September 29, 2003

N2H2 "State Secrets" - part 2 - PR and "that was a lie"

There's a reason I don't do statistical studies on censorware. I hope the following historical account shows what's necessary to fight something like censorware company N2H2's "1,800 Percent Increase [in porn]" press release.

Years ago, in March 1999, Censorware Project released a report dealing with statistical analysis of SmartFilter. There's a long story about how this report came to be, including the fact that it would have died if I hadn't encouraged Michael Sims to continue when he despaired, and donated much system administration and programming in keeping my promise of support. He then rewarded me by initially cutting me off from all credit when, much later, the report was eventually finished and released. But I digress.

At that time, David Burt ran a pro-censorware website "Filtering Facts" ( - it's no longer active on the web, rumored because he's embarrassed these days by the harsh material, including the obvious links to the Religious Right - but I have an archive). In April 1999, he issued a press release of his own about the report, claiming "Study of Utah School Filtering Finds "About 1 in a Million" Websites wrongly blocked". David Burt is currently a PR person for N2H2. N2H2 is now being bought by the company which owns SmartFilter. It all connects.

Reading that April 1999 David Burt press release, it's clear why he doesn't want this material floating around the net nowadays:

It is difficult to understand how the primary author of the report, Michael Sims, could feel that these sites are appropriate for children in a school setting. An examination of the author's e-mail postings offers some insights into the values that he applies to such judgements. Mr. Sims has often said he does not believe that pornography harms children. In one recent post to the librarian's discussion list PUBLIB, Mr. Sims compared children viewing pornography to children reading the Bible:

Note I feel for Michael Sims here. I know what it's like to be smeared ...

SmartFilter picked up the statistical mendacity (leaving the personal attack), of David Burt's release, and later issued a company press release taking the tactic of claiming "CENSORWARE PROJECT UNEQUIVOCALLY CONFIRMS ACCURACY OF SmartFilter™ IN STATE OF UTAH EDUCATION NETWORK"

Now, in reaction to this, Censorware Project did not say that anyone who matters would read the report and know that the SmartFilter press release was untrue. Or that nobody believes a censorware company, so it doesn't matter.

Instead, Censorware Project did a follow-up report ( and to defend the study (and incidentally, Michael Sims), right on the website, the front page proclaimed:

This was a lie. Secure Computing then issued a misleading press release with that same lie, which prompted us to take action.

Later on, there was a front-page Slashdot article about "Censorware and Memetic Warfare":

Here's a look at one of the more annoying memes the opposition is using: a lie about the results of my very own organization. Click for more.

It's all reminiscent of Al Franken's book in the news, "Lies and the Lying Liars Who Tell Them". Except here we have a fair and balanced look at censorware advocates' tactics (note truth is not in the middle).

By the way, I didn't have the slightest involvement with any of this liar-liar-pants-on-fire type response. But I did ruffle feathers when I'd point out that it obviously wasn't considered something which couldn't be done, as immature, undignified, unbecoming, don't get down to their level, etc. I have a saying : "It's always different when it's you".

And that brings me to the moral of the story - if you can't get heard, you'll be shouted down. I don't have the press-reach to fight back against mudslinging press-releases like those above. And I shudder to think what sort of Slashdot coverage I'd receive in a similar situation.

It matters.

By Seth Finkelstein | posted in censorware , memoirs | on September 29, 2003 11:59 PM | (Infothought permalink) | Followups
September 28, 2003

N2H2 "State Secrets" - PR and lying with statistics - press note

[I'll get to part 2, really, it's just turning out to be far more difficult to write-up than I thought, because of my misery regarding the whole topic]

I've just noticed, part of the extensive reach of the N2H2 "1,800 Percent Increase [in porn]" press release is because it was portrayed as a "news story" ("Story from AFP") by a syndicate Agence France-Presse. This made it even ABC Sci-Tech News.

The power of the press :-( ...

By Seth Finkelstein | posted in censorware , journo | on September 28, 2003 11:58 PM | (Infothought permalink) | Followups
September 26, 2003

N2H2 "State Secrets" - PR and lying with statistics [part 1 addendum]

I've been searching over the web today to see if anyone, anywhere, has pointed out that the N2H2 story about porn having "1,800 Percent Increase from 14 Million Pages in 1998" is pure hype, since the web itself has grown so much in that time. The only place I've been able to find such intelligence is in a reaction news quote with ... drumroll ... Irene Graham, who is the Executive Director of Electronic Frontiers Australia (and notably one of the earliest civil-libertarians to have listened to me about censorware years ago):

IRENE GRAHAM: Of course, about five years ago there were fast less people on the Internet around the world.

Everything else I've seen has been utterly uncritical. This matters in ways both obvious (e.g. pushing censorware) and profound (what it says about my ability to fight a smear).

By Seth Finkelstein | posted in censorware | on September 26, 2003 10:15 PM | (Infothought permalink) | Followups
September 25, 2003

N2H2 "State Secrets" - PR and lying with statistics [part 1]

Censorware company N2H2 recently issued a press release which coincidentally illuminates why I have to quit and can't publish certain research. They proclaim: "N2H2 Reports Number of Pornographic Web Pages Now Tops 260 Million and Growing at an Unprecedented Rate". It's a concoction jam-packed with juicy PR nuggets:

"1,800 Percent Increase from 14 Million Pages in 1998"
"N2H2's database contained 14 million identified pages of pornography in 1998, so the growth to 260 million represents an almost 20-fold increase in just five years"
"There have been recent filtering software studies by eTesting Labs for the Department of Justice and a peer-reviewed study conducted by the Kaiser Family Foundation and published in the Journal of the American Medical Association (JAMA). Both found N2H2 superior to competitors at blocking pornographic Internet content without unduly blocking appropriate content, even in related areas such as breast cancer or sexually transmitted diseases."

This censorware PR is going around the world, from Australia to Japan .

There is absolutely no support for me to rebut it, in terms of 1) pay, 2) press-power, 3) protection (from lawsuits). I can start shouting to the wind and risking a lawsuit ... or not.

First, just on the face of it, how much has the web itself grown since 1998? Certainly much ("1,800 percent"?) If the number of "porn"-pages simply remained a constant fraction overall, it would increase in absolute numbers as the web itself grows. What methodology was used to derive that number of "identified pages of pornography" anyway?

And here's where things get interesting. I know N2H2 has to be playing fast and loose (if anyone doubted just based on general principles), because I know their blacklist does not have 260 million entries, and could not have had 14 million entries in 1998. But I can't publish that in any way that is objectively provable in terms of peer-review, because that would require conveying decryption information. And no organization is backing me as a researcher to give my mere words weight in terms of that "name" reputation-capital.

Moreover, I could point out many, many, flaws in that slippery phrase "classified as pornography". In practice, nobody outside of a few hundred hard-core readers (pun unintended) would hear. So, the upside is zero for me, little in general, and the downside is years of litigation. It's not worth it.

[To be continued in further posts. Next planned: Background historical material regarding censorware companies, lying with statistics, attack and defense]

By Seth Finkelstein | posted in censorware | on September 25, 2003 10:05 AM | (Infothought permalink)
September 23, 2003

Time For Me To Quit Censorware Investigations, aka BACKER NEEDED

If at first you don't succeed, try, try again. Then quit. There's no point in being a damn fool about it. - W. C. Fields

Everyone has a breaking point, and it's been evident for a while that I've essentially reached mine. "Banned Books Week" is a good place to drive a stake into it. To differentiate this message, I'm having "Banned Research Week" where I'll outline specific research I can't complete and publish.

I quit. I'm giving up. I tried and tried, and I don't succeed. That is, after all I've done, over years and years, I still have no pay, no press-platform, no protection from lawsuits. I can't continue to fight against censorware as an unpaid, mostly marginalized, activist lacking any organizational backing. It's not sustainable.

The dismal mathematics seems unarguable. I cannot win, in terms of myself. It's not my job, I don't advance in a career, and frankly, I get precious little respect (not 0.00%, but very close to it). However, I can lose, BIG. At best, I might have to endure long draining litigation, stressful and destructive even if, on the off-chance, I were to prevail. And if I don't prevail, the consequences would be even worse. It's not worth it.

In retrospect, after I won an EFF Pioneer Award, I made what turned out to be an enormous error. I then did a large amount of decryption-based censorware research, as opposed to intensively seeking a policy-based affiliation. I thought I was on track to be a towering DMCA hero. I believed I had a pledge of (Slashdot-based!) press support, as well as legal backing. And that I could afford to volunteer. Well, it's a long story, but things didn't work out that way. The tech economy crashed, and many other legal cases superseded me. Moreover, either I was mistaken about the pledge of Slashdot support, or the person making it later decided to renege (without the courtesy of informing me).

The final result is I have to write-off a large amount of that research (some of which has already rotted away). Between "shouting to the wind" (nobody reading my work) and "telling it to the judge" (the inevitable result of publish work that absolutely will be read), I've been silenced.

Formally, this might be considered a call for backing and support. If manna from heaven came to me, if an organization said they'd give me press support and legal protection (not to mention some pay), then it might be possible for me to continue censorware work. But honestly, I have no illusions of success.

Note, please don't tell me, e.g., "Don't let the bastards grind you down". They did grind me down, by leveraging the power of the legal system to grind me up. Any advice must consider: How does this change the problems of 1) pay 2) press-platform 3) protection from lawsuits? If that isn't answered, it's not helpful.

Sadly, I've been "taken down", and to a great extent, by my own "side".

By Seth Finkelstein | posted in activism , censorware , memoirs | on September 23, 2003 08:05 AM | (Infothought permalink) | Comments (6) | Followups
September 21, 2003

The Copyright Elephant (and EFF)

Derek Slater has been discussing fallout from the conference Digital Media in Cyberspace and taking a little flack over associated questions regarding EFF's recent stances.

To mangle some famous phrasing:

"Derek, I knew "bad faith", I worked with "bad faith", "bad faith" was a friend of mine. Here, this is not "bad faith"..."

If you want to see what "bad faith" looks like, take a look at an old analysis of the censorware wars and Mike Godwin's tactics back then ("Sometimes they deliberately and calculatedly lie. Period. ... there may be tactical advantages in smearing your opponents so." - I didn't write that, and though it's from someone who is mentioned unfavorably in my blog these days, it's still a good essay). But I'm posting this to point out, that's what "bad faith" looks like - a lying, bullying, campaign. To echo a bit, I'm writing this to make clear - there have been bad-faith dealings on issues in the past, but these difficulties now aren't anywhere close.

Note all the above was from the old, more corporate-oriented, EFF, under Esther Dyson and Lori Fena. EFF's under new management as of a few years ago, under the far more civil-libertarian focused Shari Steele, and even gave me a treasured apology for the bad-faith dealings above.

Now, with that as background, the problem here is as follows: There's an elephant in the room, in that preserving copyright in anything close to its current form, seems to require draconian measures. I don't say it can or can't be done - but to do it, we're getting laws such as the DMCA, "spampoenas", lawsuits to strike fear into the hearts of file-shares everywhere, and so on.

There's no way out of this that fits in a press release. It's not clear if there even is a way out of this, which leads to a pundit-party of prodigious proportions. It's all about what do we do with the elephant? There's a path which starts out saying, "Don't put the elephant in with the tech-types (broadcast flag, etc.) - it should be wrangled by lawyers". Then "But wait, the lawyers are letting the elephant stampede, they shouldn't do that". And "Hey, it's not so gentle when one is dealing with an enraged bull elephant".

There are also a few blatherers talking about what a wonderful opportunity we have now in the evolution of Loxodonta<->Sapiens networking. A circus generally has some spectacle which is good filler-fodder, after all.

But all we're seeing here, is that EFF is not able to make that elephant go away, and is struggling like everyone else over where best to put it.

By Seth Finkelstein | posted in copyblight | on September 21, 2003 11:59 PM | (Infothought permalink) | Followups
September 20, 2003

Slashdot Prefect

For my own protection, I suppose I should write about the following thank-you note I sent today:

Date: Sat, 20 Sep 2003 09:54:09 EDT
To: [Rob Malda (head of Slashdot)]
From: Seth Finkelstein
Subject: Thanks for the posting, and a question

Thanks for posting the article on Wednesday about my "Verisign Typosquatter Explorer" program. I was pleasantly surprised (at the fact of the posting itself).

Should I infer any deeper significance from that action? Frankly, I'm about to throw in the towel on censorware investigations. It's simply too much, to risk a lawsuit from a censorware company, yet have to worry about Michael Sims helping them attack me, up to and including possible abusive front-page Slashdot articles trashing me if I'm sued. Note one difference between him and me - I did not hijack the "Verisign Typosquatter Explorer" page into a "Smeared By Sims " page.

[The HTML links are not in the original mail - they're here for annotation]

Realistically, I don't expect a reply. I just had my hopes up for an unfortunate moment, symptomatic of my delusions of support. Note, contrary to accusations, this is perhaps the third time in my entire life for mailing Rob Malda (the first was to protest Michael's abusing his Slashdot editor comment-moderation powers, the second was the ill-fated code proposal at the time of the CIPA, Federal censorware law, trial, and somewhere he may have been on a cc line from someone else where I replied)

It's not that everyone at Slashdot loves Michael Sims (not what I hear at all). But as long as he doesn't go past being merely an embarrassment to them, he'll remain _de facto_ supported in terms of pay and reputation to - literally - lie, cheat, and steal, against anyone else.

I get much preaching about a "feud" and such, and that's just wrong. "Feud" implies some sort of rough equality of forces, apart from the moral aspects.

It deeply bothers me, that despite Michael Sims holding hostage, destroying and domain-hijacking the Censorware Project website, he's not a pariah. That was very public and on-going. He doesn't walk around thinking "Why did I ever betray the trust which was placed in me? Nobody who sees that will ever work with me.". By contrast, I do walk around thinking "Why did I ever do so much free-speech work? It wasn't valued. And I have to defend myself against all the attacks."

That's not a "feud". The outcome here doesn't seem to me to be that I should blithely get myself sued. Rather, again, I'm way overmatched for what I'm trying to do, and anything further will just bring me more grief.

This is a prelude for some other material I plan to write in a few days, more then.

By Seth Finkelstein | posted in activism | on September 20, 2003 11:59 PM | (Infothought permalink) | Followups
September 19, 2003

VeriSlime humor

[This was a (not accepted) comment I wrote to Dave Farber's list, in the midst of the discussions of how to react to Verisign's DNS actions. I was thinking there could be a "Top Ten" list]

On Wed, Sep 17, 2003 at 11:24:51AM -0400, Dave Farber wrote:
>For the life of me I cannot figure out what to say in a message to [Verisign ]. djf

Contest! Contest!

"It's hard to be worse than the Sobig virus - but you've done it."

"Never has an organization committed credibility-suicide so publicly."

"Many people suspected DNS was broken. Now they know."

But it should be obvious what is the #1 thing to say:


[That was a riff on the long North American Network Operators Group mailing-list thread: "What *are* they smoking?"]

By Seth Finkelstein | posted in quotes | on September 19, 2003 11:18 PM | (Infothought permalink) | Comments (2) | Followups
September 18, 2003

Slashdot introspect

The god of Slashdot smiled upon me yesterday, and posted a front-page article about my "Verisign Typosquatter Explorer".

More than eight thousand readers so far, and around four thousand program downloads. Talked to a journalist today. And it's going around mailing lists.

I didn't have to worry about being sued. (well, I think, but reasonably, no, see, I'm really not paranoid). Verisign is not going to issue a nasty response calling me names. It wasn't even a tremendous amount of difficult technical work, compared to some of the censorware investigations.

I'm very happy to be getting this coverage. But I'm also thinking once again, it's just not worth it, in terms of anything which does have a legal risk, to be sticking my head in the lawyer's, I mean lion's, den, and hoping I don't get mauled. I've written this before, I'm extremely underpowered and out of my league in press-power terms, and this is yet another piece of objective evidence which confirms that conclusion.

I can hear the response already: "Seth, you're never satisfied. Look, look, you got heard today! That proves you are not as poorly-off as you moan and groan".

This misunderstands something: The god of Slashdot is not a jealous god. But he grants power to those unworthy of it, as they do evil yet are not shunned. He will not intervene if the heights of the journalistic pyramid are used to throw stones at me. And today is one more lesson, if another were needed, on such power.

Update: From talking to the journalist above, I have a small mention in the article: Verisign's SiteFinder finds privacy hullabaloo

By Seth Finkelstein | posted in activism | on September 18, 2003 11:58 PM | (Infothought permalink) | Followups
September 17, 2003

"Copyright and Free Expression" updated report from FEPP

There's a great new updated report released from Free Expression Policy Project:

Copyright and Free Expression

FEPP's just published, revised and updated summary of the major controversies - what you need to know about how copyright today threatens intellectual freedom.

I'm acknowledged as one of the people giving feedback on the first edition of this report. And mentioned in the DMCA censorware research section:

Yet few free-expression issues today are more sweeping in their implications than censorship caused by Internet filters as they block art, information, and ideas that their corporate manufacturers decide are inappropriate, or that their keyword-based programs mistakenly target. As another activist, Seth Finkelstein, put it, "independent investigation of the snake oil claims" of filtering companies has now become "fraught with legal peril."

I've written much since the time of that quote, e.g.:

Admittedly, most of the section is about the case Edelman v. N2H2. Recall, the irony is, I actually have circumvented the encryption of the N2H2/BESS blacklist, with research I can't publish due to lawsuit chilling effects, and I can't get a backer (and in practice, nobody will hear either). As FEPP notes:

But the underlying reason for dismissing the case may have been the judge's lack of sympathy with Edelman's claim.

Exactly. This is why the attacks on me have been so harmful, because they have the potential to affect how I'd be viewed by a judge. And I just can't ignore that (nor can potential backers).

By Seth Finkelstein | posted in copyblight , dmca | on September 17, 2003 12:02 AM | (Infothought permalink) | Followups
September 16, 2003

Verisign Typosquatting Explorer

I wrote a little perl program to examine what domain names were being suggested by Versign from their current foray into typosquatting

If anyone's interested, go to my page for Verisign Typosquatting Explorer

I haven't had much time to look to see if there's much in the results

By Seth Finkelstein | posted in infothought | on September 16, 2003 08:52 AM | (Infothought permalink) | Comments (1) | Followups
September 15, 2003

"Open Censorware" and recent legal advice to libraries

A recent article from the American Library Association, ALA: Lawyers Sift through CIPA Regulations discusses: "At the request of the American Library Association, the law firm of Ropes and Gray issued an advisory letter August 28 to libraries regarding their legal obligations under CIPA" (CIPA is the Federal library censorware law) [link credit lisnews. com]

Looking through that advisory letter, I don't think it's very favorable to "Open Censorware":

Public libraries that routinely submit untimely certifications, do not submit certifications, certify compliance with CIPA with the knowledge that they are not in compliance, install an Internet filter known to be nonworking, or fail to enforce their Internet safety policy or operate their Internet filter will likely to be found to be acting in bad faith and not in compliance with CIPA. These libraries will be subject to a loss of their federal E-rate or LSTA funding and may have to reimburse the federal government for E-rate funds utilized during noncompliance. Libraries that fail to remain diligent regarding upgrades in Internet filtering technology may also be determined to be acting in bad faith.4 ...

4The Restatement (Second) of Contracts states, "A complete catalogue of types of bad faith is impossible, but the following types are among those which have been recognized in judicial decisions: evasion of the spirit of the bargain, lack of diligence and slacking off, willful rendering of imperfect performance, abuse of a power to specify terms, and interference with or failure to cooperate in the other party's performance."Restatement (Second) of Contracts S 205 cmt. d (1981).

And later:

CIPA does not provide for any penalties for noncompliance beyond the withholding and reimbursement of federal funding; there are no criminal penalties provided for under CIPA. However, there are federal criminal laws that apply to the submission of fraudulent information or false certifications to the government. See 18 U.S.C. S 1001 (2003).

If I were putting myself on the line, as a library director, I wouldn't be inclined to do anything which looked like playing games with such a requirement. Requiring a judicial specification of a blacklist just might work, as a straightforward and direct position. But not pretending the blacklist problem doesn't exist.

By Seth Finkelstein | posted in censorware , legal | on September 15, 2003 11:57 PM | (Infothought permalink) | Followups
September 14, 2003

"Just Give It To Me Straight" - a case against censorware

This is a week or so old, but I solidly recommend the paper:

Just Give It To Me Straight:

A Case Against Filtering the Internet

T. A. Callister, Jr. Whitman College

Nicholas C. Burbules University of Illinois

Well worth reading for the evidence and arguments.

Paradoxically, on a personal note, it's another reason I think I should stop doing anti-censorware work. The paper makes many arguments similar to those I make myself. But the difference is that it was quite well-publicized, whereas I'm extremely marginalized. While the constant references to Peacefire and Censorware Project were good, it was saddening to see the authors had apparently never heard of me. I don't have the name-recognition and press-connections, so what's the point of doing work almost nobody will hear? (especially if it can get me sued!)

By Seth Finkelstein | posted in censorware | on September 14, 2003 11:59 PM | (Infothought permalink) | Followups
September 13, 2003


A little more than a year ago, I started my blog, with my first entry being one of my favorite quotes:

"The world of computer communications, however, has turned out to be the great equalizer. Suddenly anyone can become a publisher, reporter, or editorialist. What's more, each of us has as good a chance of being heard as anyone else in the electronic community."

Mike Godwin

[(in case it isn't clear, I'm quoting this very ironically)]

One year later, the main thing I think I can say, is that I have a deeper yet appreciation for the meaning of the phrase "some are more equal than others".

There's always going to be a journalistic pyramid. In any shake-up, some people will find niches in those walls, some people will do well as guides, and a very very few will be high on top. Everyone has an equal chance of winning the lottery too, but only a few people will do so.

I've had a handful of slightly successful posts. But overall, I'm way down at the bottom of the pyramid, and probably will remain so. In general, I've thought there's no use saying what everyone else is saying, I'm not well-positioned to compete in the journalist niche. On the other hand, I'm nowhere near as prominent as necessary for many people to have any interest in my thoughts as a pure commentator. In retrospect, I'm not sure blogging really works for me. I'm not planning to stop tomorrow. But it's another weight on my mind.

By Seth Finkelstein | posted in cyberblather | on September 13, 2003 11:59 PM | (Infothought permalink) | Comments (1) | Followups
September 12, 2003

Bruce Schneier, "license to surf", and context

It's time to play the game of "journo-phone" again. There's a somewhat amusing, though somewhat serious, AP article: Should License Be Required to Go Online? (though I like Wired's title for it, Are You Too Stupid to Surf?). In the article, after briefly mentioning virus problems, ID fraud, and filesharing, the question is posed (by the writer):

So why not institute mandatory education before people can go online? After all, motorists must obtain licenses before they can legally hit the road, and computers are much more complicated.

And then a quote is given:

"It could be a four-year college degree, a one-month course. It might be a good idea," said Bruce Schneier, chief technology officer for Counterpane Internet Security Inc.

Or it might be a bad idea.

"The downside is everybody you know won't be able to have a computer anymore, and I like being able to send e-mail to friends," Schneier said.

The article goes on from there, quoting pros, cons, and someone somewhere who takes the ludicrous idea seriously.

Reading the context, it's obvious Bruce Schneider was asked something along the lines of "Could there be an ``Internet license''? What would it entail?". And he replied nicely, indeed, there could, anything from four years to one month. And I'm sure that the "It might be a good idea" part was said with the tongue-in-cheek feeling of old-timers (especially strong after another Microsoft virus infestation). Note the next sentence about "everybody you know".

Now we play "journo-phone", where it's posted to Slashdot, as:

NaugaHunter writes "A story on Yahoo asks Should [a] License Be Required to Go Online? It appears to be suggested by Bruce Schneier, chief technology officer for Counterpane Internet Security Inc. 'It could be a four-year college degree, a one-month course. It might be a good idea.' The story also details efforts of some schools from simple orientation to threats of fines for spreading viruses, and questions exactly who would be responsible for keeping track of who is and isn't licensed."

So 250,000+ people hear "It appears to be suggested by Bruce Schneier". No such thing happened. Poor Bruce Schneier. He'll survive. But the amount of grief he'll get over this silliness will be wearisome.

Oh, who posted the story? (though admittedly not writing the above) It's a small world: Michael Sims. People think I'm being unreasonable when I talk about the following. But he won't even be doing something unusual (for him or for Slashdot) if he abuses his power and Slashdot position to smear me over censorware work.

By Seth Finkelstein | posted in journo | on September 12, 2003 11:59 PM | (Infothought permalink) | Followups
September 11, 2003

9/11 and the mathematics of terrorism screening

On 9/11, it feels out of place to write about anything other than the obvious. I was considering writing about why the state of civil-liberties in the US still not quite like Nazi Germany. But I'm a bit worried regarding sounding like a right-wing columnist, so I was put off of that.

There's a mathematical paradox which has been troubling me. It's a general problem, but the specifics here relate to airline screening systems, based on the two ideas:

1) Almost all people screened for terrorism will be innocent

2) Terrorists cannot be ignored

That is, a true-positive on detecting "terrorist" is a very rare occurrence, from the simple fact that there are only a handful of terrorists in existence. So any practical screening system applied to the huge numbers of people who fly each day, is going to yield almost entirely false positives. There doesn't seem to be a way to have any warning system that won't have much inconvenience.

Add in that people want the system to be as cheap as possible, and the problem becomes even harder.

I don't have a solution. If I did, I'd be trying to sell it and get rich and famous.

By Seth Finkelstein | posted in politics | on September 11, 2003 11:05 PM | (Infothought permalink) | Followups
September 10, 2003

Anti-spam versus censorware, once again

Matthew Skala, one of the programmers of CyberPatrol lawsuit (in?:-))fame, had a recent blog entry playing off the just-granted Websense patent, but using that to discuss censorware versus anti-spam programs. This issue, of using computers against spam or for censorware, comes up often. I've been replying to it for many years.

If I thought anyone much would care, I'd write up a FAQ on the topic. But that entry got thousands of readers as part of a Slashdot article, and, sigh, I hate to sound whiny, but I don't expect Slashdot coverage. Anyway, I wrote Matthew, and he kindly noted my point in a follow-up blog entry.

When putting together something now, I found I'd written long entries on this be fore:

" porn, spam, "filtering", and magic"

" More on censorware, spam-killing, and "magic""

No point in rewriting them. There's also an extensive discussion of the differences in the Reply to Copyright Office DMCA 1201 Censorware Exemption Question, and some in my DMCA testimony.

In a sentence, fighting spam concerns something you don't want to read, the sender wants to force on you. Censorware is about something you want to read, and an authority wants to prohibit you. These are thus very different situations.

By Seth Finkelstein | posted in censorware , spam | on September 10, 2003 11:59 PM | (Infothought permalink) | Followups
September 09, 2003

You Might Be An Anti-Spam Kook If...

Vernon Schryver just wrote a hilarious guide to when
You Might Be An Anti-Spam Kook If...

If you are one of the many people who has recently discovered the Final Ultimate Solution to the Spam Problem [FUSSP], beware of the warning signs of having gone off the deep end.

It's somewhat technical, but very true.

"... you are the first to think of the FUSSP."
"... you plan to make money by licensing the FUSSP."
"... the FUSSP requires a small number of central servers to handle certificates, act as "pull servers" for bulk mail, account for mail charges, or whatever, but that is not a problem."

All hail the FUSSP-ots!

By Seth Finkelstein | posted in spam | on September 09, 2003 11:57 PM | (Infothought permalink) | Followups
September 08, 2003

RIAA "Clean Slate" Amnesty - fishing expedition for targeting lawsuits?

As the RIAA starts lawsuits, their "Clean Slate" amnesty program is obviously receiving much attention. Just what sort of trouble can one expect from admitting to copyright infringements? (the RIAA can't stop lawsuits from other copyright owners such as the MPAA, nor the government, etc. - see e.g. postings at bIPlog and Freedom To Tinker)

The RIAA's description says:

OUR PRIVACY POLICY Information provided on the Clean Slate Program Affidavit will be used solely in connection with conducting and enforcing the Clean Slate Program. Information will not be used for marketing, promotional or public relations purposes. Information will not be made public or given to third parties, including individual copyright owners, except if necessary to enforce a participant's violation of the pledges set forth in the Affidavit or otherwise required by law.

But those who followed the story of TrustE know that privacy polices are slippery things. And besides, who is going to sue the RIAA if they wiggle on the meaning of "conducting and enforcing"?

Now, this certainly could be a way of entrapping people, given that "Clean Slate" affidavit signers are then liable for wilful infringement.

But large-scale infringers aren't going to rely on such a promised "amnesty". Perhaps the idea is that it's a way to get leads from scared "little fish" to go after "big fish" ("... tell us who your connection is, boyo, and you can walk ...").

That is, if the RIAA gets a large collection of applications from one particular location, that would seem to indicate there's good lawsuit-hunting in that area, with plenty of other fish who can be fried. The amnesty-seekers then act as quasi-informants. Perhaps explicit informants, if they're then interrogated to "verify" details of what they've submitted ("We're not prosecuting you, we're just checking up to make sure you told the truth, there's severe penalties if you lied ...")

And the most immediate use of the affidavits is as PR-fodder, i.e., "X pirates have admitted to crimes against copyright. The problem is worse than anyone thought!". This segues well into future prosecutions.

Quasi-Valenti-ism: "This amnesty is to the RIAA as UN Security Resolutions were to Saddam Hussein"

By Seth Finkelstein | posted in copyblight , legal | on September 08, 2003 11:13 PM | (Infothought permalink) | Followups
September 07, 2003

Slashdot deject

Y'know, it's extremely discouraging to find that I'm recently getting more readers to my website as a result of Slashdot trolls, than I ever get from my censorware reports, when that work is constrained to publicity via third-string websites (sorry, my friends there, that's just the numbers - note I didn't say third-rate).

On Friday, I spent some time chasing around to several people to mention my research in connection with various post-CIPA (Federal library censorware law) efforts, to favorable results. But the sum total audience there seems to less than one popular Slashdot comment. Now, one could argue it's a much better class of people, quality over quantity. But still, the relative "reach" numbers are daunting.

The worst outcomes of my life have come from not believing in mathematics. And mathematics is staring me here in the face. I am caught between "shouting to the wind" (nobody reading my work) and "telling it to the judge" (which will be the inevitable result of doing work that absolutely will be read).

Update: Ambiguity ... Clarification: By "Slashdot trolls", I meant Slashdot's population of trolls doing troll things, not that I posted troll messages! I almost never post to Slashdot these days (note my uid is #90154)

By Seth Finkelstein | posted in activism | on September 07, 2003 11:59 PM | (Infothought permalink) | Comments (2) | Followups
September 06, 2003

Carlisle Barracks censorware's

Censorware ... it's not just for libraries anymore (in the US) ...

According to the article Carlisle Barracks blocks Web site:

Saturday, September 06, 2003 BY MATT MILLER Of The Patriot-News

CARLISLE - A freedom of speech battle is brewing over a decision by Carlisle Barracks leaders to block access to an Internet site that purports to uncover military corruption.

The move to bar Army post workers from logging onto was taken to "preserve morale, good order and discipline," barracks spokeswoman Lt. Col. Merideth Bucher said.

"The command blocked access to the Web site from government work stations because of complaints by Carlisle Barracks employees that this site consists of rumors, unsubstantiated allegations, innuendo and personal name-calling," Bucher said.

(more at link)

Note this doesn't look like a censorware company blacklist issue, but rather a specific directive that a local installation ban a political site (to "preserve morale, good order and discipline").

My own point is that censorware is not just for parents who want to "protect children". It's intrinsically for control of what people are allowed to read.

By Seth Finkelstein | posted in censorware | on September 06, 2003 11:53 PM | (Infothought permalink) | Followups
September 05, 2003

"Obscenity Link Filter"?

I noticed the following interesting news from the censor-world:
"Feds Target Typo-Driven Porn Operation". Most notably:

Computer pornography is a major problem. It is especially offensive when it is sent to your computer by unsolicited e-mail -- or "spam." To counter this aspect of the problem, Focus on the Family, in connection with David Burt, of filtering company N2H2, have created the "Obscenity Link Filter" -- a way for you to forward unsolicited pornographic e-mail ("porn spam") to authorities, without having to download or view pornographic images.

Hmm, interesting Religious-Right connections here ...

Anyway, I couldn't resist, what is this thing? It seems to be some sort of link-extractor which operates on spam email. I hate to imagine an average person trying to use it though, since the instructions brought to mind all the jokes about bad instructions manuals.

But I suppose it's considered good PR all around, even if it's almost useless.

By Seth Finkelstein | posted in censorware | on September 05, 2003 11:57 PM | (Infothought permalink) | Followups
September 04, 2003

Chamberlain v. Skylink - Garage Door Opener as (not) DMCA Violation

Chamberlain v. Skylink, aka "Is a Garage Door Opener a Circumvention Device?" is the hot DMCA topic now. A decision has been rendered that it not automatically (pun intended), as a matter of law ("summary judgment") such a circumvention device. This is what passes for a DMCA victory nowadays ...

IP Justice has been publicizing the outcome, with comments and a case archive (Hmm, competition, there's more items there than in the EFF case archive)

I've seen commentary today from at least Ed Felten, Ernest Miller at Lawmeme and Derek Slater.

The key passage causing the most argument seems to be this (emphasis mine):

Furthermore, the homeowner has a legitimate expectation that he or she will be able to access the garage even if his transmitter is misplaced or malfunctions. During oral arguments on this motion, Plaintiff acknowledged that under its interpretation of DMCA, a garage owner violates the Act if he or she loses the transmitter that came with its Chamberlain rolling code GDO, but manages to operate the opener by somehow circumventing the rolling code. This court agrees with Defendant that the DMCA does not require such a conclusion.

I submit this is an instructive illustration of my focus on whether the court considers the plaintiff or the defendant to be a good guy or a bad guy. This passage is in essence "The defendant is not a Bad Guy. It's arguably a Good Guy. So they aren't required to be slammed".

That sort of analysis is NOT the whole of any decision, and I'd be misinterpreted if it were thought that was my view. However, reading decisions, I've come to believe that perception matters much more than lawyers like to admit, at least in public.

The following passage, a little earlier, has a slight misspeaking, but that's not the problem (again emphasis mine)

The district court in Reimerdes was looking at a set of facts quite distinct from those presented here: Plaintiff there had encoded its DVD's and licensed the software necessary to circumvent this encoding process to manufacturers of DVD players. As a result, the plaintiff in Reimerdes did in fact authorize certain circumvention of its technological protective measure pursuant to a license. It did not authorize circumvention by means of nonlicensed software.

The judge obviously meant to say decryption where she has circumvention. But again, that's just a small misuse of wording.

Honestly, what I think she's struggling to say, is that in Reimerdes (the 2600 DeCSS case) the plaintiffs were Good Guys protecting Intellectual Property threatened by Pirates/Bad Guys. But here, "activating a Garage Door Opener" (GDO) isn't Intellectual Property, the defendant isn't a Bad Guy, so the plaintiff should stop being silly.

Indeed, in a way, that's the core of the actually decision:

CONCLUSION The court concludes there are disputes of material fact concerning whether the computer program in Chamberlain's rolling code is a work protected by copyright and whether the owner of a Chamberlain rolling code GDO is authorized to use the Model 39 universal transmitter.

But to consider this a big DMCA victory only shows how bad is everything else.

By Seth Finkelstein | posted in dmca , legal | on September 04, 2003 11:59 PM | (Infothought permalink) | Comments (1) | Followups
September 03, 2003

Eeyores vs. Tiggers

Derek Slater had an extensive post On Bunner, where he remarked in a passage:

Seth "Eeyore" Finkelstein (who's been posting a lot about Bunner) and I discussed this awhile back. ....

The reference caught my eye, in an amusing way. Hmm, I thought, wasn't Lessig also Eeyore?

That inspired me: Forget Liberals vs. Libertarians or Geeks vs. Suits. An unexamined divide is Eeyores vs. Tiggers.

Especially when I saw this quote from Eeyore, which sums up much:

'Sometimes he thought sadly to himself "Why?" and sometimes he thought "Wherefore?" and sometimes he thought "Inasmuch as which?" - and sometimes he didn't quite know what he was thinking about.'

Remember the Tigger is described as:

Their tops are made out of rubber. Their bottoms are made out of springs. They're bouncy, trouncy, flouncy, pouncy Fun, Fun, Fun, Fun, Fun!

Unfortunately, there is not just only one (link omitted out of self-preservation). Anyway, it's fun to be a Tigger. (fun, fun, fun, fun, fun!) You get to be bouncy, trouncy, flouncy, pouncy. To sing of "Emergent Pundocracy" and "Smart Snobs", go on about "The Second Soupy Powder". Who wouldn't want to live in "Cyber's Place", the new home of wunderkind?

By contrast, being an Eeyore is indeed pretty gloomy. It's no - fun - at - all. Copyblight and shrinking-wrap and trade-bleakness and De-'Em-See-Away. Lawsuits and lawyers and liability and losing.

However, the Eeyores tend to be right, while the Tiggers get to be popular. But to quote Eeyore,

'Pathetic. That's what it is. Pathetic.'

By Seth Finkelstein | posted in cyberblather , infothought | on September 03, 2003 11:09 PM | (Infothought permalink) | Followups
September 02, 2003

Ian Clarke GrepLaw interview, and leaving America follow-up

Greplaw has an interview with Ian Clarke where he discusses many things, including his comment about leaving America ("it was an off-the-cuff remark ... and it was taken out of context"). Though he is still leaving. I actually did write him about this issue earlier, as I debated last month, and he gave me permission to post his reply. Frankly, at the time, I decided not to go ahead and post, because I just didn't want to get-into-it so deeply. Not after the negatives of being trashed by John Gilmore on the front page of Lessig's blog, from my calling the "Suspected Terrorist" stunt "a millionaire's version of trolling". The point here being that there was no way I could gain by opposing the sensationalism. Very sadly, the hypsters could just slam me, and I wouldn't be able to fight back. But now that Greplaw has it in the story, there's probably (probably ...) no harm in my posting. So see below.

Date: Thu, 14 Aug 2003 20:41:50 -0700
From: Ian Clarke
To: Seth Finkelstein
Subject: Re: America

Yes, and I am afraid not :-)

Unfortunately the publicity around my departure is somewhat misleading, although this is partially my own fault. I never wanted or expected the slashdot comment which started this to be widely publicized, I didn't even expect people to attribute it directly to me (yeah yeah - should have posted as an AC), and I certainly didn't want my departure to attract such attention.

It was irresponsible for some people to describe that paragraph as an "announcement" - when it was actually an off-the-cuff /. post buried deep within a heated debate (the original culprit was

While it is true that I am concerned about the political direction of this country, and extremely concerned about the way this country seems to treat non-Citizens as being less than human, there are other reasons for my departure too, including the cost and limitations involved in maintaining my work visa, and the fact that most of my revenue these days is coming from the EU anyway meaning that there is little business reason for me to remain here.

There is also the concern that Intellectual Property law is enforced much more broadly here than in other places, and with less concern for the "little guy" - which could make me vulnerable should one of my current or future P2P-related projects upset the RIAA or MPAA.

So I am grateful and flattered that you might seek to persuade me not to leave, but my mind is made up - and despite the sensationalist publicity - it isn't all John Ashcroft's fault ;-) I like America, if not its current government, but it just doesn't make sense for me to stay here - perhaps I will return one day.

All the best,


On Thu, Aug 14, 2003 at 11:28:38PM -0400, Seth Finkelstein wrote:
> Ian, are you serious about "leaving America"? Would you
> be open to any counter-thoughts from me on the matter?
> --
> Seth Finkelstein Consulting Programmer

Ian Clarke
Coordinator, The Freenet Project

[Additional note]

On Sat, Aug 16, 2003 at 05:58:03PM -0400, Seth Finkelstein wrote:
> OK, understood. Can I publicize/circulate the below, as an
> antidote to some of the sensationalism?



By Seth Finkelstein | posted in journo , politics | on September 02, 2003 11:59 PM | (Infothought permalink) | Followups
September 01, 2003

"Concerned Women for America" Censorware Advocacy Legal Memo

"Concerned Women for America" has a memo on CIPA, the Federal library censorware law. It's useful for understanding censor's strategy. I was looking around to see where it was being flacked. Notable, a "Traditional Values Coalition" article is urging censors to:

TAKE ACTION: Download a copy of LaRue's memorandum and send a copy to your local library and/or to members of the library board in your city. Urge them to implement the suggestions in this paper.

This made for a sad contrast to a recent lament by Karen Schneider to librarians that
"We as a profession haven't done diddly squat beyond talk and process and talk and process some more."

Sadly, talk and process is easy, while action is hard.

And censors work together, while civil-libertarian, as a rule, do not. Again, I've basically been "taken out" by my own (nominal) side.

By Seth Finkelstein | posted in censorware | on September 01, 2003 11:59 PM | (Infothought permalink) | Followups