July 31, 2003

N2H2 (censorware co) finally stops losing money

Given the coverage I've devoted to censorware company N2H2's finances, e.g. "dead company walking", "another step" "bankruptcy-watch", it seems only fair that I note today they have finally, at last, stopped losing money.

See, the difference between them and me, is that I'll admit a fact in their favor (even if grudgingly), while they pretend to the Copyright Office that I haven't circumvented their censorware's encryption.

Anyway, N2H2 announced:

Revenue was $3.098 million for the [quarter] ...
Operating expenses were $3.064 million ...
The company achieved a quarterly net profit for the first quarter in its history at $48,000.

48/3098 = margin of 1.55% of revenue. But it must be granted that it's positive, even if tiny.

Note this profit came from cutting expenses ("29%"), NOT from any significant increase in revenue ("4%"). I had thought they'd front-load that revenue figure somehow.

They still have a company deficit of nearly two million dollars ($1,836,000). I have no idea what makes a negative-value company worth acquisition via "an all-stock transaction valued at approximately $19.9 million". I suspect there's an Other People's Money aspect at work here.

By Seth Finkelstein | posted in censorware | on July 31, 2003 11:14 PM | (Infothought permalink) | Comments (2) | Followups
July 30, 2003

More on "Suspected Terrorist", John Gilmore, Trolling

GrepLaw was kind enough to mention me in a story about [John] Gilmore's Flight Stunt Revisited, and to link back. So here's some more remarks on the topic.

First, the whole original account starts off in a way that is easy to misunderstand:

"Suspected Terrorist" button gets Gilmore ejected from airplane

It conjures a mental image of someone saying "Aha, you're wearing a forbidden button - off with your head, I mean, the flight". If the title were instead

Insisting on wearing "Suspected Terrorist" button gets Gilmore ejected from airplane

it would be more informative, though admittedly more cumbersome. That is, the information not given at the very start of the presentation, is that Gilmore wasn't suddenly put off the flight. Rather, he was repeatedly required, first by a steward, then by the captain, not to wear the button, with the captain saying it would "endanger the aircraft". And he responded "I told him that it was a political statement and declined to remove it." It would capture even more of the flavor of the event to have a title of

"Making political statement about being a "Suspected Terrorist" gets Gilmore ejected from airplane.

I sympathize with Gilmore's reaction. But under these circumstances, I think the captain was correct. Now, when Jonathan Swift published "A Modest Proposal", there were people who thought he was serious about eating babies.

Gilmore means his button as a hip, ironic, joking statement. But there will be uncool, unhip, un-smart people, who just won't get the joke. Some people's minds simply don't work with appreciation of the kind of humor popular in the techie crowd. They can't imagine someone voluntarily wearing such a designation about potentially being a terrorist. They will think

Gilmore's stunt is in fact one of the closest things I've ever seen in real life to the hoary free-speech cliche regarding
"falsely shouting fire in a theater and causing a panic."

He wants to "joke about being a terrorist while on an airplane, regardless of causing a panic"

It's not quite the same thing. But it's still notable for its physical aspect of provoking a response of fear and danger. Again, such actions are overall being a troll, not being a freedom-fighter.

By Seth Finkelstein | posted in politics , security | on July 30, 2003 11:59 PM | (Infothought permalink) | Comments (1) | Followups
July 29, 2003

N2H2 bought by Secure Computing ("SmartFilter") - censorware merger

N2H2, a censorware company famailiar to readers of this blog, is now being acquired by Secure Computing, a security/censorware company (they make "SmartFilter"). See the stories e.g. in BusinessJournal or The Register. I posted this question about the acquistion. to the Secure Computing Yahoo message board:

How to make sense of N2H2 acquisition?

Folks, I don't get this.

Full disclosure - I'm a pioneering (http://sethf.com/pioneer/) critic of censorware (http://sethf.com/anticensorware/), so I'm not disinterested. But I try to understand the industry objectively.

Now, you may not know this, but Secure Computing and N2H2's systems are very incompatible. They can't be buying N2H2 for the "technology".Is it the customer and marketing network? It seems like Secure Computing is paying a huge amount for a company, N2H2, which has NEGATIVE book-value.

Is it because they're paying in stock, so it's not their money?

To respond to another poster, it's clear to me that N2H2 would accept even wildly overvalued stock, because they can sell that stock for something, anything. N2H2 stock is so thinly-traded that the insiders have major problems dumping it (check the insider selling).

So this is a mystery to me. The only way I can make sense of it is that Secure Computing is buying some marketing at a super-inflated prices, but since they're playing in super-inflated stock anyway, it all works out in the end.

By Seth Finkelstein | posted in censorware | on July 29, 2003 11:59 AM | (Infothought permalink) | Followups
July 28, 2003

"Stages of truth" and "Stages of lawsuit?"

There's a famous quote

All truth passes through three stages. First, it is ridiculed. Second, it is violently opposed. Third, it is accepted as being self-evident.

Arthur Schopenhauer

I was thinking today there's perhaps a corresponding three stages of free-speech lawsuit:

  1. First, I'll be told I won't get sued
  2. Second, when I'm sued, I'll be told I won't lose
  3. Third, finally, I'll be told that if I wasn't willing to be sued and lose, I shouldn't have done the work at all.

Update: A snappier way of saying the above three stages of truth:

1. Ridiculous, 2. Dangerous, 3. Obvious

And three stages of lawsuit:

1. Won't sue, 2. Won't lose, 3. All your fault

By Seth Finkelstein | posted in activism , quotes | on July 28, 2003 11:58 PM | (Infothought permalink) | Followups
July 27, 2003

Library censorware, open blacklists, *1997*

Everything old is new again.

As part of a discussion of "Open Censorware" issues, I dug out the following item about an open blacklist library censorware proposal, dating back to 1997. This is by the same censorware company which is now being pushed at http://libraryfilter.blogspot.com/

People might consider how old (and moldy) is this idea, and how it's been a practical failure for years.

Subject: "The USA National Library Filtering Plan"
Date: Sun, 26 Oct 1997 23:43:55 -0800
To: [now-deceased fight-censorship mailing-list]
From: "James S. Tyre"

Well, our old friend Turner (Bob, not Ted) has hatched a new plan:


-put forward by Jeff Koftinoff and Bob Turner October 26 1997

USA Version


Premise 1

The National Library Filtering Plan is to filter out PORNOGRAPHY ONLY. All other subjects are too diverse and intangible for a National/international plan. Pornography is readily identifiable and there is a huge cross cultural demand for filtering this subject..

Premise 2

1. Let all communities that opt for NO FILTERING opt OUT of this plan and work it out in their own communities

2. For communities that opt POSITIVELY FOR FILTERING the following plan is suggested for immediate development and implementation.

Premise 3

1. The URL vocabulary (banned sites) is public. Encryption for the purpose of hiding the list is not a consideration. The National Library Banned Site List is Publicly and Freely available on the web.

Premise 4

1. The National Library Filter would Lease a Filter Engine from any filter producing software company capable of delivering such an engine and this engine would have the National Library filters own front end which would do exactly what was required to filter porn and would do nothing else. This would conserve library resources by allowing very inexpensive licensing and placing control in the libraries hands and out of third party ratings and software companies.

Premise 5

1. Such a large number of people on line at a large number of libraries across the many regions of the USA provides a unique opportunity for research on the Internet - its usage's and applications. Software has been donated for National Library Research that will upload all actions (in blocks of 500 workstations) to a data base at an outside server. This can be done anonymously to preserve privacy issues. Such research of this size would provide new information for the constant update required to augment the Banned Site List. Results of such research would be made public.



1. Identify the group capable of implementing/coordinating the USA National Library Plan
2. Identify the group capable of implementing the corresponding research component
3. Identify the Filter Engine to be leased.
4. Identify the front end that is desired
5. The donated research software is IF-RESEARCHER
6. The vocabulary is The Great-Global-Banned-Site-List currently about 16,000 Domains

for more information:

and/or contact Bob Turner turner@turnercom.com


Please do note that their blocklist is freely downloadable, in plaintext no less! I'll let y'all explore it yourself, but:

They don't like kink: http://www.kinkos.com/

And they won't take any shit: http://www.kinoshita.com/

And if you don't like it, you can't lick it: http://www.lillick.com - a very old line, white shoe law firm, Lillick & Charles.

No sex, of course - http://www.morrisexport.com/ And don't even think about a trip to the http://www.nakedcity.com/ let alone seeking the http://www.nakedtruth.com/

Perhaps we need to http://www.restoreamerica.com/ But, alas, they won't let us.



Oh. Almost forgot http://www.smutfree.com/ - Arizona's first smutfree ISP!

Subject: "The USA National Library Filtering Plan"
Date: Sun, 26 Oct 1997 23:43:55 -0800
To: [now-deceased fight-censorship mailing-list]
From: "James S. Tyre"

At 07:43 AM 10/27/97 +0000, I wrote:
>Well, our old friend Turner (Bob, not Ted) has hatched a new plan:
> -put forward by Jeff Koftinoff and Bob Turner October 26 1997
> USA Version

Hmmm, look what I just got (in response to another list post)

----------Forwarded Message---------- Date: Mon, 27 Oct 97 07:50:45 +0000
From: Bob Turner <bturner@direct.ca>
Reply-To: bturner@direct.ca To: "James S. Tyre"
cc: filt4lib@listserv.ci.escondido.ca.us

Hi Mr. Tyre

Thanks for responding to my request.
> Yes, I believe I may see the total picture, and its not pretty. Thanks to
> the downloadable list, in plaintext, I saw that one of the very first list
> entries was http://www.1-900-internet.com/ If anyone can explain to me how
> that site is pornographic, I would be most interested. Ditto
> http://www.1900autofax.com/

It is very interesting that the very first line/URL is not pornographic.

I agree. Thanks to your sharp eyes this imperfection on the very first URL can be deleted from the list in the very next update (within seven days). If only there were many more of you with the capability of adding and subtracting to our list.
> Wonder what I'd find if I spent more than 5 minutes looking at the list?

What you would find is a very large unencrypted list of pornographic domains...possibly the largest one in the world encrypted or not. This list can be added to subtracted from.... and is public. As suh it is very unique. As stated by yourself you have possession of the list in plain text. You may do with it what you will...it is now our list. It is my hope your care for this issue will contribute to an effective solution to this obvious problem. Subtracting from the list is an important element.

I wonder what would happen if you could find 5 minutes to add to it.

The fruits of your 5 minutes labours subtracting from it will be valuable and is appreciated. I look forward to recieving them and will act accordingly by verifying and deleting.

Best Regards

Bob Turner

By Seth Finkelstein | posted in censorware | on July 27, 2003 11:56 PM | (Infothought permalink) | Followups
July 26, 2003

Axis-Of-Copyright lawyer's definition of censorware

The "Axis-Of-Copyright" (MPAA/RIAA/etc) lawyer has an almost amusing reply in the Post-Hearing QA for the DMCA censorware exemption follow-up question, roughly about defining censorware. He gives it as:

"Compilations, not otherwise accessible, consisting of lists of websites that are employed in connection with commercially marketed filtering software applications to prevent access to Internet sites containing content deemed to be obscene, child pornography, harmful to minors, or otherwise inappropriate for display in a defined public setting."

This borders on funny in terms of how the language is loaded. It might just as well have been:

Compilations, ... of websites that are EVIL, EVIL, EVIL, and no right-thinking respectable person would ever want to see!

(in contrast, the DMCA Joint Reply Of Seth Finkelstein and James S. Tyre gives a definition of "Programs designed and optimized for use by an authority to prevent another person from sending or receiving information.")

By Seth Finkelstein | posted in censorware , dmca | on July 26, 2003 09:51 PM | (Infothought permalink) | Followups
July 25, 2003

CIPA-compliance, N2H2, and free market

In response to the FCC's recent decision, mentioned yesterday, to again not set any standards for the CIPA Federal library censorware law, censorware company N2H2 has been claiming another victory. David Burt, their PR flack, posted:

N2H2 filed ex parte comments with the FCC two weeks ago asking that the FCC not set any standards for filtering software to comply with CIPA, such as the ability to be unblocked or a level of effectiveness. We feel these are decisions best left to the free market and the libraries themselves to decide. So we are pleased by the ruling.

Law professor Peter Junger made the following illuminating remark about N2H2's FCC comments:

"It does seem perverse to argue that a decision is best left to the free market when the subject matter of the decision is kept secret."

That sentence finally led me to understand the reasoning behind N2H2's arguments. It's not that N2H2 is a Libertarian believer in free-markets, even to the detriment of its own business interests. Rather, if there were a government standard, N2H2 fears that standard could be a lever with which to get access to censorware blacklists - in order to test compliance with the standard! The government compliance procedure would provide a focal point for pressure with Freedom-Of-Information Act requests and similar.

By arguing "free market", in fact, they are able to keep the subject matter secret. They can take the position of: "You can use our censorware, or not, but we don't have to tell you how it works, what's on the secret blacklist. If you don't like it, use something else."

It's another example of what I term "privatIZED censorship". Government imposes a censorship system, but which would normally be accountable through the judicial process, but the implementation is done by private businesses, and hence unaccountable.

By Seth Finkelstein | posted in censorware , legal | on July 25, 2003 09:58 PM | (Infothought permalink) | Comments (2) | Followups
July 24, 2003

FCC CIPA (library censorware) order

The FCC issues regulations on CIPA today - good links at "Blue Highways".

I've skimmed through the document, and as far as I can parse it out (keeping in mind I'm not a lawyer). it basically says "School and library censorware is now going into effect". But it doesn't say anything new as to what's valid censorware for the purposes of the law. I assume this means the old compliance ruling is still in place:

25. Some commenters have requested that we require entities to certify to the effectiveness of their Internet safety policy and technology protection measures. However, such a certification of effectiveness is not required by the statute. Moreover, adding an effectiveness standard does not comport with our goal of minimizing the burden we place on schools and libraries. Therefore, we will not adopt an effectiveness certification requirement.

26. A large majority of commenters express concern that there is no technology protection measure currently available that can successfully block all visual depictions covered by CIPA. Such commenters seek language in the certification or elsewhere "designed to protect those who certify from liability for, or charges of, having made a false statement in the certification" because available technology may not successfully filter or block all such depictions. Commenters are also concerned that technology protection measures may also filter or block visual depictions that are not prohibited under CIPA.

27. We presume Congress did not intend to penalize recipients that act in good faith and in a reasonable manner to implement available technology protection measures. Moreover, this proceeding is not the forum to determine whether such measures are fully effective.

Note that part regarding act in good faith and in a reasonable manner. I think it's the key element for any ideas of "Open Censorware"

By Seth Finkelstein | posted in censorware , legal | on July 24, 2003 11:05 PM | (Infothought permalink) | Followups
July 23, 2003

Howard Dean guest-blog spot and scripts

A German publication covered the recent presidential candidate Howard Dean guest-blogging on Lessig's blog. I'm mentioned:

Lessigs Leser waren allerdings zunchst skeptisch. Seth Finkelstein glaubte sogar, es bei Deans Beitrgen mit den Erzeugnissen eines automatisierten Skripts zu tun zu haben.

Which apparently translates into roughly:

Lessig's readers were however first skeptical. Seth Finkelstein believed even to have to do it with Dean's contributions with the products of an automated script.

The writer was refering to my comment in discussion:

Earlier, I wondered if a staffer would be ghost-writing the entries.

Now I'm wondering if the entries are auto-posted by a script.

That was a joke. I was making fun of the simplistic and "scripted" quality of his postings at that point. I didn't mean he was literally a robot. Rather, it was my way of indicating he might just as well have been.

I don't want to be too hard on Howard Dean. I suppose he deserves points for trying. It's nice. He seems to be a good guy. His campaign is doing interesting and notable things with the Internet and organizing people. But I wasn't overwhelmed by him.

By Seth Finkelstein | posted in cyberblather , politics | on July 23, 2003 11:59 PM | (Infothought permalink)
July 22, 2003

DMCA Post-Hearing Questions - Replies Posted Now

The Copyright Office has now put up all the replies to the Post-Hearing Questions of Anticircumvention Rulemaking:

This page contains post-hearing questions and answers submitted as a part of a rulemaking on exemptions from prohibition on circumvention of technological measures that control access to copyrighted works (read more details). Following hearings held in April and May 2003, the U.S. Copyright Office asked follow-up questions of some of the witnesses who had testified at the hearings. The questions and responses appear below.

I mentioned this earlier, in a DMCA censorware exemption follow-up reply to the DMCA censorware exemption follow-up question, regarding the:

Joint Reply Of Seth Finkelstein and James S. Tyre

Frankly, this is an exhausting process. I spent hours writing the censorware reply, and nobody paid me to do it. The censorware company reply is 21 pages long, and it's David Burt's job. This is not sustainable for me.

By Seth Finkelstein | posted in censorware , dmca | on July 22, 2003 05:27 PM | (Infothought permalink) | Comments (0) | Followups
July 21, 2003

"Suspected Terrorist", or Troll? - John Gilmore and security

"Suspected Terrorist" button gets Gilmore ejected from airplane is the title of John Gilmore's story, now making the rounds.

I greatly admire John Gilmore as a civil-libertarian. That does not mean I think he is always right.

I've finally figured out what bothers me so much about this incident.

In effect, Gilmore was doing a millionaire's version of trolling.

It's a super-scaled-up version of what kiddies do on discussion boards and blog comments.

The sequence is as follows: Do something you KNOW will provoke people (proclaiming "Suspected Terrorist"). Then, when you find someone who bites, when the provocation succeeds, slap your knee in glee that they have been so stupid, so dumb, such idiots, as to react to the obvious troll. ("But I would be hard pressed to come up with a security measure more useless and intrusive than turning a plane around because of a political button on someone's lapel.")

As the reaction progresses, fuel it with liberal amounts of accusations regarding free-speech and I'm-being-censored ("I declined, saying that it was a political statement and that he had no right to censor passengers' political speech ... Ultimately, I was refused passage because I would not censor myself at her command.")

Almost everyone has to content themselves with doing this in comment sections, to a minor audience. Gilmore has managed this on an airplane, and to a huge audience ("They turned the plane around and brought it back to the gate, delaying 300 passengers on a full flight.")

I absolutely believe he is sincere in his beliefs. But he's still doing the 100% classic troll-pattern. Just not insincerely.

Now, the logic error, is that this presented as being a matter of a "political statement". But crew didn't find the politics themselves threatening. What they seemed found threatening was the possibility that some dumb, stupid, idiot might get panicked by the speech ("She said that passengers and crew are nervous about terrorism and that mentioning it bothers them, and that is grounds to exclude me"). But given that they would have to deal with the panic, and Gilmore would not, they made it a condition of the flight that Gilmore not do the speech they feared might panic someone.

It's very easy to shift away, to go debate an abstract general principle, rather than given the specific context right here, in an airplane, the consequences of someone panicking could be severe. And it's not obvious that he has a legal or even a social right to do political theatre IN THIS TIME, PLACE, AND MANNER.

In almost any other circumstances, I'd be on his side. But poking panicky people on long airflights is not laudable. He's pushing people's buttons about "security". But stripped of the veneer of reflexive opposition to airport staff, this is merely trolling.

By Seth Finkelstein | posted in politics , security | on July 21, 2003 10:54 PM | (Infothought permalink) | Comments (1) | Followups
July 20, 2003

No point in another "censorware summit"

[Written for a discussion about the ALA's canceled meeting with censorware companies]

Folks, the basic practical reason for not having a "censorware summit" is as follows:


It is understandable that some people have a deep-seated wish to believe that we can all get along, that everything can be worked out in the end, some accommodation can be reached, etc.

But the censorware companies are not walking around thinking "Gee, if librarians would only have a meeting with us, we'd be able to serve them so-o-o-o much better ... Oh, librarians, speak to us, please, please, pretty please with chocolate sprinkles on top ..."

They are not going to open their blacklists. They've sued over that topic. They've HEARD the arguments. They don't care.

The only thing that could come out of such a meeting would be PR spin by the censorware companies, about how they are now working with the ALA. That's it. That's all that could happen.

And that is the very practical (not ideological) reason NOT to have such a meeting.

By Seth Finkelstein | posted in censorware | on July 20, 2003 11:59 PM | (Infothought permalink) | Followups
July 19, 2003

Melvyn HisCOCK

I am not making this up.

Melvyn Hiscock posted:

From: melvyn[at-sign]melvynhiscock.com (Melvyn Hiscock)
Newsgroups: uk.music.guitar
Subject: A little research needed
Date: 19 Jul 2003 00:33:26 -0700
Message-ID: <9adaef99.0307182333.15702278@posting.google.com>

Hello chaps,

'er indoors has had some problems sending me e-mails from her freeserve account as they are getting blocked. This is due to my surname being considered pornographic! We realised this when my nephew was refused a hotmail account when he typed in his name.

The worrying thing is that I may well be losing e-mails from my web site. Having realised the above, I suppose using "readerswives@melvynhiscock.com" as an address to send photos of your guitars to be put on my site was perhaps a little short sighted!


By Seth Finkelstein | posted in censorware | on July 19, 2003 10:17 PM | (Infothought permalink) | Comments (1) | Followups
July 18, 2003

Kill the "ACCOPS" bill via applying it to Microsoft Windows!

Regarding the proposed "ACCOPS" law (post a copyright work, go to jail) Edward Felten has remarked:

As so often happens in these sorts of bills, the definition has unexpected consequences. For example, it would apparently categorize Microsoft Windows as "enabling software," since Windows offers both file server facilities and network search facilities. ...

I was just musing that the quickest way to kill this silly bill would be to apply it to Microsoft Windows - and in fact, such an application would be well-deserved! After all, if any software is worth a strong warning that it "could create a security and privacy risk for the user's computer", Microsoft Windows surely qualifies! Just yesterday, there was a notice:

A critical, remotely exploitable security vulnerability has been found in a part of the Microsoft Windows operating system software. This vulnerability affects all versions of Windows commonly run in SCS, including NT, 2000, and XP. It is important that people apply the appropriate patch to their PCs.

Details about the vulnerability can be found at:

That definitely sounds to me to be "a security and privacy risk for the user's computer"!

By Seth Finkelstein | posted in copyblight , security | on July 18, 2003 08:21 PM | (Infothought permalink) | Comments (0) | Followups
July 17, 2003

"ACCOPS" - post a newspaper column, go to jail?

The draconian copyright topic of the day is an absurdity called ``Author, Consumer, and Computer Owner Protection and Security (ACCOPS) Act. The key part is short and not-so-sweet:

Section 506(a) of title 17, United States Code, is amended-- ...
``For purposes of section 2319(b) of title 18, the placing of a copyrighted work, without the authorization of the copyright owner, on a computer network accessible to members of the public who are able to copy the work through such access shall be considered to be the distribution, during a 180-day period, of at least 10 copies of that work with a retail value of more than $2,500.''.

This is ludicrous. It has to be grandstanding like last year's proposed Hollings copy-control mandate.

Dereferencing the above, "section 2319(b) of title 18" is "Criminal infringement of a copyright". So the above paragraph then parses out to:

Section 506(a) of title 17, United States Code, is amended-- ...
``For purposes of [ Criminal infringement of a copyright ] the [unauthorized] placing of a copyrighted work, on a computer network accessible to members of the public who are able to copy the work through such access shall be considered to [worth up to five years in jail or excessive fines]

Post a newspaper column to your blog, go to jail?

By Seth Finkelstein | posted in copyblight | on July 17, 2003 08:24 PM | (Infothought permalink) | Followups
July 16, 2003

More on American Library Association "Censorware Invitation"

In response to the ALA's "censorware invitation", regarding meeting with censorware companies in the aftermath of CIPA (Federal library censorware law) Keith Michael Fiels, Executive Director of the American Library Association has written a message on "Responding to the CIPA decision". It states in part:

While we know many libraries will choose not to receive federal funds, we also must accept that many libraries, particularly those serving poorer and urban communities will be forced to accept federal funds and be faced with a significant challenge of complying with the CIPA requirements. Our job must be to help them in every way to insure that patron First Amendment rights are protected to the maximum extent possible under the law.

As a result, we do see the planned meeting with filtering companies as important within our overall strategy, but only as part of a much broader plan. ALA has expressed no intention of 'developing a filter', as the press has incorrectly indicated. Nor do we expect that ALA will certify or otherwise endorse any specific products. The primary purpose of this meeting and subsequent discussions will be to emphasize to the filtering companies that the Supreme Court decision requires that filters be easily disabled upon the request of any adult user. We also need to be extremely aggressive in pushing for better disclosure and a reduction in the number of inappropriately blocked sites, as children have no access to the disabling provisions in the law.

Good theory. I'm not sure how well it will work in practice

By Seth Finkelstein | posted in censorware | on July 16, 2003 03:06 PM | (Infothought permalink) | Followups
July 15, 2003

American Library Assocation "Censorware Invitation"

Reposted from an ALA list - read it and weep

Invitation: ALA Technology Briefing
Supreme Court Decision on the Children's Internet Protection Act
Learn What It Means for Blocking and Filtering In the Library Market
August 14, 2003
Time: 10:00 AM - 2:00 PM Eastern Time
Location: Washington, DC
Cost: $150 (includes lunch)
Given the recent Supreme Court decision in United States v. American Library Association, many libraries will be seeking software, hardware or system solutions to comply with the Children's Internet Protection Act.  The Court's decision, while supporting the government's right to place restrictions on federal funding, also implies parameters for such restrictions that have complex legal and technical ramifications for those attempting to serve the library community.  If you're interested in learning more about how CIPA will affect the library market, we welcome you to participate in ALA's Office for Information Technology Policy's Industry Briefing.  The briefing will cover specific legal implications of CIPA and the Supreme Court decision, and we will share library concerns about meeting the information needs of patrons as well as the specific management and technical requirements for the wide spectrum of libraries impacted by the law.  There will be opportunity for discussion on future cooperation.
For further information, contact:
Fred W. Weingarten, Director, Office for Information Technology Policy
Phone: 800-941-8478 or 202-628-8421
Email: rweingarten@alawash.org
To participate in ALA's Post Supreme Court CIPA Requirements for Libraries Briefing, contact:
Kathy Mitchell, Office for Information Technology Policy
Phone: 800-941-8478 ext. 214 or 202-628-8421 ext. 214
Email: kmitchell@alawash.org
The American Library Association's Office for Information Technology Policy is charged with conducting research and analysis aimed at understanding the implications of information technology and policies for libraries and library users.  OITP works to ensure a library voice in information policy debates and to promote full and equitable intellectual participation by the public.
By Seth Finkelstein | posted in censorware | on July 15, 2003 04:19 PM | (Infothought permalink) | Followups
July 14, 2003

What does God (or Howard Dean) Need With A Starship (or Blog-Hit)?

As I continue to think about Howard Dean's guest-blogging of Lessig's blog, I'm bothered by something. To put it as a pop-cliche, "What does God need with a starship?". Or, more prosaically, WHY does a presidential candidate be a guest-blogger?

People write blogs for a mixture of reasons (these aren't exhaustive or exclusive):

1) To write about their life (gossip, friends)
2) To write about their ideas (lawyers, policy-makers, columnist punditry)
3) To write about other's ideas (portals, reporting punditry)

Where does this guest-appearance fit? Is it thought of by the Dean campaign as akin to doing a talk-show? "You're on TV with Oprah at 2, Radio with Larry King at 5, and in-between, an Internet guest-shot on The Lessig Blog."

There's nothing wrong with that. And I suppose it's a milestone of sorts when candidates make net appearances, an indication of campaign worthiness.

But then it mean much less than many people think it does. Not zero, but much closer to zero (another media appearance) than infinity (revolutionary democracy by Internet blogging).

By Seth Finkelstein | posted in cyberblather , politics | on July 14, 2003 05:44 PM | (Infothought permalink) | Followups
July 13, 2003

On the Internet, nobody knows you're Howard Dean

Howard Dean will be guest-blogging on Lessig's blog. Or at least, that's what's being claimed. I posted the following comment in response:

Hmm ... "On the Internet, nobody knows you're a dog" ... or a presidential candidate?

How do we know it's really Howard Dean, and not a Dean campaign staffer?
(after all, letters from many officeholders, are really by their staff)

I've gotten very cynical since "Aimee Deep"

I'm reminded of a Heinlein book, where a candidate is kidnapped, and his staff temporarily covers it up by replacing the candidate with an actor. It works so well they decide to ask the actor take over as the candidate. The actor objects that he's not a qualified. The staff argues in reply that it doesn't really matter, since the candidate is just the public face of the campaign organization anyway.

posted by Seth Finkelstein on Jul 12 03 at 9:51 AM

[If I had known how many people eventually would read that, I would have been more careful about the typos! Alwin Hawkins added that "The Heinlein book is Double Star" ]

Even if this occasion turns out to truly be Howard Dean, I suspect we're soon going to see "Internet appearances" which are ghost-written by campaign staffers (if it hasn't happened already!). It's too easy.

By Seth Finkelstein | posted in cyberblather , politics | on July 13, 2003 11:58 PM | (Infothought permalink) | Followups
July 12, 2003

Winer Watcher

Dave Winer, who runs an extremely well-known blog site apparently has habit of editing and changing his posts (especially nasty ones). This has spawned a Winer Watcher page, where one of his disputants, Mark Pilgrim, shows the changes. Posts are excerpted, original versions contrasted to changed versions, with changes highlighted. Now Dave Winer has remarked

The next step is to look at the copyright issues [Mark Pilgrim's] service raises. They are quite interesting. Scripting News, both in HTML and RSS, has a clear copyright on it. Should I have a say in publications created from my content? I generally don't mind, but shouldn't I have to give permission? Suppose a magazine started publishing all my writing. Would I have recourse? I am not a lawyer, but it seems clear that I would. Is Pilgrim somehow immune to copyright law? I'd love to hear the legal theory that allows him to do what he's doing with my work.

Now, I'm not a lawyer, but it seems to me that the Winer Watcher page is very likely to be fair use. Let's run down the four-factor fair use test.

(1)the purpose and character of the use, including whether such use is of a commercial nature or is for nonprofit educational purposes;

The watch page is clearly non-commercial, and a reporting effort (not necessarily a nice or disinterested effort, but that doesn't seem relevant here)

(2) the nature of the copyrighted work;

The copyrighted work is creative, so this counts against fair use.

(3) the amount and substantiality of the portion used in relation to the copyrighted work as a whole; and

This is very debatable, as to what in a blog post is "the work as a whole", but excerpting is certainly being done overall.

(4) the effect of the use upon the potential market for or value of the copyrighted work.

There's no argument that the original blog postings are somehow less valuable because their changes have been tracked, or that the watching page is improperly drawing hits.

So looking at this in total, while not every factor is a slam-dunk win, I'd offer that the non-commercial, reporting nature, and lack of effect on value, are highly favorable. Again, I am not a lawyer, this is not legal advice, it is only my opinion (though I'd hope it's an informed one).

The most contentious items are likely to be the postings which were deleted. But the use of copyright to suppress reposting them seems clearly aimed at avoiding embarrassment, not preserving the potential market.

Of course, one has to win against the lawsuit, which is a whole different matter entirely.

John Palfrey has a posting about this issue, but his analysis assumes everything is mirrored. Perhaps he was discussing an earlier version, or misunderstood the watcher page. There's also a remark:

More reasonably, we should keep at the task of embedding (cc) licenses, or alternately a statement to clarify that we mean to contribute the work to the public domain, in RSS feeds and on the pages of weblogs to make clear our intentions in sharing and syndicating our work. Or, I suppose, the blogging community should understand what's meant when someone indeed decides that they mean to retain the copyright to something.

Sadly, a claim of retaining the copyright wouldn't change this situation. It's a classical case where fair use is intended to be a defense against a hostile party charging copyright violation. That would just move the issue to how to do the watching page in compliance with whatever copyright demands. So this isn't really an ad for cc (creative commons) licenses. It's much more an illustration of copyright as a weapon.

There's a discussion of the morality of this whole issue at the Burningbird blog. And I nearly deleted this article (before posting!) due to being an ant among thundering elephants, but let's see if I survive.

By Seth Finkelstein | posted in copyblight | on July 12, 2003 01:25 AM | (Infothought permalink) | Followups
July 11, 2003

"Cites & Insights" - Coping with CIPA: A Censorware Special

Walt Crawford has a special edition of his his "Cites & Insights" publication for Midsummer 2003, described as

This 20-page issue consists of one essay: Coping with CIPA: A Censorware Special

If you don't care about CIPA, censorware (filters), and all that, you can skip the issue. A "normal" issue will be out around the beginning of August.

Well, I care, and it's extremely worth reading. There's much examination of CIPA reactions, and a review of Open Censorware issues (mentioning the discussions of the past days, including my comments and Edward Felten's comments).

By Seth Finkelstein | posted in censorware | on July 11, 2003 12:09 AM | (Infothought permalink) | Followups
July 10, 2003

A CIPA ancestor

Stephen Denney reposted an interesting article: The new censorship, by Sara Paretsky (New Statesman, 1st June 2003)

Though mostly concerned with the Patriot Act and market censorship, it contains a striking CIPA precursor regarding library censorship:

... Dashiell Hammett went to prison for two crimes: he gave money to a bail fund for labour figures whom Congress thought were communists, and he refused to name other people who contributed to the fund. The State Department saw that Hammett's books were removed from every library supported by federal money. Knopf, his long-time publisher, suspended publication of The Maltese Falcon in deference to the House Un-American Activities Committee blacklist.

The more things change, the more they remain the same.

By Seth Finkelstein | posted in censorware | on July 10, 2003 11:53 AM | (Infothought permalink) | Followups
July 09, 2003

TopPENISh update

There's a fun Seattle press article about the censorware troubles of the town of Toppenish (my emphasis below)

CENSORSTUPIDSHIP: Don't bother trying to find "Toppenish" on the Internet using filtered computers in the Yakima Valley Regional Library System -- even at the library in Toppenish. "Bess," a widely used anti-pornography filter installed on some of the regional library's terminals, blocks the town's name as a search term as it zeros in on the fourth through eighth letters, according to an Associated Press story.


"It is supposed to block strings of letters like that," said spokesman David Burt.

He added that the library was using a function called "Safe Search" that is meant to be "overprotective."

But as of late last week, the company's database operators were working on a system to block the word penis and allow Toppenish.

Wow, "database operators were working ...". C'mon, it's one pattern item in the blacklist. Such mystification.

By Seth Finkelstein | posted in censorware | on July 09, 2003 12:47 PM | (Infothought permalink) | Comments (1) | Followups
July 08, 2003

Melora Ranney Norman (librarian) on Open Censorware

[Updated 5/1/2005 - Replaced old version with rewritten new version, at author's request]

When CIPA passed and someone suggested that ALA should create its own blocking software, my initial reaction was concern. There seemed to be no real benefit inherent in the prospect of a library association spending valuable resources on something that is created specifically for the purpose of censoring resources. Since we'd all agreed that blocking software is inherently and necessarily flawed, I saw no purpose in our contributing another such product to the software market.

Since then, libraries and their users have consistently reported all of the difficulties we expected: underblocking and overblocking; filters creating demand for sexual content where none previously existed, since a fair number of people like to try to beat the software; libraries and users embarrassed or unable to have incorrectly blocked materials unblocked; adults not informed of their rights; librarians not trained or inclined to grant people their rights; too many categories unnecessarily turned on; libraries and users unable to see blacklists; and so forth.

Might open-source blocking software that we attempted to set to minimum CIPA standards cause fewer problems for people using libraries? I've come to think that some kind of SquidGard/Dansguardian version might indeed be the lesser of two evils, since people could at least see what's being blocked.

Would that ameliorate any of the basic problems inherent in the whole censorware scheme of things? Doesn't seem likely. Human nature remaining what it is, and computers still being whatever we tell them to be, as long as we begin by thinking of what we should be blocking instead of what we should be making available, the whole premise is bound to create limits on thought, speech, and access.

I read an article recently that told of a study of human nature that showed why fundamentalists and liberals are so basically at odds with one another. This piece asserted that fundamentalists value obedience and conformity: they view good parents (and, by association, good government) as strict. Liberals, on the other hand, value the development of independent thinkers: they view good parents as nurturing.

Will These are the rules you must abide by ever be consistent with You must learn to think for yourself? Can people who value controlling information ("strict parents") ever live in harmony with those who want to offer as much information as possible ("nurturing parents")? Or will the former remain convinced that the latter is without morals, while the latter is convinced that the former is unreasonably narrow and intolerant?

No software program will ever respond adequately to the needs of such opposing viewpoints. However, one software program can be made to block many of the ideas and information that one group finds offensive--and another, and another. Perhaps the real question is whether or not, in the end, anything of interest or meaning will be left.

By Seth Finkelstein | posted in censorware | on July 08, 2003 08:39 AM | (Infothought permalink) | Comments (2) | Followups
July 07, 2003

DMCA censorware exemption follow-up reply

In response the DMCA censorware exemption follow-up question, we submitted the

Joint Reply Of Seth Finkelstein and James S. Tyre

For the question:

Please clarify, as specifically as possible, the types of applications you believe should or should not be subject to an exception for the circumvention of access controls on filtering software lists, if such an exception is recommended.

The key definition is:

"Programs designed and optimized for use by an authority to prevent another person from sending or receiving information."

The reply is many pages long, going into great detail about the differences between censorware, spam-killing, viruses, etc.

One of the best anti-spam software packages, SpamAssassin, http://spamassassin.org/ is completely open-source. All websites, data, patterns, and so on, are open for inspection and evaluation. And it's become a better system for it. It's actually possible to see why a false positive occurred. Moreover, because of this "transparency", theit's-not-on-the-list game is not possible. So the creators have an incentive to fix problems rather than possibly deny their existence. Any idea that examining spam lists will lead to increased problem with spam, is refuted by SpamAssassin's success. Examining some spam lists is likely to be far more a scourge to companies selling poor products ("snake oil") than to anti-spam efforts.

Also some humor:

To clarify what Mr. Tyre meant, N2H2 allowed Mr. Finkelstein to have an ordinary, encrypted-blacklist, 30-day-limited, evaluation version of their software on a few occasions, typically when they did not check his background. One time their automated registration process approved him, but N2H2 later checked his background and threatened to revoke his evaluation credentials ("Letting you evaluate the product would be the same as working with the opposition. I have yet to read an article that you wrote that had anything good to say about filtering."). Currently, they will not let him have even their standard evaluation software (and are extremely nasty about their refusals too!) ...

By Seth Finkelstein | posted in censorware , dmca | on July 07, 2003 05:02 AM | (Infothought permalink) | Followups
July 06, 2003

DMCA censorware exemption follow-up question

[After I testified on censorware in the Copyright Office's hearings on DMCA exemptions, they recently sent a follow-up question about the topic. Here's part of the letter they sent to me, posted with permission. They also asked everyone else who testified about censorware (Jonathan Band, James Tyre, and the censorware advocates) a similar question. This isn't a public round of reply, but rather clarification of issues]

Exemption to Prohibition on Circumvention of Copyright Protection Systems for Access Control Technologies

Dear Mr. Finkelstein

Thank you for appearing as a witness at our hearings on possible exemptions to the prohibition on circumvention of technological measures that control access to copyrighted works.

As we stated at the hearings, we intended to submit additional questions in writing to many of the witnesses. Based on our review of the record, we would like you to respond to the following question:

Please clarify, as specifically as possible, the types of applications you believe should or should not be subject to an exception for the circumvention of access controls on filtering software lists, if such an exception is recommended.

Please provide any documentation and/or citations that will support any of the factual assertions you make in answering these questions.



David O. Carson
General Counsel

By Seth Finkelstein | posted in censorware , dmca | on July 06, 2003 11:59 PM | (Infothought permalink) | Comments (0) | Followups
July 05, 2003

Jonathan Kamens and Osirusoft spam blacklist

I just saw a fascinating thread about "Jonathan Kamens and osirusoft".

It seems that Jonathan Kamens remains personally spam-blacklisted, on relays.osirusoft.com and spamsources.relays.osirusoft.com. This started from when he was working for an employer with bad e-mail practices (worldwinner.com), but he no longer works for them. Yet the blacklisting continues.

Amazing commentary:

I used to maintain exactly the position that you're maintaining -- that the block-list maintainers are reasonable people and that entries in block-lists are usually removed quickly when they are shown to be in error or when the blocked parties show that they have taken steps to address the problems. When I heard people complain about being blocked inappropriately, I'd tell them to go make their case in news.admin.net-abuse.email and, if they were right, the problem would be solved. I no longer believe that.

By Seth Finkelstein | posted in spam | on July 05, 2003 11:58 PM | (Infothought permalink) | Comments (2) | Followups
July 04, 2003

July 4 thought: Declaration of Independence, real and imaginary

Compare the real Declaration of Independence with John Perry Barlow's A Declaration of the Independence of Cyberspace


... That these United Colonies are, and of Right ought to be Free and Independent States; that they are Absolved from all Allegiance to the British Crown, and that all political connection between them and the State of Great Britain, is and ought to be totally dissolved; and that as Free and Independent States, they have full Power to levy War, conclude Peace, contract Alliances, establish Commerce, and to do all other Acts and Things which Independent States may of right do.


These increasingly hostile and colonial measures place us in the same position as those previous lovers of freedom and self-determination who had to reject the authorities of distant, uninformed powers. We must declare our virtual selves immune to your sovereignty, even as we continue to consent to your rule over our bodies. We will spread ourselves across the Planet so that no one can arrest our thoughts.

War, Peace, contract Alliances, establish Commerce ... that's what it's about. Not "virtual selves immune to your sovereignty".

By Seth Finkelstein | posted in cyberblather | on July 04, 2003 11:57 PM | (Infothought permalink) | Followups
July 03, 2003

Open Censorware ("filtering") issues page

[Just sent this to the Interesting People list, in response to Libraries, Commercial Censorware & CIPA

From: Seth Finkelstein
Subject: Re: [IP] Libraries, Commercial Censorware & CIPA

Dave, this has come up so frequently in the past few days, that I've started a page of resources/argument/rebuttals about it:

Open Censorware issues

In brief, it's a solved technical problem, for example there's:

http://www.squidguard.org/ http://www.squidguard.org/blacklist/
GUILT - the GnU Internet Lust Terminator

So that wheel has already been invented. The issue is more a social and legal issue.

Regarding the issue of the perils of the possibility of open sex site lists, see my rebuttal in testimony during the recent Digital Millennium Copyright Act hearings, where exactly this topic was discussed (search for the discussion of "pornography sites"). It's at

In general, commercial censorware companies are not going to open their blacklists, no matter how many times libraries say they should. They sue over this issue, see


Seth Finkelstein Consulting Programmer

By Seth Finkelstein | posted in censorware | on July 03, 2003 05:01 PM | (Infothought permalink) | Followups

Libraries and opening censorware blacklists

The New York Times has an article Libraries Planning a Meeting on Filters, which briefly touches on issues about "open-source" censorware:

he group will also demand that the companies reveal their database of blocked sites to libraries so they can determine which programs best suit the libraries' needs, or they may work with third parties to develop new filtering software.

"If we can't get what we want from the filtering companies, I say let's make our own," [Ms]. Krug said.

A representative of one of the leading filtering companies said the industry was ready to cooperate with the librarians. David Burt, a spokesman for N2H2, said his company's product made disabling the software easy. But he said there might be more disagreement about releasing the list of blocked sites, which would be valuable to the company's competitors.

Besides, he noted, "we would be making available the world's largest and best collection of porn sites, and that's not the business we want to be in."

1) I've said this before, but censorware companies aren't going to open their blacklists to anyone. And even if they did, you don't have the time to pour through it all. I've looked through censorware blacklists, and it's an incredibly boring task.

2) And I noted in my DMCA testimony (http://sethf.com/anticensorware/hearing_dc.php):

MR. FINKELSTEIN: ... I would also like to say that, for all this talk of the pornography sites, since they were blacklists, they are really bad collections of pornography sites. (Laughter.)

I want to go into this because I get this -- no, let me go into this. People are always asking me this question: "Oh, boy, have you gotten any good porn sites?" And I tell them, "It's really, if you want to get some good sites, don't look in this censored blacklist."

In fact, I can demonstrate that -- (laughter) -- because when the CyberPatrol blacklist went out, nobody ever said that it was such a great collection. The reason why - this is important -- I know this is funny, but the reason why that they're such bad lists is because there's so much junk in them.

If you wanted a list of sex sites, would you want to go through somebody else's tastes, sites which didn't work, sites which had changed ownership, or so forth? No, you would want a good collection from somebody who had actually made a collection which would appeal to you, and there are people who sell them. There are people who make them for free. They have absolutely no impact on the research that I am doing.

It is something of a red herring. I know it's a, quote/unquote, "sexy" topic to say that they have these huge lists of pornography sites, but nobody has ever tried, except in a sort of snickering fashion, to use these lists as actual lists of pornography sites because they don't work well that way.

By Seth Finkelstein | posted in censorware | on July 03, 2003 02:12 AM | (Infothought permalink) | Followups
July 02, 2003

Aimster and Encryption

The Aimster decision, to keep an injunction against that file-sharing service, has generated a great deal of commentary (e.g. Derek Slater has much). I just have some observations regarding Aimster's use of encryption.

Ed Felten writes

The opinion assumes that Aimster did this because it wanted to remain ignorant of the infringing nature of the traffic. ...

But there is another good reason to use end-to-end encryption in such a service. Users might want to transfer sensitive but noninfringing materials. ... The opinion hints at all of this; but apparently Aimster did not offer arguments on this point.

I think the court recognized that reason straightforwardly, in this part:

4. Aimster's users might appreciate the encryption feature because as their friendship deepened they might decide that they wanted to exchange off-color, but not copyrighted, photographs, or dirty jokes, or other forms of expression that people like to keep private, rather than just copyrighted music.

This passage is in fact rather thoughtful on the encryption issue:

He did not escape liability by this maneuver; no more can Deep by using encryption software to prevent himself from learning what surely he strongly suspects to be the case: that the users of his service--maybe all the users of his service--are copyright infringers. This is not to say that the provider of an encrypted instant-messaging service or encryption software is ipso factor a contributory infringer should his buyers use the service to infringe copyright, merely because encryption, like secrecy generally, facilitates unlawful transactions. ("Encryption" comes from the Greek word for concealment.) Encryption fosters privacy, and privacy is a social benefit though also a source of social costs. "AOL has begun testing an encrypted version of AIM [AOL Instant Messaging]. Encryption is considered critical for widespread adoption of IM in some industries and federal agencies." Vise, supra. Our point is only that a service provider that would otherwise be a contributory infringer does not obtain immunity by using encryption to shield itself from actual knowledge of the unlawful purposes for which the service is being used.

Though there's a paradox lurking here, almost a kind of poetic justice or irony. Roughly:

Service: We've implemented encryption to protect our users' piracy, err, we meant privacy. So gosh-darn-golly, we can't know of any copyright infringement by our users, since the files shared are secret. We win!

Court: How interesting. You say you can't know what files your users are sharing? It's a secret? You absolutely, positively, don't know? Hmmm ... then you can't provide any evidence that there are actually any substantial noninfringing uses. You lose!

That's oversimplified, but the court does seem to have said something along those lines:

Aimster failed to make that showing too, by failing to present evidence that the provision of an encryption capability effective against the service provider itself added important value to the service or saved significant cost. Aimster blinded itself in the hope that by doing so it might come within the rule of the Sony decision. It complains about the district judge's refusal to hold an evidentiary hearing. ... [snip] ... Aimster hampered its search for evidence by providing encryption. It must take responsibility for that self-inflicted wound.

By Seth Finkelstein | posted in copyblight , legal | on July 02, 2003 04:46 AM | (Infothought permalink) | Followups
July 01, 2003


According to http://www.usatoday.com/tech/news/2003-06-30-toppenish-porn_x.htm: (note that interesting URL!):

Library filtering software rejects Toppenish as porn

YAKIMA, Wash. (AP) - Don't bother trying to find Toppenish on the Internet using filtered computers in Yakima Valley Regional Library System - even at the library in Toppenish.

"Bess," a widely used anti-pornography filter installed on some of the regional library's terminals, zeros in on the fourth through eighth letters and blocks any site mentioning the lower Yakima Valley town as inappropriate for children.

I think the problem is more an issue of "Toppenish" being a term which can't be searched, rather than a URL-based ban. I verified it as a search-ban, But N2H2 doesn't let me have demos anymore, so I can't really test the claim as extensively as I'd like. So it may be that article is garbled, confusing search-bans with URL-bans. But there's some truth in it.

Credit to lisnews.com for further publicizing the story.

By Seth Finkelstein | posted in censorware | on July 01, 2003 11:58 PM | (Infothought permalink) | Followups