Directed by award-winning documentarian Alex Winter and narrated by Rosario Dawson. TRUST MACHINE drills down on #blockchain technology. Why are banks terrified while UNICEF embraces it to feed refugee children? Is blockchain technology poised to be bigger than the Internet or a bubble built on hype?
Trust Machine will be playing in select theaters October 26th.
Mark will be hosting a Lunch and Learn on November 12th in Chinatown, San Francisco. 12pm -1pm!
Let us know if you would like to join us.
Computer Crime & Procedure
Wi-Fi Spectrum Research and the Wiretap Act
The Wiretap Act’s broad scope often clashes with common sense assumptions about access and authorization in wireless spectrum monitoring. Some courts have found that even public wireless “sniffing” can violate the Wiretap Act’s prohibition on obtaining communication over public Wi-Fi networks. This uncertainty was created by a 2013 case in the 9th Circuit, Joffe v. Google, Inc., 729 F.3d 1262 (9th Cir 2013).
There, the 9th Circuit held that Google’s use of Street View devices that monitored and recorded transmissions over public Wi-Fi networks in the device’s range violated the Wiretap Act, and was not entitled to the Act’s exemption for “radio communication[s]” which are “readily accessible to the general public.”
The court justified its holding with the notion that “radio communication” in that context referred only to audio transmissions, not the use of radio transmitting devices. The case was settled after this decision.
Other circuits have challenged this interpretation, finding that the Act did not limit “radio communication” to traditional AM/FM-frequency audio transmissions. However, the issue remains uncertain and untested in many jurisdictions, and wireless frequency monitoring should be done with a cautious eye to potential liability.
The 5th Amendment and Compelled Password Disclosure
“In the first place, although sparse, case law indicates that production of cellphone passwords constitutes incriminatory testimony protected by the Fifth Amendment. See, e.g., In re Grand Jury, 670 F.3d at 1346 (holding that Doe’s “decryption and production of the contents of the hard drives would sufficiently implicate the Fifth Amendment privilege” because the “decryption and production would be tantamount to testimony by Doe of his knowledge of the existence and location of potentially incriminating files; of his possession, control, and access to the encrypted portions of the drives; and of his capability to decrypt the files”); SEC Civil Action v. Huang, No. 15-269, 2015 WL 5611644, at *, 2015 U.S. Dist. LEXIS 127853, at *3-11 (E.D. Pa. Sept. 23, 2015) (finding the defendants could invoke their Fifth Amendment right against self-incrimination to challenge production of their smartphone passcodes becauseproduction of passcodes was testimonial in nature); United States v. Kirschner, 823 F.Supp.2d 665, 669 (E.D. Mich. Mar. 30, 2010) (quashing subpoena for testimony about computer password on Fifth Amendment grounds because the government sought to require the defendant “to divulge through his mental processes his password – that will be used to incriminate him”); State v. Trant, No. 15-2389, 2015 WL 7575496, at *3, 2015 Me. Super. LEXIS 272, at *11 (Me. Sup. Ct. Oct. 27, 2015) (finding that “compelling Defendant to divulge the contents of his mind – either by compelling him to surrender the passcodes or compelling him to himself open the phones – would violate his privilege against self-incrimination protected by the Federal and Maine Constitutions”); Commonwealth v. Baust, 89 Va. Cir. 267, 271 (Va. Cir. Ct. 2014) (finding that the defendant could not be compelled to provide access to his smartphone through his passcode because “compelling Defendant to provide access through his passcode is both compelled and testimonial and therefore protected” by the Fifth Amendment, but he could be compelled to produce his fingerprint to provide access because it was more akin to a key which “does not require the witness to divulge anything through his mental processes”).
Id, at *1.”
Before you start hiding any evidence of potentially criminal activities on your smartphone thinking that the 5th Amendment will protect you, however, realize that the case law in this area is still inchoate and that there are a number of loopholes that law enforcement can drive a truck through.
First, under one version of the “Foregone Conclusion” doctrine that a lot of courts have been following, if law enforcement knows about and can describe with reasonable particularity the evidence it’s seeking on your data storage device you can’t plead the Fifth to stop them from compelling you to give up your passwords (there is a dispute as to the exact nature of the foregone conclusion doctrine standard in the lower courts at the moment, but lets not get bogged down on that here).
Second, the majority of courts that have ruled on the issue hold that the Self Incrimination Clause doesn’t apply to compelling someone to open a smartphone with a biometric password, which accords with prevailing Supreme Court doctrine that holds that the Self Incrimination Clause doesn’t apply to physical acts, only the compelled disclosure of incriminating mental contents of your mind. The analogy that’s used, whatever the merits, is that of the difference between the physical act of using a key to unlock something versus compelling someone to disclose a combination they’ve memorized. Don’t think too hard about that one, you’ll get into the weeds real fast. And to confuse the law in this area more, last year re Application for a Search Warrant, 236 F. Supp. 3d 1066, 1073–74 (N.D. Ill. 2017) a court ruled, using a combined 4th/5th Amendment analysis, that you can’t necessarily compel a biometric PIN.
If you want to read up on this, a good place to start is the 11th Circuit’s decision In re Grand Jury Subpoena, which is the lodestar case of the moment in this area.
Intellectual Property News
Music Modernization Act
Last month, a bipartisan Senate voted in favor of the Music Modernization Act (MMA), which will provide badly needed reform for the royalty process. Ideally benefiting songwriters, recording artists, and producers. Streaming services that pay them royalties, largely under regimes that were created long before streaming services existed, can also benefit.
The bill was signed into law today, October 11, 2018.
The Senate’s version of the Music Modernization Act. S.2823 is a combination of three Acts: one that “modernizes” the licensing system; one that will give rights to “legacy” artists; and one that allows for royalties for producers and sound engineers. Together, they represent a compromise for a diverse group of stakeholders, including recording artists, record companies, songwriters, performing rights organizations, and tech companies.
Title I – The MMA, updates the music licensing system to facilitate streaming services’ payment to owners of musical works (what the Copyright Act calls compositions). In place of the current Notice of Intent system that placed burdens on songwriters, there will be a Mechanical Licensing Collective funded by digital services. Ideally, this will make it easier for songwriters to be identified and paid. At the same time, the system may be more convenient for streaming services, who currently face crippling fees for failure to obtain proper licenses and pay royalties to songwriters. A House ofRepresentatives statement on its companion bill noted: “because the database would publicly identify songs that have not been matched to songwriters and/or publishers, publishers would also be able to claim the rights to songs and get paid for these songs.” Additionally, songwriters will have new audit rights.
Title I also changes the process of determining royalty rates. It allows the Copyright Royalty Board to consider free-market conditions in deciding rates – that is, what a “willing buyer” and a “willing seller” would agree to. The Act repeals Section 114(a) of the Copyright Act, which would allow courts that set public performance royalty rates to consider sound recording royalties.
TITLE II – The CLASSICS Act, Compensating Legacy Artists for their Songs, Service, and Important Contributions to Society, nominally applies to “legacy” artists, but really applies to performers on any recordings prior to February 15, 1972.
The sound recording is a distinct copyright from the composition, protecting the recorded performance of a work. Typically, the authors of a sound recording are the artists performing it. The Copyright Act allows for the authors of compositions to be paid when their songs are paid on traditional AM/FM radio, but not the performers on sound recordings. Thus, when an FM station plays Aerosmith’s “I Don’t Want a Miss a Thing,” royalties are collected for Diane Warren, who wrote the song. But not for Aerosmith.
Digital transmissions are different. Authors of sound recordings have a “public performance right” for streaming and other digital transmissions. Thus, when you play “I Don’t Want a Miss a Thing” on Pandora or Spotify, Aerosmith and Dianne Warren are paid. However, because pre-1972 sound recordings aren’t protected by federal copyright, there’s no public performance right at all. Thus, when you hear Aretha Franklin’s “Respect” on those streaming services, there may be royalties due to Otis Redding’s estate, but not to Aretha’s.
The CLASSICS Act changes that, granting a limited public performance right to pre-1972 sound recordings for digital transmissions. It’s not the “full federalization” right that some advocated for these recordings, but it’s a step in the right direction.
The Act requires that the fair use protections are available for pre-1972 sound recordings as for other sound recordings that are fully protected under the Copyright Act.
There’s an amendment that even pleased the fickle copyleft community, typically hostile to any legislation that would result in more payments to artists: the Act requires that pre-1923 recording will essentially enter the public domain, after a 3-year grace period following passage of the Act
TITLE III – Allocation for Music Producers, AMP Act, will specifically provide for royalty payments to producers, engineers, and sound mixers.
Mark Jaffe helps recording artists and other artists get paid. He’s been doing this for nearly 25 years, starting long before he was a lawyer. He also works with tech companies to assist them with navigating regulatory regimes.
Cybersecurity, Privacy, and Data Breaches
Google is shutting down Google + after its user data was exposed. Nothing to see here says Google. Move along. That’s why they didn’t report the exposure when they discovered it in March. If we were cynical, we might say that the InfoSec flaw is being used as cover for the commercial failure of Google +, but we don’t care enough about the subject to do anything but take cheap shots on it from the cheap seats.
A lot of people use 2 Factor Authentication on their smartphones as an additional form of security to secure their online accounts. And well they should. But recently there’s been a wave of SIM Card phone number porting.
Phone number porting happens every time you change cell phones. You’ve probably watched your cell phone service provider do it when you get a new phone. It involves calling up the mobile service provider and saying you want the number moved to a new SIM Card. Naturally, this did not escape the notice of Social Engineers who are porting phone numbers to SIM Cards they control, then hacking the original phone number owner’s account.
To prevent this call your cell phone service provider and set up a password so that only someone with the password can port your number.
What Tor Is Reading
Knausgaard gave this short lecture on the art of writing, art, and life at Yale last year when he got the 2017 Windhall-Campbell prize. The title refers to his approach to writing, which is simple: just write honestly and let the writing inadvertently emerge rather than taking a central planning, goal-based mentality to your writing. That's easier said than done, he notes. The essay documents his long struggle and failures in his journey becoming the writer he is. He discusses his jealousy and feelings of inadequacy his successful writer friends engendered in him when he was a nobody, how he burned the manuscript to his first novel after an honest evaluation of it by a friend he trusts, alongside insightful comments on artists like Edvard Munch, Anne Carson, Knut Hamsun, and Marcel Proust, to name a few. It was reading a new Norwegian translation of Proust that led to his writing epiphany. Quitting his university studies after he gets a writing gig, he goes back to his teenage hometown of Kristiansand, Norway and writes his first (to him) significant short story in the Kristiansand public library. This was interesting to Tor because Kristiansand is his parents' hometown, and he's spent time in that library. It's a nice, but unremarkable place. But hey, power to public libraries! The essay is a quick and enlightening read.
This useful and illuminating book, written with a Marxist (gasp!) tilt, is for anyone who's looking for a quick primer on world history from the dawn of humanity, to the rise of class society, to the present. It summarizes the current understanding of the rise of class societies and the concomitant rise of their religious and legal (is there that much of a difference?) systems, initially designed to ensure the accumulation by a privileged class of the surplus produced by the laboring classes. It states that before the rise of class societies, a hunter-gatherer only had to work roughly 10-20 hours a week to live comfortably, climatic conditions permitting. How many hours are you working for someone else this week? It also notes that the rise of warfare coincides with the rise of class societies, religion, and legal systems. And slavery is another emergent feature of class society. Whatever your politics, this provocative world history is written in short, easily digestible chapters, is a good read, and a handy reference work to place on your shelf next to your volumes of Hayek and Friedman. Because wisdom lies in not miring yourself in the singularity of anyone's viewpoint. But we're off topic. It's a good book worth the read.
What Mark Is Listening To
From the joint album "Naath" by South Sudanese singer and acclaimed Peace Activist Emmanuel Jal and his sister Nyaruach. Filmed in Kenya. "South Sudan is still suffering from years of war and oppression, we feel it is our cultural responsibility to bring out the music and voices from our country. As siblings we were forced apart in our childhood through extreme circumstances, so we are excited to be united on this project to bring the sounds of our village to the mainstream."