All Tomorrow's Parties -- CDA II -- from the Netly News
---------- Forwarded message ---------- Date: Fri, 27 Jun 1997 07:15:50 -0700 (PDT) From: Declan McCullagh <declan@well.com> To: fight-censorship@vorlon.mit.edu Subject: All Tomorrow's Parties -- CDA II -- from the Netly News http://cgi.pathfinder.com/netly/opinion/0,1042,1113,00.html The Netly News June 26, 1997 All Tomorrow's Parties by Team Netly (thenetlynews@pathfinder.com) The fun-loving "trolls" of Bianca's Smut Shack celebrated today's Communications Decency Act ruling by sleeping in. Christopher Miller and David Thau stumbled awake at 10:10 am today, just in time to read the decision that said it was legal to post "indecent" material on your web site -- something clearly important to the Biancanauts, who are travelling cross-country in a psychedelic RV commemorating the summer of love. "It's kind of weird to celebrate the overturning of something that's clearly unconstitutional, but of course we have something to celebrate because it's going to keep us from jail," said Thau. The celebration may be premature. The CDA II, after all, is expected to crawl out of the grave like a flesh-dripping zombie. But you'd never know it from the high-bandwidth rhetoric that flooded the Net today after the Supreme Court decision. The Electronic Privacy Information Center cried that "today's opinion defines the First Amendment for the next century." Histrionics also were flying furiously around San Francisco's South Park, where the faithful rallied. "The Internet freedom fighters are as strong as the students at Tiananmen Square," said the Electronic Frontier Foundation's Mike Godwin -- to a crowd composed almost entirely of journalists. "Today is the first day of the new American Revolution, the Digital Revolution.." (A phrase that happens to be trademarked by Wired, a sponsor of the rally.) The victorious shouts of the way-new stalwarts were matched by the angry screams of the censor-happy CDA supporters. "The safety net is gone," says Donna Rice-Hughes, communication director for Enough Is Enough. "There is no law against an adult sending a naked picture of himself to a child over the Internet or through e-mail." If Rice-Hughes has her way, the high court's decision to drive a stake through the heart of the much-reviled law will mean the threat to free speech online has expired only for a while. "Frankly, this ruling provides a road map on how to more specfically draft legislation," says Heidi Stirrup, director of government relations for the Christian Coalition. "Our beleaguered American family has been put on notice by the Court that it will do nothing to help the family even when the president and Congress work together against a problem that everyone says is bad -- providing indecent material to children." This isn't entirely true. The ruling -- which talked of "vast democratic fora" online -- does not mean that the Internet is now a free-speech zone where anything goes. After all, the CDA only restricted "indecent" materials, an undefined category that could include art, literature, even humor and sex ed. materials. Distributing obscenity -- sexual works without "redeeming value" -- will remain a crime. The Court noted this in its ruling today: "Transmitting obscenity and child pornography, whether via the Internet or other means, is already illegal under federal law for both adults and juveniles." President Clinton, who endorsed the act, also vowed not to give up. "We can and must develop a solution for the Internet that is as powerful for the computer as the v-chip will be for the television, and that protects children in ways that are consistent with America's free speech values," he said. "We're certainly going to support Congress' efforts to develop another bill to protect kids. They're not going to stop and we're going to help them to do it," says Bruce Taylor, president of the National Law Center for Children and Families. Taylor predicts that a CDA II might stress labelling all your web pages with PICS or RSACi if you want to stay out of jail: "Remember I told you nobody's going to do PICS? It's a monster nobody wants to feed. Who's going to rate 10 zillion web sites?" Well, nobody -- unless you force people to use it. Which is what some members of Congress are trying. Sen. Patty Murray (D-Wash.) is preparing to introduce a bill that will try to convince a dubious public to rate its pages with RSACi, a self-rating system backed by Microsoft. (A company which, just coincidentally, is headquartered in her state.) Nevermind that even MSNBC stopped ratings its pages with RSACi because the system proved unworkable for news sites. Murray's proposed bill, called the "Childsafe Internet Act of 1997," says someone who "includes a rating" on their site "may not be held liable" for "any material on the site that is unsuitable for minors." That's the carrot. Then the stick: you can't post material "unsuitable for minors" on a site that's rated for kids. "Whoever accesses a site on the Internet rated by the person establishing the site as having no material unsuitable for minors and knowingly makes available on or through the site any comment, request, suggestion, proposal, image, or other material unsuitable for minors, shall be imprisoned... for not more than two years," the bill says. The constitutionality of such legislation was affirmed in today's minority opinion of Justices O'Connor and Rehnquist, in which they talk of "zoning laws" for the Internet. Real world zoning laws are what keep children out of porno stores and require buildings to be wheelchair-accessible. These laws passed constitutional muster long ago, and the underlying intent of the CDA was largely to shield minors from indecent material. Trouble is, Internet technology isn't yet capable of ensuring the existence of adult-only zones. Yet. Thus argued O'Connor: "Until gateway technology is available throughout cyberspace, and it is not in 1997, a speaker cannot be reasonably assured that the speech he displays will reach only adults because it is impossible to confine speech to an 'adult zone.'" What all this means is Congressional attempts to pass another law to muzzle the Net won't need to be a flat ban on "indecency." Rather, they'll rely on PICS and RSACi. (Ironically, a technology designed to head off the CDA might be the linchpin of CDA II.) Next month President Clinton plans to meet with industry leaders in much the same way he met with broadcast executives last year and came up with a V-Chip. His goal this time: to do the same for the Net. Meanwhile, slap-happy netizens will probably still be partying down -- the D.C.-based CIEC folks are hanging out in the 18th Street Lounge right now -- basking in the high court's warm and fuzzy afterglow, and happily smoking a bowl of their own rhetoric. ###
At 7:16 AM -0700 6/27/97, Declan McCullagh wrote:
journalists. "Today is the first day of the new American Revolution, the Digital Revolution.." (A phrase that happens to be trademarked by Wired, a sponsor of the rally.)
I really hope Declan is kidding when he says this phrase, or parts of it, or some variant of it, is "trademarked" by "Wired." If so, we're in deep shit. (A phrase trademarked by the Nixon Administration, 1972.) "Wired" seems increasingly to think it owns the birthright of the Net and all that came from it. I wonder if someone has claimed trademark on any of these expressions: "Big Brother Inside" "Four Horsemen of the Infocalypse" "National borders are only speed bumps on the information superhighway" "citizen-unit" "BlackNet" "crypto anarchy" --Tim There's something wrong when I'm a felon under an increasing number of laws. Only one response to the key grabbers is warranted: "Death to Tyrants!" ---------:---------:---------:---------:---------:---------:---------:---- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@got.net 408-728-0152 | anonymous networks, digital pseudonyms, zero W.A.S.T.E.: Corralitos, CA | knowledge, reputations, information markets, Higher Power: 2^1398269 | black markets, collapse of governments. "National borders aren't even speed bumps on the information superhighway."
-----BEGIN PGP SIGNED MESSAGE----- Electronic Frontiers Georgia is forming a working group on Secure Authentication Methodologies. This is the procedure for verifying who really owns the public key that has been placed in a database repository, or Certification Authority (CA). Issues at question are not only the technical considerations, but also concerns of privacy, consumer protection, and legality. Questions have arisen as to whether to use picture ID, notary publics, existing databases, and governments to enforce secure authentication. Another question that has been raised is secure authentication possible at all? Also explored will be hierarchical vs web of trust models for CA's. The first working group meeting will be held at Georgia State University Law School at Professor Mark Budnitz offices. Since many people who would like to be involved in this subject cannot attend physical meetings, this is a call to participate electronically. If you have an interest in being involved with this group, please contact Robert Costner, EFGA (770) 512-8746, mailto:pooh@efga.org -----BEGIN PGP SIGNATURE----- Version: PGP for Personal Privacy 5.0 Charset: noconv iQBVAwUBM7P8+EGpGhRXg5NZAQHWJAH+PzVT10ZZCSxis1aMuyL3rEyTxuuVHo55 qrg3FuAseI4wkDKRmFuGB+lmvIibE2MD0+0sbcR2HUOW3KrmfX2aJw== =Msjd -----END PGP SIGNATURE----- -- Robert Costner Phone: (770) 512-8746 Electronic Frontiers Georgia mailto:pooh@efga.org http://www.efga.org/ run PGP 5.0 for my public key
Robert A. Costner writes:
Electronic Frontiers Georgia is forming a working group on Secure Authentication Methodologies. This is the procedure for verifying who really owns the public key that has been placed in a database repository, or Certification Authority (CA). Issues at question are not only the technical considerations, but also concerns of privacy, consumer protection, and legality. Questions have arisen as to whether to use picture ID, notary publics, existing databases, and governments to enforce secure authentication. Another question that has been raised is secure authentication possible at all?
And another question is should government be involved at all? My answer to that is no, not for the setting of CA policy. It should be up to the CA, as published in their policy, what authentication if any they perform in order to issue a certificate. There is a need for certificates that are closely tied to someone's True Name and there is a need for certificates that do nothing except verify that a given email address is unique in that CA's list. I would oppose any laws that require a certain level of "secure authentication" of CAs. Especially since, as your question hints, there IS no secure authentication available to all citizens- drivers licenses and birth certificates and Social Security cards are all readily forged. All authentication is relative. I would not be opposed to laws that penalized a CA for breaking the terms of its published policy. However I expect that existing contract law would cover that, since the policy is essentially a contract between the CA and the cert issuee. The biggest problem with CAs and the law is legal liability. The liability of being a CA is currently unknown until there is case law on the topic. I think that one way of looking at CA liability would be to consider it to be similar to an insurance policy with a limited maximum liability. A CA who issued low-assurance unique email address certificates might limit its liability to $10, whereas a CA who issued a high-assurance 37-forms-of-ID-and-a-retina-scan True Name certificate might limit its liability to $100M (or maybe unlimited). These liability limits would of course have to be stated in the CAs policy. Being able to limit liability on their own would allow the market to choose how much assurance a certificate for a given transaction needs. For CAs, it would allow them to insure themselves. It would be trivial to add an 'assurance' field to standard X.509 certificates so parties to a transaction wouldn't need to read the CAs policy statement to learn how much a given certificate was 'worth', i.e. how far the CA is prepared to back it. -- Eric Murray ericm@lne.com Network security and encryption consulting. PGP keyid:E03F65E5
Robert A. Costner writes:
Electronic Frontiers Georgia is forming a working group on Secure Authentication Methodologies.
Actually, the best signature law proposal I've seen comes from the, so help me, Massachusetts. It's a single sentence which says that there will be nothing Massachusetts law which can be construed to preclude the use of a digital signature. Double negatives aside, the above translates into legal digital signatures. Period. No bullshit about "Certification" "Authorities", or what constitutes a "legal" digital signature, or any other cruft. If you sign a state, or other, document with a digital signature, then, if it can be proven to be your signature, you signed it. Game over. Even broken clocks are right twice a day, I guess. :-). Now if we can get away from the whole idea of biometric signatures altogether, that would be the next trick... Cheers, Bob Hettinga ----------------- Robert Hettinga (rah@shipwright.com), Philodox e$, 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' The e$ Home Page: http://www.shipwright.com/
-----BEGIN PGP SIGNED MESSAGE----- At 01:26 PM 6/27/97 -0700, Eric Murray wrote:
And another question is should government be involved at all? My answer to that is no, not for the setting of CA policy. [CA is Certification Authority]
While I wholeheartedly and forcefully agree with Eric's sentiment, the business reality is that the gov't will be involved in setting CA policy. If for no other reason, simply because CA's will be used by the gov't. Even from a hands off, pro business viewpoint, few CA's will ignore the wishes of their largest customer, the gov't. The gov't will be involved in CA policy for several reasons. I'll lightly glance on some of them. * Beeps and chirps. Signatures on paper have legal meaning. This is why there is a push to use digital signatures - to give them legal meaning. While contract law can be somewhat applied to this concept, many would agree that official acknowledgement of digital signatures is a key element of using digital signatures in commerce. A recent case in Georgia's supreme court ruled that electronic messages were beeps and chirps, and had no legal status as a "writing". The law continually refers to signatures and writings. There must be a law, or interpretation of law to allow for this to be updated to electronic writings. Even if mutual consent could be used between corporations, as the state moves to the cost savings of electronic commerce the state will have to impose laws to enable itself to take advantage of these technologies. At 01:26 PM 6/27/97 -0700, Eric Murray wrote:
The biggest problem with CAs and the law is legal liability. The liability of being a CA is currently unknown until there is case law on the topic.
* Resolving legal liability. Some of the proposed laws for enabling digital signature technology do in fact solve the liability problem for CA's by legislating it out as long as the CA performs due diligence. To enforce due diligence, some laws also provide for government auditing of CA procedures and for injunctive relief to shut down a "rogue" Certification Authority. A copy of one such overly bureaucratic 22 page Certification Authority law can be found at http://www.efga.org/digsig/lawdraft.html This is the original draft of Georgia's Digital Signature law. This draft was thrown out and rewritten from scratch to form a much better law. (assuming any law can be good) -----BEGIN PGP SIGNATURE----- Version: PGP for Personal Privacy 5.0 Charset: noconv iQBVAwUBM7YF00GpGhRXg5NZAQGnEAH+JRioBgJi2UIK1SkBBtaACNHCsd6nYbyU Q5/57jni0VV1AejCK7tOCFN1KfPe43dKlnsplBrO+spBf7Lt9j90Mw== =pAgj -----END PGP SIGNATURE----- -- Robert Costner Phone: (770) 512-8746 Electronic Frontiers Georgia mailto:pooh@efga.org http://www.efga.org/ run PGP 5.0 for my public key
Noah's story about Wired trademarking Digital Revolution (tm) is at: http://pathfinder.com/netly/editorial/0,1012,192,00.html " Have our friends at Wired gone mad? We always thought the Digital RevolutionĀ was about freedom of information, erasing of boundaries, creating global community, throwing off the shackles of government and evoking a spirit of unfettered, bottom-up business and entrepreneurialism. Was this yet another case of lawyers running amok? Or was it pre- Initial Public Offering jitters on Wired's part? -Declan At 09:52 -0700 6/27/97, Tim May wrote:
At 7:16 AM -0700 6/27/97, Declan McCullagh wrote:
journalists. "Today is the first day of the new American Revolution, the Digital Revolution.." (A phrase that happens to be trademarked by Wired, a sponsor of the rally.)
I really hope Declan is kidding when he says this phrase, or parts of it, or some variant of it, is "trademarked" by "Wired." If so, we're in deep shit.
(A phrase trademarked by the Nixon Administration, 1972.)
"Wired" seems increasingly to think it owns the birthright of the Net and all that came from it.
I wonder if someone has claimed trademark on any of these expressions:
"Big Brother Inside"
"Four Horsemen of the Infocalypse"
"National borders are only speed bumps on the information superhighway"
"citizen-unit"
"BlackNet"
"crypto anarchy"
--Tim
There's something wrong when I'm a felon under an increasing number of laws. Only one response to the key grabbers is warranted: "Death to Tyrants!" ---------:---------:---------:---------:---------:---------:---------:---- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@got.net 408-728-0152 | anonymous networks, digital pseudonyms, zero W.A.S.T.E.: Corralitos, CA | knowledge, reputations, information markets, Higher Power: 2^1398269 | black markets, collapse of governments. "National borders aren't even speed bumps on the information superhighway."
------------------------- Declan McCullagh Time Inc. The Netly News Network Washington Correspondent http://netlynews.com/
participants (5)
-
Declan McCullagh -
Eric Murray -
Robert A. Costner -
Robert Hettinga -
Tim May