The Revived Encryption Wars Continue (updated)

The Latest (07.07.2015):

Keys Under Doormats: Mandating Insecurity by Requiring Government Access to All Data and Communications (pdf; 34 pages) – MIT Computer Science and Artificial Intelligence Laboratory Technical Report (July 6, 2015)

Code Specialists Oppose U.S. and British Government Access to Encrypted Communication – New York Times on the July 6th MIT report

Encryption, Public Safety, and ‘Going Dark’ – FBI Director James Comey writing at LawFare in advance of several Congressional hearings July 8th on encryption and related issues:

• 07:00 a.m. (PDT) – Senate Judiciary Committee – Going Dark: Encryption, Technology, and the Balance Between Public Safety and Privacy with FBI Director, James Comey, and several others

• 11:15 a.m. (PDT) – Senate Judiciary Committee, Subcommittee on Crime and Terrorism – Cyber Crime: Modernizing our Legal Framework for the Information Age

• 11:30 a.m. (PDT) – Senate Intelligence Committee – Counterterrorism, Counterintelligence, and the Challenges of ‘Going Dark’ with FBI Director, James Comey

Let’s Get Real About Decryption, Says GCHQ Tech Director – ComputerWeekly

It’s Time to End the ‘Debate’ on Encryption Backdoors – Kevin Bankstown at JustSecurity arguing that it is time for FBI head James Comey to admit that he has lost the battle over encryption backdoors

Encryption, Biometrics, and the Status Quo Ante – Paul Rosenzweig at LawFare proposing mandatory biometric encryption, a novel, but problematic proposal in the encryption debate

The Battle Between Washington and Silicon Valley Over Encryption – CSM’s Passcode

Background – 2014-15, the Crypto Wars Return

James Comey, F.B.I. Director, Hints at Action as Cellphone Data Is Locked – The New York Times, and FBI director Attacks Tech Companies for Embracing New Modes of Encryption; James Comey says Data Encryption Could Deprive Police and Intelligence Agencies of Potentially Live-saving Information – The Guardian

How Do We Build Encryption Backdoors? – Professor Matthew Green (Johns Hopkins) analyzes the problems with building encryption backdoors, including split key approaches, at his A Few Thoughts on Cryptographic Engineering blog

You Can’t Backdoor a Platform – Jonathan Mayer at his Web Policy blog

As Encryption Spreads, U.S. Grapple with Clash between Privacy, Security – Ellen Nakashima and Barton Gellman writing in The Washington Post reveal that federal officials are considering a variety of means of ensuring access to encrypted communications, including split key approaches, as well as, in certain circumstances, mirror accounts. Under the split key approach (difficult from an engineering and cryptography standpoint), a technology company creates a decryption key that is split into pieces, with different pieces held by different parties, and all of the pieces are needed for decryption. But even aside from the question of trust in the holders of the key parts, risk of disclosure of the decrypted information and the like, as security expert/researcher, Dino A. Dai Zovi (@dinodaizovi) tweeted: “The big question of the #cryptodebate isn’t whether vendors can make a decryption key for USG, but what happens when other [governments] want it too?”

Apple Will No Longer Unlock Most iPhones, iPads for Police, even with Search Warrants – The Washington Post

iPhone Encryption and the Return of the Crypto Wars – Bruce Schneier

What NSA Director Mike Rogers Doesn’t Get About Encryption – Julian Sanchez at CATO

What President Obama is getting wrong about encryption – The Washington Post

The FBI Keeps Demanding Impossible Solutions to Its Encryption Problem – MotherBoard/Vice

Background – the 1990’s (and earlier) Crypto Wars

Keeping Secrets: Four Decades Ago, University Researchers Figured out the Key to Computer Privacy, Sparking a Battle with the National Security Agency that Continues Today. – Henry Corrigan-Gibbs (Stanford Magazine)

Encryption and Globalization – a 2011 academic paper (Columbia Science and Technology Law Review, Vol. 23, 2012) by Peter Swire and Kenesa Ahmad, which includes a brief summary of the original 90’s “Crypto Wars”

Crypto Wars – Wikipedia

Hacker Lexicon: What is End-to-End Encryption – Wired

Related

Want to Protect your Phone from the Cops? You Might Want to Use a Passcode, Not a Fingerprint; Virginia Court Rules Using Fingerprint Technology to Protect Your Phone Doesn’t Carry Same Legal Rights as Passcodes – FastCompany

07/7/2015: 

Recommended: Law, Tech and Policy

Opinion: The Reasonable Expectation Fallacy – Dan Geer writing at CSM’s Passcode

The Intercept on XKEYSCORE: XKEYSCORE: NSA’S Google for the World’s Private Communications and Behind the Curtain; a Look at the Inner Workings of NSA’s XKEYSCORE

Hackers Installed Sophisticated Malware on U.S. Computers. Why Doesn’t Anyone Care?; The Worm was Designed to Gather Intelligence on the Ongoing Iranian Nuclear Talks – Reason on the Duqu2 worm

Cyber-Espionage Nightmare; A Groundbreaking Online-spying Case Unearths Details that Companies Wish You Didn’t Know About How Vital Information Slips Away From Them – MIT Technology Review

Introducing the ‘Right to Eavesdrop on Your Things’; Data Privacy is a Big Enough Deal that Americans Need a New Right – Stanford professor Keith Winstein at Politico

Presentation by Benedict Evans of Andreessen Horowitz on how “Mobile is Eating the World”

As More Tech Start-Ups Stay Private, So Does the Money – Farhad Manjoo in the New York Times

The Rabbit-Hole of ‘Relevant’ – Mattathias Schwartz in the New York Times:

“When a law has a name like ‘Patriot’ or ‘Freedom,’ it’s a sign that you should read the fine print. Somewhere down there, in the terraced subclauses of some forgettable subsection, is a word with a special meaning, a word that offers shelter and concealment to whatever it is that the law actually does.”

Three Pieces on the Open Web: Dave Winer – Key Concept of the Open Web: Working Together; David Weinberger – The Internet That Was (and Still Could Be); As Corporations Like Facebook Gain Control Over More and More Online Activities, the Web’s Core Values are at Stake; and Dries Buyteart – Winning back the Open Web.

The Wait-for-Google-to-Do-It Strategy; America’s Communications ­Infrastructure is Finally Getting Some Crucial Upgrades Because One Company is Forcing ­Competition When Regulators Won’t – MIT Technology Review

A New Wave of US Internet Companies is Succeeding in China—By Giving the Government What it Wants – Josh Horowitz at Quartz

The End of Advertising As We Know It – Michael Wolff

07/6/2015: 

Impact of Trade Pacts on IP and the Internet (link roundup)

Texts (TPP, TISA and TTIP):

TPP (Trans Pacific Partnership), TISA (Trade in Services Agreement) and TTIP (Trans-Atlantic Trade and Investment Partnership) texts have not yet been made officially public, although at least portions of certain drafts have been leaked by Wikileaks (Wikileaks July 2, 2015 press release).

Trade Promotion Authority (2015):

Wikipedia on trade fast track

On Trade, Here’s What the President Signed into Law – White House blog

Trade Promotion Authority (TPA) and the Role of Congress in Trade Policy (pdf; 24 pages) – Congressional Research Service

Analysis and Opinion:

Privacy Is Not a Barrier to Trade; How a Secretive Trade agreement Could Change the Global Internet – law professor Margot Kaminski at Slate

TISA: Yet Another Leaked Treaty You’ve Never Heard Of Makes Secret Rules for the Internet – EFF

A Congressional Straightjacket: Fast-Tracking the TPP – law professors Gregory Shaffer and Jack Lerner at The Huffington Post

Another Leaked Trade Agreement, Another Reason to Oppose Fast Track – law professor David Singh Grewal at The Huffington Post

TISA: analysis of the leaked ‘core text’ (pdf; 7 pages) – law professor Jane Kelsey

Leaked: What’s in Obama’s Trade Deal – Politico

07/5/2015: 

Quote of the Day

Dave Aitel on the OPM hack:

“But there’s a little silver lining in the OPM hack, and it is this: (1) Covert identities are dead anyways, because databases full of biometrics are everywhere, and you can read someone’s fingerprints off any beer glass faster than you can say ‘Your Cover Is Blown, Ethan Hunt’. That’s not even counting the DNA revolution of being able to map the entire human family tree out that nobody is talking about yet. Regardless, you cannot hide WHO you are in the modern age if for no other reason than Facebook exists. Deal with it. (2) The entire clearance system as a whole has been obliterated by modern information sciences.”

From the Dailydave Digest; subscribe here.

07/5/2015: 

New Department of Defense Law of War Manual Chapter on Cyber Operations (updated)

The new DOD manual is the first since 1956 (pdf; 1,176 pages, with the Cyber Operations portion (Chapter XVI) spanning 15 pages in the pdf, from page 994 to 1009).

Professor Kristen Eichensehr (UCLA Law School) writing at JustSecurity discusses how the new manual’s provisions treat hacking incidents such as the OPM hack.

Just Security’s “mini forum” (series of related posts) on the new Law of War Manual.

07/4/2015: 

Are APIs Copyrightable (link roundup – updated for Supreme Court denial of cert)

Update: Supreme Court Declines to Hear Appeal in Google-Oracle Copyright Fight – New York Times:

“Monday’s Supreme Court decision, which was specific to this appeal, means the Oracle-Google saga will now move back to the lower courts to determine another aspect of the case: Even though Google was using copyrighted software, was it only making ‘fair use’ of it . . . ‘You shouldn’t let the owner of an A.P.I. end up owning the other person’s program,’ said Michael Barclay, special counsel to the Electronic Frontier Foundation, a tech nonprofit devoted to civil liberties. ‘I don’t think we’ll find out how bad a day this is for a long time.'”

Previously – Solicitor General Brief Argued APIs are Copyrightable:

Considering whether to grant certiorari in the Google v. Oracle America case, the Supreme Court earlier in 2015 asked the government to weigh in on the dispute. In response, the Solicitor General filed its brief, surprisingly taking the position that APIs are subject to copyright protection.

The Solicitor General’s Brief for the United States as Amicus Curiae (pdf; 23 pages)

News Reaction to Solicitor General Brief:

Let Oracle Own APIs, Justice Department Tells Top Court in Surprise Filing – Fortune

White House Sides with Oracle, tells Supreme Court APIs are Copyrightable; Unlicensed Use of APIs Might be a Fair Use, US says – ArsTechnica

Marc Andreesen tweet: “Obama Administration to software programmers: Drop dead!”

The Solicitor General’s Peculiar Brief in Google v. Oracle – Computer & Communications Industry Association (CCIA), Disruptive Competition Project

Google Versus Oracle Case Exposes Differences within Obama Administration – Reuters

How Oracle Versus Google Could Ruin Software Development – Lifehacker

Background:

Oracle America v. Google – Wikipedia

List and Links to Rulings and Related Filings (under the Tab “Documents” following the brief article) – EFF

See, in particular, the November 2014 “Brief of Amici Curiae Computer Scientists in Support of Petitioner” (pdf; 27 pages, excluding list of amici and tables of content and cited authorities)

Appeals Court Ruling (May 2014) – Court of Appeals for the Federal Circuit

The Appeals Court Decision (pdf; 69 pages)

Reaction (at that time): Tech World Stunned as Court Rules Oracle Can Own APIs; Google Loses Copyright Appeal – GigaOm

Original Trial and Decision (May 2012) – U.S. District Court, Northern District of California

The Original Copyright Related Rulings: “Order re: copyright ability of certain replicated elements of the JAVA application programming interface” (pdf; 41 pages) and “Findings of Fact and Conclusions of Law on Equitable Defenses” (pdf; 3 pages)

News Article Summing Up the Patent Portion of the Case: Jury Clears Google of Infringing on Oracle Patents – ZDNet

Reaction (at that time): Google Wins Crucial API Ruling, Oracle’s Case Decimated; Java API Packages ‘free for all to use under the Copyright Act’ – ArsTechnica

07/1/2015: 

Recommended Movies, TV & Music from the 1st Half of 2015:

Movies:

Slow West (Rotten Tomatoes Critics 88%), Ex Machina (Rotten Tomatoes Critics 91%), Ida (from 2014)(Rotten Tomatoes Critics 96%), Locke (from 2014)(Rotten Tomatoes Critics 91%), and A Girl Walks Home Alone at Night (from 2014)(Rotten Tomatoes Critics 96%).

TV (in addition to Game of Thrones, Mad Men, Walking Dead, and The Americans):

Wolf Hall (Rotten Tomatoes Critics 100%), Fortitude (Rotten Tomatoes Critics 88%), The Missing (uk series; season one)(A.V. Club: B), Happy Valley (uk series; season one)(Rotten Tomatoes Critics 100%), Broadchurch (uk series; season two)(Rotten Tomatoes Critics 90% season one and 85% season two), Utopia (uk series; seasons one and two; U.S. David Fincher/Gillian Flynn version currently in production), Witnesses (Les Témoins) (french series; season one), Justified (Rotten Tomatoes Critics 100%), and Better Call Saul (Rotten Tomatoes Critics 100%).

Music:

Sufjan Stevens “Carrie & Lowell” (Pitchfork 9.3, Metacritic 90, AV Club A); Torres “Sprinter” (Pitchfork 8.0, Metacritic 81); Courtney Barnett “Sometimes I Sit . . . “ (Pitchfork 8.6, Metacritic 88, AV Club A-); Donnie Trumpet & The Social Experiment “Surf” (Pitchfork 8.3, Metacritic 87, AV Club A-); Levon Vincent [self titled] (Pitchfork 8.3, Metacritic 85); Waxahatchee “Ivy Tripp” (Pitchfork 8.1, Metacritic 81, AV Club B+); Twerps “Range Anxiety” (Pitchfork 7.5, Metacritic 70); Girlpool “Before the World Was Big” (Pitchfork 7.8, Metacritic 79); The Bad Plus Joshua Redman [self titled] (Metacritic 84); Los Hijos De La Montana [self titled]; The Drink “Company” (from 2014); Kamasi Washington “The Epic” (Pitchfork 8.6); and Screaming Females “Rose Mountain” (Pitchfork 6.7, Metacritic 77, AV Club B+).

07/1/2015: 

Wassenaar Arrangement Implementation

Proposed Implementation:

Bureau of Industry and Standards’ Wassenaar Arrangement 2013 Plenary Agreements Implementation: Intrusion and Surveillance Items (pdf; 49 pages)

BIS FAQs on the Intrusion and Surveillance Items Implementation

Background:

Wassenaar Arrangement – Wikipedia

The International Rules that Have the Security World on Alert – The Verge

Analysis and Opinion:

Why an Arms Control Pact has Security Experts Up in Arms – Kim Zetter in Wired

Proposed U.S. Export Controls: Implications for Zero-Day Vulnerabilities and Exploits – Mailyn Fidler at LawFare

Changes to Export Control Arrangement Apply to Computer Exploits and More – Jennifer Granick and Mailyn Fidler at JustSecurity

What Is the U.S. Doing About Wassenaar, and Why Do We Need to Fight It? – EFF

Also from the EFF: Commerce Department FAQ on Proposed Wassenaar Implementation Gives Answers, Raises More Questions

Why Changes to Wassenaar Make Oppression and Surveillance Easier, Not Harder – ADD/XOR/ROL blog

Why You Should Fear the New Regulations More Than You Think – Dave Aitel

Related:

Regulating the Zero-Day Vulnerability Trade: A Preliminary Analysis (pdf; 78 pages) – academic paper by Mailyn Fidler forthcoming in “I/S: A Journal of Law and Policy for the Information Society”

The OPM Hack (link roundup)

How Bad? Very Bad:

Newly Disclosed Hack Got ‘Crown Jewels’; ‘This is Not the End of American Human Intelligence, but it’s a Significant Blow,’ a Former NSA Official Says– Politico

Hackers May Have Obtained Names of Chinese With Ties to U.S. Government – New York Times

The Hack on the U.S. Government was Not a ‘cyber Pearl Harbor’ (But it was a Very Big Deal) – Washington Post

Officials: Chinese Had Access to U.S. Security Clearance Data for One Year – Washington Post

Attack Gave Chinese Hackers Privileged Access to U.S. Systems – New York Times

China’s Hackers Got What They Came For – The Hill

Hacking as Offensive Counterintelligence;   China’s Hack Just Wrecked American Espionage and China’s Spies Hit the Blackmail Jackpot With Data on 4 Million Federal Workers – John Schindler at his XXCommittee blog and at The Daily Beast

How Was It Discovered? During a Product Demo:

Report: Hack of Government Employee Records Discovered by Product Demo Security Tools Vendor Found Breach, Active over a Year, at OPM During Sales Pitch – ArsTechnica

Level of OPM Incompetency? High. Very Old Software, Unencrypted Databases, and Foreign Contractors, Including Chinese, with Root Access:

Encryption “would not have helped” at OPM, Says DHS Official; Attackers had Valid User Credentials and Run of Network, Bypassing Security – ArsTechnica, with details of the OPM systems and lack of security

  “!! OPM IT outsourced to foreigner contractors, with root access, working from their home country. In this case, China” – John Schindler (@20committee): June 17, 2015

Oversight Chairman: Fire Leaders of Hacked Agency – Politico

Related:

5 Chinese Cyber Attacks That Might Be Even Worse Than the OPM Hack – Defense One

Quotes:

Former NSA and CIA Director, Michael Hayden (quote via Benjamin Wittes @ Lawfare.com) as to what he would have done if he had had the ability to get Chinese records equivalent to the OPM records when he was serving in his IC positions:

“I would not have thought twice. I would not have asked permission. I’d have launched the star fleet. And we’d have brought those suckers home at the speed of light . . . This is shame on us for not protecting that kind of information.”

From Benjamin Wittes writing on the OPM hack at LawFare in his post “Is the Privacy Community Focused on the Wrong Government?“:

“For the record, I have no problem with the Chinese going after this kind of data. Espionage is a rough business and the Chinese owe as little to the privacy rights of our citizens as our intelligence services do to the employees of the Chinese government. It’s our government’s job to protect this material, knowing it could be used to compromise, threaten, or injure its people—not the job of the People’s Liberation Army to forebear collection of material that may have real utility. Yet I would have thought that privacy groups that take such strong views of the need to put limits on American collection, even American collection overseas against non-U.S. persons, would look a little askance at a foreign intelligence operation consisting of the bulk collection of the most highly-personal information—an operation involving not only government employees but also those close to them. You’d think this would raise someone’s privacy hackles, if not mine.”

Adam Elkus writing at BusinessInsider:

“[C]leaning up the systematic dysfunction in OPM and other agencies will require a harsh and swift hand and plenty of pink slips. Fantasizing about super-hackers and visions of cyber-doom are more fun than the boring but necessary drudgery, for example, of modernizing a decrepit and decaying federal information technology base or ensuring that basic security protocols are observed.”

Megan McArdle at BloombergView:

“The serial IT disasters we have seen over the past seven years do not need a blue-ribbon commission or a really stern memo to fix them. If we want these holes fixed before they become catastrophic, we need leaders with a scorched-earth determination to have adequate IT. The only way that determination happens is if these failures become an existential threat to the careers of the politicians in charge.”

06/18/2015: 

Recommended:

Law, Tech and Policy

Got Your Number: Cyber-attacks Make Us Rethink the Idea of Social Security Numbers – California Magazine

Mary Meeker’s annual Internet Trends presentation

What is Code? – an excellent long-read by Paul Ford in Bloomberg BusinessWeek

Tomorrow’s Advance Man – Marc Andreessen’s Plan to Win the Future – New Yorker

Why the Blockchain Matters – Reid Hoffman at Wired UK

Quantum Computing is About to Overturn Cybersecurity’s Balance of Power – Washington Post

What is ‘Cybersecurity Law’? – Orin Kerr in The Washington Post

According To The Government, Clearing Your Browser History Is A Felony – TechDirt;   Also, When It’s a Crime to Withdraw Money From Your Bank – New York Times

General Interest

The Fallen of WWII – a captivating visualization (I watched the video (18 minutes); there is also an interactive version) of WWII casualties, including in relation to post-WWII conflicts. Highly recommended.

The Rise and Fall of Silk Road (part I and part II) – Wired; and Sunk: How Ross Ulbricht Ended up in Prison for Life – Inside the Trial that Brought Down a Darknet Pirate – ArsTechnica

26 years after Tiananmen, Chinese Millennials are Forgetting to Fear their Government – Gwynn Guilford at Quartz

Do You Fear an Elite Population of Enhanced Babies? – FuturePundit

These Stunning Photos of New Zealand’s Largest Gang Will Give You Sleepless Nights – Vice

Vinod Khosla @ The Stanford Graduate School of Business: “Failure Does Not Matter – Success Matters”


As is readily apparent from the video, Khosla has a very healthy ego, for the most part earned. There are various versions of this talk on the web, but this recent appearance at Stanford GSB is one of the better. The key portion is from the beginning to 35:30 (when the audience questions begin).

06/18/2015: 

Where is the Internet?


Image © 2010 j.r.mchale; all rights reserved

An interesting short piece (five paragraphs and an eleven photo slide show) entitled Internet I.R.L. in today’s New York Times magazine about photographer Dave Greer‘s current project photographing where pieces of the internet backbone and related data centers are housed. Tidbit from the article about the One Wilshire building in the above photograph (taken by me from my former loft in downtown Los Angeles): “In 2013, One Wilshire sold for $437.5 million, the highest price per square foot (about $660) ever paid for a downtown Los Angeles office building. Why? Because the Internet. The building is one of the world’s largest data-transfer centers — tenants include network, cloud and information-technology providers — and serves as a major West Coast terminus for trans-Pacific fiber-optic cables.” An excellent reminder that the internet is not some amorphous thing ‘in the cloud’, but based on tangible, physical things, including circuits, switches, servers, cables and other equipment – in many cases, housed in buildings or buried under ground or sea.

06/6/2015: 

Algorithms: the Good, the Bad & the Ugly

From Smoke-Filled Rooms to Computer Algorithms – The Evolution of Collusion – Ariel Ezrachi and Maurice Stucke at The CLS Blue Sky Blog

When Bots Collude – The New Yorker

The FTC is Worried about Algorithmic Transparency, and You Should be Too – PCWorld

Academic Papers:

Artificial Intelligence & Collusion: When Computers Inhibit Competition – Ariel Ezrachi and Maurice Stucke (pdf available at the link; 38 pages)

Antitrust and the Robo-Seller: Competition in the Time of Algorithms – Salil K. Mehra (pdf available at the link; 60 pages)

Recent DOJ Action:

Former E-Commerce Executive Charged with Price Fixing in the Antitrust Division’s First Online Marketplace Prosecution – Department of Justice Press Release. The Topkins DOJ charges: – pdf (5 pages)

05/15/2015: 

Quote of the Day:

“Usability is critical. Lots of good crypto never got widely adopted as it was too hard to use; think of PGP. On the other hand, Tails is horrifically vulnerable to traditional endpoint attacks, but you can give it as a package to journalists to use so they won’t make so many mistakes. The source has to think ‘How can I protect myself?’ which makes it really hard, especially for a source without a crypto and security background. You just can’t trust random journalists to be clueful about everything from scripting to airgaps. Come to think of it, a naive source shouldn’t trust their life to securedrop; he should use gpg before he sends stuff to it but he won’t figure out that it’s a good idea to suppress key IDs. Engineers who design stuff for whistleblowers and journalists must be really thoughtful and careful if they want to ensure their users won’t die when they screw up. The goal should be that no single error should be fatal, and so long as their failures aren’t compounded the users will stay alive.”

— Ross Anderson at Light Blue Touchpaper

05/12/2015: 

Recommended:

Law, Tech and Policy

An Updated Readers’ Guide on Section 215 and the USA Freedom Act – Just Security

Concerns of an Artificial Intelligence Pioneer – Quanta

All Job Increases Since 2001 are in Non-Routine Work – FuturePundit, commenting on Is Your Job ‘Routine’? If So, It’s Probably Disappearing – Wall Street Journal. But with a bit of the contrary view – Be Calm, Robots Aren’t About to Take Your Job, MIT Economist Says – Wall Street Journal. Also: ProfessorDavid H. Autor’s (MIT) paper Polanyi’s Paradox and the Shape of Employment Growth (pdf; 47 pages), which is cited in the WSJ article. From the abstract: “A key observation of the paper is that journalists and expert commentators overstate the extent of machine substitution for human labor and ignore the strong complementarities. The challenges to substituting machines for workers in tasks requiring adaptability, common sense, and creativity remain immense.”

The Computers are Listening; How the NSA Converts Spoken Words Into Searchable Text (part 1) and (part 2) – The Intercept

With Lock Research, Another Battle Brews in the War Over Security Holes – Wired

Tor Browser 4.5 is Released – The Tor Project; plus there’s a relatively recent new version of SecureDrop (0.3) – Announcing the New Version of SecureDrop, with the Results from our Third Security Audit (March 23rd) – Freedom of the Press Foundation and related commentary at BoingBoing. Also: The People Who Risk Jail to Maintain the Tor Network – Motherboard/Vice

Smartphone Secrets May Be Better Than a Password – MIT Technology Review, and the related academic paper ActivPass: Your Daily Activity is Your Password (pdf; 10 pages)

Encrypting Your Laptop Like You Mean It and Passphrases that You Can Memorize, but that Even the NSA Can’t Guess – Micah Lee at The Intercept

SEC Adopts Rules to Facilitate Smaller Companies’ Access to Capital – the SEC’s press sheet and fact sheet on its revisions to Regulation A. Also: pdf of the Final Rules and supplementary information (454 pages).

The Mission to Save the Internet by Rewiring it from the Name Up – Motherboard/Vice

China Rates its Own Citizens, Including Online Behavior – Volkskrant; and Planning Outline for the Construction of a Social Credit System (2014-2020) – China Copyright and Media

General Interest

Natural Police: Seen through Game Theory, Cancer and Police Corruption are Pretty much the Same Thing, and for One of Them, There’s a Cure – Aeon

Where the Real Skyscrapers Are; Hint: North Dakota – ArchDaily on TV masts as some of the tallest structures in the world

The Messy Business of Reinventing Happiness: Inside Disney’s Radical Plan to Modernize its Cherished Theme Parks – FastCompany

ZPM Expresso and the Rage of the Jilted Crowdfunder – New York Times; but see Professor James Grimmelmann Riskstarter; Kickstarter is a Tool for Managing Risk. Also: A Crowdfunded Startup Explains why Crowdfunding can be a Complete Disaster – Verge

New Study Shows that People Stop Listening to New Music at 33 – A.V.Club

05/11/2015: 

Second Circuit Bulk Collection Decision (link roundup)

The Opinion: pdf (110 pages)

News Reports:

NSA Program on Phone Records is Illegal, Court Rules – Washington Post

NSA Phone Program is Illegal, Appeals Court Rules – Wall Street Journal

Audio Summary for Laypersons: Professor William McGeveran on Wisconsin public radio (approx. 10 minutes)

Analysis and Opinion:

Second Circuit Rules that Section 215 Does Not Authorize Telephony Bulk Collection Program – Marty Lederman at Just Security

Second Circuit Rules, Mostly Symbolically, that Current Text of Section 215 Doesn’t Authorize Bulk Surveillance – Orin Kerr in the Washington Post

Court Backs Snowden, Strikes Secret Laws – Noah Feldman at BloombergView

Background Legal Paper by an Attorney for one of the Amici Curiae: Bulk Metadata Collection: Statutory and Constitutional Considerations by Laura Donohue (2013)(pdf download at the link)

Impact on Patriot Act Section 215 Status/Sunset:

How the Second Circuit’s Decision Changes the Legislative Game – Liza Goiten at LawFare

The Second Circuit and the Politics of Surveillance Reform – Steve Vladeck at Just Security

Related:

If the Supreme Court Tackles the NSA in 2015, It’ll be One of these Five Cases – The Hill

05/8/2015: 

Recording the Police

What to Say When the Police Tell You to Stop Filming Them – The Atlantic

Legal Background:

A Due Process Right to Record the Police – Glenn Reynolds and John Steakley (pdf download at the link)

Citizen Recordings of Police in Public Places — First Amendment Protection? – A very good legal roundup at Concurring Opinion

Helpful Apps:

It’s Your Right to Film the Police; These Apps Can Help – Wired

New ACLU Mobile Justice App Empowers Public to Safeguard Rights – ACLU of Northern California