(Note from moderator: because I got a lot of interested responses from list members, I am posting the newsletter on the CDA for all to see--and two other postings on the testimony of the government witnesses as well. By the way, Exon and the American Family Association are putting pressure on the Clinton administration to enforce the law. Some information is available on the Inter@ctive Week Web site at http://www.zdnet.com/intweek/daily/960409x.html--Andy) ----------------------------------------------------------------------------- The CDA Challenge, Update #6 ----------------------------------------------------------------------------- By Declan McCullagh / •••@••.••• / Redistribute freely ----------------------------------------------------------------------------- In this update: BYU/CMU's Dan Olsen's net-censorship boondoggle ACLU's 4/9 motion to suppress obscene images -- DENIED The new "I am a child" Internet protocol Who cares about kids: Who are the adults? Olsen as an expert witness -- on what? April 11, 1996 PITTSBURGH, PA -- The U.S. Department of Justice wants to split the worldwide Internet into "adult" and "minor" sections. That's their plan, assuming they can find someone to testify that this audacious boondoggle is even remotely feasible under current technology. If the DoJ gets this testimony in the record, then their attorneys will argue that the Communications Decency Act is constitutional and should be upheld. Well, they found their man. The Justice Department stoolie who's testifying tomorrow is none other than Dan R. Olsen, Jr., the incoming director of the Human Computer Interaction Institute at Carnegie Mellon University, now the head of the computer science department at Brigham Young University. Olsen concocted this scheme that he calls L18, for "Less than 18." Under it, every net-user must label every USENET post, email message, FTP site file, web page, chat room, IRC channel -- any collection of public bits spewed on the Net -- if the content is "inappropriate for minors." If you think you're clever 'cuz you labeled some "indecent" materials as suitable for kids, guess again, pal. Try that trick and the Feds'll throw your ass in jail for two years and send you a bill for $250,000. (Owners of anonymous remailers might be for in some surprise visits from the Feds if their systems are used to post "indecent" stuff that's labeled L18.) The censorhappy geeks at Brigham Young University put together a demo to prove that this scheme works. First Olsen stuck L18 tags on half his web pages. Then they set up a "Netscape proxy server" so it denied access to pages with L18 tags unless the user was verified as an adult. The experiment was a success -- and a hit with the DoJ! By now cybersavvy readers are wondering: "But how will a server know how old a user is?" The DoJ has a couple ideas that they're going to throw at the three-judge panel in Philadelphia tomorrow. The government's idea seems to be that if the judges accept even one of them, they'll uphold the CDA. The DoJ's proposals are: 1. Servers with "indecent material" will register users as adults or minors. 2. Every ISP will tag accounts as adults or minors. 3. A custom router will only allow users to access "indecent" sites if an adult types in the password first. Olsen's Grand Design for the Net incorporates Proposal #1. He's pushing the idea that web servers or proxy servers with "indecent" material will give out "adult verification passwords" before you can access their web page. This means: * A lengthy pre-registration process before you can access the site. * The server has to keep a database with the identities of all the adult users, complete with the credit card numbers that presumably will be used for verification. * If you want to access hundreds of web sites with "indecent" material, you've got to get hundreds of different passwords. If you run a web site with material that a Federal prosecutor anywhere in the U.S. may find "indecent" or "patently offensive," under Olsen's plan you have to verify that your users are adults. Somehow, I don't expect overseas sites will go for this. What, doesn't the DoJ realize that we're not just talking about the U.S. here? +-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+ ACLU'S MOTION TO SUPRESS OBSCENE IMAGES -- DENIED! +-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+ It's not about cybercensorship. It's about cybersex. At least that's what the DoJ wants everyone to believe. Justice Department attorneys have been flooding the court with printouts of hundreds of pages of dirty pictures, a lot of them pretty damn raunchy. Some of them might even be "obscene" -- that is, they fall into a legal class of images that flunk a three-part test that includes only images without "serious literary, artistic, social, political, or scientific value." Pretty hardcore stuff. GIFs like coeds fraternizing with german shepherds -- with the help of 25' of rubber tubing and a Tibetan yak. On April 9, the ACLU/EFF plaintiffs filed a motion to close the floodgates on the DoJ's deluge of porn, asking that the government be barred from introducing exhibits "unless they believe in good faith the material could not be prosecuted under existing obscenity or child pornography laws." The idea behind this motion was to educate the court and remind them that the CDA outlaws "indecency," not "obscenity." EFF attorney Mike Godwin explains the difference in his forthcoming book _Cyber Rights_: The term "indecency," although never defined by Congress or the courts, is a far broader concept than "obscenity" (examples of "indecency" include George Carlin's famous "Seven Dirty Words" monologues, at least some portions of Howard Stern's radio broadcasts, and, according to one court, the text of Allen Ginsberg's "Howl"). Not one of our plaintiffs has "obscene" or even titillating pictures on our web sites, but all of us are subject to a $250,000 fine and two years in prison if a minor stumbles across our URL. Yesterday the court denied our motion, saying that it understood that we weren't challenging obscenity laws and that, unlike the situation that might occur if there were a jury, the judges would not be prejudiced by any pictures introduced. The court ruled *they* were capable of understanding the difference, so there was no need to separate the materials. They did admit that we had raised an important issue, and the court understood the reason for the motion. I guess we have to trust them. +-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+ THE NEW "I AM A CHILD" INTERNET PROTOCOL +-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+ There's a second way to answer the question of: "How do you know who the children are?" Another option the DoJ appears to be pushing -- we'll know details tomorrow -- is this idea of reprogramming every computer on the worldwide Internet to run software that tags users as adults or minors, so a server will know whether it can send out "indecent" material. This shifts the burden of establishing age-identity from the content provider to the business or school giving out the Internet account. It also would allow any unscrupulous net.lurker to troll for "I am a child" tags and follow them back to the originating site -- not exactly the best way to protect the children! I should have realized this DoJ strategy earlier. Last week when I was arguing with Bruce Taylor, an architect of the CDA, we went 'round and 'round on the issue of children on the Net. He maintained that every Internet user has to have an account somewhere, so the provider of that account can tag the user as a minor or adult. I asked Taylor how his proposal was possible with the TCP/IP protocol -- the nerve system the carries all the data flowing through the Net. He replied that technical problems can be solved by technical people, and wasn't there a new protocol being developed, anyway? Basically, his position was: "Your side comes across to the court as saying that it can be done but we won't do it. You're a bunch of geeks who want to protect their porn and the court isn't going to buy it." The "new protocol" being developed is IP Version 6, which the DoJ zoomed in on in cross-examination of one of our witnesses, Scott Bradner from the Internet Engineering Task Force: 13 Q Would it be fair to say, to summarize what you've just 14 said, that the IP Next Generation group is working on a new 15 generation of the IP Protocol itself? 16 A That is correct. 17 Q Does it have -- does the IP Next Generation group have 18 recommendations regarding a specific architecture of the 19 packet traffic on the Internet, including the format of the 20 packet? The DoJ is going to argue that IPv6 can include such an adult/minor tag in each datagram. Chris Hansen, the head of the ACLU's legal team, says: Olsen is going to push this tagging idea that the government has, that you can imbed in your tag -- in your address -- an adult or minor tag. They're going to suggest that the market will come into existence that will make that tagging relevant. It's more like the *judicial penalties* will evolve to make the tagging not just relevant, but mandatory! On the cypherpunks list, Bill Frantz, a computer consultant, outlines one problem: One of the migration paths suggested for IPV4 to IPV6 migration is to tunnel IPV4 packets within IPV6 packets. IPV4 packets do not provide for an adult/minor tag, so until the transition to IPV6 is fairly well along, this approach will be ineffective. If the people who are worried about minor's accessing smut want something this century, they should go with PICS. A member of the IETF replies: Neither, for that matter, do IPv6 packets -- there is no provision for them. Furthermore, were anyone to create an end to end header of that sort, it would be eight bytes of wasted space in every packet in the net, especially since the implementation of such a tag is a technical impossibility as there is no way to force the originating system to tell the truth. The "high-touch" argument against this is important as the high-tech one. I just received the following mail from someone who would be unable to continue his work if the DoJ's IPv6 scheme is implemented: We provide free anonymous access to the net to sexual abuse survivors. We don't even know who they are, nor do we care - a lot of them are hiding out from their perps, and to try and identify them would be a tremendous breach of trust, as they are depending on us for their anonymity, much as a reporter would protect their anonymous source. I also have been told by these folks themselves that some of them are under the age of 18 - hell, I've had a few that tell me that they are 13 or 14 years old, and that they are still at home, still being raped by their perps. We provide an outlet for their frustrations, emptional support, a community for them, people to talk to, and support for them if they choose to report their abuse. None of this would be possible if Taylor and friends had their way. Sure, we could trace each and every one of them back to their providers, and find out who they are, but I'm not going to do it, and I'm perfectly willing to go to jail to protect their identities. My integrity is worth a whole hell of a lot more than any government law. +-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+ WHO CARES ABOUT KIDS: WHO ARE THE ADULTS? +-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+ The third way to answer the now-tiresome who-are-the-kiddies question is to turn it on its head and ask: "Who are the adults?" Hardware to answer that question already exists. The March 25 issue of Interactive Week reports that Livingston Enterprises, Inc. has colluded with Senator Exon's staff to design an "Exon box" -- a router that lets ISPs cut off unrated or "indecent" or unrated sites. To get around the block, an "adult" enters a secret password that tells the router to open a session and let the packets flow. Exon's staff is heralding this as an example of how easy it is to comply with the CDA. The only problem is that, like many such hamfisted censorship "solutions," it sucks, and it ain't going to work. One of the original architects of the Internet, David P. Reed, wrote: I do work to protect my children from inappropriate material, but pressure from Senators to mandate technically flawed solutions, and opportunistic, poorly thought-through technologies from companies like Livingston are not helpful. +-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+ OLSEN AS AN EXPERT WITNESS -- ON WHAT? +-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+-=-+ As I was writing this, I started wondering why Olsen got picked as the DoJ's expert witness for tomorrow's hearing, especially when his research is *not* in distributed computing environments and protocol design. It's in human computer interaction and user interfaces. One of Olsen's former students at Brigham Young University contacted me last week, saying he had initially hoped that Olsen was "lending a neutral opinion" on technical issues "but that hope proved false." I asked if his former faculty member has "done any work relating to distributed computing environments like the Internet?" His reply: "The closest thing I'm aware of is a paper on interactive bookmarks." Network engineering that ain't. On April 7th I sent Olsen email, asking him: "What kind of research have you done related to distributed computing environments like the Internet?" As of April 11, still no response -- even though he had replied to my earlier messages almost immediately. (I wouldn't put it past the DoJ's tame attack ferret, Jason Baron, to try and muzzle Olsen as well.) Vanderbilt Professor Donna Hoffman writes about Olsen: A colleague at CMU told me that Dan Olsen is largely an administrator at BYU and will assume administrative duties at CMU as the temporary head of the HCII... I've seen his vita and talked to some colleagues in CS and related fields about his work and it doesn't seem that he has done much, if any, research related to the distributed computing environments like the Internet. His vita is difficult to parse because he has numerous items I can't identify - for example, are they book chapters, working papers, proceedings? Where were they published? And so on. He is the Editor of a new journal published by CACM which started a few months ago, related to human-computer interaction. His main research interest seems to be in user interface issues, but he hasn't published much in scholarly journals so I would conclude that his work has had little impact on the field. (I should point out here that a member of the HCII at CMU sent me mail saying that conference proceedings are the main form of publication in the field.) Still, I wonder why the DoJ couldn't get a real net-expert to defend the CDA and the network protocol schemes they're proposing? Grey Flannel Suit (aka Air Force Special Agent Howard A. Schmidt) is going to take the stand tomorrow and do a live demonstration of how he can find cybersleze on the Net. I can hardly wait! Grey Flannel has been involved in a half-dozen porn prosecutions in the past: two dealing with civilian porn sites and and four dealing with military ones. From the deposition he gave in Washington, DC earlier this week, the extent of his testimony seems to be: "I went onto the Net and found dirty pictures." The following clue as to Grey Flannel's history of porn-prosecutions flowed into my mailbox the other day: It would be interesting to find out if Schmidt was involved in _US v. Maxwell_, 42 M.J. 568 (USAF Ct Crim App 1995), a military justice case concerning a USAF colonel who used AOL to communicate "indecent language" to another servicemember and to traffic in pornographic matter. USAFOSI was clearly involved in the investigation, but no agents are named in the opinion. Flannel will be followed by our last witness, MIT's Albert Vezza, and then Dan Olsen. Stay tuned for more reports. ----------------------------------------------------------------------------- We're back in court on 4/12, possibly 4/15 as a last day of witness testimony, 4/26 for rebuttal if necessary, and 6/3 for closing arguments. Mentioned in this CDA update: Michael Froomkin: "The Internet as a Source of Regulatory Arbitrage" <http://www.law.miami.edu/~froomkin/arbitr.htm> Wired: "How Anarchy Works -- Inside the Internet Engineering Task Force" <http://www.hotwired.com/wired/3.10/departments/electrosphere/ietf.html> Net-Guru David Reed's article: "CDA may pervert Internet architecture" <http://fight-censorship.dementia.org/fight-censorship/dl?num=2093> Michael Froomkin's LONG article on anonymous remailers: <http://www.law.miami.edu/~froomkin/ocean1-7.htm> Dan Olsen at BYU <http://www.cs.byu.edu/info/drolsen.html> BYU's censorship policy <http://advance.byu.edu/pc/releases/guidelines.html> Internet Eng Task Force <http://www.ietf.org/> Rimm ethics critique <http://www.cs.cmu.edu/~declan/rimm/> Int'l Net-Censorship <http://www.cs.cmu.edu/~declan/zambia/> CMU net-censorship <http://www.cs.cmu.edu/~kcf/censor> University censorship <http://joc.mit.edu/> Grey Flannel Suit <•••@••.•••> This report and previous CDA Updates are available at: <http://fight-censorship.dementia.org/top/> <http://www.eff.org/pub/Legal/Cases/EFF_ACLU_v_DoJ/> <http://www.epic.org/free_speech/censorship/lawsuit/> To subscribe to the fight-censorship mailing list for future CDA updates and related net.censorship discussions, send "subscribe" in the body of a message addressed to: •••@••.••• Other relevant web sites: <http://www.eff.org/> <http://www.aclu.org/> <http://www.cdt.org/> ----------------------------------------------------------------------------- ----------------------------------------------------------------------------- The CDA Challenge, Update #7 ----------------------------------------------------------------------------- By Declan McCullagh / •••@••.••• / Courtesy of The Netly News ----------------------------------------------------------------------------- From The Netly News at <http://pathfinder.com/Netly/daily/nnhome.html>: We've become fans of Declan McCullagh's dispatches from Philadelphia where a three-judge panel is determining the fate of the so-called Communications Decency Act. McCullagh, as you probably know, is an activist with the EFF whose free-speech stance mirrors our own. We'd be happy to run an opposing viewpoint, but we don't know anyone who's actually pro-CDA. Still, if you are and would like to use this bully pulpit to pitch your ideas to an extremely hostile audience, drop us a line. In the meantime, here's a piece we asked McCullagh to do for us as the hearing winds down. ----------------------------------------------------------------------------- In this update: Ducks on the Net! More on BYU's Dan Olsen's censorhappy boondoggle Grey Flannel Suit wears Blue Pinstripe, surfs for porn April 15, 1996 PHILADELPHIA -- Ducks were a hit at the most recent Communications Decency Act hearing in Philadelphia's Federal court. Yes, ducks. Last Friday the Department of Justice's cybersleaze expert took the stand to show how easily children can stumble across online porn -- but the three-judge panel limited his demonstration to G-rated GIFs that he sucked down from alt.binaries.pictures.animals. (The judges
