6.805 | Fall 2005 | Undergraduate

Ethics and the Law on the Electronic Frontier

Readings

This section provides several of the background reading materials and resources for the course assignments.

The following two books will be read during the semester:

Brin, David. The Transparent Society: Will Technology Force Us to Choose Between Privacy and Freedom? New York, NY: Perseus Books, 1999. ISBN: 0738201448.

O’Harrow, Robert. No Place to Hide: Behind the Scenes of Our Emerging Surveillance Society. New York, NY: Simon and Schuster, 2005. ISBN: 0743254805.

Readings for Individual Topics

Here is background for some of the individual course topics. Specific items will be indicated in the weekly assignments.

Other Sources of General Course Material

  • Wired Magazine displays the Gucci look for cyberspace (and Hal wrote this before they were purchased by Condé-Nast), with almost as many fonts per issue as the MIT Admissions Office’s publicity booklet. You’ll have to dig up more serious material for the course, but Wired is OK for general reading and there are occasional excellent articles.
  • The Electronic Frontier Foundation maintains extensive on-line archives. These will be useful throughout the semester, especially the collections on Legislation and Legal issues, and the Privacy, Security, Crypto, and Surveillance Archive. You should also check out current and past issues of their newsletter, the EFFector.
  • The Center for Democracy and Technology is an organization concerned with civil liberties in computer and communications technologies. Their home page is a good place to look for information on current legislative action.
  • The Electronic Privacy Information Center is a public-interest group that deals with civil liberty issues relating to the National Information Infrastructure. It is also the Washington Office of Privacy International. There are good on-line collections on computer security, privacy, cryptography policy, and free speech.
  • Lexis/Nexis: Law review articles, court rulings, and many other resources can be found in Lexis-Nexis Universe. Subscriptions to Lexis/Nexis are licensed by institutions and are restricted. The links to Lexis/Nexis resources in this archive work at MIT only – they can be accessed only from within the MIT network. Other people who wish to get hold of the Lexis/Nexis material cited in this archive will need to arrange for their own access.
  • The U.S. Congress public information system provides keyword searches of the Congressional Record.
  • Here are two classic science-fiction works that don’t have anything to do with the course directly – or maybe they have everything to do with the course directly, since they describe the futures we may be laying the groundwork for with today’s network technology. Food for thought:
    • Gibson, William. Neuromancer. From the man who invented the word “cyberspace.” If you’ve read the book and liked it, you may want to look at the sequels, Count Zero and Mona Lisa Overdrive.
    • Vinge, Vernor. “True Names.” in the collection True Names and other Dangers. Written in the early 80s, this short story is frighteningly prophetic of current issues having to do with anonymity, privacy, and security on the network.

Info 1 TLP Info 2 TLP Comm 1 TLP Crime 1 TLP Encrypt 1 TLP Encrypt 2 TLP Encrypt 3 TLP Encrypt 4 TLP Encrypt 5 TLP Encrypt 6 TLP Encrypt 7 TLP Encrypt 8 TLP

In his LA speech, Gore called the development of the NII “a revolution.” And it is a revolutionary war we are engaged in here. Clipper is a last ditch attempt by the United States, the last great power from the old Industrial Era, to establish imperial control over cyberspace. If they win, the most liberating development in the history of humankind could become, instead, the surveillance system which will monitor our grandchildren’s morality. We can be better ancestors than that.
--John Perry Barlow, “Jackboots on the Infobahn.” Wired, April 1994

The Clinton administration has adopted the chip, which would allow law enforcement agencies with court warrants to read the Clipper codes and eavesdrop on terrorists and criminals. But opponents say that, if this happens, the privacy of law-abiding individuals will be a risk. They want people to be able to use their own scramblers, which the government would not be able to decode. If the opponents get their way, however, all communications on the information highway would be immune from lawful interception. In a world threatened by international organized crime, terrorism, and rogue governments, this would be folly.
--Dorothy Denning, “The Clipper Chip will block crime.” Newsday, February 22, 1994

Of course there are people who aren’t prepared to trust the escrow agents, or the courts that issue warrants, or the officials who oversee the system, or anybody else for that matter. Rather than rely on laws to protect us, they say, let’s make wiretapping impossible; then we’ll be safe no matter who gets elected. This sort of reasoning is the long-delayed revenge of people who couldn’t go to Woodstock because they had too much trig homework. It reflects a wide – and kind of endearing – streak of romantic high-tech anarchism that crops up throughout the computer world.
--Stewart Baker, “Don’t Worry Be Happy: Why Clipper Is Good For You.” Wired, June, 1994

Overview of Clipper During 1994

The debate over the Digital Telephony Bill was carried out in the shadow of the much more public controversy over the Clipper Chip, which was authorized by the Clinton White House in April, 1993, and emerged as a full-fledged approved program – the Escrowed Encryption Standard (EES) – in February, 1994. Clipper, developed by the NSA, was system of encryption for telephone communications. It provided security through encryption, but arranged for the encryption keys to be held (in “escrow”) by the government, so that they could be obtained for conducting wiretaps. This was to be accomplished through a special chip (the Clipper Chip) that would be installed in every telephone.

  • Classified Presidential Directive (PDF) of April 15, 1993, authorizing the Clipper initiative.
  • Public announcement (PDF) of the Clipper initiative, April 16, 1993.

Clipper sparked enormous criticism. In addition to the overall issues about encryption and wiretapping, the specific proposal had fatal flaws:

  • The encryption algorithm to be used, called Skipjack, was classified. (According to the NSA, publishing such a high-quality algorithm would be detrimental to national security.) This meant that Clipper implementations must be done in hardware, and, moreover, with expensive tamper-proof chips.
  • Clipper phones would not interoperate with other phones. As a consequence, there is little economic incentive for anyone to buy one.
  • Keys would be held by government agencies in such a way as to require a complex, centralized, expensive infrastructure. In addition, the checks and balances that would protect against unauthorized invasions of privacy by overzealous law-enforcement officials, or against disclosure of keys to criminal elements from corrupt officials were never adequately clarified.

These flaws were so serious that in retrospect it one wonders whether the NSA was so naïve as to seriously believe that Clipper would be adopted, or whether they merely put it forth as a ploy to elicit the emergence of practical proposals. In addition, there were several embarrassing developments, including the discovery of an attack on the Clipper protocol by Matt Blaze of Bell Labs, which would permit a determined hacker to subvert the escrow provisions of a Clipper phone (the NSA said they had known that all along) and the announcement by Prof. Silvio Micali of MIT that he held a patent on the key-splitting technique used in Clipper (the National Institute of Standards and Technology bought him off by licensing the patent).

In any event, by July of 1994 the Administration was already backing away from Clipper (note the July 20th letter from Vice President Gore and the follow-up articles in the news items from 1994) in favor of software-based “key escrow”, which is the subject of the next section this essay.

More Detailed Information on Clipper in 1994

Although the details of Clipper changed in subsequent proposals, the debates during 1994 are still very pertinent, since they surfaced the general issues concerning government control of cryptography.

Papers, Articles, and Comments

  • Barlow, John Perry. “Jackboots on the Infobahn.” Wired, April 1994. This is Barlow’s reaction to the reintroduction of the Clipper initiative early in 1994.
  • Meeks, Brock. “The End of Privacy.” Wired, April 1994. Another early (and well written) anti-Clipper article.
  • Stewart Baker, “Don’t Worry Be Happy: Why Clipper Is Good For You.” Wired, June 1994. Baker wrote this when he was Chief Legal Counsel for the National Security Agency. He has since returned to private practice at the law firm of Steptoe and Johnson, where he is an expert on the legal aspects of encryption and export.
  • Dorothy E. Denning, “Resolving the Encryption Dilemma: The Case for Clipper”, Technology Review, July 1995. This article gives a good overview of the issues involved, and argues in favor of escrowed encryption.
  • Inman, Bobby Ray. Report on government control of cryptography. Published in Internet Security Monthly, February 1995. Compiled by Rich Lethin (Adm. Inman is former director of the NSA.)

News Articles

Here are some items culled from the Net during 1994. Skimming them in chronological order will give you a good feel for how the Clipper controversy evolved over that first year.

Debates

Clipper was the subject of many debates and panels. Here are two of them:

  • “The Clipper Chip: Should the government control the master keys to electronic commerce?” Sponsored by The Association of the Bar of the city of New York, January 19, 1995.
  • “MIT Panel on Clipper.” Sponsored by the MIT Center for Technology, Policy and Industrial Development, Communications Forum. September 29, 1994. (This panel is typical of the many debates over Clipper during 1994 and 1995.)

Policy Studies

The Clipper debates engendered several significant studies of government encryption policy. (These are of historical interest in tracking the debate, but they are largely superseded by the 1996 report of the National Research Council.)

  • Information Security and Privacy in Networked Environments was a major report released by the Office of Technology Assessment in September, 1994. This gives a comprehensive overview of cryptography and security issues, with emphasis on the potential policy actions to be undertaken by Congress. Chapter 4 contains a good, unbiased overview of Escrowed Encryption Standard (Clipper) and US export controls on cryptography. A summary of the report can be found here (PDF).
    In June 1995, the OTA issued an update of the study that reviewed main points of the report and updated it in light of developments in the government and in the private sector during the second half of 1994 and the first half of 1995. A summary of the update can be found here (PDF).
  • Codes, Keys and Conflicts is a Report of a Special Panel of the Association for Computing Machinery’s U.S. Public Policy Committee (USACM), June 1994. This study, sponsored by the ACM, is a(nother) comprehensive overview of the issues and options involved. Rumor has it that the study was originally supposed to make recommendations, but the panel could not agree, so it restricted itself to laying out the options. Simultaneously with an ACM press release, the USACM issued a separate press release calling for Clipper to be withdrawn. The two different press releases, one neutral and one anti-Clipper, by what seemed to be the same organization, caused a lot of confusion and a lot of flaming on the Net.
  • Lance Hoffman, Building in Big Brother: The cryptographic policy debate, Springer-Verlag, 1995. This book of readings and source material collects together most of the important documents and articles on Clipper and export policy that appeared up to the beginning of 1995. (Many of these are also on line in the archives for this class.)

EPIC’s FOIA Request and Lawsuit

In August 1995, the Electronic Privacy Information Center obtained documents under the Freedom of Information Act revealing that the FBI had concluded in 1993 that the Clipper initiative could succeed only if alternative security techniques were outlawed, and planned to push for such legislation (which they have since done). The existence of these plans, even while while the Administration was assuring people throughout 1994 that there were no plans to impose domestic control of encryption, has led to an atmosphere of distrust that continues to envelop the encryption debate. Here is EPIC’s press release. In September 1995, EPIC filed a lawsuit against the NSA challenging the “national security” classification of information concerning the Clipper Chip and the underlying Skipjack algorithm.

More Sources on Clipper

The Clipper/EES/Capstone/Tessera/Key Escrow Archive maintained by the Electronic Frontier Foundation contains extensive source material on Clipper from 1993 and 1994.

Next section of this essay: 1995-97: From Clipper to Key Recovery

The Communications Assistance for Law Enforcement Act (CALEA), also known as the Digital Telephony Act, was passed by Congress in October, 1994. Earlier versions of the bill had been floating around Congress since 1992, but they did not gain much support until FBI Director Louis Freeh, who made this one of his top priorities, devoted considerable personal time to lobbying for the bill.

CALEA requires telecommunications carriers to provide facilities “enabling the government, pursuant to a court order, to intercept all wire and electronic communications carried by the carrier.” The 1994 bill called for $500 million in funding to reimburse telecommunications carriers for the cost of implementing its requirements. This funding was approved in 1996.

Passage of CALEA was controversial, even within the Internet community. The Electronic Frontier Foundation strongly opposed the original version of the bill, but eventually participated in negotiations and added provisions that strengthened the bill’s privacy protections, which led them to support the revised bill. The Electronic Privacy Information Center and the ACLU opposed the bill.

CALEA does not explicitly address encryption, although Director Freeh was clear that the FBI would subsequently request additional legislation, should encryption become a hindrance to wiretaps. In addition, top secret documents (since declassified) show that there have been plans since the Bush Administration in 1991 to use Digital Telephony as a “beachhead we can exploit for the encryption fix”.

  • Text of the CALEA as enacted by Congress in 1994.
  • Here are some items dealing with the passage of the bill and some subsequent developments.
  • Barlow, John Perry. “Decrypting the Puzzle Palace.” Communications of the ACM, July 1992. This consciousness-raiser by Barlow raised the issues of Digital Telephony and the NSA’s involvement two years before this broke in a big way.
  • The Electronic Privacy Information Center’s archive on wiretapping, with information on CALEA and subsequent developments.
  • The Electronic Frontier Foundation’s archive on Digital Telephony, with extensive source material.

Next section of this essay: 1994: Clipper (The Escrowed Encryption Standard)

By mid-1994, Clipper was dead as a serious proposal, although the debate continued to seethe – and the pressure from industry to address the awkward export regulations mounted. The need to do something was brought home in August 1995 when David Byers in Sweden and Eric Young in the UK, and (independently) Damien Doligez in France demonstrated that they could break the 40-bit RC4 encryption algorithm used in Netscape’s SSL (the only encryption algorithm generally approved for export from the U.S., and claimed by the Administration to be adequate for commercial applications) using clusters of workstations running for 8 days. (This feat was duplicated in January 1996 at MIT by Andrew Twyman, using a single graphics workstation.)

Fall 1995: Clipper II

In September and December 1995, the Administration sponsored public meetings under the auspices of the National Institute of Standards and Technology (NIST), aimed at raising support for a new approach to the cryptography dilemma. The basic principle was that the U.S. would permit export of products using stronger algorithms – up to 56-bit DES – provided these included spare keys that would be deposited with authorized “escrow agents” who would respond to government requests. Additional criteria included that products must be designed so that the escrow mechanism cannot be circumvented, and that escrowed encryption products cannot interoperate with non-escrowed encryption products.

This approach was seen as an improvement over Clipper, but industry support was generally cold. The proposed 56-bit DES limit was still considered inadequate, and the various criteria were criticized as unclear and difficult to implement, and with inadequate safeguards against abuse. The initiative was opposed as a “Clipper II” and (because of the non-interoperability criterion) an attempt to impose key escrow on domestic use of encryption. Here are links to further details:

  • Markoff, John. “U.S. to Urge A New Policy On Software.” New York Times, August 18, 1995.
  • Diffie, Whitfield. “Washington’s Computer Insecurity.” New York Times op-ed piece, August 19, 1995.
  • Lewis, Peter H. “Privacy for computers? Clinton sets the stage for a debate on data encryption.” New York Times, September 11, 1995,
  • Corcoran, Elizabeth. “Feuding again erupts over encryption exports.” Washington Post, September 16, 1995.

May 1996: The NRC Report

In 1994, at the height of the original Clipper controversy, the National Research Council began a study of U.S. cryptography policy. This was finally published in May, 1996, as Cryptography’s Role in Securing the Information Society. Even though a year has since gone by in this rapidly changing area, the 700-page NRC report is the still the single best and most comprehensive source for information about cryptography policy and its implications.

The report contained several major recommendations, including:

  • No law should bar the manufacture, sale, or use of any form of encryption within the United States.
  • Export controls on cryptography should be progressively relaxed but not eliminated.
  • National cryptography policy should be developed by the executive and legislative branches on the basis of open public discussion and governed by the rule of law.

The third recommendation seems the most general, but it is perhaps the most important one. Most members of the NRC panel had been given security clearances and had received classified briefings from the law-enforcement and intelligence communities. The panel concluded that although the classified information contained important details, these did not make a difference in the overall policy debate, which should therefore be conducted in public fora rather than in closed hearings.

The panel also recommended that the U.S. government begin to experiment with escrowed encryption in order to gain experience with it. But it criticized efforts to promote rapid, widescale deployment of key escrow systems, saying that the technical issues and potential risks were not sufficiently understood. Largely as a result of this criticism, the Administration quickly distanced itself form the report.

  • National Research Council Committee. “Cryptography’s Role in Securing the Information Society.” May 30, 1996. Prepublication Copy. (Overview of the report and summary recommendations.)

May 1996: Key-management Infrastructures (“Clipper III”)

McConnell, Bruce, and Edward Appel. “Enabling Privacy, Commerce, Security and Public Safety in the Global Information Infrastructure.” May 1996. The Administration introduced a new idea for dealing with control of cryptography, with the publication of the above draft memorandum by Bruce McConnell, and Edward Appel, who co-chaired the White House’s Interagency Working Group on Cryptography Policy.

This approach went further than ever before in recognizing that industry must play a major role in any solution to the cryptography problem. Rather than focusing on cryptographic algorithms themselves, the report highlighted the importance of a key-management infrastructure(KMI) through which users of cryptography are able to identify the the people they are communicating with. This identification can be accomplished by having keys registered and digitally signed by certification authorities (CAs), which serve as “digital notarys public” to attest to the identity of the person nominally associated with a given key. (There are other possible techniques, such as the “web of trust” used in PGP.)

The Administration paper emphasized the importance of key-management infrastructures and suggested a collaborative effort by government and industry to develop a KMI in which, when keys are registered with a certification authority, they are also escrowed with an associated key escrow agent that would respond to government requests for access to keys. The report suggested that encryption products whose keys are escrowed in this way would be eligible for export. It also called for developing a framework of international agreements about sharing keys and providing access to escrowed information.

The proposal was viewed as significant progress by the Administration in recognizing the importance of expanding the use of encryption. But it was criticized – and immediately dubbed “Clipper III” by opponents – on the grounds that it would effectively make key escrow (even for domestic encryption) a precondition for participation in the Global Information Infrastructure by incorporating escrow into the basic framework of identification on the network.

The Electronic Frontier Foundation’s Clipper III Archive contains several statements critical of the proposal.

Summer 1996: Key Recovery and Inducements for Industry Cooperation

Note: By the summer of 1996, “key escrow” had amassed so much criticism that proponents of the idea started using the term “key recovery” to mean essentially the same thing. There have been several attempts to explain the difference, usually by companies that have developed key escrow schemes. The explanation usually boils down to “Key escrow was that old unacceptable idea, but this particular feature of our product includes makes it recovery rather than escrow.”

Starting in late summer, the Administration began trying to garner industry support for key recovery along the lines laid down in the May KMI paper. In a series of meetings with computer and software companies through the fall, the following policy was hammered out:

  1. The Administration would shift jurisdiction over export of cryptographic hardware and software from the State Department to the Commerce Department. Industry liked this, since it considers the Commerce Department to be more receptive to industry views.
  2. Companies could apply for and receive immediate approval to export encryption products using 56-bit DES, provided they presented a plan to install key recovery in their exported encryption products within two years.
  3. Encryption products of any strength would be eligible for export approval, if they incorporate key recovery.

This policy generally received reluctant cooperation from industry. On the one hand, companies insisted that export regulations place them at a disadvantage with respect to foreign competition, and they were loathe to supporting any plan that would continue to regulate encryption export. On the other hand, the were eager to obtain approval for their 56-bit DES products (even though these are not adequate for high-security applications).

In October, eleven companies – Apple, Atalla, Digital, Groupe Bull, Hewlett-Packard, IBM, NCR, RSA, Sun, Trusted Information Systems and UPS – became charter members of the Key Recovery Alliance, whose aim is to develop key-recovery techniques to meet the needs of customers and to allow easing of export restrictions. The Alliance emphasized that there are valid commercial reasons for key recovery (such as people gaining access to their data if they lose their keys), but they took pains to make clear that they oppose any attempts by governments to mandate key recovery. Since then, Alliance membership has gr own to 60 companies.

1997: Situation Still Murky

At the very end of December 1996 the Administration, as promised, published new regulations transferring export control of cryptography from the State Department to the Commerce Department’s Bureau of Export Administration.

Here are the regulations (PDF), as published on December 30, 1996.

Technically, these regulations are an “interim rule”, but as of this date (September, 1998), they are still in effect, while the Administration revises them in response to comments. Reception from industry remains grudging: Overall, companies are filing plans to gain export approval for 56-bit DES, while continuing to oppose any export restrictions. Their mantra here is “We oppose government regulation of encryption, but we will provide key-recovery products in response to customer demand”.

1997 was also the year in which the crypto dilemma attracted Congress’s attention in a big way, with numerous hearings and several bills introduced, with industry and civil liberties groups lobbying for relaxing export controls, while law-enforcement (notably the FBI and the Justice Department) lobbied for tighter controls.

  • One influential document in the debate was The Risks of Key Recovery, Key Escrow, and Trusted Third-Party Encryption, by a group of cryptographers and computer scientists (Hal Abelson, Ross Anderson, Steven Bellovin, Josh Benaloh, Matt Blaze, Whitfield Diffie, John Gilmore, Peter Neumann, Ronald Rivest, Jeffrey Schiller, and Bruce Schneier) published in May 1997 with the assistance of the Center for Democracy and Technology. The group cautions that key recovery for government access (where keys must be made accessible to law-enforcement on short notice without the knowledge of the user) has inherent risks and expenses that are not well understood, and advises against rapid, wide-scale deployment of such systems.

Congressional legislation in 1997 was all over the map, with bills introduced ranging the elimination of export controls outright, to bills outlawing the sale of non-escrowed encryption products, even domestically. By the end of the legislative session, the encryption debate has become too chaotic to result in any legislation.

  • Selected articles on the Crypto Debate circa 1997. Note the flare-up after September 3, when FBI Director Louis Freeh proposed regulation of domestic encryption, just as he had announced as his intent ever since the debate over Digital Telephony.
  • “Encryption Bills Considered By Congress in 1997.” Summary (with comments) provided by the Electronic Frontier Foundation on 10 October 1997. This is far from an unbiased report, since the EFF is adamantly opposed to any regulations on encryption, but is nevertheless helpful to see all the bills discussed in one place.

Another element of the crypto debate that became critical in 1997 was the reaction of other governments. The Administration’s vision of a Key Management Infrastructure requires significant international cooperation on to develop a framework for inter-government access to keys and encrypted information, and the U.S. has been lobbying strongly for other governments to adopt the key recovery approach. The following report which was issued by European Commission appears to throw cold water on the U.S. efforts.
European Commission. “Towards a European Framework for Digital Signatures and Encryption.” October 8, 1997.

See the following article on the European Commission report: Andrew, Edmund L. “Europeans Reject U.S. Plan On Electronic Cryptography – Threats to Privacy and Commerce Are Cited.” The New York Times, October 9, 1997.

1998: Going Slow (so far)

So far, 1998 has been a year of slow going. The Secure Public Networks Act (S. 909), passed by the Senate Commerce Committee in July, 1997, would mandate the use of key recovery on networks built using federal funding, and also as a precondition to gaining certificates for electronic commerce. This bill has not yet come before the full Senate.

One interesting development was the demonstration by the Electronic Frontier Foundation that 56-bit DES could be cracked in 56 hours using a special-purpose machine that can be built at modest cost, thus underlining the inadequacy of 56 bits as a limit on exportable encryption.

Harking back to CALEA and the beginning of this survey – the U.S. Telephone Association filed suit against the FBI and the Department of Justice on August 19 to block the implementation of CALEA, on the grounds that the implementation cost-recovery regulations and FBI rules exceed the FBI’s statutory authority. On September 11, 1998, the FCC helped defuse the tension between the FBI and the telecommunications industry by delaying the date for CALEA compliance (originally scheduled for October 1998) until June 2000.

Overall, though, most action seems to be behind the scenes positioning. Whether anything will emerge before the end of the legislative session remains to be seen.

For an overview of latest events, see the information pages maintained by the Internet Privacy Coalition and the Center for Democracy and Technology.

The following Top Secret memo from Brent Scowcroft to George Bush, written and the end of 1991 (and declassified in 1996) shows Bush’s approval of a plan to have the Justice Department prepare legislation to deal with digital telephony problem, and to follow through to address encryption about a year later.

These documents were obtained in 1996 by the Electronic Privacy Information Center, under the Freedom of Information Act.

1991 Memorandum from Brent Scowcroft to George Bush. (Courtesy of the Electronic Privacy Information Center.)

1991 Memorandum from Brent Scowcroft to George Bush. (Courtesy of the Electronic Privacy Information Center.)

1991 Memorandum from Brent Scowcroft to George Bush. (Courtesy of the Electronic Privacy Information Center.)

What is freedom of expression? Without the freedom to offend, it ceases to exist.
--Salman Rushdie, “In good faith”

Now, what I am trying to suggest to you is just to understand the moment in time we are at in which at least the people on the Internet know that when you do something through words, you do something.
-- Catharine MacKinnon (Discussing the Jake Baker case, March 9, 1995)

If there is any principle of the Constitution that more imperatively calls for attachment than any other it is the principle of free thought–not free thought for those who agree with us but freedom for the thought that we hate.
-- Justice Oliver Wendell Holmes, Jr., in U.S. v. Schwimmer, 279 U.S. 644 (1929)

The Jeffersonian model for universal freedom which Mr. Gingrich so rightly applauds could not take into account the barbarisms of the modern mind. Nor could it imagine the genius by which such barbarisms can be disseminated as they are today, in seconds, to the remotest and still most innocent corners of the world. Someone, perhaps even the Speaker of the House of Representatives, is going to have to consider soon the implications, for ill as well as good, of our venture out onto the information superhighway, or else there are going to be some very messy electronic traffic accidents.
--Judge Robert Bork, “An Electronic Sink of Depravity.” in the Spectator, (February 4, 1995)

Cutting through the acronyms and argot that littered the hearing testimony, the Internet may fairly be regarded as a never-ending worldwide conversation. The Government may not, through the CDA, interrupt that conversation. As the most participatory form of mass speech yet developed, the Internet deserves the highest protection from governmental intrusion. Just as the strength of the Internet is chaos, so the strength of our liberty depends upon the chaos and cacophony of the unfettered speech the First Amendment protects.
-- U.S. District Judge Stewart Dalzell (June 12, 1996)

General Readings

This semester, our discussion of free expression on the internet will be dominated by the story of censorship and the Communications Decency Act  from which specific assignments will be made. There are also a few other pieces on this general topic that are good reading for context and background.

  • Tribe, Laurence H. “The Constitution in Cyberspace.”
    This was the keynote address at the First Conference on Computers, Freedom and Privacy, in 1991, by the eminent Constitutional scholar Laurence Tribe of Harvard Law School. Its proposed “twenty-seventh amendment” has been widely cited as a principle for interpreting Constitutional issues in cyberspace. As you read this piece, consider how well Tribe’s view has held up over the ensuing seven years.
  • Freedom of Expression. This briefing paper by the ACLU contains a concise summary of the major Supreme Court cases involving the First Amendment.

Landmark U.S. Supreme Court Decisions on Communications and Free Expression

It’s useful to read interpretations of Supreme Court decisions, but you should also read some of the actual decisions for yourself. Note that may decisions being with a syllabus that lists the basic findings in the case, before presenting the opinion(s) of the Justices.

  • Schenck v. U.S., 249 U.S. 47 (1919): The opinion here by Justice Holmes affirms that some restrictions on speech are constitutional, and it articulates the “clear and present danger” principle. (“The most stringent protection of free speech would not protect a man in falsely shouting fire in a theatre and causing a panic.”)
  • Abrams v. U.S., 250 U.S. 616 (1919): This case, along with Schenk, forms the cornerstone of modern First Amendment jurisprudence. The Court’s decision here upheld the Schenk prohibition, but the importance of the opinion is in Justice Holmes’s passionate dissenting opinion, which argues that speech can be restricted only if it presents a clear and present danger. (“It is only the present danger of immediate evil or an intent to bring it about that warrants Congress in setting a limit to the expression of opinion where private rights are not concerned.”)
  • Chaplinsky v. State of New Hampshire, 315 U.S. 568 (1942): This case established the doctrine that “fighting words” are not protected by the First Amendment.
  • Whitney v. People of State of California, 274 U.S. 357 (1927): In this case, the Supreme Court upheld a conviction for “criminal syndicalism” (effectively, conspiracy). The decision is notable for Justice Brandeis’s concurring decision which, despite the fact that it concurs in the conviction, has been called “the greatest court opinion on freedom of speech ever written”.
  • Brandenburg v. Ohio, 395 U.S. 444 (1969): This decision overthrew the “clear and present danger” rule, overturning Whitney v. California. The decision spells out the Court’s misgivings that the rule had been overly broadly construed over the years and replaced it with a narrower provision. (“Freedoms of speech and press do not permit a State to forbid advocacy of the use of force or of law violation except where such advocacy is directed to inciting or producing imminent lawless action and is likely to incite or produce such action.”)
  • Miller v. California, 413 U.S. 15 (1973): This decision lays out the Court’s three-part test for obscenity, and reaffirms that obscene speech is not protected by the First Amendment.
  • New York Times Co. v. Sullivan, 376 U.S. 254 (1964): In this decision, the Court held that a defamatory falsehood about a public official can be punished only if there was “actual malice,” i.e.: “knowledge that the statement was false or with reckless disregard of whether it was false or not.”
  • Gertz v. Robert Welch, Inc., 418 U.S. 323 (1974): In this ruling, the Court clarified that the New York Times standard on limitation of liability does not apply in the case of private citizens.
  • FCC v. Pacifica Foundation, 438 U.S. 726 (1978): In this case, the Court upheld the power of the FCC to regulate indecent (as opposed to obscene) speech in broadcast media, thereby codifying into law the principle that material broadcast over radio or TV has narrower Constitutional protections than material written in books or newspapers. The rationale for this rests on the “pervasive presence” of the medium – that it is difficult to avoid unintentionally running across objectionable broadcasts even in the privacy of one’s own home – and that the medium is “uniquely accessible to children.” The question of whether material transmitted via the internet is more like broadcasts or like books was central to the arguments over the constitutionality of the CDA.
  • Sable Communications v. FCC, 492 U.S. 115 (1989): The Court ruled here that a 1983 law banning “dial-a-porn” services was unconstitutional, on the grounds that it was overly broad. The opinion by Justice White lays out the famous “least restrictive means” test.

In doing research on these and other cases, one outstanding reference is the Library of Congress’s The Constitution of the United States of America: Analysis and Interpretation, an extensive set of annotations of Supreme Court cases up till 1992. You can locate cases with the aid of an on-line search engine, but it’s probably easier to download the chapter on the First Amendment (780K!) and search with a text editor.

The Internet Censorship Saga: 1994-1997

This extensive story has a page of its own.

Other Material

Anonymity

The use of anonymous communication on the Internet has raised concerns, but also has its strong defenders. This issue has not been explicitly addressed by laws or by the Court, although it may well arise in the near future.

  • Froomkin, Michael A. “Anonymity and Its Enmities.” Journal of Online Law (1995). This article analyzes the legal status of attempts to ban anonymity.
  • Froomkin, Michael A. “Flood Control on the Information Ocean: Living with Anonymity, Digital Cash, and Distributed Data Bases.” U. Pittsburgh J. of Law and Commerce 15, no. 395 (1996). This includes a revised version of the above paper, as well as a discussion of the lager context of anonymity and privacy.
  • Mcintyre v. Ohio Elections Commission (1975). This Supreme Court decision may be critical to the legal status of anonymity on the Internet. In it, the Court affirms the right to conduct anonymous political leafletting.
  • Anonymity: Index. This page, maintained by Arnoud “Galactus” Engelfriet, has links to anomyous remailers and other tools for hiding your identity on the network.

University Computer Policies

Many sticky issues of “civil behavior” on the network continue to be played out on college campuses. Here is some material dealing with this topic:

  • MITnet Rules of Use. This is part of the document Welcome to Athena.
  • The Civil Liberties Union of Harvard. “Report on Computers at Harvard.” November 1995.
    This is a set of recommendations put out in November 1995, by the The Civil Liberties Union of Harvard, with suggested computer use policies to be adopted by Harvard. (Were any of these adopted? How do they compare with MIT’s policies?)
  • Here are some hypothetical discussion cases on university computing policy, created by Greg Jackson, formerly MIT’s Director of Academic Computing: Alpha Sigma (PDF), Jane Thatcher (PDF), Judy Hamilton (PDF), Malekh Salimi (PDF), Michael Zareny (PDF), Typhoid Mary (PDF)
  • Mitchell, Melissa. “Electronic misbehavior’ takes many forms on the Internet.” University of Illinois faculty newsletter, 1994.
    This article describes the approach to computer policy at UI.
  • Kovaleski, Serge F. “Universities Vexed by Use of Their Internet Connections for Hate Mail.” The Washington Post, August 4, 1995.
  • Shear, Michael D. “First Amendment Tangle In the Net: Colleges Struggle to Balance Free Speech, Cybersensitivity.” The Washington Post, October 23, 1995.
    Story dealing with the disciplining of a student at Virginia Tech for posting a hate message.

Miscellaneous

  • Lappin, Todd. “The First Amendment, new media, and the Supreme Court.” Wired, Spring 1996.
    This note summarized the issues the Court would have to consider in the (then upcoming) challenge to the Communications Decency Act.
  • “The message in the medium: The First Amendment on the information superhighway.” Harvard Law Review (March 1994). This is an examination of the role of technology in the First Amendment treatment of media.
  • Shallit, Jeffrey. “Public Networks and Censorship.” Ontario Library Association. January 15, 1995. Note “Shallit’s Three Laws.” (A talk by University of Waterloo Professor)

May 9th and 10th brought on two days that should be marked in every hacker’s history book. The reason we assume these days will be important to many, is that maybe it’s time we opened our eyes and saw the witch hunt currently in progress… It is my understanding that Gail Thackeray and the Secret Service are not, taking this lightly. She told Phrack Inc. that they are not distinguishing pirates, hackers, or phreakers. Basically, it’s any kid with a modem that calls a BBS with an alias. Yes, we are the witches, and we are being hunted. 
-- Phreak_Accident (from Phrack Magazine, May 1990)

In the old days [in drug busts], we’d get a search warrant, kick in the door, and if we did our job right, there would be white powder and currency and a little black book. And you opened up that little black book and you find names, dates and amounts. Well, now you kick in the door and you find the powder and the currency and a stand-alone PC. 
-- Scott Charney (Chief of the Dept. of Justice Computer Crimes Unit, March 1995)

[In the early days] people were friendly, computer users were very social. Information was handed down freely, there was a true feeling of brotherhood in the underground. As the years went on people became more and more anti-social. As it became more and more difficult to blue-box, the social feeling of the underground began to vanish. People began to hoard information and turn people in for revenge. The underground today is not fun. It is very power hungry, almost feral in its actions. People are grouped off: you like me or you like him, you cannot like both… The subculture I grew up with, learned in, and contributed to, has decayed into something gross and twisted that I shamefully admit connection with. Everything changes and everything dies, and I am certain that within ten years there will be no such thing as a computer underground. I’m glad I saw it in its prime. 
-- Chris Goggans (aka Phrack Magazine’s “Erik Bloodaxe”, quoted in Paul Taylor’s book Hackers, 1996)

Required Readings

For a quick orientation to computer crime laws, read the overview from the book by Cavazos and Morin (to be distributed in class).

Read the Computer Fraud and Abuse Statute (U.S. Criminal Code Title 18 Section 1030). Look both at the pre-1986 version and also at the current version that resulted from passage of the National Information Infrastructure Protection Act of 1996, based on a bill introduced in 1995 by Senators Leahy, Kyl, and Grassley. There are also statements by Kyl and Leahy accompanying their introduction of the bill, as well as an analysis by the senators of their changes to 18 USC 1030.

Barlow, John Parry. “Crime and Puzzlement.” John Perry Barlow, who spends half his time in New York and half his time in Wyoming, is a founder of the Electronic Frontier Foundation, retired cattle rancher, erstwhile lyricist for the Grateful Dead, and an outstanding polemicist. “Crime and Puzzlement” is the pamphlet that got the Electronic Frontier Foundation off the ground.

Godwin, Mike. “Cops on the I-Way.” Time Magazine, Spring 95. Godwin is “on-line counsel” for the EFF. He will be a guest in the class later during the semester. In this article, describes the need to balance law enforcement with constitutional rights on the Internet.

Rasch, Mark. “Computer security: Legal Lessons in the Computer Age.” Security Management, April 1996. Rasch, who is one of our guests tis semester, is the director of information security law and policy at the Center for Information Protection at SAIC, a major security consulting firm. He headed the Department of Justice’s computer crime efforts until 1991, and he prosecuted the Robert Morris “internet worm” case. This article is an excellent overview of the computer crime issues that we will be discussing in the course.

Recommended Readings

Read at least one of the following books, all popularizations of computer break-ins involving the Internet.

Sterling, Bruce. The Hacker Crackdown: Law and Disorder on the Electronic Frontier. Bantam Books, 1992. This is a splendidly written overview of “trouble in cyberspace” from the beginning of the phone system through Operation Sun Devil and the Steve Jackson Games case. You should definitely read a good bit of it. Sterling, bless him, has made the entire book available on-line as “literary freeware.” You may want to buy a copy, though, since it’s not easy to read a 200-page book on-line.

Hafner, Katie, and John Markoff. Cyberpunk: Outlaws and Hackers on the Computer Frontier. Simon & Schuster, 1991. This is an in-depth study of three famous cases: Kevin Mitnick (not counting his escapade of winter 1995), the German Chaos Computer Club, and Robert Morris’s Internet Worm. The three parts are completely separate.

Slatalla, Michelle, and Joshua Quittner. Masters of Deception: The gang that Ruled Cyberspace. HarperCollins Publishers, 1995. This is the story of the teenage phone and computer cracker group, the Masters of Deception, from its beginnings in 1989 through the 1993 trials of some of the leaders. If you read this book, also take a look at some postscripts about Phiber Optik’s incarceration and release.

Freedman, David, and Charles Mann. At Large: The Strange Case of the World’s Biggest Internet Invasion, Simon and Schuster, 1997. This book, just published over the summer, does a good job describing what responding to break-ins is like from the point of view of the system administrator. It is also a fun book to read for MIT people, because a lot of the action happened at MIT in fall 1992 and involved several people who are still at MIT. If you read this, take a look at the Tech article that appeared during the incident. It’s remarkable how little of the real story (even the MIT part of the story) became generally known on campus. If you don’t read the entire book, you should at least read the short article that Friedman and wrote for U.S. News & World Report.

There are also two books on Kevin Mitnick, but you should read both of them, since neither one gives a complete story. See the discussion below.

Taylor, Paul. “Them and Us.” Chapter 6 in Hackers, explores the hostility between the computer underground and the computer security industry. It has provocative and insightful comments on many of the cases we are studying in this section of the course, including similarities between computer crime trials and the Salem witch trials, and comments on the use of violent physical analogies (e.g., arson and rape) often cited to describe computer break-ins.

Other Material on Computer Crime

Issues in Computer Law

Godwin, Mike. “The Feds and the Net: Closing the Culture Gap.” (TXT) From Internet World, May, 1994. This is a thought-provoking report on a talk Godwin gave at the FBI academy, and the audience’s response. It will help to have read Bruce Sterling’s discussion of the Craig Neidorf, Steve Jackson Games, and Legion of Doom prosecutions, since they formed the background for Godwin’s talk.

Cavazos, Edward, and Gavino Morin. Cyberspace and the Law: Your Rights and Duties in the On-Line World. This is a solid introduction to computer law, with good overviews of existing laws on privacy, contracts, and pornography.

Riddle, Michael. “The Electronic Communications Privacy Act of 1986: A Layman’s View”. This is a good overview of the complex law that governs privacy of electronic communications.

Loundy, David J. “E-Law 3.0: Computer Information Systems Law and System Operator Liability in 1995.” This is an updated version of a long (150-page) article that originally appeared in the Albany Law Journal of Science and Technology 3, no. 1 (1993). It focuses on networks and responsibilities of SYSOPS.

Godwin, Mike. “When Copying Isn’t Theft.” Internet World, January-February 1994. This is a comment on some of the issues involved in the Craig Neidorf case. It forms a good link to our next topic on intellectual property protection.

U.S. Department of Justice, Federal Guidelines for Searching and Seizing Computers (TXT), July 1994. These guidelines were developed by the Justice Department’s Computer Crime Division and an informal group of federal agencies known as the Computer Search and Seizure Working Group. These are are rather detailed, so you should probably just skim them and look at the analysis of the guidelines: Banisar, Dave. “Analysis of the Guidelines.” The Electronic Privacy Information Center. 
On a related note, have a look at the article “Downloading: Using Computer Software as an Investigative Tool” from the June 1996 issue of the FBI’s Law Enforcement Bulletin.

The EFF Legislation archive contains text and analysis of laws on computer communications.

Jonathan Rosenoer’s Cyberlaw is an educational service focusing on legal issues concerning computer technology. Rosenoer, together with Kimberly Smigel also publishes Cyberlex, a monthly report on legal developments touching the computer industry.

One important legal issue facing on-line service operators is the extent to which they are liable for defamatory statements of their subscribers. Here are some resources for investigating this topic:

  • Online Defamation” from Jonathan Rosenoer’s Cyberlaw gives an excellent overview of the legal issues and important cases.
  • Cubby v. Compuserve (October 1991) is one of the major cases.
  • Stratton-Oakmont v. Prodigy (May 1995) is another major case, in which Prodigy was held liable for damages caused by postings on the Prodigy network. The decision was appealed, and in October 1995 the parties came to an agreement not to pursue the case as reported by - Associated Press. “Prodigy Reaches Libel Pact.” October 24, 1995.

Noteworthy Cases

1988: Robert Morris Internet Worm

Hafner, and Markoff. The Robert Morris Internet Worm. Look here for a brief summary of 1988 Internet Worm incident. If you are interested in learning more, you should read the chapter “RTM” in the book by Hafner and Markoff, which gives an outstanding presentation.

1988: Chaos Computer Club

This received notoriety with the publication of Cliff Stoll’s best-seller The Cuckoo’s Egg: Tracking a spy through the maze of computer espionage (Doubleday, 1989) which helped to focus public attention on computer break-ins. Stoll casts himself as Philip Marlowe in this detective story, to the detriment of any detached consideration of what these “spy threats” actually amounted to. It’s enlightening to read Stoll’s book in conjunction with Hafner and Markoff’s chapter on the Chaos Computer Club, which describes these events from the point of view of the Germans.

1990: Steve Jackson Games Raid

The 1990 raid on Steve Jackson Games (and Operation Sun Devil) are described in the book by Bruce Sterling and in the paper by John Perry Barlow. With the help of the EFF, Jackson sued the Secret Service for violation of the Electronic Communications Privacy Act. The District Court held that the Secret Service violated the Privacy Protection Act (which protects publishers) and that it had violated the section of the EPCA that protects access to stored communications. But the Court did not agree that seizing unread electronic mail was an “interception” under the provisions of the EPCA. Jackson appealed this decision, but the decision of the lower court was affirmed.

  • For an extensive collection of documents and commentary, see the Web page devoted to Steve Jackson Games vs. the Secret Service.
  • Appellate court ruling on Steve Jackson Games Suit, October 31, 1994 (PDF)
  • The EFF Legal cases archive on SJG

1993: Homolka-Teale Media Ban

In 1991 two horrific sex and torture killings were uncovered in a town near Ontario. Paul Teale (aka Paul Bernardo) and his wife, Karla Homolka Teale, were arrested. Karla Homolka was tried in 1993, and she pleaded guilty. Although this was a sensational murder case, everyone at the trial - including the press - was banned from publishing any evidence or details on the murders in order to preserve Paul Teale’s right to a fair trial. Details of the case, however, were widely published in the U.S., and Canadian officials were led to confiscate copies of US magazines and newspapers shipped to Canada and to black out some TV news broadcasts. When further details began to appear on the Internet, Canadian police and some Canadian universities began suppressing the Internet newsgroups that carried the banned material. The ban was lifted in the summer of 1995 when Paul Bernardo’s trial began. Bernardo was convicted of first-degree murder on September 1, 1995. 
“Desperately Seeking Karla”, by Leslie Shade of McGill University (Proceedings of the Canadian Association for Information Science, 22nd Annual Conference, May 25-27, 1994, McGill University:109-126), is a provocative study of the ban and the associated legal issues of free speech on the Internet. There is also an extensive archive on this case maintained by Steven Miale at Indiana University, and the EFF archive contains several papers related to the case.

1994: David LaMacchia Indictment

In April 1994, MIT junior David LaMacchia was indicted for conspiracy to commit wire fraud, based on the accusation that he had modified an MIT Server workstation to allow people on the network to use it to download copyrighted software without paying. The case received national notoriety, the U.S. Attorney in Boston calling it the largest incident of software piracy ever. In December 1994, the charges against LaMacchia were dismissed, with the judge ruling that copyright infringement can not be prosecuted under the wire fraud statute. The case raises important issues about liability of system operators and about the scope of computer crime and copyright laws. Look here for articles and source material.

1994: Amateur Action Pornography Conviction

In summer 1994, Robert and Carleen Thomas were convicted of violating anti-obscenity laws, on the grounds that their California BBS (Amateur Action) was used to transmit obscene material to Tennessee. This case raises important issues about the meaning of community standards with regard to the net, as discussed in this article by Godwin, Mike. “BBS Obscenity Case Raises New Legal Issues.” Virtual Community Standards. On January 29, 1996, US Court of Appeals for the Sixth Circuit upheld the Thomas’s conviction

  • Here is an Amicus brief (PDF) filed by the Electronic Frontier Foundation, in the appeal of the Thomases’ conviction.
  • Here is another Amicus brief (PDF) filed by the American Civil Liberties Union.
  • Here is the Appeals Court decision (PDF) upholding the conviction. 
     

1995: Jake Baker Arrest

In February, 1995, the University of Michigan suspended sophomore Jake Baker after he posted to the Internet a fictional story of rape, torture, and murder, using the name of a classmate as the victim. A few days later, Baker was arrested by the FBI for interstate transmission of a threat to kidnap, and held without bond for 29 days on the grounds that he was too dangerous to release. Charges against him were dismissed in June. 
The MIT Student Association for Freedom of Expression (look here for general information about SAFE) maintains an archive on the case. Take a look, in particular, at the extracts in the archive from the campus newspaper, The Michigan Daily. You should also read the insightful article “The Jake Baker Scandal: A Perversion of Logic” by UMich journalism student Adam Miller, which was written in April 1995 (before the charges against Baker were dropped). For an excellent legal analysis, see - Godwin, Mike. “Baker Column.” Internet World.

1995: Randal Schwartz Conviction

Randal Schwartz is author of the popular books Programming Perl and Learning Perl. In 1993, while working as a system administrator for Intel, he performed some security tests, running the Crack program to uncover weak passwords. When Intel management discovered this, they assumed that Schwartz was engaged in industrial espionage, and brought felony charges against him under Oregon’s computer theft law. Schwartz was convicted in September, 1995 on a reduced charge and sentenced to probation.

  • Quarterman, John S. “System Administration as a Criminal Activity or, the Strange Case of Randal Schwartz.” Matrix News, September 1995.
  • Morrissey, Mark. “Report on a Security Incident at the Oregon Facility.” November 3, 1993. (Intel Investigative Report)

1995: Kevin Mitnick Arrest

Kevin Mitnick (“cyberspace’s most wanted hacker”) was arrested by the FBI in 1995. Computer security consultant Tsutomu Shimomura helped the FBI locate Mitnick, and New York Times reporter John Markoff was closely associated with Shimomura during this “hunt for Mitnick”. The story of the pursuit and arrest can be grist for a fascinating case study of how the public (and the FBI) view the “hacker threat” and the extent to which this view can be subject to manipulation and exaggeration. But you’ll have to put the story together yourself and try to resolve the contradictory views. Here are some of the pieces:

  • The chapter on Mitnick in the book by Hafner and Markoff (1991) describes Mitnick’s early run-ins with the law and forms a useful background against which judge the following two books.
  • Tsutomu Shimomura (with John Markoff), Takedown: The pursuit and capture of Kevin Mitnick, America’s most wanted computer outlaw – by the man who did it (1996). This is the story as told by Shimomura, and it says a lot more about Shimomura than about Mitnick or hacking. In fact, it says a whole lot more about Shimomura than you’d want to know, with long, boring interludes about his personal life, as he tracks down the person who cracked into his computer. (Indeed, it’s ironic that Shimomura villainizes Mitnick for violating other people’s privacy – reading their email – while he himself broadcasts details of other people’s private lives in this self-aggrandizing book.) There is also a Website for the book, which contains some of the evidence Shimomura accumulated while tracking Mitnick down.
  • Littman, Jonathan. The Fugitive Game: Online with Kevin Mitnick. This book, based on conversations between Littman and Mitnick while the latter was in hiding, contains a lot of Mitnick’s side of the story. It contradicts Shimomura’s version on several points, including raising the possibility that Shimomura ended up going after the wrong person. It also contains much criticism of Markoff for his personal involvement in this case while he was reporting on it for the Times, with the suggestion that he manufactured a lot of the hype surrounding Mitnick, from which he benefitted through a lucrative book contract with Shimomura. You should also look at Litman’s update report on Mitnick’s harsh treatment in prison.
  • For a comparison of the two books that is highly critical of Markoff and Shimomura, see - Smith, George. “Sex, Lies, and Computer Tape.” Crypt Newsletter, January 1996 Review. For a more neutral comparison (and an interview with Markoff) see Scott Rosenberg’s piece Mitnick’s Malice, Shimomura’s Chivalry from the December 30, 1995 issue of Salon.
  • To help judge things for yourself, you can read Markoff’s stories about Mitnick in the Time during this period. To find these, go to the New York Times Web site, select the “search” option, and search for articles about Mitnick. The Times site will ask you to register as a new user if you have not previously done so. If you wish, you can get in with the username “cypherpunk” and the password “cypherpunk”.
  • For pieces sympathetic to Mitnick, see the Cracking for Kevin (legal defense fund) site and the links you can follow from there.

Hacker Culture

Denning, Dorothy E. “Concerning Hackers Who Break into Computer Systems.” 13th National Computer Security Conference, 1990. Dorothy Denning is Chair of the Computer Science Department at Georgetown University, and an expert in cryptography and information security. The paper was one of the first serious looks at computer hackers by a real computing professional, and argued that “hackers are learners and explorers who want to help rather than cause damage, and who often have very high standards of behavior.” Incidentally, Denning is now demonized by much of the same hacker community that six years ago adored her, because she was one of the few prominent academic cryptographers to publicly support the Clipper chip and the Digital Telephony Bill.

Secrets of a Super Hacker, by The Knightmare. Loopmanics Unlimited, 1994. This is a “how to” manual on breaking into computer systems. It’s not directly relevant to the course, but you might be interested in the cracker’s perspective on how break-ins are pulled off. You’ll see that it’s more a matter of dumpster diving than technical insight.

For source material on hacking and a look at hacking culture, it’s good to check out Phrack Magazine. You can find a complete archive of back issues at the Official Phrack Magazine Web Page. 
The Phrack Website also maintains an archive of computer underground files and newsletters. 
In particular, you might want to take a look at the Legion of Doom! Technical Journal (cited in the book by Slatalla and Quittner). You’ll find that there’s less there than meets the eye, but they do provide some insight.

Goldstein, Emmanuel. “Sen. Markey Tirade against “hackers” (courtesy of 2600).” February 4, 1994. In June 1993, Emmanuel Goldstein, editor of the hacker quarterly magazine 2600, appeared before the House subcommittee on Telecommunications and Finance. The hearings included, in Goldstein’s words, “a tirade against the evils of computer hackers” in which Representatives Markey (D-MA) and Fields (Rep-TX) “generally demonstrated their ignorance on the subject and their unwillingness to listen to anything that didn’t match their predetermined conclusions.” The hearings show a stark contrast between the hacker perspective and the view of people making telecommunications policy.

Goldstein. “No Time For Goodbyes - Phiber Optik’s Journey to Prison.” Computer Underground Digest. January 11, 1994. On January 7, 1994, Mark Abene aka Phiber Optik – see the book by Slatalla and Quittner began serving a 10-month sentence at the Schuylkill federal prison in Pennsylvania. His friends gave him a ride there from New York. Along with this article, take a look at - Gabriel, Trip. “Reprogramming A Convicted Hacker: To His On-Line Friends, Phiber Optik Is A Virtual Hero.” New York Times, January 14, 1995. (the stories about Abene’s release in 1995), and Sandberg, Jared. “Accidental Hacker Exposes Internet’s Fragility.” The Wall Street Journal (July 11, 1997). (An ironic incident from summer 1997.)

Computer Cracking Techniques

The growth of the World Wide Web has provided opportunities for enterprising mischief makers to tamper with the Web sites of high-profile organizations (notably government agencies). Some examples:

  • August 17, 1996: The U.S. Justice Department’s Web page was replaced with another page titled “U.S. (Japan’s) Department of Injustice Home Page,” which included a protest against the Communications Decency Act.
  • September 19, 1996: The CIA’s home page was transformed into a page for the “Central Stupidity Agency.” government. (See the CNN story and update on the incident.)
  • December 9, 1996: The Singapore government’s main Web Site was replaced with a list of the user identities of officials from various government bodies.
  • December 10, 1996: The Web pages of the UK Labor Party were replaced.
  • December 29, 1996: Someone changed the U.S. Air Force’s Web site and replaced a page of aviation statistics with a pornographic picture. (See story from CNN.)

None of these pranks caused any serious damage other than annoyance and embarrassment to the agencies involved. But they did focus attention on the insecurity of the underlying Internet structure, and on the risks of setting up commercial applications on the Web.

Dan Farmer, Shall We Dust Moscow? (Security Survey of Key Internet Hosts & Various Semi-Relevant Reflections), 1996. Security expert Dan Farmer did a survey of over 2000 Web Sites of government agencies and commercial institutions in December 1996. He found that over two-thirds of them were vulnerable to simple cracking techniques, mostly as a result of oversights in configuring the Web Sites. This is a report of the experiment, together with Dan’s comments on the dismal state of Internet security.

Computer Viruses

One way to cause damage to computers is by distributing viruses. Here are some references:

  • The Little Black Book of Computer Viruses, by Mark Ludwig. American Eagle Publications, 1991. You can take a look at this to see how some PC viruses work. It’s very boring and has mostly to do with arcane details of the DOS operating system. It’s also out of date, since the focus is on viruses spread by disks rather than via the network.
  • For a more contemporary view of viruses, see the collection of white papers by Cybersoft, Inc. One particular paper to start with is Computer Viruses In Unix Networks by Peter V. Radatti, 1996.
  • Before 1995, it was commonly believed that viruses could be contracted via the network only by explicitly loading and running program code, not other documents. The emergence of word processors such as Microsoft Word 6, where documents can include macros, engendered a new class of viruses that could be spread as ordinary documents or email.
  • Moving beyond macro viruses, the ability to spread trouble via the network has been greatly enhanced over the past year by the growing popularity of Java. We’re just starting to see the beginning of the damage that can be done. For a taste, see Mark LaDue’s Collection of Increasingly Hostile Applets.

Home page for the FBI National Computer Crime Squad.

Information Warfare

The computer break-ins described in the references above are mostly in the nature of pranks and minor crime. But as more facilities connect to the Internet, the potential for significant vandalism and sabotage grows, and the possibility arises for serious “information warfare” that exploits the vulnerability of a nation’s information infrastructure.

Douglas Waller Washington, Onward Cyber Soldiers, Time Magazine cover story of August 21, 1995, on information warfare. See also If War Comes Home by Mark Thompson, from the same issue of Time.

On June 25, 1996, CIA Director John Deutch testified before the Senate Governmental Affairs Committee about the threat of information warfare.

Report of the Defense Science Board Task Force on Information Warfare - Defense, November 1996. The Defense Science Board (a government advisory group) commissioned a task force to make recommendations on how to defend against information warfare. This is a long report, so before diving in, you should look at the story on the report’s release in Federal Computer Week.

F. Lynn McNulty, Internet Security (PDF). Before the U.S. House of Representatives Subcommittee on Science Committee on Science, Space, and Technology, March 22, 1994. McNulty is Associate Director for Computer Security at the National Institute of Standards and Technology. This is a summary of NIST’s concerns about Internet security and ideas for addressing them.

Brandt, Daniel. “Infowar and Disinformation: From the Pentagon to the Net.” NameBase NewsLine, no. 11 (October-December 1995). Brandt warns that the emphasis on infowar may be a fad that is being promoted in order to increase government control of information flow on the Internet.

On September 5, 1997, the Presidential Commission on Critical Infrastructure Protection released its preliminary report. A brief announcement can be seen in - O’Connor, Rory. “U.S. Infrastructure Could Easily Be Disrupted by Hackers!” San Jose Mercury News, September 5, 1997. The final report was due out in mid October.

Update:The final report, Critical Foundations: Protecting America’s Infrastructures, was published at the end of October and is available on line. There is also an on-line a summary of the report.

For extensive material on information warfare, check out Winn Schwartau’s infowar.com

Miscellaneous Items

Miscellaneous items collected from the Net over the last few years. May contain useful ideas for paper topics.

Transmittal Letter. (Courtesy of the Electronic Privacy Information Center.)

Transmittal letter from FBI Director William S. Sessions to National Security Council official George J. Tenet, February 1993, forwarding a report prepared by FBI, NSA and DOJ and titled “Encryption: The Threat, Applications, and Potential Solutions”. The report was classified SECRET and called for a national policy prohibiting cryptography that does not ensure real-time access to law enforcement. U.S. administrations continue to insist that they do not support domestic restrictions on encryption technology. The redacted document shown here was obtained in 1996 under the Freedom of Information Act by the Electronic Privacy Information Center.

We are at one of those important cusp points in history. The technologies of networks and of encryption make it very easy for exciting new structures to develop (cryptoanarchy, privacy, transnational entities, persistent organizations, anonymous systems, digital banks). But the same technologies make it possible for a cyberspatial police state to develop. The race is on.
-- Tim May, “The Coming Police State,” (March 1994)

There is a very real and critical danger that unrestrained public discussion of cryptologic matters will seriously damage the ability of this government to conduct signals intelligence and the ability of this government to carry out its mission of protecting national security information from hostile exploitation.
-- Admiral Bobby Ray Inman (then Director of the NSA, 1979)

Cryptography is like literacy in the Dark Ages. Infinitely potent, for good and ill… yet basically an intellectual construct, an idea, which by its nature will resist efforts to restrict it to bureaucrats and others who deem only themselves worthy of such Privilege."
--Vin McLellan, A thinking man’s creed for crypto

Unless the issue of encryption is resolved soon, criminal conversations over the telephone and other communications devices will become indecipherable by law enforcement. This, as much as any issue, jeopardizes the public safety and national security of this country. Drug cartels, terrorists, and kidnappers will use telephones and other communications media with impunity knowing that their conversations are immune from our most valued investigative technique.
--FBI Director Louis Freeh, Testimony before the House Judiciary Committee, March 30, 1995

Encryption technology, once the province only of affluent countries, had, with the advent of personal computers, become readily available to the humblest citizen in America and other technically advanced countries, and an unexpected spin-off of that fact was the current availability of highly advanced communications-security apparatus to the humblest nations. Now Malaysia had codes nearly as hard to break as Russia ’s – and so did Iraq, courtesy of Americans who worried about having the FBI read their fictitious e-mail adulteries.
-- Tom Clancy, Executive Orders, 1996

We propose to permit the export of 56-bit key length Data Encryption Standard (DES) encryption products, without key recovery, on the same terms as we now permit the export of 40-bit key length products. This relaxation would last two years, renewable annually thereafter. Export licenses would be contingent on exporters’ commitment and adherence to explicit benchmarks and milestones for developing and incorporating key recovery into their products (including an identified trusted part) and building the supporting infrastructure internationally. Once key recovery is globally viable, only such products would be licensed for export.
-- Memo from CIA Director John Deutch to President Clinton, September 15, 1996, describing the Administration’s plan for “liberalizing” export restrictions on encryption technology.

There is one comforting conclusion which is easy for a real mathematician. Real mathematics has no effects on war. No one has yet discovered any warlike purpose to be served by the theory of numbers or relativity, and it seems very unlikely that anyone will do so for many years.
-- G. H. Hardy A Mathematician’s Apology, 1940

Required Readings

Read all the text on this page and on the subsidiary pages in the section The encryption controversy, 1994-1997 (This does not include following all the links.) In addition, read:

  • Barlow, Jackboots on the Infobahn
  • Overview and summary recommendations of the NRC Report, Cryptography’s Role in Securing the Information Society
  • A few of the articles from 1997 on the crypto debate.
  • Greg Rawlins, Too many secrets

Note: The links in the list above connect to the place on the page where each item is described, so that you can see it in context. Follow the link from there to the actual reading.

The Encryption Controversy, 1994-1997

This is an extensive topic, which is addressed on a page of its own, with three sub-pages.

Constitutional Issues

The regulations on encryption can be viewed as constraints on Freedom of Speech, and the Constitutionality of such regulations is not clear, either for export restrictions or domestic controls. There are legal challenges to the export restrictions currently underway, and there would certainly be immediate challenges if domestic controls were to be implemented. Due to the national security aspects of encryption, the Constitutional issues have not been pressed until recently. For good historical context, see:

Foerstel, Herbert N. Secret Science: Federal Control of American Science and Technology. This is a history of U.S. Government control of scientific information. Chapters 4 (cryptography) and 5 (sensitive, but not classified information) are especially relevant, but the entire book is good reading and gives a valuable historical perspective.

Legal Challenges to Encryption Export Regulations

There are currently three legal challenges to the encryption export regulations beofre the courts. The first two are bogged down in procedural matters:

  • Karn v. U.S. Department of State [Discussion to be added.] See Karn’s archive on the case. There is also an archive of legal documents maintained by the Electronic Frontier Foundation.
  • Junger v. Daley [Discussion to be added.] Look here for information.

The third case has evolved into a major challenge to the export regulations:

Bernstein v. U.S. Dept. of State, et. al.

On February 21, 1995, the Electronic Frontier Foundation filed suit against the government on behalf of Prof. Dan Bernstein of the University of Illinois. The basis for the suit was the State Department’s denial of Bernstein’s request for permission to publish a paper on an cryptographic algorithm he invented when he was a graduate student at Berkeley. The suit claims that this is an unconstitutional restriction of speech in that algorithms and source code are protected expression under the First Amendment.

In December 1996 the U.S. District Judge Marilyn Patel ruled in favor of Bernstein, in effect striking down the State Department export regulations. The decision was somewhat moot, however, because a few weeks later the government transferred regulation of crypto export controls from the Department of State to the Department of Commerce. EFF renewed the suit against Commerce, arguing that the jurisdictional transfer did not change the underlying issues.
In August 1997, Judge Patel once again ruled in favor of Bernstein:
“The court declares that the Export Administration Regulations . . . insofar as they apply to or require licensing for encryption and decryption software and related devices and technology, are in violation of the First Amendment on the grounds of prior restraint and are, therefore, unconstitutional as discussed above, and shall not be applied to plaintiff’s publishing of such items, including scientific papers, algorithms or computer programs.”
Although this decision technically strikes down the export control laws, the government filed an emergency request, and Patel agreed to stay her order until the Appeals Court could rule on her decision. The case was heard by the 9th Circuit Court of Appeals in San Francisco in December, 1997. In May 1999, the Court ruled 2-1, upholding Judge Patel’s decision. In June 1999, the Government petitioned for a rehearing, and that petition is still being considered (as of August 1999).
Complete documentation on the case can be found at Bernstein’s Web site for the case.

Constitutionality of Domestic Controls on Encryption

Several countries, including France, Israel, and Russia, impose control on the domestic use of encryption by their citizens. Would such controls be Constitutional in the U.S.? The answer is apparently not clear. Here are some resources on this question:

  • Froomkin, A. Michael. “The Metaphor is the Key: Cryptography, the Clipper Chip, and the Constitution.” Univ Penn Law Rev 709, 1995. This is a monumental (175 pages) analysis of the constitutional issues surrounding cryptography. The heart of the monograph is a discussion of whether mandatory key escrow would be constitutional. Froomkin emphasizes that the degree of constitutional protection accorded to encrypted communications will hinge on the metaphors that the courts adopt for viewing them: whether they are like languages, vaults, houses, or “cars on the information highway.” There are also excellent overviews of modern cryptography and the Clipper proposal. Even though this is a long piece, it is well worth having a look at, both for its insightful and provocative legal analysis and because it collects in one place most of issues in the Clipper debate (through the end of 1994).
  • In March 1996, the Sixth Conference on Computers, Freedom and Privacy, held at MIT, conducted a moot Supreme Court hearing on the question of whether prohibiting domestic use of unescrowed encryption would be Constitutional. The material prepared for the session includes briefs and memoranda on both sides of the issue, together with oral arguments conducted before a panel of Federal judges (and available on the Web in RealAudio format). Even though this was a pretend trial, not a real one, the lawyers (and the judges) are real, and this is a thorough exploration of the legal arguments, as well as a good preview of what could happen if domestic controls were enacted.

Cryptoanarchy

It’s not only the FBI that views the spread of strong cryptography as a threat to government authority. Since around 1992, an informal group of techno-libertarians, who have become known as the Cypherpunks, have been theorizing about how the ability to keep communications private can lead to cryptoanarchy. Given their libertarian bent, they tend to view this as a healthy counter to the increased power of government and the growth of the surveillance state.
For several years, this discussion was carried out on the Cypherpunks mailing list, which served as a major forum for discussion of cryptography and privacy. The list still exits, but it has degenerated over the past year due to a deluge of spam (and the resulting flames about whether cypherpunks ought to restrict spam).
In 1994, Tim May, one of the founders of the list and a major contributor, published a large compendium of cypherpunk material called the Cyphernomicon. Also, before looking at the whole thing, you should read the following pieces by May:

  • May, Timothy C. “The Crypto Anarchist Manifesto.”
  • ———. “The Coming Police State.” March 9, 1994.
  • ———. “Cyberspace, Crypto Anarchy, and Pushing Limits.” April 3, 1994.
  • ———. “Crypto Anarchy and Virtual Communities.” December 1994.

Here are some other pieces on cypherpunks and cryptoanarchy.

  • Christopher Anvil, “Gadget vs. Trend.” This isn’t about encryption at all. Rather, it is a whimsical science fiction story originally published in Analog in 1962, which was prophetic of some of the “cryptoanarchy” issues that are coming to the front with the emergence of secure encryption. Ironically, Anvil’s predicted date for the release of the imaginary “Quiet Wall” invention (1976) coincided with the invention of public-key cryptography. (Copies will be distributed in class.)
  • Zimmermann, Phil. “Why Do You Need PGP?.” PGP User’s Guide 1.
    This is the introduction to volume 1 of the PGP User’s Guide, describing the need for private communications. Although not a cryptoanarchist, Phil Zimmermann became one of the first and most famous cryto-activists, through his publication of Pretty Good Privacy (PGP), whose creation was sparked in 1991 by an early predecessor of the Clipper initiative.
  • Introduction to Blacknet. This was a hoax perpetrated by Tim May in 1993. (But the truly paranoid on the Net are of course not convinced, and at least one FBI agent was asking about it at MIT.) As an amusing aside, the Blacknet public key was broken in June, 1995 as a demonstration of modern factoring techniques.
  • Wade, Nicolas. “Method and Madness: Little Brother.” The New York Times Magazine, September 4, 1994. This is a thoughtful piece on the tradeoffs between security and privacy, and the implications of “democratization of high technology.”
  • Slater, Dashka. “Secret Agents.” Express [Bay Area Weekly], March 14, 1997. This piece provides a history of the cypherpunks and a snapshot (as of March 97) of the cryptography debate from the cypherpunks’ point of view.
  • McHugh, Josh. “Politics for the really cool.” Forbes Magazine, September 8, 1997. This article emphasizes the implications of strong cryptography for tax collection and financial transactions. What else would you expect from Forbes?

Technical Background on Cryptography

We won’t deal much with the technical aspects of cryptography – there are other MIT subjects that cover this. But if you’re curious, there are lots of good sources of information.

  • RSA’s Frequently Asked Questions About Today’s Cryptography, is maintained by RSA Data Security, Inc., and is an excellent introduction to some of the issues.
  • The Cryptography FAQ. This is another comprehensive information source.
  • Bruce Schneier, Applied Cryptography. John Wiley & Sons, 2nd rev. ed., 1995. This is an outstanding book on the basics of modern cryptography and its applications.
  • The Venona Project. This is a fascinating site to look at if you are interested in cryptography. Venona was the code name for the U.S. Signals Intelligence effort begun in 1943 to collect and decrypt the text of Soviet KGB and GRU messages, messages that provided extraordinary insight into Soviet attempts to infiltrate the U.S. Government. The NSA has declassified thousands of these documents and made them available at their Web site, together with information about their decryption.

More information

WWW Cryptography Article Database

[The Congress shall have power] To promote the Progress of Science and useful Arts, by securing for limited Times to Authors and Inventors the exclusive Right to their respective Writings and Discoveries; 
-- U.S. Constitution, Article I Section 8

Intellectual property law cannot be patched, retrofitted, or expanded to contain digitized expression any more than real estate law might be revised to cover the allocation of broadcasting spectrum (which, in fact, rather resembles what is being attempted here). We will need to develop an entirely new set of methods as befits this entirely new set of circumstances. 
Most of the people who actually create soft property - the programmers, hackers, and Net surfers - already know this. Unfortunately, neither the companies they work for nor the lawyers these companies hire have enough direct experience with nonmaterial goods to understand why they are so problematic. They are proceeding as though the old laws can somehow be made to work, either by grotesque expansion or by force. They are wrong. 
-- John Perry Barlow (“The Economy of Ideas”, March 1994)

Browsing through a borrowed book, lending a magazine to a friend, copying a news article for your files - all seem innocuous enough. But the Clinton administration plans to make such activities illegal for works distributed via digital networks. 
-- Pamela Samuelson (“The Copyright Grab”, January 1996)

Initially, respect for copyright protection needs to be highlighted – intellectual property needs to become a “household word.” … Not only must a curricula be developed and made available for all educational levels, but also a methodology must be established for the continual reinforcement of the importance of intellectual property throughout the lifelong learning of every NII user…. Certain core concepts should be introduced at the elementary school level – at least during initial instructions on computers or the Internet, but perhaps even before such instruction. … At the same time that children learn basic civics, such as asking permission to use somebody else’s pencil, they should also learn that works on a computer system may also be property that belongs to someone else. 
-- White House Information Instruction Task Force (“Intellectual Property and the National Information Infrastructure”, September 5, 1995)

Recommended Readings

Note: Some of the links in the list above connect to the place on this page where each item is described, so that you can see it in context. Follow the link from there to the actual reading.

Background on Intellectual Property Law

The laws regarding patents and copyrights are extremely complex and technical. What else would you expect with so many lawyers involved? Here are some resources to help you get oriented:

  • The law firm of Oppedahl & Larson maintains an Intellectual Property Law Web Server that has an excellent collection of basic material.
  • Stanford University Libraries maintains an extensive Copyright & Fair Use Web Site with material on copyright statues and legal precedents.
  • The U.S. Patent and Trademark Office provides information via its Web site, including an extensive collection of general information and an excellent introduction called General Information Concerning Patents.
  • The Association of Research Libraries’ Timeline: A History of Copyright in the U.S. summarizes aspects of U.S. Copyright Law, with special emphasis on the evolution of the principles of “fair use” and the rights of libraries.

Software as Intellectual Property

Computer programs are poorly matched to traditional categories of intellectual property. Are programs inventions, and thus covered by patent law? Are they “original works of authorship,” and thus covered by copyright law? Both? Neither? The sections below on the legal cases dealing with software patents and software copyrights illustrate how problematic software can be for intellectual property law. Before delving into those details, however, here are some more general perspectives:

  • League for Programming Freedom. “Against Software Patents.” February 1991. (also in Communications of the ACM, January 1992). This paper argues that patents are flatly bad for development of software and that software should not be patentable. (Copies of this paper were distributed in class on October 9.)
  • Heckel, Paul. “Debunking the Software Patent Myths.” Communications of the ACM, June 1992. This paper was written as a rebuttal to the paper above. (Copies of this paper were distributed in class on October 9.)
  • Davis, Randall, Pamela Samuelson, Mitchell D. Kapor, and J. H. Reichman. “A new view of intellectual property and software.” CACM 39, no. 3 (March 1996): 21-30. The authors argue that neither patent nor copyright is an appropriate legal mechanism for restricting computer software, and they propose a different model. This article is a summary of the much more lengthy piece, “A Manifesto Concerning the Legal Protection of Computer Programs,” which appeared in the December 1994 issue of the Columbia Law Review.
  • Finding a balance: Computer Software, Intellectual Property, and the Challenge of Technological Change, Congress of the United States Office of Technology Assessment, May 1992. This is a(nother) comprehensive view of intellectual property law as it relates to software and other digital information. The report tries to lay out options rather than make recommendations. It is interesting to compare this with the White Paper.

Digital Media and Intellectual Property

The problems posed by digital media for intellectual property may have first become apparent with software, but the digitization of information, and the resulting ease of duplication and transmission on the Internet, is upsetting the balances struck by intellectual property law. Some people fear that rampant copying on the Internet will make it impossible for authors and publishers to be fairly compensated for their works. Others fear that a tightening of copyright law will destroy the regime of fair use. In addition to the pieces listed here, also look at the material below on the NII White Paper.

  • Barlow, John Perry. “The Economy of Ideas.” Wired, no. 2.03 (March 1994). This is a wonderfully written piece, which claims that networks and digital media make traditional notions of intellectual property senseless. Barlow has summarized his position more succinctly as “copyright is dead.”
  • Dyson, Esther. “Intellectual Value.” Wired, no. 3.07 (July 1995). This is an attempt to look at future business opportunities and implications of digital networks, rather than worry about how to fix current law. Dyson argues that intellectual property issues will become less important, because “value” in the information economy will shift from information per se to information-based services.
  • ———. “Intellectual property on the Net.” Release 1.0, December 1994. The paper above is an abridged version of this article, which appeared in Dyson’s monthly newsletter. (Copies of this paper were distributed in class on October 9.)
  • Branscomb, Anne W. Who Owns Information?, Basic Books, 1994. This is a good overview of the thorny intellectual property issues raised by communication networks and digital media. The chapters on “Who owns your electronic messages?” and “Who owns computer software?” are especially relevant to the course, but it’s worth reading the entire book.

National Writers’ Union. “Authors in the New Information Age: A Working Paper on Electronic Publishing Issues.” September 14, 1995. This paper advocates positions that writers should take in view of the changing relationships between authors, publishers, and distributors made possible by information networks.

Software and Patent Law

Software is particularly troublesome for patent law. On the one hand, machines are patentable, and on the other hand, mathematical algorithms are not. Computer programs are both like machines and like mathematical algorithms, so judges have had to split hairs to distinguish between patentable and non-patentable software elements.

The result of this hair-splitting is highly confusing. It rests on complex and – to be honest – technically questionable decisions of the Court of Appeals for the Federal Circuit. If you delve into any of the patent cases described below, you will find them tough going. The following pieces can help get you oriented:

  • Durant, Stephen C. “Patents in Cyberspace: Impact of recent Federal Circuit decisions.” The Computer Lawyer 12, no. 1 (January 1995). This is a good overview of the current status of patentability of software and the impact of recent court decisions. (Copies of this paper were distributed in class on October 9.)
  • Kuester, Jeffrey R., and Ann K.Moceyunas. Patents for Software-Related Inventions (March 1995). This is a another good overview of the current status of software. It also includes an overview of the patenting process, and the discussion centers on the history of problems with the definition of “algorithm”.
  • Examination Guidelines for Computer-Related Inventions (February 1996) These are the official guidelines used by the Patent Office’s examiners to determine whether software inventions are patentable.

Supreme Court Rulings

  • Gottschalk v. Benson, 409 U.S. 63 (1972). In this decision, the Court ruled that a program to convert binary-coded decimal numbers to binary was not patentable, since it was merely an algorithm, This decision laid the basis for the view that programs are not patentable, which held sway until 1981.
  • Diamond v. Diehr, 450 U.S. 175 (1981). Here the Court ruled that a process (for curing rubber) that used a computer program could be patentable, even though it made use of a mathematical algorithm.

Appeals Court Rulings

  • Arrythmia v. Corazonix (PDF) (1992), decision by the U.S. Court of Appeals, Federal Circuit. This major decision also includes a review of the Benson and Diehr decisions, and establishes that mathematical algorithms may be patentable if they are used in relation to a tangible physical physical process.
  • In re Alappat (PDF) (1994), decision by the U.S. Court of Appeals, Federal Circuit. This decision extended the basis for algorithm patentability established in Arrythmia. The Court declared that a method for smoothing waveforms in a digital oscilloscope is patentable, even though the patent claim was written so broadly as to cover any general-purpose computer performing the same method. The Court held that “a general purpose computer in effect becomes a special purpose computer once it is programmed to perform particular functions pursuant to instructions from program software.”
    • Software Patents, by Jonathan Rosenoer, reports on and criticizes the Alappat decision.
  • In re Lowry (PDF) (1994), decision by the U.S. Court of Appeals, Federal Circuit. This holds that a computer memory with data structures stored in it is patentable subject matter, i.e., that the organization of information in memory can be patentable invention.
  • In re Trovato (PDF) (1994), decision by the U.S. Court of Appeals, Federal Circuit. This decision restricted the basis for algorithm patentability, saying that algorithms (even when they are realized as computer programs) may not be patentable if the domain of application of the algorithm is too “abstract”.

The material on this is extensive, and appears on a page of its own.

U.S. copyright law derives from a bargain, provided for by the Constitution, whose goal is “To promote the Progress of Science and useful Arts,” whereby authors are given a limited monopoly on their works. This has evolved into a balance that permits authors to profit from their works, while still allowing the public to have access to them and build upon them. For example, the “first-sale doctrine” provides that if George buys a book that has been copyrighted by Harry, George can later give or sell that book to Liz without asking Harry’s permission. “Fair use” provisions allow libraries and educational institutions to do limited copying. More importantly, much of what technically is copyright infringement by private citizens no one really cares about, because there is no way to casually print or distribute large numbers of copies, and making and sharing small numbers of copies generally has no economic consequence.

The Internet upsets this balance, because it trivializes the task of copying digital information and making it available worldwide. This issue first became apparent in the 1980s with “software piracy”, since software was the first kind of information to become generally available in digital form. Consequently, what was once viewed as simple software “sharing” is now widely considered reprehensible, even criminal behavior. As the Internet expands, the same issues apply to all kinds of information. Finding a new balance will require making difficult political choices.

The NII White Paper

These tensions surfaced in September 1995 with the publication of “Intellectual Property and the National Information Infrastructure”, a report by the White House Working Group on Intellectual Property Rights, part the of Secretary of Commerce’s Information Infrastructure Task Force, chaired by chaired by Bruce Lehman, Commissioner of Patents and Trademarks. The NII task force was frankly worried that content providers will not place anything of value on the Internet, for fear of massive copyright infringement.

The report characterized its recommendations as “no more than minor clarification and limited amendment” to the copyright statute. But there are several significant changes proposed. One would give copyright owners exclusive rights over “transmission” of information, not just copying. Another would eliminate the first-sale doctrine for digital works. Another would criminalize any tampering with copyright protection mechanisms, or with copyright identification information. Several bills have been introduced in Congress to implement the White paper’s recommendations, but none have been passed yet.

The White Paper was roundly criticized by the academic and library communities as a sell-out by the Administration to large publishing (and especially motion picture) interests, and a significant erosion of fair use. Some of the critiques have gone on to examine the appropriate role of copyright in the Internet era.

“Intellectual Property and the National Information Infrastructure.” The report of the Working Group on Intellectual Property Rights. September 5, 1995 This is a massive document (250 pages plus appendices and over 500 footnotes), but it is worth at least skimming, because it gives a comprehensive (critics say biased) overview of copyright, patent, trademark, and trade secret law, with special emphasis on the implications of networks and digital technology.

  • Samuelson, Pamela. “The Copyright Grab.” Wired, no. 4.01, January 1996. As the title suggests, this article severely criticizes the White Paper as an erosion of fair use.
  • Jessica Litman. “Revising Copyright Law for the Information Age.” 75 Oregon Law Review 19 (1996) This article critiques the White Paper, but more importantly, it argues that digital technology has made “reproduction” untenable as a basis for copyright law.
  • ———. “Copyright Noncompliance (or why we can’t “Just say yes” to licensing).” 29 New York University Journal of International Law & Policy (forthcoming, 1997). Here Litman builds on her criticism of the White Paper to emphasize how Internet has upset the traditional balances in copyright law: “The trouble with the [White Paper’s] plan is that the only people who appear to actually believe that the current copyright rules apply as writ to every person on the planet are members of the copyright bar.”
  • Fujita, Anne K. “The Great Internet Panic: How Digitization is Deforming Copyright Law.” 2 J. TECH. L. & POL’Y 1, (1996). This is another study of the White Paper and copyright law, with an emphasis on how the Internet is upsetting the traditional balances.
  • Lutzker, Arnold P. “Commerce Department’s White Paper on National and Global Information Infrastructure.” September 20, 1995. This is a review and analysis of White Paper, commissioned by the Association of Research Libraries, the American Library Association, the American Association of Law Libraries, the Medical Library Association, and the Special Libraries Association.
  • National Writers’ Union. “National Writers Union Critiques Government White Paper on Intellectual Property & The National Information Infrastructure.” October 9, 1995.
  • Galkin, William S. “Extinction of the digital lock picker.” The Computer Law Report. October 20, 1995. Legal analysis of the White Paper’s recommendation to outlaw devices that bypass copyright control.

The WIPO Treaties and Enabling Legislation

In December 1996, 96 nations participated in treaty negotiations in Geneva under the auspices of the World Intellectual Property Organization (WIPO). “WIPO Copyright Treaty.” and “WIPO Performances and Phonograms Treaty.” Diplomatic Conference On Certain Copyright And Neighboring Rights Questions. Geneva, December 1996. 
These were the first substantial revision of international copyright law in 20 years (since the Berne Convention). The U.S. signed the treaties in April, 1997. Implementing the treaties in the U.S. currently awaits enabling legislation.

  • December 21, 1996, New York Times (Seth Schiesel), “Global Agreement Reached To Widen Law On Copyright.” Newspaper report on passage of the WIPO treaty.

A major motivating factor in negotiating the treaties was “the profound impact of the development and convergence of information and communication technologies on the creation and use of literary and artistic works.” The treaties clarify that copyright protection extends to computer programs, and they require signatory nations to provide legal remedies against any person who removes or alters electronic copyright information.

Implementing the enabling legislation has proved contentious, with several competing bills now before the House and the Senate. In July, legislation was introduced at the request of the Department of Commerce (H.R. 2281 and S. 1181) which critics say goes much farther than the treaties require in imposing strict copyright enforcement. Competing legislation seeks to clarify the liability risks of internet service providers and other issues, such as that search engines, links, and browsers are not infringing devices. Much of this activity is being tracked by the Digital Future Coalition, a coalition of nonprofit educational groups and commercial trade organizations representing computer and telecommunications industries.

  • The Digital Future Coalition’s archives on Copyright Legislation in the 105th Congress and statements and position papers on the proposed legislation.

The path set out by the NII White Paper represents one kind of response to the challenges the Internet poses for the copyright regime. But there are other views. For example, the the papers by Barlow and Dyson described above argue that copyright will simply become less important in the information economy.

Yet another view looks to digital rights management technologies as a way to salvage copyright. The idea here is that if the basic issue is that copying is so hard to control on the Internet, then we should implement technologies that make copying difficult. This can be accomplished using encryption techniques, which assure that information can be accessed only by intended (licensed) recipients, and trusted systems that will not perform unauthorized copying. A second class of technologies include digital watermarking, which “indelibly” mark information so that unauthorized copying can be detected.

As you might expect, there are both utopian and dystopian predictions about this technology. Some people view this as engendering an outpouring of creativity and productivity in the information economy, while while others fear that fine-grained, strong control of copying will kill fair use totally.

  • Stefik, Mark. “Letting Loose the Light,” in the book Internet Dreams, available from the MIT Press. This lays out the basic idea of trusted systems and rights management, and presents the utopian view.
  • ———. “Trusted Systems.” Scientific American (March 1997). This is a brief synopsis, based on the paper above.
  • Zhao, Jian. “Look, It’s Not There.” Byte (January 1997). A description of digital watermarking technologies.
  • Bell, Tom. Fair Use vs. Fared Use: The Impact Of Automated Rights Management On Copyright’s Fair Use Doctrine. Bell reflects on the copyright regime and argues here that the growth of digital rights management really will erode fair use – but that it will replace this with a better arrangement.

Other Material

1994-forever?: The Church of Scientology vs. The Net. This interminable series of copyright lawsuits and other antics is notable in demonstrating the lengths to which people can go if they are determined to push intellectual property law to its fullest extent in order to restrict the distribution of information on the Net. I stopped following this case in 1995, but even a short summary of the events up to that point deserved a page of its own.

The Electronic Frontier Foundation archives has a section on intellectual property which is worth browsing for articles and source material.

These are some things culled from the net over the past couple of years. You may find them useful as a source for paper topics or other readings.

“College settles harassment charges stemming from computer conferences.” New York Times, September 21, 1994. (Article on case at Santa Rosa College involving moderated computer bulletin boards.)

Bauman, Adam S. “Internet Hackers Breach Security: Hard-core porn stored on Livermore Lab’s computers.” Los Angeles Times (also appearing in the San Jose Mercury News), July 12. This article is concerning the discovery of an archive of pornography on a computer at the Lawrence Livermore National Laboratory.

“Senator Exon’s speech in the Senate, Introducing his amendment to S. 1822.” July 20, 1994. A later version of this amendment was passed by the Senate in July, 1995.

Guyan, Claire. “Computers give pupils access to bomb recipes.” Sunday Star Times, New Zealand, March 1994.

Young, Peter. “Online Moves ‘Out Of Line’.” Sunday Mail (COMPUTERS with Peter Young column), September 11, 1994.

Anonymous EFF member. “Cooperation by University of Western Ontario in the Homolka-Teale ban.” EYE Newspaper, Toronto, May 19, 1994.

“Cybercops Zap Computer Hackers, Crackers and Phreaks.” Philadelphia Inquirer, May 30, 1994.

Funk, John. “2 Men, 3 Teens Arrested for Computer Tampering.” The Cleveland Plain Dealer, August 19, 1994.

Kelsey, Tim. “British Boy `Raided US Defence Secrets.” The Independent, London, January 3, 1995. Be sure to also read the follow-up article, “London Newspaper Runs Old “Superhacker Story.” Newsbytes. London, January 3, 1995.

Gabriel, Trip. “Reprogramming a Convicted Hacker.” The New York Times, January 14, 1995.

Lewis, Peter H. “Computers Beware! New Type of Virus Is Loose on the Net.” The New York Times, September 4, 1995.

“Hackers Break Into America Online.” Newsbytes, September 11, 1995.

“Child Porn Ring Using America Online Busted.” Newsbytes, September 14, 1995.

Lewis, Peter. “Company Says Electronic Mail Was Opened to Find Pornography.” The New York Times, September 15, 1995.

Labaton, Stephen. “Computer Stings Gain Favor As Arrests for Smut Increase.” The New York Times, September 16, 1995.

Schwartz, John. “Blame Society, Not the Net, for the Evils Lurking Online.” Washington Post, November 18, 1996.

Burroughs, Rich. “Kevin Mitnick update: Cause for Alarm.” March 29, 1997.

Sandberg, Jared. “Accidental hacker exposes Internet’s fragility.” Wall Street Journal, July 11, 1997.

Gornstein, Leslie. “In Hacking, for Some, the Punishment May Not Fit the Crime.” Fort Worth Star-Telegram, August 19, 1997.

“The Dark Side of Electronic Commerce.” PRNewswire, San Francisco, August 25, 1997.

The law can be used very easily to harass, and enough harassment on somebody who is simply on the thin edge anyway, well knowing that he is not authorized, will generally be sufficient to cause his professional decease. If possible, of course, ruin him utterly.
-- L. Ron Hubbard
Starting in 1995, some of the “secret scripture” of Scientology founder L. Ron Hubbard began circulating on the Net. These texts, called the “OT” (Operating Thetan) documents, are normally shown only to people who have completed long regimens of Scientology “auditing” at a cost of thousands to hundreds of thousands of dollars.

According to the OT documents, the real purpose of auditing is cleanse oneself of “body thetans”, which are the remnants of people “processed” 75 million years ago by Xenu, Head of the Galactic Federation, in an attempt to alleviate overpopulation. The documents contain the story of Xenu, and describe extensive collections spiritual exercises.

The Church claims that distribution of these materials on the Net constitutes copyright and trade secret infringement. It has pursued an aggressive legal campaign against people who post these materials, including obtaining court orders that permit them to seize computer systems (which is permissible under the copyright statute) and filing lawsuits. They have also brought suit against the Washington Post for publishing an article describing the OT documents and the computer seizures. Meanwhile, the documents remain available on the net, moving from site to site as the Church institutes new legal actions.

If you decide to look into this case, be prepared to wade through masses of claims and counterclaims, and also to run across some interesting tidbits (such as the fact that the Scientology lawyer supervising many of the seizures is Chairman of the Board of Trustees of Boston University).

Here are some places to start:

  • Robinson, Michael. “Operating Thetan Summary and Analysis.” 1st ed. September 12, 1995.
  • The Fishman Papers page, maintained by Dave Touretzky of CMU.

At present, the OT documents are on-line, partially at CMU and (for the contested parts) in the Netherlands:

The Fishman Papers

The pieces here will give you a flavor of the statements on both sides of the crypto debate during 1997.

  • Gillmor, Dan. “Encryption poses classic Gordian knot.” San Jose Mercury News, January 27, 1997.
  • Rivest, Ron. “Letter to members of the Senate Judiciary Committee.” June 10, 1997.
  • USACM and IEEE. “Letter to Chair of the Senate Commerce Committee.” July 3, 1997.
  • Freeh, Louis, FBI Director. “Statement before the Senate Judiciary Committee (PDF).” July 9, 1997.
  • Dam, Kenneth, Chair of the NRC Study. “Letter to the Senate Judiciary Committee.” 9 July 1997.
  • Gephardt, Richard, House Majority Leader. “Encryption is vital to the Net (PDF).” August 20, 1997.
  • Pressman, Aaron. “Senators call for mandatory US encryption controls.” Reuter, September 3, 1997.
  • Chandrasekaran, Rajiv. “Freeh Seeks Encryption Decoding Key.” Washington Post, September 4, 1997.
  • Pressman, Aaron. “Clinton Administration Backs Away From FBI on Encryption.” Reuter, September 4, 1997.
  • Markoff, John. “Law proposed to regulate encoding devices.” New York Times, September 6, 1997.
  • “Law Professors’ Letter Opposing Mandatory Key Escrow.” Letter to House Commerce Committee, September 23, 1997.
  • Ashcroft, John, Senator. “Open letter to the Internet community.” October 1, 1997.
  • Andrews, Edmund L. “Europeans Reject U.S. Plan on Electronic Cryptography.” New York Times, October 9, 1997.
  • Lott, Trent, U.S. Senate Majority Leader. “Statement before the Senate (PDF) on the encryption debate.” October 21, 1997.

There was a tremendous amount published during 1994 on the Escrowed Encryption Standard (Clipper) and U.S. export controls on cryptography. Here are some items culled from the Net, in chronological order. Even looking through the titles of this chronology gives an overview of the interplay between politics, publicity, and technical argument in U.S. policy making. Remember that the Clipper debate is intertwined with debate over U.S. export control (the failed Cantwell Amendment) and the Digital Telephony bill. The articles here show the evolution of the Clipper controversy during 1994.

  • Computer Professionals for Social Responsibility (CPSR) announcement of campaign against Clipper." February 7, 1994.
  • February 9, 1994. Dorothy Denning’s rebuttal to CPSR.
  • Gore Indicates Administration’s Position is ‘Not Locked in Stone’. From New York Unix 4, no. 3. February 11, 1994.
  • Markoff, John. “Who Keeps The Keys To Cyberspace.” New York Times , February 12, 1994. (Article on Clipper controversy.)
  • Safire, William. “Sink the Clipper.” New York Times , February 13, 1994.
  • Denning, Dorothy “Encryption and Law Enforcement.” February 21, 1994.
  • PRIVACY Forum Digest 03, no. 05 (February 27, 1994). This issue of Privacy forum contains some excellent comments on Clipper, including a reprint of Dorothy Denning’s pro-Clipper article in Newsday (February 22) and a rebuttal (February 25) by Ron Rivest.
  • Godwin, Mike. “A Chip Over My Shoulder: The Problems With Clipper” Internet World (Column for July 1994 issue) (March 1994).
  • Bidzos, Jim. “Some thoughts on clipper, nsa, and one key escrow alternative.” March 5, 1994.
  • March 10, 1994. Time Online Odeon. Debate on Clipper between Dorothy Denning and John-Perry Barlow. Philip Elmer-Dewitt, moderator.
  • Elmer-Dewitt, Philip. “Who Should Keep the Keys?” Time Magazine , March 14, 1994.
  • Sussman, Vic. “Decoding the Electronic Future.” U.S. News and World Report . March 14, 1994.
  • Davis, Bob. “Clipper Chip is your friend, NSA contends.” Wall Street Journal (March 22, 1994).
  • April 7, 1994. MacNeil-Lehrer Report segment on Clipper.
  • May 4, 1994. Summary of Congressional Hearings before The Senate Judiciary Subcommittee on Technology and the Law and the House Science, Space and Technology Subcommittee on Technology, Environment and Aviation. The full testimony can be found in the documents listed at the end of the summary, all available in the EFF Clipper archive.
  • “Administration’s crypto plan may have patent problems: MIT professor says he deserves royalties.” June 1, 1994.
  • Meeks, Brock. “Jacking in from the SNAFU Port (Clipper Snafu update)” June 2, 1994.
  • “Scientist Finds Flaw In Code Technology.” New York Times, June 2, 1994.
  • “More Patent Problems For Clipper.” June 3, 1994.
  • “Clipper Substitutes Suggested.” San Jose Mercury News, June 7, 1994.
  • June 11, 1994. NIST Settles with Micali.
  • “A Closer Look On Wiretapping.” New York Times, Editorial, June 12, 1994.
  • June 15, 1994. CNN Report - Larry King: Clipper Chip.
  • July 14, 1994. New Clipper Legislative Proposal from House Science Committee.
  • July 20, 1994, Letter from Al Gore to Maria Cantwell (PDF).
  • Markoff, John. “Administration Reverses Itself On Wiretapping Technology.” New York Times, July 20, 1994.
  • July 21, 1994, Statement of Senator Patrick Leahy on Vice President Gore’s Clipper Chip letter (PDF).
  • July 22, 1994. EFF Analysis of Vice-President Gore’s Letter on Cryptography Policy.
  • July 23, 1994. Remarks by Ron Rivest on Government Crypto Policy.
  • Bunker, Ted. “Is it 1984?” LAN Magazine, August 1994.
  • August 8, 1994. Gore Letter and Software Key Escrow (Tim May).
  • Corcoran, Elizabeth. “Delay urged on encryption technologies.” Washington Post, September 23, 1994.
  • October 6, 1994, HR 5199: A bill to provide for the establishment and management of voluntary encryption standards (PDF).
  • October 6, 1994, Rep. Brown’s comments upon introducing HR 5199 (PDF).
  • “Business Group Gets Specific On Encryption.” October 11, 1994.
  • Meeks, Brock. “Jacking in from the ‘Sooner or Later’ Port.” October 20, 1994.

The Digital Telephony Bill was passed in October, 1994, after intense lobbying of Congress by the FBI. It’s instructive to read these, to gain insight into the political process.

  • “The Freeh Lobby.” U.S. News and World Report, May 30, 1994.
  • Meeks, Brock. “Jacking in from the ‘Cancer Among Us’ Port.” CyberWire Dispatch. August 9, 1994.
  • Electronic Privacy Information Center. “Group Seeks Release of FBI Wiretap Data, Calls Proposed Surveillance Legislation Unnecessary.” Press Release, August 9, 1994.
  • McCandlish, Stanton. “EFF Statement on Leahy/Edwards Digital Telephony Bill.” August 9, 1994.
  • ———. “EFF Summary of Leahy/Edwards Digital Telephony Bill.” August 10, 1994.
  • Meeks, Brock N. “Digital Telephony is not the endpoint.” CyberWire Dispatch. August 12, 1994.
  • McCandlish, Stanton. “Suddenly popular telephony bill.” August 16, 1994.
  • Taber, John. “EFF was snookered.” August 23, 1994.
  • Meeks, Brock. “Jacking in from the ‘Riding A Straw Horse’.” September 13, 1994.
  • “Letter from EPIC to Congressman Jack Brooks.” September 13, 1994.
  • Electronic Frontier Foundation. “Testimony of Jerry Berman before the House Telecommunications Subcommittee.” September 13, 1994.
  • “House Telecommunications Subcommittee considers Digital Telephony proposal.” Eff Hearing Summary, September 14, 1994.
  • ACLU Information. “ACLU Opposes FBI Wiretap Access Bill.” September 26, 1994.
  • Epic alert. “FBI Asks 5-Year Delay on Wiretap Data.” 26 September 26, 1994.
  • “Judge rejects delay on FBI wiretap data.” Press Release, October 3, 1994.
  • Chartrand, Sabra. “Clinton Gets a Wiretapping Bill That Covers New Technologies.” New York Times, October 8, 1994.
  • “EFF Statement on and Analysis of Digital Telephony Act.” Washington DC, October 8, 1994.
  • Chaos, David. “Digital Telephony and Encryption.” October 10, 1994.
  • Sawyer, Tom, Rep. “Position paper on Digital Telephony Bill.” October 7, 1994.
  • “FBI ‘proof’ one-page summary.” October 13, 1994.
  • Rotenberg, Marc. “EPIC opposes national wiretap plan.” Press Release, April 5, 1995. (Marc Rotenberg is the Director of EPIC.)
  • Yancey, Matt. “FBI Wants to Wiretap One of Every 100 Phones in Urban Areas.” Associated Press. November 2, 1995.
  • Freeh, Louis. “F.B.I. Isn’t Trying to Increase Wiretaps.” New York Times , November 3, 1995. (Louis Freeh is the FBI Director.)
  • Lewis, Peter. “Computer Jokes and Threats Ignite Debate on Anonymity.” New York Times, December 31, 1994.
  • Siegel, Martha. “Computer Anarchy: A plea for Internet laws to protect the innocent.” December 1994.
  • “World-wide Internet community appalled over the Scientology seizure. Was the child porn scandal just a cover?” Press release, Helsinki, Finland, February 21, 1995.
  • Akst, Daniel. “Postcard from Cyberspace: The Helsinki Incident and the Right to Anonymity.” Los Angeles Times, February 22, 1995.
  • Arthur, Charles. “Identity crisis on the Internet.” New Scientist 145, no. 1968 (March 11, 1995). Well-connected Internet users who distribute secret or sensitive information without revealing their names are playing havoc with national laws.

The situation with software copyright is no less confusing than with software patents. If programs are “abstract machines” or “methods of operation”, are they copyrightable at all? The Supreme Court gives little guidance here. One possible precedent is Baker v. Selden, 101 U.S. 99 (1879) in which the Court ruled that describing a system of accounting in a textbook did not confer copyright protection on the system itself:
The description of the art in a book, though entitled to the benefit of copyright, lays no foundation for an exclusive claim to the art itself. The object of the one is explanation; the object of the other is use. The former may be secured by copyright. The latter can only be secured, if it can be secured at all, by letters-patent.
The Copyright Act of 1976 stipulates (section 102):
(b)In no case does copyright protection for an original work of authorship extend to any idea, procedure, process, system, method of operation, concept, principle, or discovery, regardless of the form in which it is described, explained, illustrated, or embodied in such work.

Congress attempted to clarify the situation for computer programs (Rep. No. 473, 94th Cong., 1st Sess. 54 (1975)):

Section 102(b) is intended, among other things, to make clear that the expression adopted by the programmer is the copyrightable element in a computer program, and that the actual processes or methods embodied in the program are not within the scope of the copyright law.

and the National Commission on New Technological Uses of Copyrighted Works (CONTU), wrote in its final report (1978):
Where could a meaningful line of demarcation be drawn? Between flow chart and source code? Between source code and object code? . . . The Commission believes that none of these is appropriate. The line which must be drawn is between the expression and the idea, between the writing and the process which is described.

Are you confused by this? Join the crowd. Almost everyone agrees that the literal code of a computer program is copyrightable. But beyond that, things are muddled.
The following sequence of cases shows judges struggling with the distinction between “expression” and “idea” in computer programs. As you’ll see, the result is far from satisfactory.

1985-1986: Whelan v. Jaslow: “Structure, Sequence, and Organization”

In 1985, Jaslow Dental Laboratory sued Whelan Associates, Inc., on the grounds that Whelan’s “Dentcom” program infringed Jaslow’s copyright on its “Dentalab” program, even though there was no issue of any literal code being copied. (Jaslow’s program was written in Event Driven Language (EDL) while Whelan’s was written in BASIC.) The District Court ruled for Jaslow. Whelan appealed, and Appeals Court for the Third Circuit upheld the ruling. The Court began by stating:

.. we must determine whether the structure (or sequence and organization) . . . of a computer program is protectible by copyright, or whether the protection of the copyright law extends only as far as the literal computer code.

The Court found:
[T]he coding process is a comparatively small part of programming . . . . The evidence in this case is that Ms. Whelan spent a tremendous amount of time studying Jaslow Labs, organizing the modules and subroutines for the Dentalab program, and working out the data arrangements, and a comparatively small amount of time actually coding the Dentalab program.

The conclusion was:

We hold that … copyright protection of computer programs may extend beyond the programs’ literal code to their structure, sequence, and organization,

The Court not only held that “structure, sequence, and organization” (which became known as SSO in computer copyright law) but remarked in a footnote:
We use the terms “structure,” “sequence,” and “organization” interchangeably when referring to computer programs, and we intend them to be synonymous in this opinion.

1992: Computer Associates v. Altai: SSO Rejected

In this decision, the Second Circuit Court of Appeals upheld a district court ruling that Altai’s program did not infringe one by Computer Associates. This was a second version of Altai’s program. The first version had been written by an ex-employee of CA, who (unknown to Altai) had copied about 30% of the code from a similar CA program. Altai then wrote a clean-room second version, using programmers who had never seen the CA code. CA claimed that the second version of the program, even though it was a clean-room development, nevertheless copied the structure of the CA program.
In the District Court opinion, the judge relied on report by Prof. Randy Davis of MIT, who was appointed as an expert to assist the Court. Davis pointed out that the SSO test does not make sense, since a program consists of both text and behavior. The code is text (static structure), but the user of the program deals with its behavior (dynamic structure) which may not be copyrightable. Thus, to analyze copyrightability in terms of “structure” is ambiguous, and to identify structure with “sequence” and “organization”, as the Whelan Court had done, is fallacious.
The Second Circuit agreed, and it criticized the Whelan Court’s SSO analysis as showing “a flawed understanding of a computer program’s method of operation,” and a “somewhat outdated appreciation of computer science.”
The Court concurred with the Whelan decision that copyright can be infringed even if no literal code is copied, but it continued: “that conclusion does not end our analysis. We must determine the scope of copyright protection that extends to a computer program’s non-literal structure.”
In place of SSO, the Court proposed using a three-step abstraction-filtration-comparison process to gauge the similarity of two computer programs. This process first describes the two programs at various levels of abstraction; then, at each stage, filters out the elements that are not subject to copyright; finally, it compares the results. Most courts now try to follow this procedure, even though it can be complex and highly subjective.

1989-1992: Apple v. Microsoft

In 1989, Apple filed suit against Microsoft and Hewlett-Packard, claiming that the Windows graphical user interface (Windows 2.03 and HP’s New Wave) infringed Apple’s copyright on the “look and feel” of the Macintosh desktop. (As Apple argued: “We invented the desktop metaphor.”) Apple eventually lost in district court in 1992.
This was a complex decision in which the copyright infringement claims for the various elements of the desktop were thrown out on a variety of grounds. One important basis for the ruling was the court’s finding that the appropriate standard to apply was whether the two GUI presentations were “virtually identical,” whereas Apple had argued that the appropriate standard was “substantial similarity.” The decision of the lower court was upheld by the 9th Circuit in 1994.

  • Joseph Myers, Apple v. Microsoft: Virtual Identity in the GUI Wars, 1 Richmond Journal of Law & Technology 5 (1995). This article reviews the history of the case and explains the significance of the decision.
  • The following material is on reserve for the course:
    • Apple’s second supplemental list of similarities between Windows and NewWave (filed April, 1991).
    • Oral arguments in court before Judge Walker, April 14, 1992, and ruling
    • Summary of the April 14, 1992 ruling
    • Judge Walker’s August 7, 1992 ruling

1990-1995: The Lotus Look and Feel Suits

The Lotus v. Borland lawsuit was a major test of the copyrightability of the “look and feel” of computer programs. At issue was whether the menu structure – the arrangement of commands in the menu hierarchy in Lotus 1-2-3 – is copyrightable. Here is a brief history of the case, with links to further material:
In 1990, Lotus sued Paperback Software and Mosaic Software, who had produced spreadsheets that had the same interface as 1-2-3. There was no issue here of copying code, but Lotus claimed that copying the interface itself constituted copyright infringement. Lotus won, and both companies went out of business. The following material on this decision is on reserve for the course:

  • Judge Keeton’s ruling in Lotus Development Corporation v. Paperback Software International and Stephenson Software, Ltd. U.S. District Court, District of Massachusetts, June 28, 1990.
  • Samuelson, Pamela. “How to interpret the Lotus decision and how not to.” Communications of the ACM, November 1990.

Lotus then sued Borland over Quattro. Even though Quattro’s user interface was different from that of 1-2-3, Quatttro was able to interpret Lotus macros (which followed the Lotus menu hierarchy), and Lotus claimed that this was also copyright infringement. The District Court agreed, and Borland appealed the decision. The following material is on reserve for the course:

  • Judge Keeton’s ruling in Lotus Development Corporation v. Borland International, U.S. District Court, District of Massachusetts, July 31, 1992.
  • Two amicus curiae briefs in the appeal of Lotus v. Borland, one on behalf of a group of computer science professors, and one on behalf of a group of copyright law professors.

The U.S. First Circuit held for Borland, reversing the District Court’s decision on unexpected grounds. Borland’s appeal, and the amicus briefs, had argued, using the guidelines set forth in Altai (see above) that the two programs were not sufficiently similar. But according to the appeals court, the issue was not “substantial similarity” at all. Rather, they held that the menu structure of Lotus 1-2-3 was a “means of operation” and reasoned based on Baker v. Selden (see above) that the menu structure was not copyrightable in the first place:
Concluding, as we do, that users operate Lotus 1-2-3 by using the Lotus menu command hierarchy, and that the entire Lotus menu command hierarchy is essential to operating Lotus 1-2-3, we do not inquire further whether that method of operation could have been designed differently. The “expressive” choices of what to name the command terms and how to arrange them do not magically change the uncopyrightable menu command hierarchy into copyrightable subject matter.

  • Appeals court decision (PDF) of March 9, 1995, reversing the District Court’s 1992 ruling.

Lotus appealed the decision to the Supreme Court:

  • Lotus’s petition to the Supreme Court for a writ of certiorari (PDF), June 7, 1995.
  • Borland’s brief in opposition (PDF) to petition for certiorari, July, 1995.
  • Lotus’s reply (PDF) in support of the petition.

On September 27, 1995, the Supreme Court granted Lotus’s petition. The finding that user interfaces might consist of inherently uncopyrightable “means of operation” had pulled the rug out from under the proponents of strong user-interface copyright. The case generated major interest, and several amicus curiae briefs were filed:

  • Amicus brief filed in the Supreme Court in support of Lotus’s position by DEC, Gates Rubber Company, Intel, and Xerox.
  • Amicus brief (PDF) filed in the Supreme Court against the Lotus position, on behalf of a group of computer science professors.
  • Amicus brief (PDF) filed in the Supreme Court against the Lotus position, on behalf of the League for Programming Freedom.
  • Amicus brief (PDF) filed in the Supreme Court against the Lotus position, on behalf of a group of copyright law professors.

Oral arguments were held on January 8, 1996. People expected that the Supreme Court would use this as an occasion to issue a major ruling on intellectual property issues for software, and perhaps to clarify the relative roles of patents and copyrights for software. But a week after the oral arguments, the Court announced that it would issue no decision at all. The Justices had split 4-to-4 (Justice Stevens having recused himself):

  • Newsbytes News Network. “High Court Punts On Lotus vs. Borland.” Washington DC, U.S.A. January 17, 1996.

The inability of the Justices to decide left the Appeals Court ruling standing by default, with the Supreme Court neither explicitly affirming nor rejecting this central issue in software copyrightability.

Back to readings on Encryption and National Security

No issue has generated more controversy on the Internet than the question of government regulation of encryption. Without encryption, all network transactions are essentially public. Email has the approximate privacy of a postcard. Passwords, credit card numbers, and personal information transmitted in the clear over the network may as well be published in the newspaper. If the Internet is to be a suitable vehicle for communications and commerce, then much of the information that flows on it must be encrypted.

The quandary is that modern cryptographic techniques are good – very, very good. A small amount of computing power suffices to implement codes that are virtually unbreakable, whether by an eavesdropping neighbor, an organized crime syndicate, the FBI, or (for all anyone knows) the intelligence agencies of the world’s most powerful governments. Indeed, until recently, encryption hardware and software was classified by U.S. law as a munition; someone who sent encryption software out of the country was (from the viewpoint of U.S. law) acting as an arms dealer. These regulations were changed in December, 1996, but U.S. law still restricts the export of cryptographic hardware and software.

Boiled down to starkest terms (in the words of Ron Rivest), the encryption dilemma is this:

Should privacy and security of data storage and communications be available to everyone – even in the face of authorized government requests?

Over the past few years, the U.S. Administration has attempted to resolve this dilemma by floating a succession of technical proposals that would provide “exceptional” methods for government access encrypted information, together with legislative proposals to lift exports restrictions for cryptographic systems containing such access methods. They have also lobbied vigorously to convince other governments to institute similar policies.

Opponents of the encryption regulations claim that the attempt to control encryption is largely pointless and counterproductive, because the bad guys will use encryption to hide their activities despite what the law says. The U.S. computer and telecommunications industries argue that regulations on encryption technology are hampering their ability of be competitive on the world market. Civil liberties groups contend that encryption regulations are unconstitutional, and that increasing control of encryption will pave the way for massive invasions of privacy on the Internet.

At the same time, the FBI is extremely worried that the widespread use of encryption will destroy law enforcement’s ability to conduct wiretaps; and the U.S. Intelligence establishment claims that increased use of encryption will endanger national security.

Congress, caught in the middle, has responded by introducing bills that run the gamut from decontrol of the export of cryptography to outlawing the sale of strong cryptography even for domestic use.

The three chapters below provide an overview of this highly controversial debate, ranging from the Digital Telephony Bill in 1994 through the latest developments this month. They also provide links to some of the key documents in the debate, which is nevertheless only a tiny fraction of the extensive material available on the Web.

Contents

Each of topics in this section is a long, complex story. But they can be tied together into a single saga. This starts with the 1994 CMU newsgroup ban that fed the Great Cyberporn Scare of 1995, which became a large factor in the passage of the Communications Decency Act of 1996. The CDA was overturned by the Supreme Court in the 1997 decision Reno v. ACLU. The fight against the CDA spurred the development of technological alternatives to government censorship, which in the post-CDA environment raise censorship concerns of their own, and the censorship saga continues.

Banning Newsgroups at Carnegie-Mellon University in 1994

CMU’s fall 1994 decision to remove certain sexually explicit newsgroups from campus distribution sparked a controversy over university censorship and First Amendment rights.

Elmer-Dewitt, Philip. “Censoring Cyberspace.” Time Magazine, November 21, 1994.

Camp, L. Jean, and Donna Riley. Women, Children, Animals and the Like: Protecting an Unwilling Electronic Populace, presented at the 1995 Conference on Computers, Freedom, and Privacy, reviews the controversy and critically describes CMU’s actions.

Marty Rimm, CMU, The Georgetown Law Review, Time, and the Great Cyberporn Scare of 1995

The nation’s most widely read newsweekly got snookered – or, more precisely, snookered itself – in a frenzy to beat the competition with a racy cover story about pornography on the Internet. 
-- Jeff Cohen and Norman Solomon, Media Beat, July 19, 1995.

Politics, pornography, media manipulation, sloppy journalism, sloppy scholarship – definitely the net soap opera of 1995. It all started with the publication of

  • Cyberporn, the infamous July, 1995, Time Magazine article by Philip Elmer-DeWitt.

This article was based on Rimm, Marty. “Marketing pornography on the information superhighway.” CMU study.

One upshot was a flood of criticism of DeWitt, of Rimm, of the study, and the unearthing of ties to anti-pornography groups.

  • Meeks, Brock. “Point five percent solution” and “Porn O’ Plenty.” Cyberwire Dispatch, 1995. His two columns on the story, (especially the latter) are must reads.
  • My Friend Marty Rimm, by Bret Pettichord.
  • Journoporn. A great collection of articles from Hotwired. In particular, be sure to read Mike Godwin’s article Rimm’s Fairy Tales.
  • Godwin, Mike. “Mary Rimm and the Anti-Porn Activists.” November 19, 1995. 
    This is a fascinating piece of sleuthing by Mike Godwin, indicating that the entire incident may have been staged by antiporn groups.

The few articles cited above are just a hint of the outpouring on the Internet in the summer and fall of 1995. You can find an extensive collection of articles, sources, and comments in the Cyberporn Report archived at cybernothing.org.

The Communications Decency Act of 1996

Mr. President, Georgetown University Law School has released a remarkable study conducted by researchers at Carnegie Mellon University…. The university surveyed 900,000 computer images. Of these 900,000 images, 83.5 percent of all computerized photographs available on the Internet are pornographic. Mr. President, I want to repeat that: 83.5 percent of the 900,000 images reviewed–these are all on the Internet–are pornographic, according to the Carnegie Mellon study. 
--Senator Charles Grassley (Rep. Iowa), June 26, 1995

In addition to igniting passions on the Internet, the cyberporn scare sparked the wrath of Congress, where senators, primed with copies of the study and samples of indecent GIFs, stepped in to protect the country from a tide of Internet-ready smut.

  • Excerpt from the Congressional Record of June 26, 1995. (PDF)
  • The Communications Decency Act had been reintroduced by Senator James Exon (Dem. Nebraska) on January 30, 1995, and reported out by the Commerce Committee in March. The Time article and associated events greatly heightened interest in the bill.

Over the summer and fall, Exon’s bill was amended and reconciled with similar provisions in a telecommunications bill passed by the House.

Here is the final version of the CDA (PDF) as enacted by Congress on February 1, 1996 and signed into law as the Communications Decency Act of 1996. One key provision is Whoever… (1) in interstate or foreign communications knowingly… uses any interactive computer service to display in a manner available to a person under 18 years of age, any comment, request, suggestion, proposal, image, or other communication that, in context, depicts or describes, in terms patently offensive as measured by contemporary community standards… or (2) knowingly permits any telecommunications facility under such person’s control to be used for an activity prohibited by paragraph (1)… shall be fined under title 18, United States Code, or imprisoned not more than two years, or both.

John Perry Barlow, in disgust, posted a Cyberspace Independence Declaration on February 8.

ACLU v. Reno, 1996

As soon as the CDA was enacted, its constitutionality was challenged in a suit filed on February 8, 1996, by a coalition headed by the American Civil Liberties union. The complaint asserted that, among other things,

The plaintiffs, providers of and users of computer communication systems, assert that the Act is unconstitutional on its face and as applied because it criminalizes expression that is protected by the First Amendment; it is also impermissibly overbroad and vague; and it is not the least restrictive means of accomplishing any compelling governmental purpose.

Full text (PDF) of the complaint. 
The suit was joined with a similar one filed by a group headed by the American Library Association, and the case was heard by a panel consisting of Chief Judge Dolores K. Sloviter, Judge Stewart Dalzell, and Judge Ronald L. Buckwalter in Philadelphia during March. On June 12, 1996, the panel ruled unanimously that the CDA is an unconstitutional violation of the First and Fifth Amendments. As Judge Dalzell wrote:

My examination of the special characteristics of Internet communication, and review of the Supreme Court’s mediumspecific First Amendment jurisprudence, lead me to conclude that the Internet deserves the broadest possible protection from government-imposed, content-based regulation…. 
Any content-based regulation of the Internet, no matter how benign the purpose, could burn the global village to roast the pig …. 
The Internet is a far more speech-enhancing medium than print, the village green, or the mails. Because it would necessarily affect the Internet itself, the CDA would necessarily reduce the speech available for adults on the medium. This is a constitutionally intolerable result.

The judges also agreed with the claim put forth in the complaint that the CDA violated the “least restrictive means” test enunciated by the Supreme Court in its 1989 Sable v.California decision, i.e., that the CDA mandated an approach that was more restrictive than necessary for accomplishing the stated goal of protecting minors. In particular, they noted that government ignored the alternative approach of having people use filtering software to screen the material they choose to see. In the words of Chief Judge Sloviter:

When Congress decided that material unsuitable for minors was available on the Internet, it could have chosen to assist and support the development of technology that would enable parents, schools, and libraries to screen such material from their end. It did not do so, and thus did not follow the example available in the print media where non-obscene but indecent and patently offensive books and magazines abound. . . . Instead, in the CDA Congress chose to place on the speakers the obligation of screening the material that would possibly offend some communities.

  • Full text of the opinion.
  • Godwin, Mike. “What the Final Arguments Tell Us About The Fate of the CDA.” 5 June 1996. This courtroom report, written before the decision came out, is well worth reading for its insightful commentary on the legal arguments.
  • ACLU “Victory Memo” to plaintiffs, with analysis of the opinion.
  • Extensive archive of materials, maintained by the ACLU, including complete transcripts of the proceedings.

Reno v. ACLU, 1997

On September 29th, the Justice Department appealed the Philadelphia decision to the Supreme Court, and the case now became Reno v. ACLU.

  • Cleaver, Cathleen.(Family Research Council). “Cyberchaos: Not First Amendment’s Promise.” September 9, 1996. In this piece, Cleaver criticizes the Philadelphia decision and calls for the Supreme Court to overturn it.
  • Government’s appeal (PDF), filed with the Supreme Court on January 21, 1997.
  • Appellee’s brief, filed with the Supreme Court on February 20, 1997.

The Court heard the oral arguments on March 19th. The case was argued by Deputy Solicitor General Seth Waxman for the Government and Bruce Ennis for the ACLU and other Appellees.

  • Complete transcript (PDF) of the oral arguments. Here is an excerpt:

MR. WAXMAN: … there is a deadly serious point here, and that is that when the alternative is that every child in this country who has access to a computer and can click a mouse has access in his or her own bedroom or home or library to Hustler Magazine and Penthouse Magazine, and the kind of indecent speech that people sitting in the anonymity of their own bedrooms anywhere in the world or anywhere in the country wants to make available to them, we think that this is a small price to pay, and Congress could legitimately say that this is a narrowly tailored alternative. 
QUESTION: I take it then that you would also defend the constitutionality of a statute which, tracking the words we have here, prohibited indecent conversations on a public street with minors present … or between minors. 
MR. WAXMAN: Well, I think that a municipality certainly could. I think it is a harder case, but I think a municipality could make it a crime for an – for two adults to engage in patently offensive, sexually explicit communications in the presence of a minor child. 
QUESTION: Why is that a harder case? It seems to me easier. It’s easier to verify. … 
MR. WAXMAN: It’s a harder case because a public park is a – it’s a free space. It’s an area where, unlike the Internet, speech is free, which – 
QUESTION: You’re asking us to say that the Internet is not a public forum.

On June 26, 1997, the Court rendered its decision, affirming the Philadelphia opinion that the CDA is unconstitutional:

The Government apparently assumes that the unregulated availability of “indecent” and “patently offensive” material on the Internet is driving countless citizens away from the medium because of the risk of exposing themselves or their children to harmful material.

We find this argument singularly unpersuasive. The dramatic expansion of this new marketplace of ideas contradicts the factual basis of this contention. The record demonstrates that the growth of the Internet has been and continues to be phenomenal. As a matter of constitutional tradition, in the absence of evidence to the contrary, we presume that governmental regulation of the content of speech is more likely to interfere with the free exchange of ideas than to encourage it. The interest in encouraging freedom of expression in a democratic society outweighs any theoretical but unproven benefit of censorship. 
--Justice Stevens, writing for the majority

All nine Justices agreed that the “display provision” (i.e., criminalizing the display of patently offensive material in a manner available to minors) was unconstitutional. Justice O’Conner (joined by Justice Renquist) filed a partially dissenting opinion, arguing that the “transmission provision” (criminalizing the transmission of indecent material to a person the sender knows is under 18 years old) might be constitutional.

Full text of the decision in Reno v. ACLU

The Automation of Censorship in the Post-CDA World?, 1997 and Beyond

In the landmark case Reno v. ACLU, the Supreme Court overturned the Communications Decency Act, declaring that the Internet deserves the same high level of free speech protection afforded to books and other printed matter. But today, all that we have achieved may now be lost, if not in the bright flames of censorship then in the dense smoke of the many ratings and blocking schemes promoted by some of the very people who fought for freedom. 
-- ACLU, “Is Cyberspace Burning?”, August 1997

Hardly had they stopped cheering the Reno v. ACLU decision, when civil liberties groups realized that internet labeling and blocking software – the very technology they had affirmed as proving that the CDA failed the “least restrictive means” constitutionality test – contained the roots of a censorship regime potentially worse than the CDA.

With the ability to filter content at any level of granularity and based on any kind of label, it would be an easy step for a government to mandate self-labeling. And it would be easy for anyone running a server or gateway to block material considered to be objectionable for any reason at all. Moreover, the automatic nature of the blocking software would mean that the people whose access was restricted might never even realize that this material existed. This realization has sparked a split in the coalition that helped defeat the CDA, and demonstrates that the issues of Internet censorship are much more tortuous than they seemed only months ago.

One focus of concern is PICS – the Platform for Internet Content Selection – which was developed developed by the World Wide Web Consortium based at MIT with backing of the anti-CDA coalition. Since it can be built directly into the framework of the Web, PICS is coming under fire from many of its previous supporters as a scaffolding for Orwellian censorship. It is defended by others as a technology required to realize the potential of the Web, which can be used enhance individual choice, not only to restrict it. Here are some pieces on both sides of this uneasy debate:

  • The World Wide Web Consortium (W3C) page on PICS (Platform for Internet Content Selection)
  • Resnick, Paul, and James Miller. “PICS: Internet Access Controls Without Censorship.” Communications of the ACM 39, no. 10 (1996): 87-93.
  • Center for Democracy and Technology, How Filtering Tools Enable Responsible Parents to Protect Their Children Online (July 16, 1997). This is a brief summary of an extensive Internet Family Empowerment White Paper in support of filtering tools.
  • “Fahrenheit 451.2: Is Cyberspace Burning?” ACLU white paper on the dangers of internet blocking software, August 7, 1997.
  • Marshall, Joshua Michael. “The Trouble with PICS.” FEED Magazine, September 5, 1997.
  • Paul Resnick, PICS, Censorship, & Intellectual Freedom FAQ (June 26, 1997).
  • MIT Student Association for Freedom of Expression Information about Labeling and Rating Systems.

On December 1, 1997, the ACLU, Electronic Frontier Foundation, Computer Professionals for Social Responsibility, Electronic Privacy Information Center, and several other organizations, formed the Internet Free Expression Alliance, which as part of its mission, pledged to oppose mandatory labelling and filtering, and to scrutinize technical proposals for filtering architectures and oppose approaches that conceal with filtering criteria employed.

CDA Redux?, 1998

While the civil liberties groups were arguing over PICS as automated censorship, the original CDA proponents – regrouping in the wake of Reno v. ACLU – were claiming that the whole filtering idea was failing, since there was no legal compulsion to use it. To that end, Senator Coasts, one of the original sponsors of the CDA, introduced new legislation at end of the 1997 Congressional session.

November 8, 1997, Remarks of Sen. Coats (PDF) in introducing his new legislation.

Text of the bill as introduced (PDF).

Stay tuned for 1998!

MIT Open Learning
Over 2,500 courses & materials
Freely sharing knowledge with learners and educators around the world. Learn more
© 2001–2024 Massachusetts Institute of Technology
Accessibility
Creative Commons License
Terms and Conditions
Proud member of:
© 2001–2024 Massachusetts Institute of Technology