Search results for "sopa"

Testifying on Cybersecurity Legislation

The Senate’s big cybersecurity bill has finally surfaced officially, and the hearing will be tomorrow at 2:30 DC time in front of the Homeland Security and Government Affairs Committee. After Sen. Rockefeller and Sec. Napolitano, I’ll be part of a panel that includes Gov. Tom Ridge, Scott Charney of Microsoft, and Jim Lewis of the Center for Strategic and International Studies.

Here’s the first few pages of my prepared testimony. The rest is up on Skating on Stilts, for those who just have to see my take on how to draft cybersecurity emergency authorities.

Mr. Chairman, Ranking Member Collins, members of the committee, it is an honor to testify before you on such a vitally important topic. I have been concerned with cybersecurity for two decades, both in my private practice and in my public service career, as general counsel to the National Security Agency and, later, to the Robb-Silberman commission that assessed U.S. intelligence capabilities on weapons of mass destruction, and, more recently, as assistant secretary for policy at the Department of Homeland Security. In those two decades, security holes in computer networks have evolved from occasionally interesting intelligence opportunities into a full-fledged counterintelligence crisis. Today, network insecurity is not just an intelligence concern. It could easily cause the United States to lose its next serious military confrontation.

Moore’s Outlaws: The Exponential Growth of the Cybersecurity Threat

Our vulnerabilities, and their consequences, are growing at an exponential rate. We’ve all heard of Moore’s Law. What we face today, though, are Moore’s outlaws: criminals and spies whose ability to penetrate networks and to cause damage is increasing exponentially thanks to the growing complexity, vulnerability, and ubiquity of insecure networks. If we don’t do something, and soon, we will suffer network failures that dramatically change our lives and futures, [...]

Continue Reading 29

A Milestone Week for the Net

Well, that was interesting!

Wednesday’s day of protest marks, I believe, a profoundly important turning-point in the history of the Net and of its place in human society. Several months ago, in one of my many periodic rants about the dreadful, unconstitutional, and repellant features of the intellectual property laws introduced into this session of Congress (SOPA and Protect-IP), I wrote:

The IP bills that Congress now has before it . . . are deep and profound threats to the Net and to our freedom on the Net. If anyone has good ideas about how to fight back other than to stand on the street-corner, as I am doing now, and shouting to the rooftops, I’d be interested to hear them.

I co-authored (with Mark Lemley and Dave Levine) a “Law Professors’ Letter of Opposition,” and I’ve blogged about it a number of times before (as have others), . But I’m going to keep at it because this is an issue that really needs more public traction than it is getting. I’m not going to stand here and say that this law will destroy the Internet as we know it, although I actually believe that to be true. I’m not going to say it, because predicting the future is impossible and I like to avoid doing it in public — though, like all of us, I have my own beliefs about what the future will bring. So I’ll put that aside and focus on the principles at stake; even if the damned thing weren’t going to destroy the Net as we know it, it is of surpassing ugliness, and if you care about freedom and liberty, you’ll agree with me.

What’s most gratifying about the events of the last couple of days — and I assume that you don’t need [...]

Continue Reading 0

Talk About Scale!

So here’s the most interesting thing I’ve come across in 2012**. . . As anyone who reads what I write here or elsewhere knows, I am obsessed with trying to understand Internet scale. I am convinced — and it was Jefferson, interestingly enough, who convinced me — that it is simply impossible to understand any questions about Internet law and policy without considering the extraordinary and unprecedented magnitude of Internet activity. The TCP/IP network had to solve a number of very profound scaling problems before it could perform the tasks it now performs — 700,000 Google searches, 11 million IM conversations, 1 million Facebook status updates, etc. etc., every minute of every day, more content posted to YouTube every month (probably, by now, every 3 weeks or so) than the combined output of all US television networks since their inception in the 1940s, etc. — and the idea that our legal system, and the 19th and 20th century tools it contains, can somehow magically “scale up” to work well on the Net is, frankly, laughable — though I try to keep a straight face when respected colleagues and friends propound it.

It’s why the current brouhaha about the “Stop Online Piracy Act” (SOPA) (see my previous posts here and here) is so important. The regulators have started to understand scale, and the solutions they’ve come up with — law enforcement via the domain name system — is positively chilling. If that’s the best we can do, we’re in trouble.

** Actually, it’s not the most interesting thing I’ve come across in 2012; the most interesting thing I’ve come across in 2012 is here.

[and thanks to J. Lewis for the pointer] [...]

Continue Reading 41

Code is Law

In light of the recent controversy (to which I’ve added my voice, here on VC and elsewhere) about Congress’ flirtation, in the Stop Online Piracy Act (SOPA) and similar bills, with various Internet-killing schemes at the behest of the intellectual property lobby, here comes the development of a Firefox extension, DeSopa 1.1, designed expressly to assist users who want to access websites whose URLs have been “blacked out” by SOPA-authorized court orders:

This program is a proof of concept that SOPA will not help prevent piracy. The program, implemented as a Firefox extension, simply contacts offshore domain name resolution services to obtain the IP address for any desired website, and accesses those websites directly via IP. Similar offshore resolution services will eventually maintain their own cache of websites, without blacklisting, in order to meet the demand created by SOPA.

It’s certainly an interesting concept, and illustrates one (though only one) of the objections to SOPA’s DNS-based enforcement scheme, viz. that it will be relatively easy for anyone with even a bit of technical expertise to circumvent the SOPA orders.

While I applaud the efforts, the developer (Tamar Rizk) should be aware of one of the provisions of SOPA (available here – see p. 20 for the provision quoted below), which provides that:

To ensure compliance with orders issued under this section, the Attorney General may bring an action for injunctive relief—
. . . (ii) against any entity that knowingly and willfully provides or offers to provide a product or service designed or marketed by such entity or by another in concert with such entity for the circumvention or bypassing of measures described in paragraph (2) and taken in response to a court order issued under this subsection, to enjoin such entity from interfering with the order by

[...]
Continue Reading 36

Stopping the Stop Online Piracy Act

In several recent postings (here and here, for example) I called on all interested persons to come to the Internet’s defense against a spate of truly dreadful bills now making their way through Congress (the “Protect IP Act” and SOPA, the “Stop Online Piracy Act”). Larry Downes, always a thoughtful voice on tech matters, has an interesting piece in Forbes about the rather astonishing outcry that the bills have engendered. As someone who’s been doing Internet law for almost 20 years, I can’t remember any issue galvanizing public opinion in quite this way since the 1996 “Communications Decency Act” [outlawing “indecency” on the Net — good luck with that!]. It’s quite gratifying, and something of a turning point, I think, in terms of the politics of the Net, and it’s gratifying to have played a small part to help generate the current outcry about these truly egregious bills (Mark Lemley, Dave Levine, and I having written a Law Professors’ Letter in opposition that generated over 100 signatures — and, according to the counter at Scribd.com, has been downloaded over 50,000 times already . . . ) I’m pretty gratified; once I saw the full-page ad in the Times a few weeks ago, signed by Google, eBay, Yahoo, Facebook, AOL, Twitter, Zynga, and several other tech giants, stating their opposition to these bills, I began think we might actually have a good chance of winning this one and saving — seriously — the Internet. I think the copyright interests may look back at this battle and realize that they overstepped; galvanizing Google, Facebook, Twitter, eBay, . . . into action is not going to help their cause much, I don’t think.

[And if you’re not aware of how serious a threat these bills are to the Internet’s technical, [...]

Continue Reading 22

Finding Fault with the Stop Online Piracy Act

Once again, Congress is being asked to make bad rules that will hurt network security, but this time the blame doesn’t fall on the privacy lobby.  This time the booby prize goes to the intellectual property lobby.

Below is an op-ed I wrote for Politico this week on the security consequences of the copyright enforcement bills now on the Hill — PROTECT IP and the Stop Online Piracy Act.  As it happens, the House Judiciary Committee held a hearing on the proposal on Wednesday, when the op-ed appeared, and some of the questioning turned on my op-ed.  Indeed, I gather that it contributed to an unexpectedly ragged performance from Hollywood’s normally smooth witnesses.

Unfortunately, the Politico article was posted behind a paywall.  That’s pretty ironic for an op-ed questioning the value of over-enforcing the copyright laws. So I’m posting it here, too:

Everyone knows that internet security is bad and getting worse.  Recognizing the problem, Congress is hard at work on cybersecurity, with a number of bills on the table.  Ironically, at the very same time, Congress is getting ready to pass a copyright enforcement bill that could kill our best hope for actually securing the internet.

How did that happen?  Let’s start with the internet, where fake websites cost users millions of dollars in fraud losses every year.  Unless we find a better system for locking down website identities, this and other forms of online crime will continue to skyrocket.

It turns out that internet engineers have already designed a system to solve this problem — a set of technical rules that go by the unlovely name of DNSSEC. Under these rules, an Internet website will be given identification credentials by the same company that registers its Internet name.  Thus, when Citibank claims the domain name

[...]
Continue Reading 35

Happy (?) American Censorship Day!

So in response to my call for action — OK, OK, it probably would’ve happened anyway … — a large coalition of free speech and civil groups (Electronic Frontier Foundation, the Center for Democracy and Technology, Public Knowledge, Creative Commons, and others) have declared today to be “American Censorship Day” to protest the spate of bills now pending in Congress that would, as I’ve described elsewhere, set a truly dangerous precedent for US policy towards the Internet. There’s been something resembling an explosion of opposition to these bills — the conservative American Center for Law and Justice, Educause, an adhoc group of educators, a veritable Who’s Who of tech giants, including some companies you might have heard of —AOL, eBay, Facebook, Google, LinkedIn, Mozilla, Twitter, Yahoo, Zynga, a group of over 100 law professors (of which I’m a part), a bipartisan group of ten Congressmen, including Republican Presidential candidate Rep. Ron Paul and Democrat Rep. Zoe Lofgren, a coalition of Research Libraries, and many, many others have taken up the call to oppose this bill. Hearings begin today, and one can only hope that all this activity on the opposition side has made Congress a little more leery than it otherwise might have been to these censorship efforts. More power to them; let’s hope we can stop this very misguided and dangerous attempt to bend the Internet — our Internet, thank you very much — to the wishes and needs of the small community of IP rights holders.

[You can sign a petition against these bills here]

[UPDATE: A coalition of over 80 international and human rights organizations has also joined the chorus against SOPA and its companion bills] [...]

Continue Reading 29

How About Occupy Hollywood?

One of the obvious dangers of the Internet Age is that we’ll be so distracted by everything going on around us – lots of it interesting, complicated, and even important (not to mention all the stuff that’s idiotic and unimportant and fundamentally uninteresting) — that we will fail to recognize the truly important stuff when it comes along.

The IP bills that Congress now has before it — the Senate version of which is known as PROTECT-IP, the House version as SOPA (Stop Online Piracy Act), sometimes known as the “E-Parasite” bill — are deep and profound threats to the Net and to our freedom on the Net. If anyone has good ideas about how to fight back other than to stand on the street-corner, as I am doing now, and shouting to the rooftops, I’d be interested to hear them.

I helped draft a Law Profs Letter in Opposition, and I’ve blogged about it a number of times before, as have others — good places to start if you are unfamiliar with the issue are the EFF site, the CDT site, and Techdirt. But I’m going to keep at it because this is an issue that really needs more public traction than it is getting. I’m not going to stand here and say that this law will destroy the Internet as we know it, though I actually believe that to be true. I’m not going to say it, because predicting the future is impossible and I like to avoid doing it in public — though, like all of us, I have my own beliefs about what the future will bring. So I’ll put that aside and focus on the principles at stake; even if the damned thing weren’t going to destroy the Net as we know it, [...]

Continue Reading 83