Brindle

While the smartphone notch may finally be on its way out, the trend of ditching the 3.5mm headphone jack in favor or audio over USB-C is getting worse with each passing month. With OnePlus kicking the 3.5mm jack to the curb with the unveiling of the OnePlus 6T just a few days ago, a new leak shows that Samsung has similar plans with its upcoming flagship flip phone — the Samsung W2019.

Leaked images of the Samsung W2019 have appeared on Weibo, revealing that Samsung won’t be including a 3.5mm jack on the device. The phone is expected to be powered by a Qualcomm Snapdragon 845 SoC with two 4.2-inch displays, a 3,000 mAh battery, dual-rear cameras, Android Oreo and an aluminum frame. Late last year’s W2018, the new device will also come with a pretty steep price tag of at least 21,999 Yuan ($3,200), making it the most expensive device in Samsung’s smartphone lineup

Samsung’s Android-powered flip phones have never been released in the US, but they appear to be quite popular in markets across Asia. There’s no clear indication that Samsung will be eliminating the 3.5mm headphone jack from next year’s Samsung Galaxy S10, but it’s clear that Samsung willing to remove the traditional headphone jack to make room for other components or simply to reduce manufacturing costs of its devices.

What do you think the chances are that the Samsung Galaxy S10 will not have a 3.5mm headphone jack?

Because nearly everyone carries a tracking device on their person these days, it's become a whole lot easier for the government to find out where everybody's been. It's TinEye but for people, and it appears to be a new go-to tool for law enforcement. What used to be officers canvassing the area where a crime took place is now a warrant sent to Google to obtain location data and identifying info for all people and devices in the area.

These so-called "reverse warrants" first started coming to light earlier this year. The Raleigh Police Department (NC) was serving warrants to Google in hopes of figuring out who to suspect of committing crimes, rather than having a suspect in mind and working forward from there. The warrants were of the "general" variety, guaranteed to give the RPD location/identifying info of hundreds of non-suspects who just happened to be in the area. There's some evidence Google has pushed back against these warrants, but it hasn't been enough to deter law enforcement from continuing to use Google as one-stop shopping to bulk location/identifying info.

This practice isn't limited to the local boys. Thomas Brewster of Forbes has obtained a warrant [PDF] showing the FBI is doing the same thing.

The most recent order on Google, unearthed by Forbes earlier this week, came from the FBI in Henrico, Virginia. They went to Google after four separate robberies in which unidentified, armed individuals entered and stole from the same Dollar Tree store between March and September this year. The manager of the Dollar Tree was also robbed at gunpoint while dropping off money at a Wells Fargo night-deposit box located just down the road from the store.

The warrant asks for location histories held by Google for anyone within three separate areas—including regions around the Dollar Tree store and the Wells Fargo address—during the times and days the five robberies took place. The FBI also wanted identifying information of Google account holders in those areas, two of which had a 375-meter radius. The other had a 300-meter radius.

Since Dollar Tree stores are never found thousands of feet away from other businesses and residences, the information demanded of Google would include hundreds or thousands of innocent people who live or work near the targeted store.

This isn't the way warrants work. Or, at least, this isn't how they're supposed to work. Unfortunately, the FBI's stated probable cause for demanding this info isn't attached to the document Forbes obtained, so it's unclear how the FBI talked a judge into signing off on this. What the returned warrant does show is no records were returned, suggesting Google is pushing back against broad requests for data that appear to be unsupported by probable cause.

While this may be the digital equivalent of canvassing nearby businesses and residences to search for suspects, these orders make compliance compulsory by eliminating the citizenry. It appears the government believes the combination of warrants and third-party data makes gathering info on hundreds or thousands of non-suspects constitutional. The FBI's warrant also came with an indefinite gag order, so no one included in the search radius had any idea federal law enforcement wanted to know who they were or where they'd been.

This search tactic will continue to be deployed until a court puts an end to it. Without more data, it's hard to say how often magistrates approve or reject these reverse warrants. All we know is some warrants have been approved. And in some cases, Google has refused to provide the data. I'm sure law enforcement knows these demands for data aren't completely constitutional, which may be why we haven't seen any agency bring Google to court for refusing to comply. Additional judicial scrutiny isn't going to do these warrants any favors.

Permalink | Comments | Email This Story

Across the state of Georgia (and in other places around the nation), idiots in power are scoring points with the idiots in the electorate by engaging in "for the children" bullshit targeting sex offenders. The Sheriff of Butts County (not a typo) decided to plant signs in the yards of all registered sex offenders, which should ensure only pleasant things happen to parolees following the terms of their release.

As Sheriff, there is nothing more important to me than the safety of your children. This Halloween, my office has placed signs in front of every registered sex offender's house to notify the public that it's a house to avoid. Georgia law forbids registered sex offenders from participating in Halloween, to include decorations on their property. With the Halloween on the square not taking place this year, I fully expect the neighborhoods to be very active with children trick-or-treating. Make sure to avoid houses which are marked with the attached posted signs in front of their residents. I hope you and your children have a safe and enjoyable Halloween. It is an honor and privilege to serve as your sheriff.

(These signs are placed In accordance with Georgia Law O.C.G.A. 42-1-12-i(5) which states the Sheriff shall inform the public of the presence of sexual offenders in each community)

Sheriff Gary Long isn't making anyone safer by doing this, no matter what his self-congratulatory post says. The law he cites doesn't require the placement of signs in sex offenders' yards. If it did, these signs would already be in place and there'd be no reason for Sheriff Long to brag about his pointless waste of time on Facebook.

The state already has a law in place banning sex offenders from decorating their houses, handing out candy to children, or even turning their outside lights on. All of that should be enough to deter trick-or-treaters from visiting sex offenders' residences. The planting of signs is an unjustified additional punishment handed down for specious reasons that provides an opportunity for everyone who agrees with Long's self-serving idiocy to hurl invective, garbage, or whatever else in on hand in the general direction of property bearing these signs.

This won't make the kids safer. A 2009 study showed no spike in sex offender activity around Halloween.

States, municipalities, and parole departments have adopted policies banning known sex offenders from Halloween activities, based on the worry that there is unusual risk on these days. The existence of this risk has not been empirically established. National Incident-Base Reporting System crime report data from 1997 through 2005 were used to examine daily population adjusted rates from 67,045 nonfamilial sex crimes against children aged 12 years and less. Halloween rates were compared with expectations based on time, seasonality, and weekday periodicity. Rates did not differ from expectation, no increased rate on or just before Halloween was found, and Halloween incidents did not evidence unusual case characteristics. Findings were invariant across years, both prior to and after these policies became popular. These findings raise questions about the wisdom of diverting law enforcement resources to attend to a problem that does not appear to exist.

Law enforcement resources are better used ensuring children are safe by patrolling neighborhoods and increasing law enforcement presence in heavily-trafficked areas. Children are hundreds of times more likely to be hit by cars than snagged by a sex offender on Halloween (and, indeed, any day of the year). Additional officers deployed to neighborhoods might also deter something that actually happens far more often on Halloween than other holidays.

According to the National Safety Council, children are more than twice as likely to be hit by a car and killed on Halloween than on any other day of the year. And as for keeping the general pubic safe, vandalism spikes by 24% on Halloween, making it the night with the most vandalism of the year.

Even more absurd than Sheriff Long's plan is Grovetown, Georgia Mayor Gary E. Jones' idea. He just going to lock the "problem" up for the night.

Paroled sex offenders won’t have the chance to encounter trick-or-treaters in Grovetown, Ga., this Halloween.

That’s because Mayor Gary E. Jones plans to round them up. Jones this week revealed his plan to keep 25 to 30 local paroled sex offenders under the watchful eyes of five law enforcement officers at city hall for three hours next Wednesday as kids go door to door for candy.

Technically, this may be legal under the state's expansive sex offender laws. It doesn't sound all that Constitutional, which may result in a courtroom challenge in the near future. Mayor Jones has a perfectly good reason to do this, though: a long history of zero incidents on Halloween in his town. Jones claims this is being done "across the state," but WQAD reports "no other surrounding counties" are engaging in this technically-legal roundup.

If Jones was really concerned about safety and crime during Halloween, he would have his law enforcement out on the streets, rather than sitting guard at City Hall. And if criminals who've already paid their debt to society can be locked up for nebulous reasons, why isn't Jones tossing everyone ever picked up on vandalism charges into the ad hoc lockup for the night? It seems like they might pose more of a safety issue than the sex offenders Mayor Jones believes -- without a shred of evidence -- would kidnap trick-or-treaters if not otherwise detained.

And all of this doesn't even get to the problems of the sex offender registry itself and the fact it contains people who did nothing more than have sex with a 17-year-old when they were 20 or engaged in sexting with another teen. Or the fact that kids are far more likely to be abused by someone they know and trust, rather than some stranger offering Halloween candy on Halloween. All of this is willfully ignored by law-and-order types like Sheriff Long and Mayor Jones to score points with constituents who are equally as oblivious. It's just another form of security theater -- one that has a lot to say about safety, but actually does nothing to make anyone safer.

Permalink | Comments | Email This Story

Watching porn at work is a federal government tradition. Federal employees from agencies like the EPA, SEC, and FCC have been caught watching porn enough times, a Congressional rep actually thought a new law was needed to stop it. The bill was redundant. All federal agencies forbid the use of work computers to watch porn but that hasn't stopped these stories from surfacing with disturbing frequency.

At a certain point, porn-watching at work endangers a person's job. At other points before that, it endangers the employer itself. Zack Whittaker of TechCrunch dug up a Dept. of the Interior Inspector General's report [PDF] indicating a porn-watching employee inadvertently tried to the take the agency down from the inside.

A U.S. government network was infected with malware thanks to one employee’s “extensive history” of watching porn on his work computer, investigators have found.

The audit, carried out by the U.S. Department of the Interior’s inspector general, found that a U.S. Geological Survey (USGS) network at the EROS Center, a satellite imaging facility in South Dakota, was infected after an unnamed employee visited thousands of porn pages that contained malware, which downloaded to his laptop and “exploited the USGS’ network.” Investigators found that many of the porn images were “subsequently saved to an unauthorized USB device and personal Android cell phone,” which was connected to the employee’s government-issued computer.

The official version -- with redactions -- provides a few more details. Loooooots of porn-watching going on here:

We found that [redacted] knowingly used U.S. Government computer systems to access unauthorized internet web pages. We also found that those unauthorized pages hosted malware. The malware was downloaded to [redacted's] Government laptop, which then exploited the USGS ' network. Our digital forensic examination revealed that- had an extensive history of visiting adult pornography websites. Many of the 9,000 web pages [redacted] visited routed through websites that originated in Russia and contained malware. Our analysis confirmed that many of the pornographic images were subsequently saved to an unauthorized USB device and personal Android cell phone connected to [redacted's] Government-issued computer. We found that [redacted's] personal cell phone was also infected with malware.

Like everywhere else this has happened, the DOI expressly forbids the use of work computers for porn viewing. It also makes employees sign a form stating that they understand what's forbidden and what can happen to them if they violate these policies. It's apparently not much of a deterrent. The report doesn't say what happened to [redacted] -- only that this employee admitted they were familiar with the policies they violated.

DOI also forbids connecting personal devices to work computers. That policy isn't being enforced either, apparently. If the DOI isn't actively monitoring work computers for these two violations, it really can't lay all the blame for the malware infection on its unofficial porn hub. Proactive measures are far more useful than post-infection policy patches.

Permalink | Comments | Email This Story

Yesterday’s unveiling of the Lenovo Z5 Pro may have passed under your radar, but it signifies something quite important — the death of the smartphone display notch. While the Xiaomi Mi Mix 3 and Honor Magic 2 both feature a similar slider design which allows the front-facing camera and sensors to be hidden below the display, the Z5 Pro is the first sub-$300 smartphone to do so.

When the iPhone X made its debut, Android fanboys were among the first to criticize Apple for the massive notch which dominated the top of the display. While the size of the notch was justified due to the number of sensors that it housed, it definitely wasn’t pretty and the extra screen real estate offered by the space on both sides of the notch was negligible.

But to the dismay of many, most Android smartphone manufacturers jumped head first into the notch arena, delivering dozens of mid-range and flagship smartphone with notches at the top of their displays. Shockingly, the smartphone with the most offensive notch is actually Google’s own Pixel 3 XL which features an obnoxiously tall notch for no apparent reason. With the exception of the OnePlus 6T, I’m sure we can all agree that notches don’t look good. But they do have one redeeming quality — offering a high screen-to-body ratio, fitting a larger display into a device with a smaller footprint.

Fortunately, smartphone manufacturers appear to have come to their senses. A few months back, the Oppo Find X and Vivo NEX introduced mechanical pop-up front-facing cameras to get rid of the notch, but the new slider designs from Lenovo, Xiaomi and Honor are a lot more practical and cheaper to build.

The Lenovo Z5 Pro is equipped with a Snapdragon 710 SoC, 4 or 6GB of RAM, 64 or 128GB of storage, a notchless 6.39-inch display with a resolution of 2,340 x 1,080 and a 95.06 percent screen-to-body ratio. The sliding display hides the earpiece, proximity sensor, and dual-sensor 16MP+8MP infrared front-facing camera setup and you also get a 16MP+24MP dual-sensor camera on the back of the phone. Lenovo also crammed in a 3,350mAh battery and included an in-display fingerprint sensor. Not bad for 1,998 yuan or roughly $288.

There’s no guarantee that all manufacturers will stop copying Apple and ditch the notch. But now that we have five smartphone manufacturers looking at alternative ways to deliver full-screen displays, the notch will hopefully go down as a short-lived fad that we can hopefully erase from our consciousness.

By now the President's unwillingness to adhere to anything close to reasonable security when using his mobile phones has been made pretty clear. Whereas the Defense Information Systems Agency (DISA) and the NSA usually work in concert providing state leaders with "hardened" devices that are heavily encrypted, routinely updated, and frequently swapped out, Trump has refused to use these more secure DMCC-S devices (effectively a Samsung Galaxy S4 device utilizing Samsung's Knox security architecture), because it might infringe on his ability to Tweet.

Past reports have suggested that security advisors have at least convinced him to use two iPhones: one locked down specifically for Twitter, and the other specifically tasked with making phone calls. But as a new report this week from the New York Times makes clear, Trump's lax phone security is being pretty routinely taken advatage of by foreign intelligence agencies:

"When President Trump calls old friends on one of his iPhones to gossip, gripe or solicit their latest take on how he is doing, American intelligence reports indicate that Chinese spies are often listening — and putting to use invaluable insights into how to best work the president and affect administration policy, current and former American officials said."

Senators sent a letter to Trump back in April expressing concern at his abysmal operational security, but that message still hasn't gotten through to the aggressively cocksure President, according to the Times report:

"Mr. Trump’s aides have repeatedly warned him that his cellphone calls are not secure, and they have told him that Russian spies are routinely eavesdropping on the calls, as well. But aides say the voluble president, who has been pressured into using his secure White House landline more often these days, has still refused to give up his iPhones. White House officials say they can only hope he refrains from discussing classified information when he is on them."

The Times quotes numerous anonymous experts who say their claims come from sources in these foreign governments. And while the Times story doesn't get technical about how foreign intelligence agencies are tapping into the calls, many surmise they're exploiting, among other things, the cellular network Signaling System 7 (SS7, or Common Channel Signalling System 7 in the US) flaw that the industry has been refusing to fix for the better part of the last decade. The flaw can be exploited to track user location, dodge encryption, and even record private conversations if strict countermeasures aren't adhered to.

That said, security experts were quick to point out there's an ocean of ways that foreign intelligence agencies could be intercepting Trump's calls in transit via passive decryption as the calls travel between the phone and cellular tower:

Of course intel agencies could also be targeting his most-commonly called individuals on the other end. As is his way, the President was quick to issue a Tweet insisting the entire story was false...while using his iPhone:

To let Trump's ego dictate his security practices is obviously still problematic, potentially even to the point of putting lives at risk. It's also incredibly ironic given all the time Trump spends complaining about potential Chinese spying habits, including the Trump-driven blacklist of all Huawei products in the United States. It's a blackballing that's not based on much in the way of evidence, but is certainly appreciated in a protectionist capacity by the U.S. networking and cell phone vendors who didn't want to have to compete with cheaper Chinese gear. Huawei, for its part, was quick to make light of the report:

Trump's phone habits continues to be a giant middle finger toward transparency (like adhering to the Presidential Records Act) and fundamental opsec, but neither Trump nor the adults tasked with his daily supervision appear to much care.

Permalink | Comments | Email This Story

The UK government is still polishing its porn filtering law. The latest updates to the law show there's been some effort put forth to make the law less stupid, but even these additions don't make the law (or its implementation) much better.

There are still threats of fines and other governmental pressure should sites fail to "voluntarily" adopt the measures recommended by the UK government when the law goes live next year. One noticeable change is that the responsibility of deciding what is or isn't porn will be placed in the hands of the UK's film classification board, the British Board of Film Classification. If it's anything like the MPAA, it won't necessarily know porn when it sees it, but it will know what it doesn't like and regulate along those lines.

The updated guidelines [PDF] try to blend suggestions and mandates into something cohesive and palatable, all while removing as much government accountability as possible. The updates recognize collecting personally-identifiable info on British porn filters creates a juicy target for malicious actors. It also notes this data collection must somehow comply with the UK's tangle of privacy laws, meaning companies should put some sort of protections in place, but not so much they undermine positive identifications.

The BBFC suggests a possible compromise: verification of age only and no retention of site access logs. But, like everything else, this too is only a suggestion. This means sites are free to gather and retain as much info as they'd like and potentially dodge privacy-related legal battles by pointing to the UK government's porn blockade demands.

In this ridiculous pile of "would you kindly (under possible penalty of law)?", one aspect of the porn filtering plans continues to stick out. And it promises to make the BBFC's job extremely difficult, if not completely impossible. One round of updates on and the UK government is still no closer to resolving the issue, as The Verge's James Vincent points out:

A final addition in the BBFC’s guidelines is a newly clarified exemption for any site where “pornographic material makes up less than a third of content.” So if a site is two-thirds safe for work, it won’t have to verify users’ ages. This means social media platforms like Twitter, Reddit, and Tumblr — which are home to a lot of pornographic material — will not be policed. (Sites that advertise pornography are not covered by this exemption.)

However, the current wording of the guidelines still leaves a lot of unanswered questions. For example, how exactly will regulators measure the ratio of SFW to NSFW content? “Are they going to measure this in URLs, number of files, pixels, or what?” asks [Open Rights Group director James] Killock.

Good question. And, at this point, one the BBFC can't answer. This will compound the problems plaguing any content filtering system: overblocking, underblocking, and easy circumvention. The filtering offered by ISPs has already dabbled in all three, and the law is still a few months away from its official debut.

The one thing the filtering law is almost guaranteed to accomplish is increase the marketshare of incumbents -- both in terms of ISPs and porn providers. One of the age verification methods being shopped around was created by the media company (MindGeek) that owns some of the largest porn sites in the world. If MindGeek's software becomes the de facto solution to verification problems, the company will be able to tie its competitors up with licensing agreements for years to come (and to collect data on competitors' users during the verification process).

The UK government is addressing a problem that cannot be completely solved by offering up a handful of half-assed suggestions backed by ethereal threats of punishment if the internet in general fails to comply. The embarrassment it's been throughout the course of its development is in no danger of redeeming itself in the future.

Permalink | Comments | Email This Story

Phew. The 11th Circuit appeals court has just overturned a lower court ruling and said that Georgia's laws, including annotations, are not covered by copyright, and it is not infringing to post them online. This is big, and a huge win for online information activist Carl Malamud whose Public.Resource.org was the unfortunate defendant in a fight to make sure people actually understood the laws that ruled them. The details here matter, so let's dig in:

For the past few years, we've been covering the fairly insane situation down in Georgia, where they insist that the state's annotated laws are covered by copyright. This is not quite the same thing as saying the laws themselves are covered by copyright. Everyone here seems to recognize that Georgia's laws are not covered by copyright. But here's where the problem comes in. The state of Georgia contracts out with a private company, LexisNexis, to "annotate" the law basically giving more context, and discussing the case law interpretations of the official code. The deal with the state is that LexisNexis then transfers whatever copyright it gets from the creation of the annotations back to the state. Finally, the only "official" version of Georgia's state laws is in the "annotated" version. If you want to look up the official law of Georgia you are sent to the "Official Code of Georgia Annotated" (OCGA), and it's hosted by LexisNexis, and it has all sorts of restrictive terms of service on top of it. Indeed, every new law in Georgia literally says that it will amend "the Official Code of Georgia Annotated," which certainly suggests that the OCGA -- all of it -- is the law in Georgia. And the state insisted that part of the law was covered by copyright.

Malamud found this obviously troubling, believing that the law must be freely accessible to anyone in order to be valid. The state of Georgia threatened him and then sued him claiming that reposting the OCGA in a more accessible fashion was copyright infringement. The district court not only found that the annotations (even if part of the official law) could be covered by copyright but further that it was not fair use for Malamud to post them online. This was a horrifying decision.

And, it's also no longer a valid one.

The appeals court has put together a thorough ruling rebuking the lower court's analysis, and noting that the OCGA is not subject to copyright at all. The court admits the annotations by a private company make this more complicated than the general question of whether or not laws are covered by copyright, but notes that since this is so closely tied to the law, and directed by state officials, it seems clear that the annotations cannot be covered by copyright:

To navigate the ambiguities surrounding how to characterize this work, we resort to first principles. Because our ultimate inquiry is whether a work is authored by the People, meaning whether it represents an articulation of the sovereign will, our analysis is guided by a consideration of those characteristics that are the hallmarks of law. In particular, we rely on the identity of the public officials who created the work, the authoritativeness of the work, and the process by which the work was created. These are critical markers. Where all three point in the direction that a work was made in the exercise of sovereign power -- which is to say where the official who created the work is entrusted with delegated sovereign authority, where the work carries authoritative weight, and where the work was created through the procedural channels in which sovereign power ordinarily flows -- it follows that the work would be attributable to the constructive authorship of the People, and therefore uncopyrightable.

The court admits that there are strong arguments in both directions on this one, but:

... at the end of the day, we conclude that the annotations in the OCGA are sufficiently law-like so as to be properly regarded as a sovereign work. Like the statutory text itself, the annotations are created by the duly constituted legislative authority of the State of Georgia. Moreover, the annotations clearly have authoritative weight in explicating and establishing the meaning and effect of Georgia’s laws. Furthermore, the procedures by which the annotations were incorporated bear the hallmarks of legislative process, namely bicameralism and presentment. In short, the annotations are legislative works created by Georgia’s legislators in the exercise of their legislative authority.

Because of this, the court doesn't even need to do a fair use analysis. Since there's no copyright in the OCGA, the fair use question doesn't even matter, and Malamud (and anyone else) is free to post and access the full OCGA.

There's a lot more details in the opinion, but the above quotes summarize the point quite nicely. Congrats to Carl Malamud, who has suffered quite a bit in facing this fairly insane lawsuit. As we noted early on, even if the state felt that it's copyright was valid (which was still a big question) the fact that it would seek to sue a small nonprofit for daring to make their own laws accessible was shameful and disgusting.

We'll close out this post with the concluding paragraphs of the opinion as well, which set out, once again, why the law (including annotations) is public domain and should be freely accessible to all:

The OCGA annotations are created by Georgia’s legislative body, which has been entrusted with exercising sovereign power on behalf of the people of Georgia. While the annotations do not carry the force of law in the way that statutes or judicial opinions do, they are expressly given legal significance so that, while not “law,” the annotations undeniably are authoritative sources on the meaning of Georgia statutes. The legislature has stamped them “official” and has chosen to make them an integral part of the official codification of Georgia’s laws. By wrapping the annotations and the statutory text into a single unified edict, the Georgia General Assembly has made the connection between the two inextricable and, thereby, ensured that obtaining a full understanding of the laws of Georgia requires having unfettered access to the annotations. Finally, the General Assembly’s annual adoption of the annotations as part of the laws of Georgia is effected by the legislative process -- namely bicameralism and presentment -- that is ordinarily reserved for the exercise of sovereign power.

Thus, we conclude that the annotations in the OCGA are attributable to the constructive authorship of the People. To advance the interests and effect the will of the People, their agents in the General Assembly have chosen to create an official exposition on the meaning of the laws of Georgia. In creating the annotations, the legislators have acted as draftsmen giving voice to the sovereign’s will. The resulting work is intrinsically public domain material, belonging to the People, and, as such, must be free for publication by all.

As a result, no valid copyright can subsist in these works.

This ruling also strengthens Malamud's arguments in some of his other legal fights, concerning the concept of "incorporation by reference," where laws reference this or that standard created by 3rd parties, and require various entities to abide by those standards. Malamud has long argued that if the law incorporates those standards, then those standards must be freely accessible for the same reason -- and has been fighting that issue in a different court case. Reading this ruling certainly gives weight to that argument as well (though that one is in a different circuit).

Permalink | Comments | Email This Story

A few weeks ago, Bloomberg published a giant story claiming that Chinese spies did a somewhat daring supply chain hack on American big tech firms. The gist of the story was that servers from Super Micro had hidden chips that somehow were then used by Apple and Amazon (not to mention the US government), that allowed someone in China to access certain data. The story was a blockbuster that got everyone talking. But, almost as soon as it came out, a bunch of people started raising questions about the story. While the Bloomberg reporters claimed over a dozen sources, both Apple and Amazon came out with incredibly strong denials. Way stronger than is common in these situations. And while I know some cynical people insist that companies will lie about this stuff all the time, that is not actually true. Some companies may misrepresent things, or try to play down stories, but outright fabrication is not at all common (and the consequences of a company doing it would be severe). And here, both Amazon and Apple's denials were so clear, so specific and so adamant that it raised serious questions about the reporting.

Since there was so much confusion over it all, we held off on writing about it, figuring more information would come out in the days and weeks after the initial story. And so far, nearly all of the "additional info" has only served to raise significantly more questions about Bloomberg's reporting. Various government and intelligence agencies all claimed they had no evidence to support these claims. Again, some will argue that they are lying, and (again) while those agencies may have a history of misrepresenting things, the denials here were clear and unequivocal. The UK's National Cyber Security Centre (a part of GCHQ) said they completely supported Apple and Amazon that no such attack occurred. The US Department of Homeland Security said the same thing. Dan Coats, the US Director of National Intelligence said the US intelligence community has seen no evidence of such an attack, which certainly undermines the Bloomberg story. Some of the folks quoted in the Bloomberg article even questioned the accuracy of the article with one going so far as to say the article that he is named in... "didn't make sense."

Also, as reporter Nicole Perlroth noted, one of the reporters on the Bloomberg story -- Michael Riley -- had also done a story back in 2014 making bold claims that the NSA had exploited the Heartbleed bug, and multiple other reports ripped that story to shreds, with multiple people denying it and no one else confirming it.

Now, with this story, Apple has done something it's never done before: asked Bloomberg for a retraction of the article. That's a pretty big move -- and Bloomberg says it still stands by its reporting (as it did with the Heartbleed story).

However, at this point, Bloomberg has whittled away whatever benefit of the doubt there was left and set fire to the scraps. It's difficult to believe that Bloomberg's story was accurate, and the company and its reporters owe everyone an explanation -- or at least some additional evidence to support the reporting. I don't doubt that there is a kernel of truth in the story -- but given the vehement and thorough response from everyone, it certainly seems likely that the reporters on the Bloomberg piece misunderstood something big, leading to misreporting of things in a way that leads to a very inaccurate picture of what's going on. Bloomberg should, at the very least, appoint someone else to go through the work put in by reporters Michael Riley and Jordan Robertson, and explore whether or not the story really is accurate, and why it is that basically everyone is saying it's not.

Reporters can, and do, make mistakes. How they respond to such mistakes is the real marker of the ethics they and the organizations they work for hold. Considering Bloomberg stood by that Heartbleed story, perhaps we shouldn't expect such a reckoning at the publication -- but, at the very least, it's going to lead plenty of people to write off Bloomberg as a credible source on issues like these, and that's unfortunate, given that there are some really big and important stories having to do with computer security right now. Having one major publication show itself to be untrustworthy in its coverage would be very bad.

Permalink | Comments | Email This Story

Ignorance of the law is no excuse, us lowly peons of the American justice system are told. The same does not apply to law enforcement, whose business it is to enforce laws. I mean, it's right there in the name. And yet…

Mississippi police agencies have been seizing cash, guns and vehicles without legal authority for months after a state law changed and police didn't notice.

An Associated Press review of a Mississippi Bureau of Narcotics database shows more than 60 civil asset forfeitures with nearly $200,000 in property taken by state and local agencies under a law that lapsed on June 30.

"Didn't notice." Try using that excuse the next time you, I don't know, hand someone a straw or... um... offer underweight ice cream to consumers. That's the AP's phrasing of the official excuse for law enforcement's inexplicable inability to stay abreast of laws affecting their work.

Here's what officials actually said, which uses more words, but doesn't sound any better.

Mississippi Bureau of Narcotics Director John Dowdy said he didn't know the law had expired until September, when a Rankin County prosecutor notified him.

"Honestly, we were unaware of the sunset provision," he said. "We thought that had been fixed in the legislative session."

Now, this could be a legitimate excuse. But not for a narcotics director who probably had plenty to say about the impending demise of the most profitable part of the state's asset forfeiture program. He could not have been completely "unaware." After all, here he is announcing the roll out of a website listing state forfeiture actions as mandated by the same law Dowdy now claims he didn't know much about.

It might be a legitimate excuse for a federal official who may not know the legislature included a sunset provision that gave legislators a chance to kill the passed law before it went into effect. Some efforts were mounted to roll back the reforms, but they both died without moving forward.

Because law enforcement can't follow the law, lots of people will be getting their stuff back. The Tampa Bay Times article says the Mississippi Bureau of Narcotics is offering to return $42,000 worth of property it illegally seized -- a phrase that makes its effort sound far more magnanimous than the reality: relinquishing stolen property.

But this screw up isn't going to keep it from seizing what it can, no matter how petty the amount. The thirty-day window on seizures under $20,000 is still open on a few cases, so law enforcement is still moving ahead with a few small-ball forfeitures.

Dowdy said agencies that seized property could still sue, seeking a judicially-sanctioned forfeiture, if less than 30 days elapsed. In Harrison County, for example, officials filed suit to seize $939 from Danielle Laquay Smith on Sept. 26, exactly 30 days after seizure.

The new law requires all forfeitures to be handled in court. The old law only required that on seizures above $20,000. There's more than $200,000 in illegal seizures on the books, and the potential return of $42,000-worth still leaves a lot unaccounted for. And much of that appears to be held by another person who can't keep track of legislative developments despite his position as a government official.

In northern Mississippi, District Attorney John Champion said, "I wasn't aware of that," when asked about the change. Police agencies in his five-county district, particularly in DeSoto County, have the majority of questionable seizures listed statewide.

Officers are Johnny-on-the-spot when it comes to perceived violations by citizens, but blissfully unaware of legal changes directly affecting their daily work. This is absurd. And it is the status quo. Prosecutors -- who directly benefit from forfeitures -- aren't aware either, most likely because knowing the law would adversely affect a valuable revenue stream. This is inexcusable, but it's also likely to go unpunished. The law is clear on the matter: negative effects of legislation shall be borne by the general public.

Permalink | Comments | Email This Story

Google has officially released its plan to comply with the European Commission’s ruling that Android was not competitive. For those who don’t know, Google has required that OEMs include Google Search, Chrome and a handful of other apps if they want Google Play installed on their devices. Starting on October 29 of this year — that will no longer be the case. Google has just published an overview of its new policy, shedding some light into what things will look like for OEMs and consumers who purchase Android devices going forward. 

The first part of the new policy states that smartphone manufacturers will be able to build non-compatible builds of Android while still retaining access to Google apps. This means that we may see in influx in forked versions of Android in the next few years. While many may scoff at the idea of having multiple incompatible versions of Android used on new devices, the new freedom could lead to some great new use cases and innovations on the platform.

First, we’re updating the compatibility agreements with mobile device makers that set out how Android is used to develop smartphones and tablets. Going forward, Android partners wishing to distribute Google apps may also build non-compatible, or forked, smartphones and tablets for the European Economic Area (EEA).

The second part of the new policy complies with the EU’s mandate that OEMs should be forced to use all of Google’s apps in services if all the really want is access to Google Play. Google Search and Chrome will no longer be bundled with the main Google Apps package, but they will be offered to OEMs with a paid licensing agreement. While many consider Chrome and Google Search to be the best in their respective categories, the European Commission has sided with Google’s competitors, claiming that the automatic inclusion of these two apps on the Google Apps bundle reduces competition for consumers.

Second, device manufacturers will be able to license the Google mobile application suite separately from the Google Search App or the Chrome browser. Since the pre-installation of Google Search and Chrome together with our other apps helped us fund the development and free distribution of Android, we will introduce a new paid licensing agreement for smartphones and tablets shipped into the EEA. Android will remain free and open source.

Third, we will offer separate licenses to the Google Search app and to Chrome.

Google’s new policies will only apply to Android devices sold within the EU. It’s impossible to know how the user experience will be altered come October 29, but we honestly don’t think it’ll be a noticeable change. The main fear we have is that handset prices could go up if manufacturers decide to pass on the extra cost of including Google apps directly to the consumer. While Google filed an appeal to the European Commission’s ruling just last week, we won’t know the results of the appeal until 2019 at the earliest.

What’s your take on the European Commission’s ruling and Google’s new policies for Android device sold in Europe? Do you think a similar approach for the US and other markets would be beneficial or detrimental to Android going forward?

Source: Google

 

Stupid unconstitutional stuff is happening in Texas. "Again?" I hear you ask, irritated but not surprised. "Yes," I repeat. "In Texas, and involving local politicians and law enforcement." "Again?" I hear you say (again) and the circle of commentary life continues uninterrupted.

A resident of Hamilton, Texas, posted a political sign in her front yard composed of a white label board remix of political cartoonist Ann Telnaes' remix of the GOP logo.

Here's the original:

And here's the sign that was, until recently, in homeowner Marion Stanford's yard:

As one does in this age of social media telegraphy, outraged parties brought this to the attention of a local politician with a sizable following -- Texas Ag Commissioner Sid Miller -- who dumped his own petrol on the partisan bonfire by posting it to Facebook and calling it an example of "Democrat sleaze." He also claimed the picture was supposed to be "Judge Kavanaugh's young daughter" -- a claim made without supporting evidence but with the amplification of 738,000 Facebook followers.

Shortly thereafter, Marion Stanford began receiving threats. Unfortunately, this is the predictable part of the backlash. Stanford also received a visit from local law enforcement, which was a bit less predictable. But they weren't there about the threats. They were there about the sign, as the Dallas Morning News reports.

Tuesday evening, she said, police came to her house and said they had received complaints.

“Police told me to remove the sign or they would take it and would arrest me,” Stanford said. “So I let them take the sign.”

This claim has been denied by the city, which issued this statement via the city manager.

The city manager of Hamilton, which is about 100 miles southwest of Fort Worth, denied that police mentioned arrest or forcibly took the sign.

“It’s political season, and a citizen here placed a yard sign that featured a political animal taking an inappropriate position with a young child,” Pete Kampfer said. “A police member visited the owner’s home, and the owner asked the officer to take the sign.”

This denial is more than a little weird. First off, even if officers did not mention arrest, they said something that caused her to hand over the sign to them. The police had no business being there in the first place, so their presence is completely inexplicable… or is at least something the city manager isn't willing to explain.

Second, the whole sentence starting with "it's political season" makes zero sense. "Political season" or no, the sign was protected expression the government had no business interfering with. The addition of "taking an inappropriate position with a young child" suggests the city -- and possibly the police -- are no smarter than the idiot commenters on Sid Miller's page who claim the picture is pretty much child porn. It isn't and only someone hoping to see someone punished by the government for protected speech would make this claim. That group apparently includes the city manager.

This is lawsuit bait. Even if the police did not threaten arrest, officers did visit a citizen to discuss protected expression -- protected expression that ended up being removed by police officers and taken to the station. Whatever the chain of events, it makes everyone involved at the government level look bad. There was no reason to visit, much less take the sign. Even if the homeowner offered to give it up, officers shouldn't have been there to ask the question, much less take her up on her offer.

Permalink | Comments | Email This Story

Video game addiction as a concept has been tossed around for the past decade or so, with mixed feelings coming from all sides. Disagreement abounds as to whether or not gaming addiction is a real thing, both among medical professionals as well as the public. There's even disagreement among Techdirt writers (disclosure: I don't think it's a thing).

But as the concept continues to infect the common public lexicon, it's something we're going to hear more and more about. It's something of a checkpoint, therefore, that the issue has risen to the level of an NHL team instituting a ban on gaming for players while on the road visiting other cities.

The Canucks “veterans,” such as they are, have led the players to self-institute a ban on all video games on the road. “No more Fortnite,” Bo Horvat told TSN 1040.

“In my opinion, there’s better ways to spend time on the road, whether it’s hanging with the guys in the room or going to a movie with the guys. There’s a lot of cool cities we visit and to be cooped up in your room all night, playing Fortnite, is a waste of your time.”

The tie-in for gaming addition here is that last year the Canucks claimed that a young un-named player was inactive and seeking counseling for video game addiction. Whether this player-led ban on gaming is a direct result of that incident, or simply a scapegoat for the Canucks being fairly bad at professional hockey as of late, is unknown. What is known is that this ban pretty squarely centers around Fortnite, which is amazing advertising for just how fun and enjoyable that game is.

More interesting to me is how the team appears to be taking the blunt-tool approach that mirrors what many parents do in fear of video game addiction. These kinds of blanket bans, taking into consideration nothing about how individual players, or children, can handle gaming appropriately, is almost certainly a mistake. Even if video game addiction is indeed a thing, it must be true that it's a thing that will afflict a minority of the population. That makes these blanket bans massive overkill.

But don't be surprised to hear this story raised in NHL broadcasts if the Canucks manage to be less than awful this year.

Permalink | Comments | Email This Story

Note: Some language. This is a video of animated outtakes from Rick And Morty co-creator and voice actor Justin Roiland while trying to get through his initial Pickle Rick lines from the episode. I'm surprised he made it through at all. He says it's the 'Morty -- turn me so we're making eye contact' line that really gets him, which makes sense. Still, it sounds like they're having a great time. I, for one, would love to have a great time. I'd even settle for a good time, but the number in that bathroom stall was a lie. "Who was it?" GEICO. Keep going for the video. Thanks to Alan, who agrees we could all use a pickle mentor.

Israeli exploit/malware developer NSO Group says its products are marketed to governments for legitimate national security and law enforcement purposes. Yet somehow it keeps ending up in the hands of governments with terrible human rights records and deployed against journalists, dissent groups, and activists.

The software sold by NSO is being deployed against journalists in Mexico -- ones looking to expose government corruption. This report by the Columbia Journalism Review provides more details on the hacks, building off Citizen Lab's exposure of NSO's "Pegasus" spyware.

Mexico has been ground zero for Pegasus’s deployment against journalists. At least six reporters have been targeted there, according to exhaustive research by both Citizen Lab and the Mexican digital rights group R3D. Those attacks coincided with major journalistic investigations that challenged the Mexican government. For example: three reporters who were targeted worked on the “Casa Blanca Scandal,” a major story exposing how Mexico’s first lady was given a mansion by a government contractor who later received lucrative contracts. Mexican television journalist Carlos Loret de Mola was targeted while he was reporting on extrajudicial killings. Although three Mexican federal agencies have access to Pegasus, the government has denied it ever launched any attacks on reporters.

This is more of the same for NSO's spyware. Citizen Lab also uncovered use of the software by notorious humans rights violators like Saudi Arabia, Kazakhstan, and the United Arab Emirates. In many cases, deployments targeted critics and activists, rather than criminals or national security threats. The deployments are disturbing enough. The tactics are even worse:

The targets received SMS messages that included links to NSO exploits paired with troubling personal and sexual taunts, messages impersonating official communications by the Embassy of the United States in Mexico, fake AMBER Alerts, warnings of kidnappings, and other threats.

CJR's report is supposed to act as a warning for journalists around the world. They are targets, no matter what their governments say and no matter how NSO frames its pitches.

And we're not completely immune to this in the United States. Although any deployment against journalists would be viewed as a serious violation of Constitutional rights, the fact is US government agencies are seeking to purchase NSO's spyware for use in their work. The DEA has met with NSO in the recent past and the agency's own past suggests it isn't above violating rights to further its own ends. No rights violations have been seen yet but, as we've seen before, the government is willing to impersonate journalists to track down suspects. Infecting journalists' phones to track down leakers and whistleblowers isn't that much of a step forward.

Permalink | Comments | Email This Story

So this is an interesting underreported story from February 2018 - as it turns out, iPhones sold in China will soon use specific NAND chips made by a specific Chinese company that won't be used in iPhones sold outside of China. Apple is in talks with state-backed Yangtze Memory Technologies to buy NAND flash chips from it, a move that will mark the U.S. giant's first purchase from a Chinese memory chipmaker and a huge boost to the local sector. [...] Whether Apple is under any pressure to buy from Chinese makers is unclear. Afterall, China has been known to apply pressure on foreign technology companies that want to operate within the country. One thing is for sure, Chinese deals will help Apple grow its business there, according to an industry executive. [...] As such, the earliest that the deal could come into fruition will be 2019 but industry sources say it is more likely to be after 2020 before Yangtze Memory can produce enough of the components at a standard that Apple requires. Apple will use these chips in new iPhone models and other products for sale in the Chinese domestic market specifically, according to two people familiar with the matter. So, Apple has already handed over the iCloud data of its Chinese customers to the Chinese government through a government-owned datacenter company, and soon, iPhones sold in China will use China-specific NAND chips that won't be used in iPhones outside of China. With yesterday's Bloomberg story fresh in our minds, is it really that far-fetched to assume these China-specific NAND chips are unsafe, or perhaps even have a backdoor in them that weakens on-device encryption? There is no way that the Chinese government would somehow exempt Apple from aiding in government surveillance, and these seemingly unrelated news stories all seem to suggest that Apple is, indeed, doing so.

The Android app mirroring will be part of Microsoft's new Your Phone app for Windows 10. This app debuts this week as part of the Windows 10 October 2018 Update, but the app mirroring part won't likely appear until next year. Microsoft briefly demonstrated how it will work, though; you'll be able to simply mirror your phone screen straight onto Windows 10 through the Your Phone app, which will have a list of your Android apps. You can tap to access them and have them appear in the remote session of your phone. We've seen a variety of ways of bringing Android apps to Windows in recent years, including Bluestacks and even Dell's Mobile Connect software. This app mirroring is certainly easier to do with Android, as it's less restricted than iOS. Still, Microsoft's welcoming embrace of Android in Windows 10 with this app mirroring is just the latest in a number of steps the company has taken recently to really help align Android as the mobile equivalent of Windows. Microsoft has its own Android application launcher, e-mail client (Outlook on both Android and iOS is actually quite good), browser (Edge is available on Android), Cortana, this application mirroring, and other things. At this point, one has to wonder why Microsoft simply doesn't just release an Android phone altogether. Imagine a Surface phone, with a similar industrial design, but running Android with Microsoft's applications on top. I have no idea if such a product would be popular with consumers, and I personally would still really actually want Windows Phone to come back from the dead and magically become successful, but I'd definitely be intrigued by such a Microsoft Android phone.

New Zealand's "digital strip searches" of travelers' electronic devices are now backed by law. When we covered this last year, customs officials were already seizing devices and performing invasive searches. But a new twist has been added with the enactment of New Zealand's most recent customs law: compelled password production.

Travelers entering New Zealand who refuse to disclose passwords for their digital devices during forced searches could face prosecution and fines of more than $3,000, a move that border officials said Tuesday made the country the first to impose such penalties.

“We’re not aware of any other country that has legislated for the potential of a penalty to be applied if people do not divulge their passwords,” said Terry Brown, a New Zealand Customs spokesman. Border officials, he said, believe the new fine is an “appropriate remedy” aimed at balancing individuals’ privacy and national security.

There's an interesting juxtaposition in the spokesman's comments, suggesting mandatory password divulgement -- something no other free world country is doing -- is striking the right balance between privacy and national security.

The law applies to incoming visitors and returning citizens. The fine kicks in when password demands are refused, which also likely means the seizure of locked devices indefinitely. Supposedly, unlocked devices are searched for local files only -- with phones put into airplane mode -- but that's still an incredibly invasive search predicated on nothing more than someone's arrival in New Zealand.

Government officials are justifying the compelled password production with bad examples and terrible analogies. The so-called "Privacy Commissioner" tried to equate cellphones and other digital devices potentially containing thousands of personal files and communications with something containing the few belongings someone takes with them while traveling. (via Boing Boing)

Privacy Commissioner John Edwards had some influence over the drafting of the legislation and said he was "pretty comfortable" with where the law stood.

"There's a good balance between ensuring that our borders are protected ... and [that people] are not subject to unreasonable search of their devices."

"You know when you come into the country that you can be asked to open your suitcase and that a Customs officer can look at everything in there."

Socks, underwear... 700 personal photos, a few thousand personal communications… yeah, it's all pretty much the same thing. This is like saying customs can demand your house keys and dig through your belongings simply because you traveled out of New Zealand and returned home.

The inadvertent hilarity comes from the Customs Minister, who is probably even less concerned about personal privacy than the Privacy Commissioner is.

Customs Minister Kris Faafoi said the power to search electronic devices was necessary.

"A lot of the organised crime groups are becoming a lot more sophisticated in the ways they're trying to get things across the border.

"And if we do think they're up to that kind of business, then getting intelligence from smartphones and computers can be useful for a prosecution."

There are plenty of ways to get digital "things" across the border without carrying them on your person in some sort of electronic "suitcase" you know customs officials are going to take from you as soon as you enter the country. This may help catch some dumb criminals, but it's not going to have much of an effect on the "sophisticated" organized crime groups.

What will happen is lots of people not connected to any criminal enterprise will have their devices seized and searched just because. The new fine will discourage visitors from refusing Customs' advances, allowing officials to paw through their digital goods just like they do their clothing. And all the government can offer in response is that the ends justifies the means.

Permalink | Comments | Email This Story

If you hadn't noticed, the telecom industry has been on a tear lately, completely dismantling most government oversight of its natural monopolies. From killing net neutrality to gutting FCC and state authority to rein in ISP bad behavior, companies like AT&T dream of a future where neither competiton nor even modest regulatory oversight prevent it from its god-given mission to rip off and otherwise overcharge the company's largely captive customer bases.

At the same time, AT&T is now part of a coordinated effort between the telecom sector and the Trump administration to saddle Silicon Valley giants like Facebook and Google with additional regulation while demonizing them as out of control monsters. Why? As AT&T and Comcast push deeper into the online ad industry, they're looking for any advantage they can get against entrenched search and social media giants. And, given their political power, domination of the broadband last mile, and the government's apathy to both problems, those advantages run deep.

At the heart of this little stage play sits our national conversation about what new privacy laws might look like. Last week, the Senate Commerce Committee held a hearing consumer advocates weren't even invited to. Instead, companies with utterly terrible track records of privacy abuses were given starring roles in dictating just what said privacy legislation should look like. That included Facebook but also AT&T, which for weeks has been quick to claim on multiple fronts that it just really, really, loves the idea of comprehensive privacy protections for consumers:

AT&T has long supported comprehensive federal privacy legislation to protect consumers and give businesses clear and consistent guidelines on the collection and use of consumer data... AT&T wants to be a constructive voice in finding a real and durable solution.

Which is weird, because "constructive" isn't really the best word to explain AT&T's lobbying tactics on the privacy front lately. The company was a major player in efforts last year to obliterate modest FCC privacy guidelines for broadband providers before they could even take effect. Those rules largely just mandated that ISPs be transparent about what data is collected and who it's being sold to, while requiring opt in consent for particularly sensitive consumer data like your financial background. AT&T has played a pretty major role in lying to scuttle state-level protections as well.

Yet here's AT&T CEO Randall Stephenson, again this week proclaiming that his company is breathlessly dedicated to real privacy protections, while lamenting the fact that states are now trying to fill the void in the wake of federal apathy on this subject:

AT&T CEO Randall Stephenson on Tuesday made a pitch for Congress to "step up" and create "rules of the road" on consumer privacy that would apply to all companies across the country.

"We think one ranger. There ought to be one regulator for everybody," the exec said at The Atlantic Festival in Washington. Without that, Stephenson said states like California will step into the breach and create their own rules.

Speaking of the media, tech and communications industries, he said, "To handcuff those sectors with 50 different rules of the road across 50 different states and different regulators is a disaster for an uncertain business model."

That takes some serious stones. Again, AT&T just got done obliterating meaningful FCC privacy rules that didprecisely what Stephenson claims he was looking for, something you'd think any press outlet writing about this would mention. Like the ISP assault on net neutrality, the attack on the FCC's privacy rules (and overall authority) created an accountability vacuum states then rushed to fill. A bunch of fractured, state-level protections isn't ideal, but it was a problem directly caused by AT&T's own lobbying. That really shouldn't be forgotten.

It's understood that people have differing opinions on what real privacy rules should look like and whether we need them at all. But whatever your position, it shouldn't be hard to see that companies like AT&T are the very last folks we want having too much input on what these rules should look like. From actively modifying user packets to covertly track them around the internet to trying to charge consumers more money to protect their privacy, AT&T's the poster child for not really giving a damn about consumer privacy. And when efforts to pass even modest rules do arrive, AT&T lobbyists work to kill them.

That's because none of the giant companies being tasked with defining our potential looming privacy law (be it Facebook or AT&T) want a law that actually accomplishes much of anything aside from "putting the debate to bed" so they can get back to tracking you around the internet without much transparency or meaningful consent. Real rules would empower, inform, and educate consumers, who'd then opt out of huge swaths of data monetization efforts, costing ad-driven companies billions. They like to talk a lot about "compromise" and "building consensus," but these companies really only want one thing: a federal privacy law that looks good on paper, but has so many loopholes to be largely useless, outside of the goal of pre-empting any tougher, state-level privacy efforts.

In AT&T's case, if those laws happen to saddle Silicon Valley ad competitors with additional burdens AT&T and its subsidiary DirecTV may not have to face (after having just effectively convinced the FCC to blow itself up from within), so much the better.

Permalink | Comments | Email This Story

"Your grandpa lives in here now, like a genie. Anybody wanna little cup?" The largest crematorium in Switzerland has begun extracting the precious metals contained in the ashes of cremated bodies if the family of the deceased approves the process. Currently only about one out of three families do, with proceeds going to the government instead of them, which is probably exactly why only one in three are opting for the precious metal package.

Gold, silver and platinum nuggets that survive the intense 700 Celsius fires are all that remain after a body is burnt at the Nordheim cremation facility - Switzerland's largest - in Zurich. Approximately 6,000 corpses are cremated here each year. As of earlier this month, Nordheim has put in place a machine that filters out precious metals from the ashes and the crematorium then sells them to recycling firms for profit. The recycling project is set to earn the city of Zurich 100,000 Swiss francs (€87,700) in revenue each year.

I've heard of blood diamonds before, but *putting on cool guy shades* bone gold? "Take those off." I don't wanna, my right eye is still puffy. "Why's that?" My coworker Greg hit me. "Why'd he do that?" I tried using a chewed Now And Later to yank out one of his gold fillings while he was asleep. "You probably deserve that." No, I deserve to be at the pawn shop selling part of a tooth right now. Thanks to Thaylor H, who agrees there be gold in them thar bodies.

These are a couple videos of model maker Maladroit Modeller showing off his recent build of the twelfth Doctor's TARDIS, complete with bigger on the inside (dimensionally transcendent) interior thanks to a clever mirror-based optical illusion. It's actually the same sort of illusion that makes those 'disappearing coin banks' work if you know what I'm talking about. You know what really is bigger on the inside though? "Please don't say your butt." I'm a smuggler's dream, I'm just saying. "What?" I can fit anything up to a shoebox. Keep going for two videos, the second of which reveals how the illusion works. Thanks to hairless, who wishes bathroom stalls were all bigger on the inside.

Something that happens far too often -- police officers raiding the wrong house in search of criminals -- has resulted in national headlines.

A police search warrant team going after a drug dealer targeted the wrong address and burst into the apartment of an innocent resident who shot and wounded two officers believing they were home invaders, Prince George’s law enforcement officials said.

It has been greeted by something that almost never happens.

Police Chief Hank Stawinski apologized for the error Thursday and said he has halted executing search warrants until the department reviews how it corroborates information to confirm addresses and the location of investigative targets.

There's more. No charges will be filed against the man who shot two officers. The police chief said the man ambushed in his own home was a "law-abiding citizen." Beyond that, he called the warrant itself into question, along with the information used to obtain it.

A confidential informant led investigators to the address at which they were serving the search warrant Wednesday night, Stawinski said. But the chief said he is “not satisfied” with the amount of information investigators used to obtain the search warrant and with the efforts to verify the information from the informant.

Here's all the things that didn't happen:

- No one suggested everyone "wait until all the facts are in."

- No one blamed the media for rushing ahead with a narrative the PD didn't find flattering.

- No one refused to comment until an investigation was completed.

- No one disparaged the victim of the raid by feeding his criminal record to local media.

- No one suggested the resident be more compliant in the future.

- No one defended the officers' actions as reasonable.

- No one filed charges against the resident for shooting and wounding police officers.

This is an astounding reaction to incidents that are far too commonplace in this country. This is also an indictment of policing in America. There is no reason this reaction should be as stunning as it is. This should be standard operating procedure when cops screw up. Instead, we're most often greeted with defense of indefensible actions combined with a multitude of efforts designed to make the SWAT raid victim appear as unsympathetic as possible.

Wrong address raids, killings of unarmed citizens, excessive force deployment… all of these events are normally handled by police departments with maximum defensiveness and minimal acceptance of culpability. A law enforcement agency immediately stepping up to take responsibility for its errors -- especially ones with potentially deadly outcomes -- is a breath of fresh air in the fetid, stagnant swamp of US policing.

But this shouldn't be the ultra-rare exception. It should be the rule. The public law enforcement serves deserves far better than the condescending, self-serving crap it's so often handed in the wake of incidents like these.

Permalink | Comments | Email This Story

Documents obtained by The Intercept show the NYPD and IBM engaged in a long-running facial recognition tech partnership from 2008 to 2016. While some of this deployment was discussed publicly, details about the extent of the program -- as well as it's more problematic elements -- haven't been.

As the article's title informs the reader, camera footage could be scanned for face matches using skin tone as a search constraint. Considering this was pushed by IBM as a tool to prevent the next 9/11, it's easy to see why the NYPD -- given its history of surveilling Muslim New Yorkers -- might be willing to utilize a tool like this to pare down lists of suspects to just the people it suspected all along (Muslims).

There are a number of surprises contained in the long, detailed article, but the first thing that jumps out is IBM's efforts and statements, rather than the NYPD's. We all know the government capitalizes on tragedies to expand its power, but here we see a private corporation appealing to this base nature to make a sale.

In New York, the terrorist threat “was an easy selling point,” recalled Jonathan Connell, an IBM researcher who worked on the initial NYPD video analytics installation. “You say, ‘Look what the terrorists did before, they could come back, so you give us some money and we’ll put a camera there.”

From this pitch sprung an 8-year program -- deployed in secrecy by the NYPD to gather as much footage as possible of New Yorkers for dual purposes: its own law enforcement needs and to serve as a testing ground for IBM's new facial recognition tech. Needless to say, New Yorkers were never made aware of their lab rat status in IBM's software development process.

Even though the software could search by skin tone (as well as by "head color," age, gender, and facial hair), the NYPD claims it never used that feature in a live environment, despite IBM's urging.

According to the NYPD, counterterrorism personnel accessed IBM’s bodily search feature capabilities only for evaluation purposes, and they were accessible only to a handful of counterterrorism personnel. “While tools that featured either racial or skin tone search capabilities were offered to the NYPD, they were explicitly declined by the NYPD,” Donald, the NYPD spokesperson, said. “Where such tools came with a test version of the product, the testers were instructed only to test other features (clothing, eyeglasses, etc.), but not to test or use the skin tone feature. That is not because there would have been anything illegal or even improper about testing or using these tools to search in the area of a crime for an image of a suspect that matched a description given by a victim or a witness. It was specifically to avoid even the suggestion or appearance of any kind of technological racial profiling.”

It's easy to disbelieve this statement by the NYPD, given its long history of racial profiling, but it may be those handling the secret program deployment actually understood no program remains secret forever and sought to head off complaints and lawsuits by discouraging use of a controversial search feature. It also may be the NYPD was super-sensitive to these concerns following the partial dismantling of its stop-and-frisk program and the outing of its full-fledged, unconstitutional surveillance of local Muslims.

The thing is IBM is still selling this tech it beta tested live from New York. The same features the NYPD rejected are used to sell other law enforcement agencies on the power of its biometric profiling software.

In 2017, IBM released Intelligent Video Analytics 2.0, a product with a body camera surveillance capability that allows users to detect people captured on camera by “ethnicity” tags, such as “Asian,” “Black,” and “White.”

And there's a counter-narrative that seems to dispute the NYPD's assertions about controversial image tagging features. The IBM researcher who helped develop the skin tone recognition feature is on record stating the company doesn't develop features unless there's a market for them. In his estimation, the NYPD approached IBM to ask for this feature while the 8-year pilot program was still underway. The NYPD may have opted out after the feature went live, but it may have only done so to steer clear of future controversy. An ulterior motive doesn't make it the wrong move, but it also shouldn't be assumed the NYPD has morphed into heroic defenders of civil liberties and personal privacy.

What's available to other law enforcement agencies not similarly concerned about future PR black eyes is "mass racial profiling" at their fingertips. IBM has built a product that appeals to law enforcement's innate desire to automate police work, replacing officers on the street with cameras and software. Sure, there will be some cameras on patrol officers as well, but those are just for show. The real work of policing is done at desks using third-party software that explicitly allows -- if not encourages -- officers to narrow down suspect lists based on race. In a country so overly concerned about terrorism, this is going to lead to a lot of people being approached by law enforcement simply because of their ethnicity.

An additional problem with IBM's software -- and with those produced by competitors -- is a lot of markers used to identify potential suspects can easily net a long list of probables who share nothing but similar body sizes or clothing preferences. Understandably, more work is done by investigators manning these systems before cops start rounding people up, but the potential for inadvertent misuse (never mind actual misuse) is still incredibly high.

The secrecy of these programs is also an issue. Restrictive NDAs go hand-in-hand with private sector partnerships and these are often translated by police officials to mean information must be withheld from judges, criminal defendants, and department oversight. When that happens, due process violations gather atop the privacy violation wreckage until the whole thing collapses under its own audacity. Nothing stays secret forever, but entities like the NYPD and IBM could do themselves a bunch of favors by engaging in a little proactive transparency.

Permalink | Comments | Email This Story

The Florida Court of Appeals has upheld a suppression order for evidence obtained through the use of a Stingray device. This decision draws the line between third-party info and info gathered directly by the government, even if the info collected was roughly the same. (h/t Cyrus Farivar)

In the course of investigating an armed robbery that led to the killing of one of the robbery victims, law enforcement sought assistance from the suspect's cell service provider, asking for cell site location info and the placement of a trap-and-trace on the cellphone itself. The following comes from the appeals court decision [PDF]:

A judge signed the “CSLI Order,” which required the service provider to disclose “all cell-site activations and sectors for all incoming and outgoing calls/communications . . . call detail location records, ‘angle from the tower’ data, including contemporaneous (real-time) with these communications, and historical calls/communications detail records.” The judge also signed an order requiring the service provider to install a pen register and trap and trace device on the Defendant’s phone and transmit the information collected to the Broward Sheriff’s Office (the “Trap and Trace Order”).

Later, the State applied for a search warrant of a Fort Lauderdale residence. The affidavit filed in support of the warrant stated that “[m]obile tracking was activated on [the Defendant’s] cell phone pursuant to a lawful court order” and that the Defendant’s phone was “placed specifically” at the residence and had been “stationary overnight within this residence for several concurrent nights.” The search warrant was granted.

Law enforcement testified the cell provider could only provide "tower information," rather than precise GPS location. To make up for this lack of specificity, investigators decided to fire up a Stingray to pinpoint the location of the suspect's phone. This extra step -- performed without a warrant -- ultimately resulted in the suppression of evidence by the trial court. The government appealed, citing the subpoenas and the Third Party Doctrine. The state appeals court disagrees.

Combining the ruling on cellphone searches (Riley) and the invasiveness of new technology (Kyllo) [along with the recent Carpenter decision], the court comes to this conclusion:

Together these cases hold that, without a warrant, the government cannot: use technology to view information not visible to the naked eye, attach a device to property to monitor your location, search a cell phone in your possession without a warrant, or obtain real-time location information from the cell carrier.

With a cell-site simulator, the government does more than obtain data held by a third party. The government surreptitiously intercepts a signal that the user intended to send to a carrier’s cell-site tower or independently pings a cell phone to determine its location. Not only that, a cell-site simulator also intercepts the data of other cell phones in the area, including the phones of people not being investigated.

If a warrant is required for the government to obtain historical cell-site information voluntarily maintained and in the possession of a third party, see Carpenter, 138 S. Ct. at 2221, we can discern no reason why a warrant would not be required for the more invasive use of a cell-site simulator.

The court also notes law enforcement -- in deploying a Stingray -- went far beyond what was actually authorized in the judicial orders it obtained.

The CSLI Order did not authorize the State to act independently. But the sergeant and the Defendant’s expert testified that the information maintained by the service provider could not identify the exact location of the Defendant’s phone. So the State resorted to other means. In other words, the CSLI Order authorized indirect government surveillance.

But the State could not obtain the information it required through the authorized means. So the State conducted direct government surveillance by using a cell-site simulator. And it did so without a warrant. Based on controlling Supreme Court authority, the court correctly suppressed the evidence obtained as a result of the State’s warrantless actions.

The end result is suppression of evidence gathered with the Stingray device. Since it was this device that pinpointed the location of the suspect's cellphone, the evidence obtained from the search of the residence the phone was located at is going to disappear as well. And that's evidence the government likely can't do without. It includes three guns, a mask, ammunition, and a stun gun -- all of which likely played a part in the armed robbery.

That this happened nearly five years ago makes little difference. It may have preceded the Carpenter ruling that created a privacy right for cell site location info, but the other Supreme Court precedent on cellphone searches and the use of invasive technology (like thermal imaging) to cross the threshold of people's homes without ever setting foot inside predates the warrantless Stingray deployment.

And a Stingray does exactly that: it forces phones -- wherever located -- to connect to it and give up location data and identifying info. It's something law enforcement can't obtain without electronic coercement and it's far more precise than the coarse location info it can obtain without a warrant from cellphone providers. Of course, the Carpenter decision changed the math on location info, so if law enforcement really wants to locate a phone, it's now better off seeking warrants for Stingray deployment than approaching third parties for the same data if it's looking for something more "real time."

Permalink | Comments | Email This Story

So this is somewhat unexpected, but Rep. Doug Collins has introduced HR 6714, a bill to make federal court records free to the public.

H.R. 6714, the Electronic Court Records Reform Act, would guarantee free public access to federal court records through the Public Access to Court Electronic Records (PACER) system, which currently charges the public a fee to access documents. The bill would also require updates to the PACER system, including adding a function to enable all users to search its catalog of court documents easily. Currently, litigants are handicapped because they cannot conduct research through the system.

The bill would further support legal professionals and the general public by consolidating the Case Management/Electronic Case Files (CM/ECF) system. The CM/ECF system was designed to increase efficiency for all stakeholders within the judicial system, but it is compartmentalized among different courts. This makes locating records and filing documents difficult and inefficient. The Electronic Court Records Reform Act would unify these disconnected systems under the Administrative Office of the U.S. Courts in order to ensure uniform access to all federal litigants.

This would be... amazing. We've spent years highlighting the massive problems with PACER, the federal court system that charges insane amounts for basically everything you do, just to access public records, and which functions very much like it was designed around 1995. There are a few court cases arguing that PACER fees are illegal and a recent ruling in one of those cases agreed. As we noted at the time, that was hardly the final word on the matter. A bill like the ones Collins introduced would be an amazing leap forward in giving public access to court documents.

Unfortunately, it's unclear if the bill has any support beyond Collins, but this is the kind of thing you would hope that Congress could get behind.

Permalink | Comments | Email This Story

The Long Beach Police Department has bravely struck a blow against police accountability. An investigation by Al Jazeera uncovered use of self-deleting messaging by the department.

Current and former officers from the Long Beach Police Department in Southern California have told Al Jazeera that their police-issued phones had Tiger Text installed on them.

The Tiger Text app is designed to erase text messages after a set time period. Once the messages have been deleted, they cannot be retrieved - even through forensic analysis of the phone.

The police officers who spoke with Al Jazeera said the confidential messaging system was used to share details of police operations and sensitive personnel issues.

This may be true. But even if this was the full extent of TigerText usage, it's still a problem. Personnel issues can become matters of public interest, especially in civil rights lawsuits. Details of police operations are normally inaccessible to the public, but in rare cases, these too become matters of public interest.

On top of that, there's a good possibility some of these vanished discussions may have been pertinent to criminal trials. Defendants should have the chance to obtain relevant discussions that may help their defense, but Tiger Text ensures information that prosecutors might be obligated to turn over to the defense is now completely inaccessible.

In fact, the Al-Jazeera article quotes two former officers as claiming their superiors told them to use TigerText specifically to prevent conversations from being discoverable. The department has denied giving officers these instructions, but former officers claim the PD's participation in the discovery process is anything but "on the up and up."

The Long Beach PD had more than 100 officers using TigerText to preemptively destroy possible public records and/or evidence. The use of self-destructing messages, if nothing else, violates record preservation laws. Depending on what disappeared into the ether, there's a good chance criminal cases were also affected by the rolling destruction of communications.

It didn't take long for the Long Beach PD to reverse course after having its shady texting exposed. The LA Times reports the department has already officially ditched TigerText.

The Long Beach Police Department has suspended its use of a mobile texting application that permanently erases messages after civil liberties advocates and media outlets raised concerns that the app could be used to hide evidence useful to the other side in criminal and civil court cases.

In a statement, the city said the decision to halt the use of TigerText came “pending further review of whether the use is consistent with the city’s record retention policy and administrative regulations for the use of mobile devices.”

The PD claims it used TigerText as a stopgap solution when it moved away from Blackberry phones. Supposedly the search for an encrypted messaging system led the LBPD to this program, despite there being plenty of other options on the market in 2014. I guess the built-in autodelete feature was a pleasant bonus. TigerText was originally developed for the medical industry to allow care providers to send sensitive patient information to each other. The self-destruct feature helped hospitals comply with HIPAA regulations -- both by encrypting communications and ensuring records no longer needed were removed from issued phones.

To its credit, the swift abandonment of TigerText means future violations will be minimal. The PD has also promised to release more info about the department's utilization of the messaging app, including which officers and commanders used the app. But the damage that has been done probably can't be undone. If no messages were archived, the last four years of TigerText communications no longer exist. Nothing can be proven one way or another and taxpayers who paid $10,000 a year to help the PD destroy public records will just have to take the department's word that nothing illegal or unconstitutional occurred while TigerText was in use. That's a giant leap of faith most people won't make. If the Long Beach PD didn't have a trust issue before, it definitely has one now.

Permalink | Comments | Email This Story

The Ninth Circuit Appeals Court has upheld the stripping of immunity from a school resource officer who clearly violated the rights of multiple students, but still felt the need to be told twice by consecutive federal courts.

School is school and kids will get in fights. Some accusations about bullying brought several seventh grade students to the school's office, along with Deputy Luis Ortiz. Ortiz reached the limits of his training and experience extremely quickly when he was unable to determine who was bullying who or why these seventh grade students wouldn't give him the respect he so clearly felt he was owed. So, here's how he made the most (constitutional violations) of a bad situation. From the decision [PDF]:

On October 8, 2013, a group of seventh grade girls (twelve and thirteen year-olds) were handcuffed, arrested, and transported in police vehicles from their middle school campus to the police station. An assistant principal had asked a school resource officer, Sheriff’s Deputy Luis Ortiz, to counsel a group of girls who had been involved in ongoing incidents of bullying and fighting. School officials gathered the girls in a classroom to wait for Deputy Ortiz. The group included both aggressors and victims, and the school did not identify or separate them.

When he arrived on campus, Deputy Ortiz initially intended to verify the information the school had given him and to mediate the conflict. Within minutes, however, Deputy Ortiz concluded that the girls were being unresponsive and disrespectful. He decided to arrest the girls because, as he explained to them, he was not “playing around” and taking them to jail was the easiest way to “prove a point” and “make [them] mature a lot faster.” Deputy Ortiz stated that he did not care “who [was] at fault, who did what” because “it [was] the same, same ticket, same pair of handcuffs.”

Ortiz's decision to arrest a bunch of students to "prove a point" was corroborated by his own recording, which undermines the arguments he raised trying to secure immunity. The court doesn't appear to be pleased it has to handle a case where the defendant is so very clearly in the wrong, but it does what it can to ensure Ortiz will be at least as displeased as the judges are.

There's nothing nice said here about Ortiz's actions and the court sees no reason to hedge its opinion with faint praise for law enforcement in general. At best, it admits handling school situations like these can be complicated, but the complexity of the situation doesn't excuse Ortiz's probable cause-less mass arrest of middle school students.

Deputy Ortiz clearly stated that the justification for the arrests was not the commission of a crime, since he did not “care who is at fault,” nor the school’s special need to maintain campus safety, but rather his own desire to “prove a point” and “make” the students “mature a lot faster.” The arrest of a middle schooler, however, cannot be justified as a scare tactic, a lesson in maturity, or a chastisement for perceived disrespect.

[...]

Deputy Ortiz faced a room of seven seated, mostly quiet middle school girls, and only generalized allegations of fighting and conflict amongst them. Even accounting for what Deputy Ortiz perceived to be nonresponsiveness to his questioning, the full-scale arrests of all seven students, without further inquiry, was both excessively intrusive in light of the girls’ young ages and not reasonably related to the school’s expressed need.

As for any questions about whether or not it had been clearly established officers cannot arrest students to "prove a point," the court quickly dispenses with that discussion:

At the time of the students’ arrest, it was clearly established that a police seizure at the behest of school officials must, at a minimum, be “reasonably related to its purpose, and must not be ‘excessively intrusive in light of the age and sex of the student and the nature of the infraction.’” Defendants do not—and indeed, cannot—meaningfully contest Deputy Ortiz’s motivation for the arrests, which he stated multiple times. No reasonable officer could have reasonably believed that the law authorizes the arrest of a group of middle schoolers in order to prove a point.

The court is also unimpressed by the officers' attempt to lie their way into the clear.

Defendants… claim that the students’ behavior in the classroom justified the arrest because there was reason to believe the students would engage in imminent fights. That assertion is belied by the audio record of the encounter, which “quite clearly contradicts the version of the story told by” the officers. The students were mostly silent, only speaking to respond to the questions posed to them. But even taking at face value Deputy Ortiz’s claim that the girls were being disrespectful to him, and whispering among themselves, this conduct in no way rose to the level of probable cause that could have justified their arrests.

In fact, as the court notes, Ortiz never attempted to determine which students were engaged in bullying before arresting them. The three plaintiffs suing him were all victims of the bullying and they were rung up just like the instigators.

There's no ducking the lawsuit. On top of that, Ortiz (and another officer named in the lawsuit) will be facing state claims in addition to the federal civil rights violation allegations. Without a doubt, officers sometimes arrest people simply to "prove a point." But usually they'll do it with a bit more subtlety and try to eliminate any recordings that might undermined their official narrative. Ortiz was so determined to teach a bunch of uncooperative seventh graders a lesson, he completely forgot to make the arrest minimally plausible.

Permalink | Comments | Email This Story

The Supreme Court said Congress needed to fix a law. So it's trying to. And it's not going to improve anything.

The "crime of violence" needed to necessitate the removal of a lawful permanent alien was too vague. The Court wasn't being needlessly pedantic. All the law states at the moment is this:

The term “crime of violence” means—

(a) an offense that has as an element the use, attempted use, or threatened use of physical force against the person or prop­erty of another, or

(b) any other offense that is a felony and that, by its nature, involves a substantial risk that physical force against the person or property of another may be used in the course of committing the offense.

"Involves a substantial risk" of physical force use. The justices said the law was unconstitutionally vague because it could potentially sweep up crimes that aren't inherently violent, but could escalate if everything went Murphy's Law.

Before holding a lawful permanent resident alien . . . subject to removal for having committed a crime, the Immigration and Nationality Act requires a judge to determine that the ordinary case of the alien's crime of conviction involves a substantial risk that physical force may be used. But what does that mean? Just take the crime at issue in this case, California burglary, which applies to everyone from armed home intruders to door-to-door salesmen peddling shady products. How, on that vast spectrum, is anyone supposed to locate the ordinary case and say whether it includes a substantial risk of physical force? The truth is, no one knows.

The fix is in. And it's almost worse than doing nothing. As C.J. Ciaramella reports for Reason, the proposed fix would add a bunch of crimes not normally thought of as "crimes of violence" to the list of crimes of violence.

Republicans in the House passed a bill this morning that would reclassify dozens of federal crimes as "crimes of violence," making them deportable offenses under immigration law. Criminal justice advocacy groups say the bill, rushed to the floor without a single hearing, is unnecessary, is overbroad, and will intensify the problem of overcriminalization.

The Community Safety and Security Act of 2018, H.R. 6691, passed the House by a largely party-line vote of 247–152. Among the crimes that it would make violent offenses are burglary, fleeing, and coercion through fraud.

Burglary is normally committed when no one's around, separating it from robbery, in which stuff is taken directly from victims, often requiring the use or threat of force. It also adds stalking, arson, "interference with flight crew members and attendants," and "firearms use" [?] to the mix.

But the weirdest addition appears to be a bone tossed to law enforcement. From the bill [PDF]:

The term ‘fleeing’ means knowingly operating a motor vehicle and, following a law enforcement officer’s signal to bring the motor vehicle to a stop—

(A) failing or refusing to comply; or

(B) fleeing or attempting to elude a law enforcement officer.

Car chases are now crimes of violence. Suspects are better off ditching the vehicle and running like they sell drugs in the school zone. Pull over immediately or get evicted from the country. It's a weird thing to throw into a list of crimes known for their inherent violence. Then again, the list of "violent" crimes is already weird -- a seeming overcorrection by Congress to expel as many "permanent" residents from the country as possible. Then there's insertion of "conspiracy," which makes thinking or talking about the "violent" criminal acts listed a violent crime itself.

The law was unconstitutionally vague prior to this. If this bill is passed, the problem shifts from vagueness to overbreadth. And it very likely will pass. It was rushed through the House on a party line vote, and the party controlling the House will be passing it on to a president (assuming the Senate likes the House's idea) aligned with the controlling party -- one who's partial to legislation that makes it easier to kick out non-Americans while also rubbing the belly of the nation's law enforcement agencies.

Permalink | Comments | Email This Story