’s as they appear on your services in as expedient a manner as possible.

So, where to begin? For starters, note how the letter breezily asserts copyright, trademark, and “other licensed indicia” without ever going into detail as to what it thinks it actually holds the rights to? That’s an “indicia” of a legal threat that is bloviating, with nothing to back it up. If you know what rights you have, you clearly state them. This letter does not.

If it’s a copyright play that the LAPF is trying to make, it’s going to go absolutely nowhere. The use is made for the purposes of parody and political commentary. It’s clearly fair use, and there are plenty of precedents to back that up. Second, what exactly is the copyright claim here? It’s not the logo. Again, if anything, that would be the Lakers’ claim to make. The only thing possibly related to the LAPD would be those letters: LAPD. And, no, the LAPD does not get to copyright the letters LAPD.

If it’s a trademark play instead, well, that might actually work even less for the LAPF, for any number of reasons. Again, this is parody and political commentary: both First Amendment rights that trump trademarks. More importantly, in trademark you have the question of the likelihood of confusion. We’re fairly sure the LAPF doesn’t want to make the case that the public would be confused into thinking that the Los Angeles Police Foundation was an organization that is putting out a “Fuck the LAPD” t-shirt. Finally, for there to be a trademark, there has to be a use in commerce. Is the LAPF selling “Fuck the LAPD” t-shirts? Doubtful.

But that’s all sort of besides the point, because the LAPF doesn’t have the rights IMG asserted in its letter. Again, the only possible claim that the LAPF can make here is that it has ownership to the letters LAPD. And it does not. Beyond the fact that it had no “creative” input into LAPD, the LAPD is a city’s law enforcement agency and you cannot copyright or trademark such a thing. And, as we’ve discussed multiple times in the past, government agencies don’t get to claim IP on their agency names. The only restrictions they can present are on deceptive uses of logos/seals/etc.

But that is clearly not the case here. And we already have some examples from a decade ago of government agencies demanding the removal of parody logos and… it not ending very well for the government. 

So, what is actually happening here is that the LAPF/LAPD (via IMG) is pretending it has the right to screw with private citizens in ways it absolutely does not, and is using those false rights to harass those private persons with threatening behavior to intimidate them into doing what the LAPF wants. Which, if I’m being totally honest here, is certainly on brand as roughly the most police-y thing it could do in response to a simple t-shirt that is no longer even for sale.

Now, you might imagine that the Cola Corporation’s own legal team would reply to the silly threat letter outlining all of the above, crafting a careful and articulate narrative responding to all the points raised by the LAPF, and ensuring that their full legal skills were on display.

Instead, the company brought on former Techdirt podcast guest, lawyer Mike Dunford, who crafted something that is ultimately even better.

If you can’t read that, you’re not missing much. It says:

Andrew,

Lol, no.

Sincerely,
Mike Dunford

Perfect. No notes. May it go down in history alongside Arkell v. Pressdam, or the infamous Cleveland Browns response to a fan complaining about paper airplanes, as the perfect way to respond to absolutely ridiculous legal threat letters.

For what it’s worth, Dunford’s boss, Akiva Cohen, noted that this letter was “a fun one to edit.” We can only imagine.

This was a fun one to edit

[image or embed]

— AkivaMCohen (@akivamcohen.bsky.social) Apr 18, 2024 at 2:47 PM

SCOTUS Needs To Take Up The Texas Age Verification Lawsuit

I think we could witness one of the most important First Amendment legal showdowns ever.

The U.S. Supreme Court is being asked to rule on the constitutionality of mandatory age verification for porn websites. If the high court takes up the case, it would queue up a landmark debate pertaining to the First Amendment and privacy rights of millions of people.

Free Speech Coalition and the parent companies of the largest adult entertainment websites on the web filed suit in the U.S. District Court for the Western District of Texas with the intention to block House Bill (HB) 1181.

HB 1181 requires mandatory age verification for porn websites with users from Texas IP addresses. It also requires pseudoscientific health warnings to be posted on adult websites. Counsel representing the coalition and the porn companies argued that it violated the First Amendment rights of consumers and owners of the websites. This prompted the federal district court to initially enjoin the state of Texas from enforcing the law because its text appeared to be unconstitutional.

Acting Texas Attorney General Angela Colmenero appealed the injunction to the Fifth Circuit Court of Appeals. After a clear demonstration of classic Fifth Circuit tap dancing and the return of Ken Paxton to helm of the Attorney General’s office, Texas was granted permission to enforce the age verification requirements outlined in the law. Luckily, the circuit judges properly applied the Zauderer standard, denying the requirement to post the bogus health warnings.

Soon after this, Paxton announced lawsuits against the parent companies of Pornhub, xHamster, and Stripchat for violations of HB 1181. The penalties total in millions of dollars in damages, per the law. After the lawsuits for HB 1181 violations were announced and filed in circuit courts in Travis County, counsel for the plaintiffs tried to hold enforcement while they petitioned the high court to take up the case for consideration. Justice Samuel Alito, the circuit justice for the Fifth Circuit, has yet to indicate that the case will be taken up by the Supreme Court. There is no reason why they shouldn’t take it up because of how important this case is moving forward, and how this issue is showing up in so many other states.

The case, Free Speech Coalition et al. v. Paxton, is so important that the national affiliate of the American Civil Liberties Union announced they are aiding the plaintiffs and their current counsel, a team from the big law firm Quinn Emanuel, in their case. They will support the petition for writ of certiorari, potential oral arguments, etc. to render House Bill 1181 and all age verification laws as unconstitutional pipedreams.

Plaintiffs accurately argue that this is settled law, referring to the high court’s landmark decision in Reno v. American Civil Liberties Union. This decision found that segregating the content of the internet by age violates the rights of not only adults but for minors. The vast majority of age verification laws as they are structured now do just that.

While the Supreme Court provided for a less restrictive means to filter out minors from viewing age-restricted materials and potentially facing some level of harm, the vehicles of enforcement and some of the options touted in these bills for controlling minors’ web usage are, to the plaintiffs and civil liberties organizations, a violation of the First Amendment. ACLU and Quinn Emanuel attorneys for the plaintiffs present these arguments in their petition for writ of certiorari, which was filed in April 2024. Now, we just need the Supreme Court to take this seriously and not let the Fifth Circuit, the circuit that upheld a ban on drag shows, dictate law for the nation.

Michael McGrady covers the legal and tech side of the online porn business, among other topics.

The US Banning TikTok Would Play Right Into China’s Hands, And Destroy Decades Of US Work On Promoting An Open Internet

Apparently, the TikTok ban bill is back.

Speaker Mike Johnson plans to include TikTok divestiture legislation already passed by the House in a fast-moving aid package for Ukraine and Israel that the chamber is set to clear on Saturday. The Senate is expected to quickly take up the measure, and President Joe Biden promised Wednesday to sign it immediately.

If signed into law, the bill would deliver a significant blow to a video-sharing app used by as many as 170 million Americans. Its enactment would also mark a major setback to the company’s intense lobbying efforts, especially by Chief Executive Officer Shou Chew, who made the rounds on Capitol Hill last month in a bid to get the Senate to squelch the legislation.

I’ve already explained why the TikTok ban is both unconstitutional and would not do anything to fix the “concerns” that people have raised about it. We’ve also discussed how those most vocally pushing for the TikTok ban appear to be financially conflicted.

But, even more important than all that, is that a TikTok ban would be a disaster for the open web. Yes, other countries have banned apps, but they tend to be authoritarian countries that have never liked and never supported an open web.

Banning an entire app in the US would be a massive attack on the very concept of an open web. And that’s really unfortunate, given that the US used to be the world’s most vocal supporter of the web being kept open and free.

The New York Times recently had a good article calling out what a disaster the ban would be for the open web.

Digital rights groups and others around the world have taken notice — and raised the question of how the moves against TikTok contradict the United States’ arguments in favor of an open internet.

A Russian opposition blogger, Aleksandr Gorbunov, posted on social media last month that Russia could use the move to shut down services like YouTube. And digital rights advocates globally are expressing fears of a ripple effect, with the United States providing cover for authoritarians who want to censor the internet.

In March, the Chinese government, which controls its country’s internet, said America had “one way of saying and doing things about the United States, and another way of saying and doing things about other countries,” citing the TikTok legislation.

Passing the TikTok ban would effectively be telling the world (1) it’s totally okay to ban apps you don’t like, and (2) the U.S. long-standing commitment to the open web was always fake and always bullshit, because the second a successful foreign app came along, we tossed out those principles.

“It would diminish the U.S.’s standing in promoting internet freedom,” said Juan Carlos Lara, the executive director of Derechos Digitales, a Latin American digital rights group based in Chile. “It would definitely not bolster its own case for promoting a free and secure, stable and interoperable internet.”

And that signal will be heard loud and clear around the world:

Mishi Choudhary, a lawyer who founded the New Delhi-based Software Freedom Law Center, said the Indian government would also use a U.S. ban to justify further crackdowns. It has already engaged in internet shutdowns, she said, and it banned TikTok in 2020 over border conflicts with China.

“This gives them good reason to find confidence in their past actions, but also emboldens them to take similar future actions,” she said in an interview.

Mr. Lara of Derechos Digitales noted that countries like Venezuela and Nicaragua had already passed laws that gave the government more control over online content. He said increased government control of the internet was a “tempting idea” that “really risks materializing if such a thing is seen in places like the U.S.”

A forced sale or ban of TikTok could also make it harder for the American government to ask other countries to embrace an internet governed by international organizations, digital rights experts said.

And, if the goal here is to hurt China in particular, that may backfire massively:

Patrick Toomey, the deputy director of the National Security Project at the American Civil Liberties Union, said that if the TikTok measure became law, the “hypocrisy would be inescapable and the dividends to China enormous.”

China has long made a big deal whenever the US government is hypocritical like this. This would be a huge PR win for the Chinese government. It would allow it to claim that its Great Firewall approach to the internet is right, and that the US was admitting that openness and an open internet fails. It would allow China to call out US hypocrisy, and that matters a lot at this moment when China is working hard to build stronger relationships with lots of countries around the globe.

Banning TikTok won’t help the US against China. It will play right into China’s hands. It doesn’t need TikTok to get data on Americans, nor to try to influence Americans. But, destroying decades of US foreign policy promoting an open and free internet serves China’s interests massively.

Daily Deal: The Ultimate Adobe CC Training Bundle

The Ultimate Adobe CC Training Bundle has 12 courses to help you get the most out of the Adobe Creative Cloud Suite. Courses cover Photoshop, Illustrator, InDesign, Dreamweaver, After Effects, and more. It’s on sale for $40.

Note: The Techdirt Deals Store is powered and curated by StackCommerce. A portion of all sales from Techdirt Deals helps support Techdirt. The products featured do not reflect endorsements by our editorial team.

Congressional Testimony On Section 230 Was So Wrong That It Should Be Struck From The Record

A few months ago, we wondered if Wired had fired its entire fact-checking staff because it published what appeared to be a facts-optional article co-authored by professional consistently wrong Jaron Lanier and an academic I’d not come across before, Allison Stanger. The article suggested that getting rid of Section 230 “could save everything.” Yet the article was so far off-base that it was in the “not even wrong” category of wrongness.

I’m not going to review all the reasons it was wrong. You can go back to my original article for that, though I will note that the argument seemed to suggest that getting rid of Section 230 would both lead to better content moderation and, at the same time, only moderation based on the First Amendment. Both of those points are obviously wrong, but the latter one is incoherent.

Given his long track record of wrongness, I had assumed that much of the article likely came from Lanier. However, I’m going to reassess that in light of Stanger’s recent performance before the House Energy & Commerce Committee. Last week, there was this weird hearing about Section 230, in which the Committee invited three academic critics of Section 230, and not a single person who could counter their arguments and falsehoods. We talked about this hearing a bit in this week’s podcast, with Rebecca MacKinnon from the Wikimedia Foundation.

Stanger was one of the three witnesses. The other two, Mary Anne Franks and Mary Graw Leary, presented some misleading and confused nonsense about Section 230. However, the misleading and confused nonsense about Section 230 at least fits into the normal framework of the debate around Section 230. There is confusion about how (c)(1) and (c)(2) interact, the purpose of Section 230, and (especially) some confusion about CSAM and Section 230 and an apparent unawareness that federal criminal behavior is exempted from Section 230.

But, let’s leave that aside. Because Stanger’s submission was so far off the mark that whoever invited her should be embarrassed. I’ve seen some people testify before Congress without knowing what they’re talking about, but I cannot recall seeing testimony this completely, bafflingly wrong before. Her submitted testimony is wrong in all the ways that the Wired article was wrong and more. There are just blatant factual errors throughout it.

It is impossible to cover all of the nonsense, so we’re just going to pick some gems.

Without Section 230, existing large social media companies would have to adapt. Decentralized Autonomous Organizations, (DAOs) such as BlueSky and Mastodon, would become more attractive. The emergent DAO social media landscape should serve to put further brakes on virality, allowing a more regional social media ecosystem to emerge, thereby creating new demand for local media. In an ideal world, networks of DAOs would comprise a new fediverse (a collection of social networking servers which can communicate with each other, while remaining independently controlled), where users would have greater choice and control over the communities of which they are a part.

So, um. That’s not what DAOs are, professor. You seem to be confusing decentralized social media with decentralized autonomous organizations, which are a wholly different thing. This is kind of like saying “social security benefits” when you mean “social media influencers” because both begin with “social.” They’re not the same thing.

A decentralized social media site is what it says on the tin. It’s a type of social media that isn’t wholly controlled by a single company. Different bits of it can be controlled by others, whether its users or alternative third-party providers. A DAO is an operation, often using mechanisms like cryptocurrency and tokens, to enable a kind of democratic voting, or (possibly) a set of smart contracts, that determine how the loosely defined organization is run. They are not the same.

In theory, a decentralized social media site could be run by a DAO, but I don’t know of any that currently are.

Also, um, decentralized social media can only really exist because of Section 230. “Without Section 230,” you wouldn’t have Bluesky or Mastodon, because they would face ruinous litigation for hosting content that people would sue over. So, no, you would not have either more decentralized social media (which I think is what you meant) or DAOs (which are wholly unrelated). You’d have a lot less, because hosting third-party speech would come with way more liability risk.

Also, there’s nothing inherent to decentralized social media that means you’d “put the brakes on virality.” Mastodon has developed to date in a manner designed to tamp down virality, but Bluesky hasn’t? Nor have other decentralized social media offerings, many of which hope to serve a global conversation where virality is a part of it. And that wouldn’t really change with or without Section 230. Mastodon made that decision because of the types of communities it wanted to foster. And, indeed, its ability to do that is, in part, due to intermediary liability protections like Section 230, that enable the kind of small, more focused community moderation Mastodon embraces already.

It’s really not clear to me that Professor Stanger even knows what Section 230 does.

Non-profits like Wikipedia are concerned that their enterprise could be shut down through gratuitous defamation lawsuits that would bleed them dry until they ceased to exist (such as what happened with Gawker). I am not convinced this is a danger for Wikipedia, since their editing is done by humans who have first amendment rights, and their product is not fodder for virality….

Again, wut? The fact that their editing is “done by humans” has literally no impact on anything here. Why even mention that? Humans get sued for defamation all the time. And, if they’re more likely to get sued for defamation, they’re less likely to even want to edit at all.

And people get mad about their Wikipedia articles all the time, and sometimes they sue over them. Section 230 gets those lawsuits thrown out. Without it, those lawsuits would last longer and be more expensive.

Again, it’s not at all clear if Prof. Stanger even knows what Section 230 is or how it works.

The Facebook Files show that Meta knew that its engagement algorithms had adverse effects on the mental health of teenage girls, yet it has done nothing notable to combat those unintended consequences. Instead, Meta’s lawyers have invoked Section 230 in lawsuits to defend itself against efforts to hold it liable for serious harms

Again, this is just wrong. What the crux of the Facebook Files showed was that Meta was, in fact, doing research to learn about where its algorithms might cause harm in order to try to minimize that harm. However, because of some bad reporting, it now means that companies will be less likely to even do that research, because people like Professor Stanger will misrepresent it, claiming that they did nothing to try to limit the harms. This is just outright false information.

Also, the cases where Meta has invoked Section 230 would be unrelated to the issue being discussed here because 230 is about not being held liable for user content.

The online world brought to life by Section 230 now dehumanizes us by highlighting our own insignificance. Social media and cancel culture make us feel small and vulnerable, where human beings crave feeling large and living lives of meaning, which cannot blossom without a felt sense of personal agency that our laws and institutions are designed to protect. While book publishers today celebrate the creative contributions of their authors, for-profit Internet platforms do not.

I honestly have no idea what’s being said here. “Dehumanizes us by highlighting our own insignificance?” What are you even talking about? People were a lot more “insignificant” pre-internet, when they had no way to speak out. And what does “cancel culture” have to do with literally any of this?

Without Section 230, companies would be liable for the content on their platforms. This would result in an explosion of lawsuits and greater caution in such content moderation, although companies would have to balance such with first amendment rights. Think of all the human jobs that could be generated!

Full employment for tort lawyers! I mean, this is just a modern version of Bastiat’s broken window fallacy. Think of all the economic activity if we just break all the windows in our village!

Again and again, it becomes clear that Stanger has no clue how any of this works. She does not understand Section 230. She does not understand the internet. She does not understand the First Amendment. And she does not understand content moderation. It’s a hell of a thing, considering she is testifying about Section 230 and its impact on social media and the First Amendment.

At a stroke, content moderation for companies would be a vastly simpler proposition. They need only uphold the First Amendment, and the Courts would develop the jurisprudence to help them do that, rather than to put the onus of moderation entirely on companies.

That is… not at all how it would work. They don’t just need to “uphold the First Amendment” (which is not a thing that companies can even do). The First Amendment’s only role is in restricting the government, not companies, from passing laws that infringe on a person’s ability to express themselves.

Instead, as has been detailed repeatedly, companies would face the so-called “moderator’s dilemma.” Because the First Amendment requires distributors to have actual knowledge of content violating the law to be liable, a world without Section 230 would incentivize one of two things, neither of which is “upholding the First Amendment.” They would either let everything go and do as little moderation as possible (so as to avoid the requisite knowledge), or they’d become very aggressive in limiting and removing content to avoid liability (even though this wouldn’t work and they’d still get hit with tons of lawsuits).

We’ve been here before. When government said the American public owned the airwaves, so television broadcasting would be regulated, they put in place regulations that supported the common good. The Internet affects everyone, and our public square is now virtual, so we must put in place measures to ensure that our digital age public dialogue includes everyone. In the television era, the fairness doctrine laid that groundwork. A new lens needs to be developed for the Internet age.

Except, no, that’s just factually wrong. The only reason that the government was able to put regulations on broadcast television was because the government controlled the public spectrum which they licensed to the broadcasters. The Supreme Court made clear in Red Lion that without that, they could not hinder the speech of media companies. So, the idea that you can just apply similar regulations to the internet is just fundamentally clueless. The internet is not publicly owned spectrum licensed to anyone.

While Section 230 perpetuates an illusion that today’s social media companies are common carriers like the phone companies, they are not. Unlike Ma Bell, they curate the content they transmit to users

Again, it appears the Professor is wholly unaware of Section 230 and how it works. The authors of Section 230 made it clear over and over again that they wrote 230 to be the opposite of common carriers. No one who supports Section 230 thinks it makes platforms into common carriers, because it does not. The entire point was to free up companies to choose how to curate content, so as to allow those companies to craft the kinds of communities they wanted. They only people claiming the “illusion” of common carrierness are those who are trying to destroy Section 230.

So there is no “illusion” here, unless you don’t understand what you’re talking about.

The repeal of Section 230 would also be a step in the right direction in addressing what are presently severe power imbalances between government and corporate power in shaping democratic life. It would also shine a spotlight on a globally disturbing fact: the overwhelming majority of global social media is currently in the hands of one man (Mark Zuckerberg), while nearly half the people on earth have a Meta account. How can that be a good thing under any scenario for the free exchange of ideas?

I mean, we agree that it’s bad that Meta is so big. But if you remove Section 230 (as Meta itself has advocated for!), you help Meta get bigger and harm the competition. Meta has a building full of lawyers. They can handle the onslaught of lawsuits that this would bring (as Stanger herself gleefully cheers on). It’s everyone else, the smaller sites, such as the decentralized players (not DAOs) who would get destroyed.

Mastodon admins aren’t going to be able to afford to pay to defend the lawsuits. Bluesky doesn’t have a building full of lawyers. The big winner here would be Meta. The cost to Meta of removing Section 230 is minimal. The cost to everyone trying to eat away at Meta’s marketshare would be massive.

The new speech is governed by the allocation of virality in our virtual public square. People cannot simply speak for themselves, for there is always a mysterious algorithm in the room that has independently set the volume of the speaker’s voice. If one is to be heard, one must speak in part to one’s human audience, in part to the algorithm. It is as if the constitution had required citizens to speak through actors or lawyers who answered to the Dutch East India Company, or some other large remote entity. What power should these intermediaries have? When the very logic of speech must shift in order for people to be heard, is that still free speech? This was not a problem foreseen in the law.

I mean, this is just ahistorical nonsense. Historically, most people had no way to get their message out at all. You could talk to your friends, family, co-workers, and neighbors, and that was about it. If you wanted to reach beyond that small group, you required some large gatekeeper (a publisher, a TV or radio producer, a newspaper) to grant you access, which they refused for the vast majority of people.

The internet flipped all that on its head, allowing anyone to effectively speak to anyone. The reason we have algorithms is not “Section 230” and the algorithms aren’t “setting the volume,” they came in to deal with the simple fact that there’s just too much information, and it was flooding the zone. People wanted to find information that was more relevant to them, and with the amount of content available online, the only way to manage that was with some sort of algorithm.

But, again, the rise of algorithms is not a Section 230 issue, even though Stanger seems to think it is.

Getting rid of the liability shield for all countries operating in the United States would have largely unacknowledged positive implications for national security, as well as the profit margins for US-headquartered companies. Foreign electoral interference is not in the interests of democratic stability, precisely because our enemies benefit from dividing us rather than uniting us. All foreign in origin content could therefore be policed at a higher standard, without violating the first amendment or the privacy rights of US citizens. As the National Security Agency likes to emphasize, the fourth amendment does not apply to foreigners and that has been a driver of surveillance protocols since the birth of the Internet. It is probable that the Supreme Court’s developing first amendment jurisprudence for social media in a post-230 world would embrace the same distinction. At a stroke, the digital fentanyl that TikTok represents in its American version could easily be shut down, and we could through a process of public deliberation leading to new statutory law collectively insist on the same optimization targets for well-being, test scores, and time on the platform that Chinese citizens currently enjoy in the Chinese version of TikTok (Douyin)

Again, this is a word salad that is mostly meaningless.

First of all, none of this has anything to do with Section 230, but rather the First Amendment. And it’s already been noted, clearly, that the First Amendment protects American users of foreign apps.

No one is saying “you can’t ban TikTok because of 230,” they’re saying “you can’t ban TikTok because of the First Amendment.” The Supreme Court isn’t going to magically reinvent long-standing First Amendment doctrine because 230 is repealed. This is nonsense.

And, we were just discussing what utter nonsense it is to claim that TikTok is “digital fentanyl” so I won’t even bother repeating that.

There might also be financial and innovation advantages for American companies with this simple legislative act. Any commercial losses for American companies from additional content moderation burdens would be offset by reputational gains and a rule imposed from without on what constitutes constitutionally acceptable content. Foreign electoral interference through misinformation and manipulation could be shut down as subversive activity directed at the Constitution of the United States, not a particular political party.

This part is particularly frustrating. This is why internet companies already moderate. Stanger’s piece repeatedly seems to complain both about too little moderation (electoral interference! Alex Jones!) and too much moderation (algorithms! dastardly Zuck deciding what I can read!).

She doesn’t even seem to realize that her argument is self-contradictory.

But, here, the supposed “financial and innovation advantages” from American companies being able to get “reputational gains” by stopping “misinformation” already exists. And it only exists because of Section 230. Which Professor Stanger is saying we need to remove to get the very thing it enables, and which would be taken away if it were repealed.

This whole thing makes me want to bang my head on my desk repeatedly.

Companies moderate today to (1) make users’ experience better and (2) to make advertisers happier that they’re not facing brand risk from having ads appear next to awful content. The companies that do better already achieve that “reputational benefit,” and they can do that kind of moderation because they know Section 230 prevents costly, wasteful, vexatious litigation from getting too far.

If you remove Section 230, that goes away. As discussed above, companies then are much more limited in the kinds of moderation they can do, which means users have a worse experience and advertisers have a worse experience, leading to reputational harm.

Today, companies already try to remove or diminish the power of electoral interference. That’s a giant part of trust & safety teams’ efforts. But they can really only do it safely because of 230.

The attention-grooming model fostered by Section 230 leads to stupendous quantities of poor-quality data. While an AI model can tolerate a significant amount of poor-quality data, there is a limit. It is unrealistic to imagine a society mediated by mostly terrible communication where that same society enjoys unmolested, high-quality AI. A society must seek quality as a whole, as a shared cultural value, in order to maximize the benefits of AI. Now is the best time for the tech business to mature and develop business models based on quality.

I’ve read this paragraph multiple times, and I still don’t know what it’s saying. Section 230 does not lead to an “attention-grooming model.” That’s just how society works. And, then, when she says society must seek quality as a whole, given how many people are online, the only way to do that is with algorithms trying to make some sort of call on what is, and what is not, quality.

That’s how this works.

Does she imagine that without Section 230, algorithms will go away, but good quality content will magically rise up? Because that’s not how any of this actually works.

Again, there’s much more in her written testimony, and none of it makes any sense at all.

Her spoken testimony was just as bad. Rep. Bob Latta asked her about the national security claims (some of which were quoted above) and we got this word salad, none of which has anything to do with Section 230:

I think it’s important to realize that our internet is precisely unique because it’s so open and that makes it uniquely vulnerable to all sorts of cyber attacks. Just this week, we saw an extraordinarily complicated plot that is most likely done by China, Russia or North Korea that could have blown up the internet as we know it. If you want to look up XZ Utils, Google that and you’ll find all kinds of details. They’re still sorting out what the intention was. It’s extraordinarily sophisticated though, so I think that the idea that we have a Chinese company where data on American children is being stored and potentially utilized in China, can be used to influence our children. It can be used in any number of ways no matter what they tell you. So I very much support and applaud the legislation to repeal, not to repeal, but to end TikToks operations in the United States.

The national security implications are extraordinary. Where the data is stored is so important and how it can be used to manipulate and influence us is so important. And I think the next frontier that I’ll conclude with this, for warfare, is in cyberspace. It’s where weak countries have huge advantages. They can pour resources into hackers who could really blow up our infrastructure, our hospitals, our universities. They’re even trying to get, as you know, into the House. This House right here. So I think repealing Section 230 is connected to addressing a host of potential harms

Nothing mentioned in there — from supply chain attacks like xz utils, to a potential TikTok ban, to hackers breaking into hospitals — has anything whatsoever to do with Section 230. She just throws it in at the end as if they’re connected.

She also claimed that Eric Schmidt has come out in favor of “repealing Section 230,” which was news to me. It also appears to be absolutely false. I went and looked, and the only thing I can find is a Digiday article which claims he called for reforms (not a repeal). The article never actually quotes him saying anything related to Section 230 at all, so it’s unclear what (if anything) he actually said. Literally the only quotes from Schmidt are old man stuff about how the kids these days just need to learn how to put down their phones, and then something weird about the fairness doctrine. Not 230.

Later, in the hearing, she was asked about the impact on smaller companies (some of which I mentioned above) and again demonstrates a near total ignorance of how this all works:

There is some concern, it’s sometimes expressed from small businesses that they are going to be the subject of frivolous lawsuits, defamation lawsuits, and they can be sued out of business even though they’ve defamed no one. I’m less concerned about that because if we were to repeal section (c)(1) of Section 230 of those 26 words, I think the First Amendment would govern and we would develop the jurisprudence to deal with small business in a more refined way. I think if anything, small businesses are in a better position to control and oversee what’s on their platforms than these monolithic large companies we have today. So with a bit of caution, I think that could be addressed.

The First Amendment always governs. But Section 230 is the “more refined way” that we’ve developed to help protect small businesses. The main function of Section 230 is to get cases, that would be long and costly if you had to defend them under the First Amendment, tossed out much earlier at the motion to dismiss stage. Literally that’s Section 230’s main purpose.

If you had to fight it out under the First Amendment, you’re talking about hundreds of thousands of dollars and a much longer case. And that cost is going to lead companies to (1) refuse to host lots of protected content, because it’s not worth the hassle, and (2) be much more open to pulling down any content that anyone complains about.

This is not speculative. There have been studies on this. Weaker intermediary laws always lead to massive overblocking. If Stanger had done her research, or even understood any of this, she would know this.

So why is she the one testifying before Congress?

I’ll just conclude with this banger, which was her final statement to Congress:

I just want to maybe take you back to the first part of your question to explain that, which I thought was a good one, which is that we have a long history of First Amendment jurisprudence in this country that in effect has been stopped by Section 230. In other words, if you review, if you remove (c)(1), that First Amendment jurisprudence will develop to determine when it is crime fire in a crowded theater, whether there’s defamation, whether there’s libel. We believe in free speech in this country, but even the First Amendment has some limits put on it and those could apply to the platforms. We have a strange situation right now if we take that issue of fentanyl that we were discussing earlier, what we have right now is essentially a system where we can go after the users, we can go after the dealers, but we can’t go after the mules. And I think that’s very problematic. We should hold the mules liable. They’re part of the system.

Yeah. So. She actually went to the whole fire in a crowded theater thing. This is the dead-on giveaway that the person speaking has no clue about the First Amendment. That’s dicta from a case from over 100 years ago, in a case that is no longer considered good law, and hasn’t been in decades. Even worse, that dicta came in a case about jailing war protestors.

She also trots out yet another of Ken “Popehat” White’s (an actual First Amendment expert) most annoying tropes about people opining on the First Amendment without understanding it: because the First Amendment has some limits, this new limit must be okay. That’s not how it works. As Ken and others have pointed out, the exceptions to the First Amendment are an established, known, and almost certainly closed set.

The Supreme Court has no interest in expanding that set. It refused to do so for animal crush videos, so it’s not going to magically do it for whatever awful speech you think it should limit.

Anyway, it was a shame that Congress chose to hold a hearing on Section 230 and only bring in witnesses who hate Section 230. Not a single witness who could explain why Section 230 is so important was brought in. But, even worse, they gave one of the three witness spots to someone who was spewing word salad level nonsense, that didn’t make any sense at all, was often factually incorrect (in hilariously embarrassing ways), and seemed wholly unaware of how any relevant thing worked.

Do better, Congress.

❌