San Francisco - The Electronic Frontier Foundation (EFF) is pleased to announce that a copyright lawsuit threatening an important database of time zone information has been dismissed. The astrology software company that filed the lawsuit, Astrolabe, has also apologized and agreed to a 'covenant not to sue' going forward, which will help protect the database from future baseless legal actions and disruptions.

Software engineers around the world depend on the time zone database to make sure that time-stamps for email and other files work correctly no matter where you are. However, last September, Astrolabe filed a lawsuit against Arthur David Olson and Paul Eggert – the researchers who coordinated the database's development for decades – because the database includes information from an atlas in which Astrolabe claimed to own copyright. But facts – like what time the sun rises – are not copyrightable. EFF, along with co-counsel Adam Kessel and Olivia Nguyen at the Boston office of Fish & Richardson P.C, promptly signed on to defend Olson and Eggert and protect this essential tool. In January, EFF advised Astrolabe that Olson and Eggert would move for sanctions if Astrolabe did not withdraw its complaint. Today's dismissal followed.

In a statement, Astrolabe said, "Astrolabe's lawsuit against Mr. Olson and Mr. Eggert was based on a flawed understanding of the law. We now recognize that historical facts are no one's property and, accordingly, are withdrawing our Complaint. We deeply regret the disruption that our lawsuit caused for the volunteers who maintain the TZ database, and for Internet users."

"It's a fundamental principle of copyright law that facts are not copyrightable, and Astrolabe should have known that," said EFF Intellectual Property Director Corynne McSherry. "While the lawsuit should never have been filed, we're pleased that the legal threat to an important resource has been eliminated.

"We are grateful that EFF and its co-counsel at Fish & Richardson were able to step in and assist us, so that we could help ensure the TZ database would continue to be available," said Eggert and Olson.

For more on this case:
https://www.eff.org/cases/astrolabe-v-olson

Contacts:

Corynne McSherry
   Intellectual Property Director
   Electronic Frontier Foundation
   corynne@eff.org

Mitch Stoltz
   Staff Attorney
   Electronic Frontier Foundation
   mitch@eff.org

We're happy to announce the arrival of the new EFF Issues T-shirt! The back displays the full constellation of EFF's work areas: Privacy, Free Speech, Transparency, Fair Use, International, and Innovation. 

In our ongoing search for a women's t-shirt with the perfect fit, we printed the women's style on Hanes ComfortSoft. These tees feature flattering sleeves and a more comfortable fit for greater ease whether you're navigating a server room, a court room, or the local coffee shop. See our T-shirt size chart for more information.

If you donated to EFF recently, be on the lookout for your long-awaited member swag with our gargantuan current shipment. In fact, for a limited time we are offering free expedited shipping so that new members can participate in Wear Your Swag to Work Day on March 8th!

If you haven't joined or renewed your EFF membership yet, what are you waiting for? Show your solidarity and celebrate 22 years of defending civil liberties online. Thank you for allowing us to keep fighting.

In a potentially troublesome decision, a federal district court has found that a start-up violated anti-spam and computer crime laws by creating and marketing a browser to let users view their social networking accounts in one place. The case demonstrates the difficulties facing those who seek to empower users to interact with closed services like Facebook in new and innovative ways.

In Facebook v. Power Ventures, Facebook sued a small company that created a tool for users to access and aggregate their personal information across social networking sites. In 2010, the court ruled that Power didn't access Facebook "without permission" under California computer crime law when it violated Facebook's terms of use, agreeing with arguments we raised in an amicus brief (pdf).

Unfortunately, the latest round of the case has taken a downward turn in ways that could have serious implications for other innovators and users.

First, the court gave a tremendous cudgel to Facebook against commercial users who displease it when it decided that Power violated the federal CAN-SPAM Act by sending "misleading" messages. These messages encouraged users to send Facebook "Event" invitations to their friends to promote Power's service. As EFF pointed out in an amicus brief (pdf), though, the allegedly "misleading" elements of the message are supplied by Facebook itself—and can't be changed by users. This means that any user who sends a commercial message on Facebook is technically in violation of the law, since it appears to come from Facebook. The CAN-SPAM Act, passed in 2003, simply doesn't contemplate closed systems where the service provider controls many elements of a message. 

To make matters worse, the CAN-SPAM Act only allows service providers to bring lawsuits, and it lets them seek crippling damages. Here, Facebook sought over $18 million. This is a clear example of a law vulnerable to misuse because technology has changed since it was written, and it wasn't even written a decade ago. EFF will be watching how Facebook and other services with closed messaging systems use CAN-SPAM in the future.

Second, the court found that Power violated state and federal computer crime laws merely by designing its tool to connect to Facebook using multiple IP addresses, which preemptively thwarted Facebook's efforts to keep users from accessing their Facebook accounts though the Power website. This precedent is especially troubling because these laws have both civil and criminal penalties. EFF is concerned that this precedent could be used in the future to criminalize the creation of tools that are capable of bypassing technological barriers, even if they are never actually used to do so, forcing innovators to anticipate every technical block that any interoperable system or program might possibly impose. This is an unworkable rule.

Facebook's case against Power is dangerous as a matter of policy, threatening to put the power of law—including serious criminal penalties—behind Facebook's anti-competitive decision to thwart consumer choice and innovation that doesn't meet its approval. It doesn't bode well for the future and should encourage all of us to think more seriously about the collateral problems created by closed networks.

On October 1, 2011, over 700 Occupy Wall Street protesters were arrested on the Brooklyn Bridge. Most of the protesters, including Malcolm Harris, were charged with the mundane crime of disorderly conduct, a "violation" under New York law that has a maximum punishment of 15 days in jail or a $250 fine. 

And yet on the basis of a charge no more consequential than speeding ticket, the New York City District Attorney's office sent a poorly worded subpoena to Twitter requesting "any and all user information, including email address, as well as any and all tweets posted for the period of 9/15/2011-12/31/2011" regarding Mr. Harris' Twitter account, @destructuremal. Unsurprisingly, the government wanted to keep it quiet, but thankfully Twitter didn't listen. Instead, as it has consistently warned law enforcement, Twitter notified Mr. Harris, who through his lawyer, Martin Stolar of the National Lawyers Guild, has moved to challenge the subpoena in court.

The subpoena is astonishing not only for its poor grammar, but also for the breadth of information the government wants for a trivial crime that hardly requires it. The government's request that Twitter hand over Tweets is unlikely to succeed because consistent with the Stored Communications Act, Twitter releases "contents of communication" (effectively Tweets and private messages between Twitter users) only with a search warrant. In any event, Mr. Harris' account is "public", meaning the government could obtain Tweets simply by checking out Mr. Harris' Twitter feed. Plus, requesting Tweets only highlights the absurdity of the entire situation: why would the government need Tweets from both before and after the October 1 protest to prove he was obstructing traffic on the bridge? In any event, government fishing expeditions like this raise serious First Amendment concerns. Mr. Harris was very outspoken about his support of and involvement in the Occupy Wall Street movement. With this overbroad subpoena, the government would be able to learn about who Mr. Harris was communicating with for an extensive period of time not only through Tweets, but through direct messages. And with the government's request for all email addresses associated with @destructuremal, they could subpoena Mr. Harris' email provider to get even more information about who he communicated with. The First Amendment shouldn't be trampled with only an expansive subpoena in a case that barely registers as "criminal."

Given that much of Mr. Harris' Twitter information (like Tweets and followers) is already public, it's very likely that the government was really after something else: location data. By attempting to subpoena these records, the government can get around the Fourth Amendment's prohibition against warrantless searches by requesting information that includes IP addresses. Twitter keeps track of IP address information regarding every time a person logged into Twitter, as well as the IP address information related to a Twitter user's direct messages to other users, and the date and time information related to these log ins and direct messages. Armed with IP addresses, the government -- without a warrant -- can go to an ISP to determine who was assigned that particular IP address. And if that person connected on a mobile device -- which is where the majority of Twitter users access their accounts -- the ISP will hand over to the government the specific cell tower (and its corresponding geographic location) which that person used to access Twitter. This allows the government to piece together a map of where a person physically is when he opens Twitter on his smartphone, sends a direct message to a friend, or Tweets. And with that information, the government could get a record of Mr. Harris' movement over the three months it requested from Twitter. Its no surprise then that the government singled out Mr. Harris for this request: he currently has over 1,500 followers and 7,200 Tweets. 

Allowing the government to gets its hands on this data with nothing more than an administrative subpoena renders the Fourth Amendment meaningless. Only with the protection of a search warrant, and the heightened judicial supervision that comes along with it, can the voracious appetite of law enforcement be curbed. As we've consistently argued, the Fourth Amendment protects this information. But another way to impose privacy protection from the prying hands of law enforcement is through Congressional reform of the badly outdated Electronic Communications Privacy Act ("ECPA"). As part of the Digital Due Process coalition, EFF has been calling for Congress to update ECPA to conform with the realities of the 21st century. 

It looks like judicial momentum may finally be on our side. In January of this year, the United States Supreme Court issued a landmark decision in United States v. Jones (PDF), ruling that law enforcement could not physically install a GPS device on private property without a search warrant. The majority opinion resolved the Fourth Amendment issue by looking exclusively at the physical installation of the GPS device. Importantly, however, in a concurring opinion, Justice Sotomayor warned that "physical intrusion is now unnecessary to many forms of surveillance." Collecting IP addresses of a prolific Tweeter, and matching it with other easily obtainable information from other service providers, demonstrates this problem. In writing that society is unlikely to accept extensive warrantless surveillance as "reasonable", Justice Sotomayor called into question "the appropriateness of entrusting to the Executive, in the absence of any oversight from a coordinate branch, a tool so amenable to misuse, especially in light of the Fourth Amendment’s goal to curb arbitrary exercises of police power to and prevent 'a too permeating police surveillance.'” Similarly, Justice Alito's concurring opinion noted that with "dramatic technological change, the best solution to privacy concerns may be legislative." 

Hopefully with the public breathing down its neck, Congress can finally act to fix a antequated set of laws. Malcolm Harris, like Birgitta Jonsdottir before him, took a stand to protect our privacy rights. You can too by telling Congress that its time to update ECPA and tell law enforcement once and for all that in order to get a person's location data, it needs to come back with a warrant. 

Iranian netizen under immedate threat of execution

According to a report from Reporters Without Borders (RSF), Saeed Malekpour, the 36-year-old web and circumvention tool developer who in January was sentenced to death, is now under threat of immedate execution. In the report, RSF writes: "The family of Saeed Malekpour [has reported] that his sentence order has been sent to the office responsible for carrying out sentences, which means that he could [be] executed at any time during the coming hours or days." Malekpour is currently in solitary confinement in Tehran's notorious Evin Prison.

EFF is extremely concerned for Malekpour. We stand with the scores of human rights and freedom of expression advocates in condemning his sentence issued by the Iranian state and urge Iran to reconsider Malekpour's sentence.

Syrian blogger released, others remain imprisoned

As we reported last week, more than a dozen Syrian human rights activists were arrested on January 16 during a raid on the Syrian Center for Media and Freedom of Expression. Among them were bloggers Razan Ghazzawi (who was conditionally released on February 18) and Hussein Ghrer, both of whom were imprisoned in 2011 without trial. Ghrer remains in prison.

EFF condemns the Syrian state for these attacks on free expression, and calls for the immediate release of those arrested in the raid. We renew our call on the international community to take notice of these alarming events unfolding in Syria, and to demand the Syrian authorities to end their campaign of repression by continuing to discuss and publicize these events on as many online venues as possible.

89 "online" journalists imprisoned all over the world

The Committee to Protect Journalists (CPJ) has released their 2011 annual 'Attacks on the Press' report, detailing the global threats to press freedom.  CPJ's research documented a total of 179 journalists imprisoned as of December 1, 2011, a whopping 89 of which were "journalists whose worked appeared primarily online."

Though the entirety of the lengthy report is of interest to free expression advocates, Executive Director Joel Simon's chapter, entitled 'The Next Information Revolution: Abolishing Censorship' will be of particular interest to those concerned with digital rights. The chapter elucidates the jurisdictional concerns pertinent to the globalized nature of the Internet, highlighting the need for a "broad global coalition against censorship that brings together governments, the business community, civil society organizations, and the media" to ensure that freedom of information is respected in practice.

The report can be read online, downloaded [pdf] from CPJ's website, or purchased in book form.

[UPDATE 2/22/2012] It is important to note that disabling Web History in your Google account will not prevent Google from gathering and storing this information and using it for internal purposes. More information at the end of this post.

On March 1st, Google will implement its new, unified privacy policy, which will affect data Google has collected on you prior to March 1st as well as data it collects on you in the future. Until now, your Google Web History (your Google searches and sites visited) was cordoned off from Google's other products. This protection was especially important because search data can reveal particularly sensitive information about you, including facts about your location, interests, age, sexual orientation, religion, health concerns, and more. If you want to keep Google from combining your Web History with the data they have gathered about you in their other products, such as YouTube or Google Plus, you may want to remove all items from your Web History and stop your Web History from being recorded in the future.

Here's how you can do that:

1. Sign into your Google account.

2. Go to https://www.google.com/history

3. Click "remove all Web History."

4. Click "ok."

Note that removing your Web History also pauses it. Web History will remain off until you enable it again.

[UPDATE 2/22/2012]: Note that disabling Web History in your Google account will not prevent Google from gathering and storing this information and using it for internal purposes. It also does not change the fact that any information gathered and stored by Google could be sought by law enforcement.

With Web History enabled, Google will keep these records indefinitely; with it disabled, they will be partially anonymized after 18 months, and certain kinds of uses, including sending you customized search results, will be prevented. If you want to do more to reduce the records Google keeps, the advice in EFF's Six Tips to Protect Your Search Privacy white paper remains relevant.

If you have several Google accounts, you will need to do this for each of them.

This is the second part in an EFF series. Part I, on UK-based FinFisher and France-based Amesys, can be read here.

On Sunday, CNN reported that dozens of activists in Syria have had their computers infected with malware that allows supporters of dictator Bashar al-Assad to spy on their every move. The virus, according to CNN, “passes information it robs from computers to a server at a government-owned telecommunications company.” Meanwhile in Iran, the government has cut off most encrypted web traffic flowing through the country, meaning ordinary Iranians have lost the ability to safely use many popular communications tools like Gmail, Twitter, and Facebook.

Unfortunately, these stories are just the latest examples of authoritarian governments stifling Internet freedom, as many governments in the Middle East have a long history of using technology to censor, track, and arrest dissidents. Critically, though, these governments would not have these capabilities without the help of American and E.U. companies that sell this state-of-the-art spying equipment. Two of the worst purveyors of this technology, Trovicor and Area SpA, are profiled here:

Area SpA—based outside Milan, Italy

In 2011, at the same time that news of Syria’s violent crackdown on democratic protests graced the pages of the world’s newspapers, an Italian company called Area SpA was busy helping the Syrian’s dictator Bashar al-Assad electronically track the dissidents his army was firing upon in the streets. Area SpA had begun installing “monitoring centers” that would give the Syrian government the ability “to intercept, scan and catalog virtually every e-mail that flows through the country” as well as “follow targets on flat-screen workstations that display communications and Web use in near-real time alongside graphics that map citizens’ networks of electronic contacts.”

Worse, as the violence in Syria escalated in mid-2011, “Area employees [were] flown into Damascus in shifts” in the government’s push to finish the project, according to a report from Bloomberg News.

Fortunately, following the Bloomberg investigation, local papers picked up the story and protests sprung up outside Area SpA’s Italian office. Area SpA announced at the end of November it would not complete the contract and released a statement saying the company is “against all forms of repression and disapproves of any use of technology for violating human rights.” Yet Syria’s violent crackdown was well underway in March while Area SpA was actively moving equipment into the country. “With the gear in Syria, deployment of [Area SpA’s surveillance technology] unfolded in parallel with Assad’s escalating crackdown,” Bloomberg reported. 

By the time Area SpA claimed it would exit the country in November, the civilian death toll in Syria already stood at more than 3,000.

According to Bloomberg, Area SpA has stated “it was exploring legal options for the release of proprietary materials, without identifying any parties.” Italian authorities should take them up on their offer and force them to answer questions about their business in Syria and any other country where human rights are routinely violated.

Trovicor, owned by Perusa Partners Fund 1 LP—based in Germany

Trovicor is perhaps the most prolific of the mass surveillance companies, having sold spy technology to a dozen countries in the Middle East and North Africa.

The company first made headlines two years ago when they were still a subsidiary of Nokia Siemens for reportedly supplying technology to Iran in the wake of the 2009 post-election uprising. Protests over the sale eventually forced Nokia Siemens to divest from Trovicor, but the company lives on under its new owners, Perusa Partners Fund, and is still actively helping dictators spy on their citizens.

In Bahrain, Trovicor helped install and still maintains sophisticated “monitoring centers” used to surveil democratic activists’ emails, text messages and phone calls despite ample evidence of human rights violations. Almost two-dozen former political prisoners recently testified to the England and Wales lawyers association that they were beaten and subsequently interrogated while being shown transcripts of emails and text messages. There have been at least 140 documented allegations of torture in Bahrain in the past last year.

In Tunisia, Trovicor was also one of many companies selling equipment to former president Ben Ali, whose system was so advanced, it prompted the new head of the Tunisian Internet Agency Moez Chakchouk to say, "I had a group of international experts from a group here lately, who looked at the equipment and said: 'The Chinese could come here and learn from you.'"

Here’s how Bloomberg describes Trovicor’s dangerous capabilities:

[Trovicor’s] toolbox allows more than the interception of phone calls, e-mails, text messages and Voice Over Internet Protocol calls such as those made using Skype. Some products can also secretly activate laptop webcams or microphones on mobile devices. They can change the contents of written communications in mid-transmission, use voice recognition to scan phone networks, and pinpoint people’s locations through their mobile phones. The monitoring systems can scan communications for key words or recognize voices and then feed the data and recordings to operators at government agencies.

Dutch member of the EU parliament Marietje Schaake has called on the EU Commission to investigate Trovicor and other companies that have sold surveillance equipment to Bahrain, along with Tunisia, Egypt, Syria, and Iran. EFF echoes MEP Schaake’s call for an investigation, as transparency about who these companies are selling to and what the technology is being used for is the first step towards solving the problem.

In addition, EFF has recommended the EU and US push companies to adopt “know your customer” standards that would prevent them from selling surveillance technology to governments known for violating human rights. The EU and US can easily induce companies to adopt such policy by tying it to government contracts. This could help prevent these types of sales from happening again, as many companies, including Area SpA and Trovicor, also sell equipment to the Western government for legitimate lawful purposes.

As long as these companies believe that it is okay to sell this technology to dictators, democracy activists, human rights activists, bloggers, and journalists around the world will continue to suffer.

Yesterday, the Northern District Court of Florida halted 27 copyright troll lawsuits targeting more than 3,500 Doe defendants while it examines whether the copyright trolls' lawyer, Tarik Hashmi of the Transnational Law Group, is properly allowed to practice law in Florida. The cases include copyright troll lawsuits Hashmi filed on behalf of, among others, Third Degree Films, Inc.; Patrick Collins, Inc.; and SBO Pictures, Inc.; (a full list can be found in the attached order). The cases were moving along rapidly until three Doe defendants called the court's attention to a Cease and Desist Affidavit that Hashmi submitted to the Florida State Bar in 2010. The affidavit stated Hashmi was not licensed to practice law in Florida and would not conduct legal actions until he was licensed by the state.

Mr. Hashmi has until March 9 to respond to the allegations. Any person who has been contacted about these suits should know that they have been stopped.

In his February 16th order, District Judge Hinkle consolidated the 27 cases; stayed all proceedings; and forbade further contact with Doe defendants while the investigation into Hashmi's conduct is pending. Until the court rules on Hashmi's qualifications, or lack thereof, all proceedings with future deadlines are put on hold. More importantly, Judge Hinkle stopped Hashmi and the companies he represents from taking any future action regarding the Does—including trying to collect settlement payments—until he proves his status as a qualified Florida lawyer. If Hashmi is unable to prove his qualifications, the Judge will likely dismiss the cases.

In the past, courts have commented on the dubious business model of copyright trolls. This most recent action provides even more cause for concern regarding these cases. We're glad that lawyers for Doe defendants caught this issue and we will continue to track the Florida cases.

In another important victory for Internet users’ fundamental rights and the open Internet, the highest court in Europe ruled yesterday that social networks cannot be required to monitor and filter their users’ communications to prevent copyright infringement of music and movies.  The European Court of Justice (ECJ) found that imposing a broad filtering obligation on social networks would require active monitoring of users’ files in violation of EU law and could undermine citizens’ freedom of expression.

The SABAM v. Netlog decision follows a landmark ruling by the ECJ in the SABAM v. Scarlet Extended case in November 2011, where the Court held that a Belgian ISP (Scarlet) could not be required to adopt a system to filter and block the transfer of potentially copyright infringing music files on its network. In that case, the Belgian copyright collective management organization SABAM had obtained an injunction (a court order) against the ISP, requiring it to install a system that would filter all of its users’ communications for potential copyright-infringing material.

Yesterday’s ruling also involved SABAM. It had sought a similarly broad injunction against Belgian social media platform Netlog.  The 2001 EU copyright directive mandates that copyright holders be able to obtain injunctions against intermediaries whose services are used by third parties to infringe copyright, but that is bounded by other EU obligations, including protection of citizens’ fundamental rights. The ECJ was asked to rule on the permissible scope of these injunctions, given their impact on Internet users’ fundamental rights and online service providers’ businesses.

The ECJ found that forcing Netlog to install a filtering system that would identify and prevent its users from making available any potentially copyright infringing files would require “active observation” of Netlog’s users. Following the 2011 SABAM v Scarlet decision, it held that implementing such a system would fall afoul of the key principle in Article 15 of the EU e-Commerce Directive, which prohibits EU member states from imposing a general obligation on ISPs and hosting services to monitor information they transmit or store, or to actively seek facts or circumstances that indicate illegal activity.

The Court also criticized the injunction on a second basis. In the 2011 Scarlet ruling and the 2008 Promusicae v. Telefonica decision, the ECJ held that in adopting measures to protect copyright holders, EU member states and courts must strike a fair balance between the protection of copyright, and the protection of the fundamental rights of individuals and businesses who are affected by those measures. The Court found that the filtering system being sought by SABAM required the identification, systematic analysis, and processing of information connected with the profiles of Netlog’s users. This would violate Netlog’s users’ right to protection of their personal data, enshrined in Article 8 of the Charter of Fundamental Rights of the EU. In addition, because the filtering system could not effectively distinguish between lawful and unlawful content, it could block lawful content, and undermine Netlog users’ right to receive and impart information protected under Article 11 of the Charter.

Given the protection required of citizens’ fundamental rights under the Charter of Fundamental Rights, the ECJ concluded that courts in EU countries can’t issue injunctions against hosting service providers that require them to install a filtering system with features as broad as the one in this case which (a) was directed at information stored on the hosting platform’s servers by its users, (b) applied indiscriminately to all its users, (c) was installed as a preventative measure (requiring hosting services to decide whether content is infringing), (d) was at the sole expense of the hosting provider, and (e) for an unlimited period of time.

So what does all this mean? Here’s a couple of our thoughts.

The ECJ ruling is directed at EU member countries, but it will have significant implications for the future of the global Internet. Injunctions are one of several strategies that intellectual property rightsholders have been pursuing to force Internet intermediaries to become copyright police. In countries around the world, IP rightsholders have used injunctions to impose filtering, blocking and user termination obligations on Internet intermediaries. These efforts are likely to expand under ACTA, because it requires signatory countries to make available broad injunctions to IP rightsholders, including temporary injunctions while a case is pending. By precluding pre-emptive filtering and blocking injunctions, the SABAM v. Scarlet and SABAM v. Netlog rulings set an important limit on this strategy for EU countries.

Because injunctions are issued by courts, usually after a process of weighing up all affected parties’ interests, measures imposed in this way theoretically provide better protection for Internet users than those adopted in private party voluntary agreements such as those we’ve seen in Ireland and Belgium. As we’ve noted elsewhere, Internet intermediaries are not competent to make legal determinations about whether particular content or conduct infringes copyright. Copyright holders’ efforts to require Internet intermediaries to take on this role under the guise of greater “co-operation” raise serious concerns about due process, transparency and accountability, and online free expression. In that respect, we welcome the ECJ’s clarification on the scope of injunctions available under EU law.

At the same time, we recognize that the ECJ’s Scarlet and Netlog decisions will now lead to increased lobbying pressure from rightsholder groups to change EU law, perhaps as part of the European Commission’s review of the 2004 Intellectual Property Rights Enforcement Directive. Let’s hope that EU policymakers approach this in as thoughtful and balanced a way as the ECJ.

News broke Tuesday that a British police agency called the Serious Organised Crime Agency (SOCA), had taken control of the popular music blog RnBXclusive and arrested one of the site’s creators for fraud. The normal content from the site was completely unavailable, replaced with a new splash page: a notice from SOCA stating that it had taken control of the domain. Initial reports claimed that that the RnBXclusive.com domain had been seized by the UK government agency -- bringing to mind images of a post-SOPA fractured Internet -- but it turned out that the website takeover was done with the cooperation of the UK-based hosting company, Rackspace’s UK arm. For its part, Rackspace claimed that the music site was taken down for breaching its Terms and Conditions.

The initial splash page that the site displayed after the takedown was replete with exaggerations and misstatements of law. Techdirt’s Mike Masnick ripped the notice apart, explaining the problems with the way that SOCA handled the situation. The original SOCA notice has since been taken down and replaced with a more accurately worded statement, but an image of the original is viewable here.

The baseless claims in the original notice included the statement that a majority of the music files previously available via the site had been stolen, and that:

As a result of illegal downloads young, emerging artists may have had their careers damaged. If you have illegally downloaded music you will have damaged the future of the music industry.

Most disconcertingly, the notice stated that visitors who had downloaded music from RnBXclusive may have committed a crime with a penalty of 10 years imprisonment and an unlimited fine. It also stated that SOCA has "the capability to monitor and investigate you, and can inform your Internet service provider of these infringements."

Then, in a move that could only be described as intimidating, it went on to display the visitor’s operating system and IP address with a statement below that read, "The above information can be used to identify you and your location."

This situation is alarming on several levels. It is unknown whether there was a court order that directed the hosting provider to take down this site, or whether the hosting company voluntarily removed the previous content. Open Rights Group is reporting that Rackspace’s UK arm is hosting the holding page. Why would it allow SOCA to put up the holding page without a court order?

We initially feared that this was a domain seizure, as when last year the domain registrar for .uk domains, Nominet, admitted to helping police authorities seize 3,000 websites and proposed new rules to expedite domain takedowns so that police authorities would not need court orders to do so. Whether this proposal was actually enacted remains unclear, but the chilling effect that both these cases have on free expression is undeniable.

Technology writer Glyn Moody reports that SOCA charged fraud because the music blog had allegedly been sharing pre-release works somehow obtained without authorization from music industry sites. If that’s true, SOCA’s involvement may not be quite as surprising as it initially appeared. But as SOCA has released no evidence in support of its allegation, it will be interesting to see how this proceeds.

In any case, this week’s takeover sets a dangerous precedent for copyright enforcement measures in the UK. If the hosting provider took down this site voluntarily without any court oversight, it raises the prospects of future cases being dealt with in a similar extrajudicial manner. Though the Internet blacklist legislation which would have facilitated similar takedowns in the U.S. has been stopped for now, we must keep a close eye on these sorts of alternative methods of online censorship that are implemented in the name of copyright enforcement.

~

For more updates on this story visit Open Rights Group or follow them on twitter at @Openrightsgroup