Vanity Fair suggests that Sarah Palin's distinctive voice on Facebook and Twitter is actually someone else's. According to the article, she appears to have given a ghostwriter access to her social networking accounts to speak on her behalf:

When it was first set up, in January 2009, Palin's Facebook page might as well have been a file cabinet for official press releases ("Palin Pushes Parental Consent Legislation") written mostly in a stiff, third-person form. The same was true of her Twitter feed, which went live in April. After [writer Rebecca] Mansour's voice disappeared on [the pro-Palin blog] C4P, however, Palin's voice on Facebook and Twitter started sounding increasingly provocative and irascible. A company called Aries Petra Consulting was formed in September and registered to Mansour's home address, but under someone else's name. (In astrology, Aries is the ram—or "RAM.") SarahPAC's first payment to the firm was made in October, about two weeks before Palin began her book tour. By then, Palin's new virtual voice was growing in intensity. The more shrill it became, the more news Palin made: "QUIT MAKING THINGS UP DNC" … "OBAMA ADMINISTRATION'S ATROCIOUS DECISION: HORRIBLE DECISION, ABSOLUTELY HORRIBLE" … "ARE YOU CAPABLE OF DECENCY, RAHM EMANUEL?" The payments to Mansour were not made public until February 1, 2010, when SarahPAC had to disclose its quarterly filings with the Federal Elections Commission. The day before the disclosure, knowing what was coming, C4P made an official announcement acknowledging that . . . Mansour . . . had left the site months earlier and gone to work for SarahPAC.

Let's assume that Palin created her own Facebook account, and then hired Mansour to manage it. So what, right? Lots of high-profile people probably don't update their own Facebook pages. In fact, President Obama's Facebook page explicitly says that it's maintained by Organizing for America.

The problem is that Facebook's terms of use prohibit several things that Palin and her ghostwriter may have done. Specifically, it forbids users from:

• accessing someone else's account
• sharing their passwords to let someone else access their accounts
• transferring their accounts to someone else (without Facebook's written permission)
• providing false personal information
• "facilitating" or "encouraging" someone else to violate the terms of use

If Palin and her ghostwriter are in fact violating Facebook's terms of use, that probably doesn't seem like a big deal to most people. Just by surfing around the internet, we "agree" to dozens of website terms of use every day, usually before we even read them. These terms can say anything a website operator wants, and often specifically note that they can be changed at any time without notice (or with minimal notice).

But violating a website's terms of use is a big deal, according to Facebook. In fact, Facebook says it's a federal crime.

In Facebook v. Power Ventures, Facebook has sued a service that lets social network users view all their information from various social networking sites on one page. Like the way Sarah Palin's ghostwriter accesses Sarah's account, Power's service uses your password to access your account, with your permission. Facebook claims that this violates its terms of use, and any act that violates its terms of use is a violation of computer intrusion laws such as the federal Computer Fraud and Abuse Act, which prohibits intentionally accessing certain computers without authorization or in excess of authorization. Violations of this law are punishable by both civil and criminal penalties. Facebook also tried to claim that Power's service violated California's state computer crime law, but a federal court recently rejected (pdf) that argument.

In short, Facebook believes that if you use Facebook in a way that Facebook doesn't like — as defined by its terms of use — you commit a federal crime.

Facebook's position is ridiculous. It's also dangerous. If we commit a crime every time we violate a website's terms of use, then millions of Americans are becoming criminals every day through routine online behavior and could be subject to lawsuits or even prosecution. And worse, internet companies have the power to decide what behavior a person could go to prison for, simply by instructing their lawyers to draft a document to forbid certain acts.

Are Sarah Palin and Barack Obama computer criminals? We don't think so. Facebook and other companies need to stop trying to misuse computer crime laws to turn violations of terms of use into crimes.

In a victory for democracy and transparency, the European Parliament adopted Written Declaration 12/2010 (WD 12) on the proposed Anti-Counterfeiting Trade Agreement earlier this week. WD 12 calls on EU negotiators to ensure that ACTA does not weaken citizens' fundamental rights of freedom of expression, privacy, and judicial due process, and will not require Internet intermediaries to act as copyright police at the behest of the entertainment industry. WD 12 also calls on EU negotiators to make the ACTA negotiation texts public, and to ensure that ACTA's proposed border measures do not interfere with access to affordable medicines.

WD 12 became the official position of the European Parliament on ACTA when it was signed by 377 Members of the European Parliament prior to today's deadline — more than the required majority of MEPs (369). While the written declaration is not binding on the European Parliament, its adoption by a clear majority sends an important political signal to EU ACTA negotiators at a critical time — just before the next, and possibly final, round of ACTA negotiations taking place in Japan later this month. The European Parliament must give a "consent vote" for the EU to be bound by ACTA; WD 12 should be seen by EU negotiators as a clear statement about how the MEPs will approach that vote.

Kudos and special thanks to our friends at La Quadrature du Net who led this effort, our amazing European EFF activists, fellow members of EDRi and the Transatlantic Consumer Dialogue, and our other allies who worked tirelessly to explain the impact of ACTA and convince Members of the European Parliament to sign WD 12 despite various pressures and constraints.

Let's hope that EU negotiators now recognize that ACTA should protect the fundamental rights of all citizens and 'net users, and not just the narrow interests of major content businesses.

On Saturday, after years of pressure from law enforcement officials, Internet classified ad web site Craigslist bowed to demands to remove its "Adult Services" section which critics charged encouraged prostitution and other sex-related crimes. Or at least it appears that it did. Without explanation, following the latest in a series of open letters from state attorneys general decrying the third party content permitted on the site, Craigslist replaced the "Adult Services" link that formerly appeared on the front page of the site with a white-on-black "censored" bar. Whether this move will substantially affect the rate of illegal prostitution across the country remains to be seen. Many, even some of Craigslist's critics, appear to have their doubts. If nothing else, however, this latest turn in the AGs v. Craigslist saga underscores the misguided nature of the AGs' tactics as well as the fundamental disagreement that we (and Congress) have with the AGs' vision of how the Internet should operate.

Through this now years-long struggle, Craigslist's legal position has been and remains absolutely, unequivocally correct: the Communications Decency Act of 1996 (or CDA) grants providers of "interactive computer services" an absolute shield against state criminal law liability stemming from material posted by third parties. Put simply, the law ensures that the virtual soapbox is not liable for what the speaker says: merely creating a forum in which users post ads that may violate state law plainly does not lead to liability for a web site operator.

The federal statutory immunity upon which Craigslist relies is not some clever loophole. Rather, the intermediary immunity provided by the CDA represents a conscious policy decision by Congress to protect individuals and companies who would otherwise be vulnerable targets to litigants who want to silence speech to which they object, illegal or not. We agree with Congress that a federal policy of holding lawbreakers liable for their own illegal behavior instead of holding intermediaries responsible for the illegal acts of others is the right one, both as a matter of fairness as well as an effective strategy by which speech and innovation can be encouraged and rewarded.

This clear protection plays an essential role in how the Internet functions today, protecting every interactive web site operator -- from Facebook to Craigslist to the average solo blog operator -- from potentially crippling legal bills and liability stemming from comments or other material posted to web sites by third parties. Moreover, if they were obligated to pre-screen their users' content, wide swaths of First Amendment-protected speech would inevitably be sacrificed as web site operators, suddenly transformed into conservative content reviewers, permitted only the speech that they could be sure would not trigger lawsuits (or intimidating visits from the attorney general). The ability to encourage speech of all sorts without fear of legal reprisal is a feature of the CDA 230 world, not a shortcoming, one that encourages the publication of a diverse range of viewpoints and not just those of rich and cautious media companies who can afford the financial risk of publication.

As the chief law enforcement officers of their respective states, the attorneys general certainly know that their legal threats are completely meritless. Yet these and other law enforcement officers have shown little regard for what the law actually requires and have instead embarked on a vigorous campaign to strong-arm a company into submission based on bogus legal threats that nonetheless play well to many of their constituents. This strategy might amount to good politics, especially in an election year, but it continues to show remarkable disdain for the bedrock legal principles that have largely served the Internet well over the past 15 years.

It didn't have to be this way. Over the past two years, Craigslist repeatedly offered to go far above and beyond their legal obligations to work with law enforcement officials, offering to manually screen ads, require working phone and credit card numbers from ad posters (thereby creating digital footprints by which lawbreakers could be tracked), and help identify missing persons. Not surprisingly, however, having offered to do more than the law required but less than the AGs demanded, the AGs kept coming back for more, some flatly stating that the essential protections offered by CDA 230 should be repealed.

At least two lessons can be drawn from this latest skirmish in the battle between Craigslist and its critics. First, there sadly appears to be little upside to working with many of these law enforcement officials to resolve such important Internet policy disagreements. At each step of this public debate, the AGs have inevitably rewarded completely voluntary, non-mandatory offers of cooperation from Craigslist with further demands and insults. What possible motivation will other companies have to work with law enforcement to address similar concerns in the future?

Second, and more importantly, supporters of the First Amendment should loudly voice their opposition to this type of misguided rhetoric from elected officials. While Craigslist may have "voluntarily" shuttered its Adult Services section, they did so under constant threat from government officials who continually promised meritless lawsuits and even criminal prosecution if their target did not comply. No one (including Craigslist) disputes that sex trafficking is a reprehensible practice that should be vigorously opposed. The dispute lies in whether law enforcement officials should be permitted to bully and dragoon private web site operators into becoming de facto censors. Many, including EFF, profoundly disagree with the prospect of such a reimagined Internet, and the AGs at minimum owe it to the public to be honest about the First Amendment impact of what they are proposing.

Vilnius, Lithuania - Experts from the Electronic Frontier Foundation (EFF) will address security, openness, privacy, and other issues at the United Nations' Internet Governance Forum (IGF), set for September 14-17 in Vilnius, Lithuania.

This is the fifth meeting of the IGF, which was established to discuss public policy issues related to Internet governance on a global scale. Approximately 1,500 government policymakers, technologists, politicians, and others will attend.

EFF experts will participate in nine workshops in Vilnius, including "The Future of Privacy," with EFF Senior Staff Attorney Kevin Bankston and EFF International Rights Director Katitza Rodriguez, who is also a member of the Multistakeholder Advisory Group that helped plan the meeting. Also on the agenda is "Governance of Social Media," with EFF Senior Staff Attorney Kurt Opsahl and "Why We Need an Open Web," with EFF International Affairs Director Eddan Katz.

For a complete schedule of EFF's participation in IGF see http://www.eff.org/calendar/2010/09/14/eff-united-nations-internet-gover....

WHAT:
United Nations' Internet Governance Forum

WHEN:
September 14-17

WHERE: Lithuanian Exhibition Centre LITEXPO Laisves pr. 5 LT-04215 Vilnius, Lithuania

For more on the IGF:
http://www.intgovforum.org/cms/
http://www.igf2010.lt

Contact:

Rebecca Jeschke
Media Relations Director
Electronic Frontier Foundation
press@eff.org

This morning, the Third Circuit Court of Appeals in Philadelphia issued its highly anticipated ruling in a hotly contested cell phone location privacy case. EFF filed a friend-of-the-court brief and participated at oral argument in the case, arguing that federal electronic privacy law gives judges the discretion to deny government requests for cell phone location data when the government fails to show probable cause that a crime has been committed.

The Third Circuit today agreed with EFF, holding that federal law allows judges the discretion to require that the government obtain a probable cause search warrant before accessing cell phone location data. The Court further agreed with EFF that location information that can be used to demonstrate or infer that someone or something was in a private space such as the home may be protected by the Fourth Amendment, rejecting the government's argument that the privacy of location records held by phone companies is never constitutionally protected. Although the court did not definitively rule on the Fourth Amendment status of cell phone location information, it made clear that under some circumstances the privacy of such data could be constitutionally protected, and that judges have the discretion to require a warrant to avoid potentially unconstitutional seizures of location data.

The appeals court has remanded the case back to the original magistrate judge that initially denied the government's request to obtain cell phone location data without probable cause, asking the lower court to shore up its original decision with new fact-finding into the government's need for the requested data and the precision of that data in identifying a person's location. EFF looks forward to participating in those proceedings and opposing any attempt by the government to appeal today's decision. Thanks to our colleagues at the Center for Democracy and Technology, the American Civil Liberties Union and the ACLU of Pennsylvania for participating with us as friends-of-the-court in this case, and special thanks to Professor Susan Freiwald of the University of San Francisco Law School, who also submitted a brief and participated at oral argument along with EFF's Kevin Bankston.

Copyright trolls are nothing new, and Righthaven is just the latest group of lawyers to try to turn copyright litigation into a business model. What these lawyers have in common is that they seek to take advantage of copyright's draconian damages in order to bully Internet users into forking over money. To anyone who has watched the file-sharing lawsuits of the last few years or the current BitTorrent cases brought by a DC law firm, the Righthaven saga is developing into a familiar, unfortunate story. It also has some especially troubling twists.

The basic pattern: Righthaven has brought over a hundred lawsuits in Nevada federal court claiming copyright infringement. They find cases by (a) scouring the Internet for parts of newspaper stories posted online by individuals, nonprofits, and others, (b) buying the copyright to that particular newspaper story, and then (c) proceeding to sue the poster for copyright infringement. Like the RIAA and USCG before them, Righthaven is relying on the fact that their victims may face huge legal bills through crippling statutory damages and the prospect of paying Righthaven's legal fees if they lose the case. Consequently, many victims will settle with Righthaven for a few thousand dollars regardless of their innocence, their right to fair use, or other potential legal defenses.

However, Righthaven is unlike other copyright trolls in some key ways:

• Righthaven is going after bloggers using text news stories for comment or discussion. Many lawsuit targets are using the newspaper articles to augment discussions about current events. Reposting all or part of news stories is part and parcel of digital commentary and discussion and usually the goal of the reposting is to share the uncopyrightable facts included in the article, not the copyrighted expression, like the specific turns of phrase used by the author. By targeting news, Righthaven's lawsuits could have a chilling effect on individuals' attempts to engage their communities in free and open discussion.
• Righthaven is fighting the basic mode of Internet debate. Other copyright trolls have involved controversy over file-sharing programs and encoded digital media, like music and movies. But Righthaven is taking aim at folks who are using elementary "copy & paste" functionalities. Online discussion survives and thrives on showing others the original text before adding a commentary or response. Accurate quoting is a virtue of Internet discussion that can minimize mischarcterization and support progress in a debate.
• Righthaven lawsuits are demanding that courts freeze and transfer the defendants' domain names. Imagine if a single copyright infringement on Huffingtonpost.com or Redstate.com could result in forfeiture of the entire domain. Effectively asking for control of all of a website's existing and future content -- instead of only targeting the allegedly infringing material -- is an overreaching remedy for a single copyright infringement not validated by copyright law or any legal precedent. This also indicates that the attorneys are willing to make overreaching claims in order to scare defendants into a fast settlement.
• Righthaven goes straight for litigation. Righthaven isn't sending cease and desist letters or DMCA takedown notices that would allow the targeted bloggers or website operators to remove or amend only the news articles owned by Righthaven. Instead, Righthaven starts with a full-fledged lawsuit in federal court with no warning. It's sue first and ask questions later, which smacks of a strategy designed to churn up legal costs and intimidate defendants into paying up immediately, rather than a strategy aimed at remedying specific copyright infringements.

Righthaven is claiming that its activities are intended to have a "deterrent effect" on the reposting of news stories online, but it's hard to resist viewing Righthaven's actions as purely business-related. In addition to the sharp legal tactics discussed above, Righthaven appears to only buy copyrights that it believes can be used for lawsuits and otherwise has no involvement in the practice of journalism.

Righthaven also appears to be soliciting other newspapers to sign on with it. But newspaper publishers who think that suing bloggers a story at a time will save journalism are sorely mistaken. Newspaper publishers have actually been having meaningful discussions about innovative business models to support real journalism. Sadly, Righthaven -- if it continues to attract clients -- threatens to derail those conversations with a sideshow proven to distract from progress.

But no matter where a newspaper may stand on the debate about journalism's future, we think it is abundantly clear that a "sue the audience" tactic is nowhere near worth considering. Newspapers should resist the temptation to put themselves into the same position as the music industry circa 2004, where futile lawsuits distracted them from the incorporating new technology and creating new ways to market product to fans.

EFF is watching Righthaven and other copyright trolls closely for overbroad tactics that hurt free speech and fair use, and abuse the legal system. We're looking for good cases to defend and will deliver more news and analysis as the issue develops.

San Francisco - The Electronic Frontier Foundation (EFF) and a coalition of public interest groups and law professors have asked a California appeals court to protect craigslist from a lawsuit that could spur websites to be less helpful in responding to complaints about user behavior.

In Scott P. v. craigslist, Inc., the plaintiff complained about a series of craigslist ads he said were written by impersonators. While craigslist removed the ads within minutes of his phone calls, the plaintiff sued, contending that craigslist broke a promise to "take care of it" when the impersonators posted additional ads. In cases like these, federal law -- specifically Section 230 of the Communications Decency Act -- shields Internet forums like craigslist from liability. Section 230 was designed to encourage parties to pursue action against those who created the questionable content instead of the platform that hosted it. But the California Superior Court has ruled that this case can continue because of the plaintiff's allegations that craigslist said it would help.

Craigslist filed a writ petition with the Court of Appeal for the State of California Wednesday, arguing that the trial court should have dismissed the case because of Section 230's protections for forum hosts. In an amicus letter filed today in support of craigslist, EFF argues that the lower court reasoning could create a hole in Section 230, discouraging forum owners from helping users.

"Section 230 was a deliberate effort by Congress to encourage service providers to find innovative ways to self-regulate," said EFF Senior Staff Attorney Kurt Opsahl. "Yet craigslist is facing the prospect of extended litigation because it tried to do just that. Allowing this litigation to continue could result in websites being less helpful to users with complaints."

Additionally troublesome is the specter of further lawsuits, which could convince other Internet innovators not to host user content at all.

"Congress created Section 230 to allow for online interactivity without a flood of lawsuits. But this case could undermine the immunity that the law created," said Opsahl. "If litigation can survive merely because a plaintiff asserts that the site made a vague promise, sites may decide that allowing comments or user generated content is not worth the legal exposure. Then we'll lose the vibrant online environment that Section 230 helped create in the first place."

Joining EFF in the letter to court were the Center for Democracy and Technology, the Citizen Media Law Project, and law professors Eric Goldman, David S. Levine, David G. Post, and Jason Schultz. Separately, a group of Internet companies, including Yahoo!, Amazon, Facebook, Twitter, Google and Linkedin filed another amicus brief in support of craigslist.

For the full amicus letter:
http://www.eff.org/files/filenode/craigslist_v_sup/EFFletter9210.pdf

For more on this case:
http://www.eff.org/cases/craigslist-v-superior-court-california

Contact:

Kurt Opsahl
Senior Staff Attorney
Electronic Frontier Foundation
kurt@eff.org

Scary news from California's Contra Costa County — school officials there have reportedly decided to track some preschoolers with RFID chips, thanks to a federal grant supplying the funding.

According to a story from the Associated Press, the students will wear a jersey at school that has the RFID tag attached. The tag will track the children's movements and collect other data, like if the child has eaten or not. According to a Contra Costa County official, this is a cost-savings move, as teachers used to have to manually keep track of a child's attendance and meal schedule.

But of course, an RFID chip allows for far more than that minimal record-keeping. Instead, it provides the potential for nearly constant monitoring of a child's physical location. If readings are taken often enough, you could create an extraordinarily detailed portrait of a child's school day — one that's easy to imagine being misused, particularly as the chips substitute for direct adult monitoring and judgment. If RFID records show a child moving around a lot, could she be tagged as hyper-active? If he doesn't move around a lot, could he get a reputation for laziness? How long will this data and the conclusions rightly or wrongly drawn from it be stored in these children's school records? Can parents opt-out of this invasive tracking? How many other federal grants are underwriting programs like these?

These are questions that desperately need answers. California is in the middle of a terrible budget crunch, but the solution is not federally funded surveillance of children who are too young to understand the implications.

Hari Prasad, the Indian security researcher arrested for allegedly stealing an electronic voting machine, has been released on bail.

Earlier this year, an anonymous source gave the machine to Prasad and a team of researchers, who discovered critical security flaws. Under questioning by authorities last weekend, Prasad refused to divulge the identity of the source who gave them the machine. He was then arrested and reportedly charged with theft and trespass on the theory that he stole the machine himself.

According to the Indian news agency PTI, the magistrate who released Prasad on bail noted that "no offence was disclosed with Hari Prasad's arrest and even if it was assumed that [the electronic voting machine] was stolen it appears that there was no dishonest intention on his part...he was trying to show how [electronic voting] machines can be tampered with."

The court reportedly also asked the Election Commission of India to confirm or disprove Prasad's claim that the country's electronic voting machines can be compromised. If Prasad's claims are false, action could be taken against him, the magistrate said.

Just a few weeks after his interview with EFF Legal Director Cindy Cohn, American hero Stephen Colbert has returned to the subject of digital rights. And in his show on Tuesday, he came up with a great solution to the problem of privacy and online social networks: Control-Self-Delete.

As Colbert suggests, the CEOs of Google and Facebook can be astonishingly tone deaf when it comes to the question of the privacy of their customers. As these experts in social media ought to know, the fact that a person chooses to share some information about themselves online is no indication that they prefer to share everything — nor does it indicate that control of personal data is not something they care deeply about. Study after study has shown the opposite to be true: users care about privacy, and demand control of their own data.

We like Colbert's basic point, saved for the end of this clip: if anyone should change their behavior to address the problem of online privacy, it isn't young people who have uploaded some racy pics — it's the companies that have made themselves the guardians of our personal data.