SEO Werkt!

By now, you have probably heard about the Liberator, a 3D printed plastic gun designed, assembled, and test-fired by Cody Wilson of Defense Distributed. Is it legal?

Last week, the State Department’s arms export office demanded that Defense Distributed remove CAD files for the Liberator from its website. Defense Distributed complied with the takedown letter right away, despite strong language on its website promising it would be “a home for fugitive information” and “No object file will be censored unless it is malicious software.” Predictably, it didn’t take long for the CAD files to make their way to BitTorrent, where they’ll be available forever.

Angle 1: Arms Control

It’s worth reading the letter from the State Department, which is only two and a half pages long. In a nutshell, the letter demands the takedown while it decides whether publishing firearms-related CAD files online violates ITAR. ITAR, which stands for the International Traffic in Arms Regulations, are rules that the State Department promulgated under the Arms Export Control Act. One part of ITAR is the United States Munitions List, which is a master list of products and technologies that can’t be exported without prior government approval under a licensing system. Because Defense Distributed didn’t seek an export license, there’s a problem.

Are CAD files munitions? The State Department believes the Liberator files fall under the Category I of the US Munitions List, which covers firearms and related “technical data.” Section 120.10 of ITAR says “technical data” includes “blueprints, drawings, photographs, plans, instructions or documentation” about “the design, development, production, manufacture, assembly, operation, repair, testing, maintenance or modification of defense articles” — so that appears to cover CAD files for guns.

Unsurprisingly, Defense Distributed is already saying (melodramatically) that it will fight the takedown demand: “It seems we may have to have our rights declared in court to simply keep developing gun files to put into the public domain. DD’s right to exist is being challenged.”

What will probably happen next is that Defense Distributed will apply for an export license, which the State Department will deny, and Defense Distributed will sue to get a judge to issue an order that the State Department can’t block it — and that is where things will get interesting.

Angle 2: Gun Control Laws

Because the Liberator is made mostly of plastic, Defense Distributed also has to contend with the Undetectable Firearms Act. This law, first passed in 1988 and renewed in 2003, makes it illegal to “manufacture, import, sell, ship, deliver, possess, transfer, or receive” any firearm that can’t be detected by x-ray machines. Gunsmiths with a federal firearms license (Wilson has one) can build guns to test them for compliance, but other than that, undetectable guns are completely contraband. Wilson packaged the CAD files with detailed instructions, including an admonition to DIYers to include a block of metal in a hole specifically included in the design for that purpose. It’s up to the person doing the printing to comply, though. If you don’t put the metal block in, you could be in big trouble. It is probably just a matter of days until the ATF or FBI start knocking on the doors of people who’ve already started posting pictures of their 3D printed guns online.

Notably, the Undetectable Firearms Act bans the atoms, but not the bits: you can possess CAD files for an undetectable firearm without violating it. That’s an easy legislative patch, but it will  run into free speech problems.

Angle 3: First Amendment Meets Second Amendment

I predict the Constitutional wrangling will focus on the First Amendment, not the Second. (For foreign readers, the First Amendment to the US Constitution provides extremely strong protections for citizens’ freedom of speech, and the Second Amendment provides a right “to keep and bear arms” — although the language is a mess and reasonable people disagree on how to interpret it.) This is going to spawn some strange bedfellows: I would not be surprised to see the NRA and ACLU on the same side in this fight.

Why is this a First Amendment case? One of the issues is whether the government can prevent citizens from publishing gun blueprints. A big gateway question, though, is how to characterize Defense Distributed’s CAD files in the first place. Is a CAD file expressive speech that should be protected, or a functional thing that should be regulated? This distinction is important because the government has tremendous power to regulate things, but far less power to regulate speech. When courts first started to come to grips with software, they came out on the side of protecting it as speech despite its functional aspects, but they might view 3D printing files differently because when you “run” them, you get things.

President Clinton’s Executive Order No. 13026 relaxing the crypto ban (more on that below) recognized the speech–functionality distinction:

Because the export of encryption software, like the export of other encryption products described in this section, must be controlled because of such software’s functional capacity, rather than because of any possible informational value of such software…

In addition to the CAD files themselves, there is also Wilson’s act of publishing them. Is the act of publishing a functional gun blueprint speech? Two Supreme Court free speech cases give a partial roadmap.

The first is United States v. O’Brien, in which the Supreme Court upheld a criminal conviction for burning a draft card. The Court found the defendant’s conduct was expressive, but still upheld his conviction because the law under which he was prosecuted — a prohibition on destroying draft cards — had justifiable military purposes that outweighed his free speech right. One could see courts today taking a similar path by finding that the government’s interest in controlling the flow of firearms and military information outweighs Defense Distributed’s right to publish gun design files.

The other is the Pentagon Papers case, New York Times v. United States. There, the New York Times sought to publish damning internal Pentagon documents about the Vietnam War. Even though the material was directly related to national security, the Court allowed the New York Times to go forward, finding the newspaper’s speech interest was greater than the government’s interest in preserving the confidentiality of classified information. The case helps Defense Distributed to the extent it struck down a prior restraint on speech, but publishing proof-of-concept plastic pistol blueprints is not in the same league as exposing government misconduct.

The Crypto Cases

This isn’t the first time courts have had to sort out the mess when innovation hurtled into arms control law and the First Amendment. The US Munitions List used to cover a wide range of cryptography software, a restriction only relaxed in 1996 by an Executive Order by President Clinton — who, even then, perhaps, realized the futility of censoring the spread of code. Before that, though, PGP creator Phil Zimmerman was criminally investigated, but never charged, for violating ITAR. The issue made its way to the courts in 1997 in Bernstein v. US Department of State, where Daniel Bernstein, a UC Berkeley computer science researcher, sued to be allowed to publish his cryptography research, which included working code. Judge Marilyn Hall Patel of the U.S. District Court for the Northern District of California found that it was unconstitutional for the government to prevent Bernstein from publishing his crypto software. Judge Patel held that blocking Bernstein’s publication amounted to a prior restraint on his speech that violated the First Amendment.

Defense Distributed will likely follow Bernstein’s path. The State Department’s takedown demand probably qualifies as a prior restraint, to which courts are incredibly hostile. But the ability to download a file, press “Print,” and have gun parts come out could also tip some judges toward calling gun CAD files functional things and allowing the government to regulate them.

Just Because You Can Doesn’t Mean You Should

There’s more to this than law, however. There is also ethics and common sense. Even if you can publish 3D-printable gun blueprints, should you? What are the consequences of doing it?

Nobody in the 3D printing industry is going to thank Wilson for bringing heat from the State Department and Congress. Wilson’s stunt could well lead to new restrictions and regulations on the nascent digital manufacturing industry, even before it has had a chance to figure things out for itself. (Scaremongers like these clowns won’t help either.) And for what? The Liberator isn’t about to liberate anybody — it will probably melt or explode after one or two shots. Given the Bernstein case, even if he wins, Wilson may not even be breaking any new legal ground.

The U.S. House Judiciary Committee will conduct a comprehensive review of U.S. copyright law over the coming months, the committee’s chairman, Bob Goodlatte (R-Va.), announced today.

Copyright law in the U.S. was created in 1790, edited in 1831, updated in 1909 for “motion pictures,” and extended to unpublished works in 1976. Which means, according to the current Register of Copyright Maria Pallante, who leads the U.S. Copyright Office, that it is high time for an update.

“We always love it when law is brought up to speed with technology,” Josh Mendelsohn of Silicon Valley’s political advocacy organization Engine.is. “Hopefully we’ll get some some good legislation out of it.”

The review is welcomed by those looking for more freedom and less corporate control over the very stuff of our culture: digital content.

“This is great news for groups like my own, the EFF, and Public Knowledge,” Sina Khanifar, who led the White House cellphone unlocking petition drive and sees this as an opportunity to address the DMCA at the same time. “We’ll be pushing strongly for comprehensive Section 1201 reform via a grassroots campaign at FixtheDMCA.org. The DMCA’s unintended consequences on our rights to modify and repair the electronics we buy, and to remix and make fair use of copyright content could easily be fixed as part of a larger Copyright reform act.”

Whether that actually happens is subject to long months of debate and discussion. But Rep. Goodlatte said in a press release that “there is little doubt” the current copyright system is challenged by new technology, and that a wide review of copyright laws — and related enforcement mechanisms — is needed.

That’s precisely what Pallante, who had testified before the House Judiciary Committee last month, said in a recent lecture on the state of copyright law. She also addressed the need for reviewing the DMCA and its application. Corporations have used the DMCA to take down links, because the DMCA says that content-sharing and social services are responsible for the content their users post.

“The next great copyright act must … serve the public interest,” she wrote. “It must confirm and rationalize … the ability of authors and their licensees to control and exploit their creative works, whether content is distributed on the street or streamed from the cloud.”

The public interest part sounds hopeful to those who want greater freedom for users when it comes to digital content and digital devices — not so much the control and exploitation bits. But those two sides, of course, will form the basis of the battleground.

“We know the movie and music industries have been spending lots of resources on this,” Engine’s Mendelsohn told me, referencing two combatants likely to be on the control side at the coming hearings. “But we in the tech community have spent a lot of time on this as well, and now we are part of the process.”

“There is much work to be done,” Rep. Goodlatte said.

Indeed.

photo credit: opensourceway via photopin cc

Filed under: Business, Dev, Enterprise, Media, VentureBeat

[Editor's Note: This turned a bit rambly and I'm definitely out of my zone talking about the law, so feel free to skip if you're not up for a non-lawyers opinion on the law after reading two articles about it.]

Sorry, but I’ve got some time this morning and, like many of you I’m sure, I’m spending it reading as much as I can about yesterday’s situation in Boston. If you were watching TV while the second suspect, Dzhokhar Tsarnaev, was found or listening later during the press conference, the question of whether he would be/was read his Miranda rights came up. In the moments after the capture there was some confusion, which was eventually cleared up during the press conference when the US Attorney Carmen Ortiz confirmed that he had not been read his Miranda rights under the “public safety” exception. I, like most I’d imagine, had never heard of the public safety exception before yesterday (or spent much time thinking about Miranda rights, to be honest).

Slate had an excellent explanation of what happened and why it’s a dangerous precedent:

And so the FBI will surely ask 19-year-old Tsarnaev anything it sees fit. Not just what law enforcement needs to know to prevent a terrorist threat and keep the public safe but anything else it deemed related to “valuable and timely intelligence.” Couldn’t that be just about anything about Tsarnaev’s life, or his family, given that his alleged accomplice was his older brother (killed in a shootout with police)? There won’t be a public uproar. Whatever the FBI learns will be secret: We won’t know how far the interrogation went. And besides, no one is crying over the rights of the young man who is accused of killing innocent people, helping his brother set off bombs that were loaded to maim, and terrorizing Boston Thursday night and Friday. But the next time you read about an abusive interrogation, or a wrongful conviction that resulted from a false confession, think about why we have Miranda in the first place. It’s to stop law enforcement authorities from committing abuses. Because when they can make their own rules, sometime, somewhere, they inevitably will.

This is one of those things where I don’t know quite how to feel. The FBI has a pretty extensive article on the subject that shed some additional light (I know the FBI is probably not the most balanced outlet for this sort of stuff, but the article is a pretty good and comprehensible look at the history of the law and, also, the FBI is very incentivized to get this stuff right since if they don’t any questions could be thrown out). The public safety exception was apparently introduced in a case where the police were chasing a rapist who, the victim informed them, had a gun. When they cornered him in a grocery he had an empty holster and the police asked where the gun was. The man, Benjamin Quarles, told the police where he hid the gun and they retrieved it. The court excluded the gun because the police had not read Quarles his rights. The ruling was appealed and eventually reached the supreme court, who decided that in situations where public safety was endangered suspects could be questioned without being read their Miranda rights. (I’m not entirely sure why I’m summarizing all this and I’d suggest reading the whole article.)

Anyway, the more interesting case, also mentioned in the FBI piece, seems like a case where the police raided an apartment in Brooklyn where two suspected bombers lived. “During the raid, both men were shot and wounded as one of them grabbed the gun of a police officer and the other crawled toward a black bag believed to contain a bomb. When the officers looked inside the black bag, they saw pipe bombs and observed that a switch on one bomb was flipped.” From there, the police used the public safety exception to question one of the bombers who had not yet been read his rights:

Officers went to the hospital to question Abu Mezer about the bombs. They asked Abu Mezer “how many bombs there were, how many switches were on each bomb, which wires should be cut to disarm the bombs, and whether there were any timers.” Abu Mezer answered each question and also was asked whether he planned to kill himself in the explosion. He responded by saying, “Poof.”

This case seems, at least to me, to be much closer to the root of the question. I don’t really understand how a gun hidden in a supermarket presents a public safety concern since presumably the police could search the market for the gun after arresting the suspect. However, this latter situation, where there was a big bag of bombs, some of them ready to explode, seems like a pretty reasonable time to question someone prior to their rights being read.

What’s interesting about this, though, is the question isn’t really whether you can question someone before their rights are read, since it’s obviously possible (and likely a frequent occurrence). But rather, in what situations can those questions be used in court against the suspect. Here, again, I agree with Slate: If the questions they asked Tsarnaev were about whether he had planted more bombs around Boston, then that’s fair game, but as soon as they move outside that things start to feel a lot less right.

Interesting, the FBI article goes on to explain that Abu Mezer, from the bag of bombs, felt the same way and eventually tried to get his last statement, about whether he intended to kill himself, thrown out:

Abu Mezer sought to suppress each of his statements, but the trial court permitted them, ruling that they fell within the public safety exception. On appeal, Abu Mezer only challenged the admissibility of the last question, whether he intended to kill himself when detonating the bombs. He claimed the question was unrelated to public safety. The circuit court disagreed and noted “Abu Mezer’s vision as to whether or not he would survive his attempt to detonate the bomb had the potential for shedding light on the bomb’s stability.”

Here, without reading the full decision or being a lawyer or knowing anything else about the case, I think I disagree with the court. Seems pretty thin to suggest that the police were given valuable information about the “stability” of the bomb by asking whether he intended to kill himself.

Imagine you are Taylor Grey Meyer and you have worked very hard on acquiring a future in the business of sports. You started at age 15 by volunteering at a minor league team. You’ve interned at a national league team. You’ve acquired a degree in sports commerce and you’re on your way to a law degree. You move to the city where you’d love to work and you send no fewer than 30 resumes in for various roles, eventually dropping into the “entry level” category, just in case. They reject you there, too.

And then you get a letter asking you if you want to PAY for a camp that will teach you more about the sports business from the very same organization.

That’s exactly what happened.

The Article Above Is Required Reading Before We Talk Further

If you skipped over that link, you should read it and then come back. It’s okay. I’ll wait.

What’s interesting to me is that most people’s reactions were in the vein of “I wouldn’t hire her” and “Oh, she just burned all her bridges.” I’m stuck. Because I understand how it’s not professional to ask prospective employers to suck one’s dick (doubly interesting because Taylor’s a female), but I also know that she must be so frustrated, and that by pointing out all her qualifications, it’s even more obvious that she’d had enough.

To me, she’s got a lot of guts and character and she’s clearly passionate. She just found the end of her rope is all. But that’s the real question, isn’t it?

Would You Hire This Person?

Most people disqualified her because she lost her cool. Others disqualified her because she cursed. Me? I think her only sin is that she kept trying to send resumes instead of looking for another way to land the role she sought. To me, the problem isn’t that she’s ballsy, not that she swore, but that she wasn’t inventive enough to try something other than mailing pieces of paper and/or pixels to a company that was ignoring her.

Have you tried everything to get where you want to go? The answer is almost always no. We have such creative brains, and yet, we forget to use them when we get stuck in the Matrix of what is “typical.”

I’m not counting Taylor Grey Meyer out, but I’m definitely saying she is invited to get a lot more creative with her attempts to find a sports organization worthy of her qualifications and talents.

What say you?

Etsy, the uber-cool marketplace for all things handmade and vintage, has put its intricately crocheted foot down: no more selling body parts. Or bodily fluids. Hair and teeth, however, are still allowed.

The eBay for unique goods marketplace has grown dramatically recently, pulling in $525 million in sales last year. When startups grow, challenges are inevitable, and one of them is ensuring that the company’s culture and vision survive.

Source: Etsy

Charming “Human Teeth Bracelet,” by Deathany97

So Etsy laid down the law this past week, updating its prohibited items list.

Definitely out are skulls, bones, skeletons, and bodily fluids. Preserved tissues or organs are verboten too, so that freakishly awesome white devil scalp you inherited from your ancestors will just have to stay in the family a little longer.

Teeth continue to be kosher however, so you will still be able to purchase this tasteful Human Teeth Bracelet from the cheerfully-named up-and-coming artiste Deathany97.

For some reason, drugs are also not something Etsy wants to sell. (Probably a non-compete contract with stealth-mode South American entrepreneurs.)

That includes drug paraphernalia such as hash skillets and tobacco products. But tobacco pipes are still allowed, provided they do not have carburetors.

(Google helpfully informed me that a pipe carburetor has absolutely nothing to do with a internal combustion engine.)

Speaking of which, Etsy does not want to sell your motor vehicle, boat, or RV. And hazardous materials such as mercury, matches, and lighter fluid are out too.

Cool cat nap his-and-hers pillowcases? Still absolutely and defiantly in.

Source: Etsy

His-and-hers cat nap pillowcases

Image credit: DM7/ShutterStock

Filed under: offBeat, social, VentureBeat

The latest WikiLeaks release has shone a spotlight on an alleged domestic and foreign surveillance program run with cloud-based software provided by Texas company TrapWire, many of whose top leaders and employees are former members of three-letter American intelligence agencies.

WikiLeaks tweeted about it today, and the story quickly became a trending topic on Twitter:

WikiLeaks reveal secret, widespread #TrapWire surveillance system | RT rt.com/usa/news/strat… #WikiLeaks #gifiles

—
WikiLeaks (@wikileaks) August 10, 2012

TrapWire produces software that is currently in use by Homeland Security, the military, U.S. intelligence agencies, and local police forces including the LAPD and the Metropolitan Police Department in Washington, DC (whose chief recently praised the software). Private sector clients include major corporations in the energy, chemical, and financial industries.

TrapWire does three things: protect critical infrastructure by analyzing CCTV footage with face and pattern recognition algorithms to detect pre-attack patterns, provide online reporting systems for citizens to report suspicious behavior, and gather and analyze many sources of information to allow law enforcement to make sense of the masses of collected data.

If TrapWire does what it is intended to, it’s potentially a critical innovation that can help protect the U.S. from terrorism. Tying together disparate facts from multiple sources across geographies might have prevented 9-11. On the other hand, the secrecy, the integration with government, and the thought that a private corporation could have access to huge amounts of private citizens’ data is concerning to say the least.

The data WikiLeaks released was taken from more than five million emails allegedly stolen from a company with close ties and inside information about TrapWire, security information company Stratfor. Stratfor had a contract with TrapWire in which each company agreed to promote the other company’s products, and Stratfor agreed to feed its intelligence reports into the TrapWire system.

Then Stratfor was hacked by Anonymous in 2011, and Anonymous provided the emails to WikiLeaks.

In those emails, Stratfor says that TrapWire is in use in “Scotland Yard, #10 Downing, the White House, and many [multinational corporations].” Another talks about the Nigerian government being interested in TrapWire, and others imply that organizations as diverse and powerful as the Secret Service, MI5, and the Canadian RCMP are all clients.

And yet another leaked email from Fred Burton, Stratfor’s CEO, says “God Bless America. Now they have EVERY major [high-value target] in [the continental U.S.], the UK, Canada, Vegas, Los Angeles, NYC as clients.”

TrapWire was not always so secretive about its software. Company founder Richard Hollis spoke about the software in 2005, say that it:

 … can collect information about people and vehicles that is more accurate than facial recognition, draw patterns, and do threat assessments of areas that may be under observation from terrorists. The application can do things like “type” individuals so if people say “medium build,” you know exactly what that means from that observer.

And in 2007, the company elaborated on how TrapWire works:

 … the TrapWire rules engine analyzes each aspect of [reported security incidents] and compares it to all previously-collected reporting across the entire TrapWire network. Any patters detected — links among individuals, vehicles, or activities — will be reported back to each affected facility. This information can also be shared with law enforcement organizations …

The question becomes: Where does national security start and the public’s right (or need) to know end? And, to what extent should private companies be embedded in public surveillance?

Even tougher: does our security depend, at least in part, on our ignorance? Because if we learn about anti-terrorism methodologies, you can bet the bad guys do too.

There is as yet no statement from Stratfor, TrapWire Inc., or any of the named public security agencies.

Image credit: ShutterStock/Steven Finn

Filed under: cloud, security, VentureBeat

It was discovered Thursday that Samsung lawyer Susan Estrich represented the company in Apple v. Samsung despite not having the proper license to practice law in the suit’s jurisdiction of the Northern District of California, a mistake seen as yet another gaffe in the South Korean company’s case management.

Before logging into Diablo 3, Starcraft II, or World of Warcraft this evening, you may want to change your Battle.net password. Video game publisher Blizzard was hacked this week, and the company says its security team is currently working with law enforcement to figure out who is behind the breach.

“Even when you are in the business of fun, not every week ends up being fun,” said Blizzard cofounder Mike Morhaime in a statement. “We take the security of your personal information very seriously, and we are truly sorry that this has happened.”

The damage includes a number of e-mails stolen for Battle.net players outside of China. Battle.net is the online system that contains a Blizzard player’s profile and also hosts online games. The Activision-owned company says that those on its North American servers are affected as well, which encompasses North America, Latin America, Australia, New Zealand, and Southeast Asia. For these account holders, hackers grabbed answers to personal security questions and breached the Authenticator devices that players use to add two-factor authentication to their accounts.

Blizzard suggests that players on the North American servers change their passwords, especially if those passwords were used for other online accounts. We think all Blizzard players should change their passwords as the company continues to dig into what was breached.

North American server players will be prompted to change their security questions as well in the coming weeks. A tip from GamesBeat Editor in Chief Dan “Shoe” Hsu: Don’t answer security questions honestly. Hackers can easily social engineer their way into finding out your security question answers. If the information on your Facebook account is public, you’ve done half the work for them. Coming up with fake answers puts an extra barrier between you and the criminal.

Blizzard was last hacked in May when criminals stole game items and currency. At the time some thought the hack was the result of a SQL injection attack.

Blizzard set up an FAQ regarding the hack, which can be found here.

Image via dailylifeofmojo/Flickr

Filed under: games, security

It’s a little known fact that Isaac Asimov’s Three Laws of Robotics is missing a law: The robot shall be able to do Tai Chi. Thankfully, there’s the Hovis Eco, a tiny, plastic-clad humanoid robot by Dongbu Robot.

The robots cost $900 for the plastic clad version (the Eco) and $730 for the more barebones model below. They are programmable and can move and dance at your command. You can check them out here.

You can upgrade your wee fellows with servos, a new head unit, and optional sensors. The Eco weighs about four pounds and is 16 inches tall. Almost a thousand smackers is a little much for a little robot that can do martial arts moves, but who knows – maybe you can teach it to bring you a beer or something.

via PlasticPals

Google is about to write a very big check to the Federal Trade Commission.

The company has agreed to pay a $22.5 million fine, the largest one imposed by the FTC on a single company.

The fine comes after Google was charged with violating a 2011 agreement with the FTC by installing tracking cookies in Apple’s Safari browser. According to the agreement, Google wasn’t allowed to misrepresent to consumers how it collected user data. But by installing the tracking cookies the FTC alleges that Google did just that.

Reports of the settlement emerged last month, though at the time it wasn’t clear whether Google would agree to pay it.

Not an indication that Google violated the law, nor a particularly large amount of money, the fine is meant to send a clear message to companies under FTC supervision.

“No matter how big or small, all companies must abide by FTC orders against them and keep their privacy promises to consumers, or they will end up paying many times what it would have cost to comply in the first place,” FTC Chairman Jon Leibowitz said in a statement.

Basically, the FTC wants companies to know that it has some teeth, and that it plans to take agreement violations very seriously in the future.

Echoing previous responses verbatim, a Google spokesperson told VentureBeat that Google is dedicated to setting high standards of privacy and security for its users.

“We have now changed that page and taken steps to remove the ad cookies, which collected no personal information, from Apple’s browsers,” the spokesperson said.

Filed under: VentureBeat