Slashdot Mirror

theodp writes "FTC Chairwoman Deborah Platt Majoras has refused to recuse herself from the agency's review of Google's $3.1B DoubleClick acquisition, despite her current and past ties to DoubleClick law firm Jones Day. EPIC and the Center for Digital Democracy, which had requested her recusal, are keeping up the pressure as DoubleClick-related pages and references have been disappearing from Jones Day's website. Although the statement issued by the Chairwoman suggests Jones Day's DoubleClick representation is limited to the European Commission, the Google cache of one MIA document boasts: 'Jones Day is advising DoubleClick Inc., the digital marketing technology provider, on the international and US antitrust and competition law aspects of its planned $3.1 billion acquisition by Google Inc.'"

narramissic writes "Following a series of complaints by privacy groups, the FTC has announced plans to host a two-day forum on targeted advertising at the beginning of November in Washington, DC. It's the first time since 2000 that the agency has looked at industry practices in this area. They hope to learn how Web advertising firms protect the personal data they collect, how they notify consumers about that data, and whether the data is sold to or used by other firms." The FTC page for the event ia here. Sign up by September 14 if you want to be a panelist or to recommend topics for discussion.

narramissic writes "Following a series of complaints by privacy groups, the FTC has announced plans to host a two-day forum on targeted advertising at the beginning of November in Washington, DC. It's the first time since 2000 that the agency has looked at industry practices in this area. They hope to learn how Web advertising firms protect the personal data they collect, how they notify consumers about that data, and whether the data is sold to or used by other firms." The FTC page for the event ia here. Sign up by September 14 if you want to be a panelist or to recommend topics for discussion.

Bushido Hacks writes "The Washington Post reports that the Federal Trade Commission has fumbled the Network Neutrality Act, again, as of this past week. However, the FTC defended its actions saying that their decision was not a give-in to the big telecom and cable companies. Instead, the FTC report urges caution on Network Neutrality Regulation. While this news is disappointing, the FTC's decision appears to be thought out and a message to remind people to not let the subject of Net Neutrality be abandoned by the general public so corporations could undermine the interest of consumers. We discussed the row this created, but with constant stalling tactics being employed here how long will it be before net neutrality opponents craft their own legislation?"

Kotaku examines a report drawn up the the Federal Trade Commission on 'inappropriate content' sales to children. The study (pdf) examined sales of M-Rated games, R-rated movie tickets, and explicit music to underage persons in the most extensive look at the topic since 2000. While it appears the games industry still has a way to go, the study shows that it's much harder than it was four years ago for a young person to buy an M-Rated game. "Video games showed the greatest improvement, dropping from 69 percent being able to make the purchase in 2003 to 42 percent in 2006. That's just three percent more than the number of underage children able to get into R-rated movies."

Slashdot contributor Bennett Haselton writes "A recurring theme in editorials about Net Neutrality -- broadly defined as the principle that ISPs may not block or degrade access to sites based on their content or ownership (with exceptions for clearly delineated services like parental controls) -- is that it is a "solution in search of a problem", that ISPs in the free world have never actually blocked legal content on purpose. True, the movement is mostly motivated by statements by some ISPs about what they might do in the future, such as slow down customers' access to sites if the sites haven't paid a fast-lane "toll". But there was also an oft-forgotten episode in 2000 when it was revealed that two backbone providers, AboveNet and TeleGlobe, had been blocking users' access to certain Web sites for over a year -- not due to a configuration error, but by the choice of management within those companies. Maybe I'm biased, since one of the Web sites being blocked was mine. But I think this incident is more relevant than ever now -- not just because it shows that prolonged violations of Net Neutrality can happen, but because some of the people who organized or supported AboveNet's Web filtering, are people in fairly influential positions today, including the head of the Internet Systems Consortium, the head of the IRTF's Anti-Spam Research Group, and the operator of Spamhaus. Which begs the question: If they really believe that backbone companies have the right to silently block Web sites, are some of them headed for a rift with Net Neutrality supporters?" Read on for the rest of his story.

In the aforementioned instance, AboveNet and TeleGlobe were not selling "parental filters" or other common types of filtered Internet access; the users being blocked from our Web sites were adults paying for what they thought were unfiltered Internet connections. What had happened was that AboveNet and TeleGlobe signed up to block Web sites on the Realtime Blackhole List, a list which was widely (but inaccurately) thought to be a list of "spammers", put out by a group called the Mail Abuse Prevention System. (MAPS and the RBL still exist, but under new management and in a form that bears little resemblance to their late-90's forerunners.) Most ISPs that used the RBL used it to filter only incoming e-mail, but AboveNet went all-out and blocked users from even viewing RBL'ed web sites, presumably because two of MAPS's founders, Paul Vixie and Dave Rand, were on the AboveNet board of directors. And it turned out that the RBL not only included spammers, but also Web sites that were not sending mail at all but were blocked because of their content -- in our case, our ISP got blocked because some other customers were selling mailing list software that MAPS believed could be too easily abused by spammers.

These two distinctions -- (1) the distinction between blocking incoming e-mail from spammers, versus blocking Web sites; and (2) the distinction between blocking traffic due to spam activity, versus blocking sites because of their content -- both go to the heart of what Net Neutrality is, and isn't, about. Net Neutrality is about user preferences -- not meaning that as a buzzword, but as an actual guiding principle to figure out what is and is not covered by the cause. If an ISP filters incoming mail from known spammers, that generally improves the user experience, and is something many users would expect an ISP to do anyway. But if an ISP blocks users from reaching Web sites (even, for the sake of argument, the Web sites of actual spammers), then that's generally counteracting the user's wishes -- if the user didn't want to go there, they wouldn't have typed it in. (After all, I visit spammers' Web sites all the time, usually right before I sue them.) Similarly, if an ISP blocks traffic from sites because of spam or other network abuse, that serves to protect their own users. But if an ISP blocks users from viewing sites because of their content, that's generally not expected by users, unless they've specifically signed up for something like parental controls. The Snowe Net Neutrality amendment proposed last year recognized both of these distinctions, and stated that nothing in the amendment would be interpreted to prohibit spam filtering, parental control services, or measures to protect network security.

The MAPS incident thus shaped most of my opinions about Net Neutrality 6 years before the debate even had a name. When I first found out in August 2000 that our ISP was blacklisted, like most people I believed that the RBL really was a list of spammers; after all the MAPS web page said that the RBL was a list of networks that "originate or relay spam". So I called my ISP screaming at them for being incompetent spam-enablers (the culmination of many frustrating issues with them), and saying that if they really were letting customers send spam, or running an insecure server that spammers were hijacking, I would leave on principle, if the cretins managing our server didn't drop it in the lake first. The ISP owner then told me what happened: that the ISP was not blacklisted for spamming customers, but because of the content of the other sites. (Buried in the list of RBL criteria on MAPS's site was the statement that sites could be blacklisted for providing "spam software", although the criteria did not define how they distinguished between spam software and regular mailing list software, which is how our ISP got caught in the net. And the criteria did not disclose anywhere the most controversial feature of the RBL, which is that if an ISP didn't comply, MAPS would start blacklisting other unrelated sites at the same ISP to put more pressure on them.) I agreed that this seemed to be absurd, and said I wouldn't leave the ISP if they were being blackballed just because of the content of hosted pages.

I don't know exactly what the mail software in question did or where MAPS thought the line should be drawn, but I am a purist about content -- it's a long-standing principle among the Internet security community that if a tool exists which exploits a security hole, you don't try to make the software disappear, you fix the hole. And besides, since MAPS and their supporters wanted to blackball ISPs that hosted spamming software (however you defined that), but the same people had never advocated blackballing ISPs that hosted network break-in tools and other cracking programs, for example, then what were they really saying? That spamming someone more unethical than breaking into their network?

But by far the most common objection to my complaint about AboveNet blocking Web sites was, "Hey, if a private company blocks things, as long as they're being honest to their users about it, who cares?" Well, true, but the fact that AboveNet blocked Web sites was not widely known even within the company; when I once called AboveNet feigning ignorance and asking them if they blocked RBL'ed Web sites, the technician who spoke to me said, "No, that wouldn't make any sense." (Well, half right.) Their AUP mentioned "protecting users from spam" but said nothing about blocking Web sites. In fact, other than "family-filtered" ISPs and similar services, I've never heard of any company blocking Web sites that actually did try to make their users aware of it. (On the other hand, even if AboveNet had fully disclosed their filtering, they were still a backbone company selling connectivity mainly to ISPs -- and I think if you sell something wholesale that can only be re-sold to the public by fraudulent means, then you're at least partly complicit in that fraud as well.)

If you're tempted to argue that backbone providers should be allowed to block whatever they want as long as they bury it in their AUP (although AboveNet and TeleGlobe didn't even do that much), just consider: When you access Google from your home computer, have you read the AUP of every network that the packets pass through, to check whether they reserve the right to block or even modify your traffic? Without doing a traceroute, could you even name all the networks that the traffic passes through? Do you really want the burden to be on you to check with all of them every time there's a problem reaching a Web site? Or do you feel like there's an understanding that as long as you pay your bill, they should let you go wherever you want?

Some have argued that if an ISP blocks the user from reaching a Web site, then even if the ISP is defrauding the user, that's still strictly an issue between the user and the ISP. But if a user is trying to reach your Web site, the user is trying to give you something of value: their attention, their eyeballs on your advertisements, sometimes even their money (with the expectation that you will provide them with something in return, of course, like some content worth reading). If the ISP steps in and blocks that, then the ISP has taken something of value that the user was attempting to give to you, and diverted it to serve their own interests. To me that doesn't seem ethically much different from the FedEx driver swiping the chocolates that someone tried to send you for Valentine's Day. Is that just between the sender and FedEx? Or do you have a beef because you didn't get the present that was intended for you, and you had to eat last week's chocolates to cheer up?

The modern-day threats to Net Neutrality are different: slowing access to Web sites unless the site owners pay a "toll", instead of blocking access to sites because of the content of other sites hosted at the same ISP. But they both boil down to the same thing: not giving end users what they have already paid for. If a user buys Internet access, they almost always buy it with the understanding that if they access a site, the content will download as quickly as their connection allows.

Thus the most common misconception about Net Neutrality is that the proponents are fighting against "capitalism" -- ISPs just charging more for different delivery speeds. But ISPs are already charging users for those delivery lines -- including different tiers for different prices. That's capitalism, and it works, with prices falling all the time in a fairly competitive market. But charging publishers for those higher delivery speeds to the user's house, is really more like double-billing, because the user has already been charged once for the lines that the content is coming over, so the ISP is trying to charge the content publisher again for the same service. Of course, if you charge party A for doing X, and then you try to charge party B for the same instance of doing X, and party B doesn't pay up so you don't do X, you're also breaking your deal with A. Brad Templeton of the EFF stated as much on his blog in 2006:

The pipes start off belonging to the ISPs but they sell them to their customers. The customers are buying their line to the middle, where they meet the line from the other user or site they want to talk to. The problem is generated because the carriers all price the lines at lower than they might have to charge if they were all fully saturated, since most users only make limited, partial use of the lines. When new apps increase the amount a typical user needs, it alters the economics of the ISP. They could deal with that by raising prices and really delivering the service they only pretend to sell, or by charging the other end, and breaking the cost contract. They've rattled sabres about doing the latter.

And I think the same is clearly true if, instead of trying to extract money from the content publisher, the ISP tries to extract something else, like an agreement to shut down certain Web sites before the ISP will let their users view other sites hosted at the same company. You can talk all day about how evil those Web sites are, but the ISP has already sold the user a connection with the implied ability to access them.

Anyway, this all came out in 2000 when a Slashdot article revealed that AboveNet had been blocking Web sites, and AboveNet stopped doing it two hours after the article came out. (TeleGlobe stuck with it for a few more months.) But from the hostility of the reaction, you'd think that we had published cartoons in a Danish newspaper showing Paul Vixie with a bomb in his turban. I got more e-mails than I could count arguing that AboveNet had the right to block whatever Web sites they felt like, regardless of whether the end users knew it was happening. To those people, I'd be sincerely interested in their answer to this question: Does that mean they've have no problem if they found out their ISP was silently blocking sites for political reasons? There is a clear line between following user preferences by blocking spam, and countermanding user preferences by blocking sites because of their content -- and once you've crossed that line, where's the logical stopping point? Seriously, I would have liked to have known how they would answer that, if I could have gotten any meaningful dialog going with them, which most of the time I couldn't. At the time, I'd just spent four years telling people that kids looking at porn was a non-issue, and that by the way if their kids came to my Web site I'd even help them get around their blocking software, and I still got more angry e-mails for disclosing the fact that AboveNet blocked Web sites based on their content, than I'd gotten in all the previous four years combined. (A few even accused us of moving into a blacklisted address block on purpose. This was because the actual move happened after the blacklisting was in place, even though I told them all that our ISP had announced the coming move two months before -- repeat, before -- they ever heard from MAPS. Some people were so in love with that "smoking gun" that they didn't believe me; that's their prerogative. But don't take my word for it -- when one supporter wrote to MAPS to ask about un-blocking our site, MAPS officer Kelly Thompson replied:

>Would it be possible to
>selectively unblock peacefire.org (209.211.253.169)?
Technically? Yes, it is. It's a violation of our policy, though, so I can't do so.

I would be willing to help you find other free or reduced cost hosting, however.

It was MAPS's decision, not ours or our ISP's, to have our site blocked. That should settle that once and for all, just as soon as there is peace in the Middle East and a black lesbian in the White House.)

But what do all these people think about Net Neutrality, 6 years later? I tried to track down the influential people who had spoken out supporting AboveNet's blocking of Web sites, or at least their right to block Web sites. My position was, we can agree to disagree on that, but if they really feel that way, why haven't they been speaking out against Net Neutrality? The proposed Snowe amendment was pretty clear:

SEC. 12. INTERNET NEUTRALITY
(a) Duty of Broadband Service Providers- With respect to any broadband service offered to the public, each broadband service provider shall--
(1) not block, interfere with, discriminate against, impair, or degrade the ability of any person to use a broadband service to access, use, send, post, receive, or offer any lawful content, application, or service made available via the Internet.

John Levine, webmaster of Abuse.Net, head of the IRTF's Anti-Spam Research Group, and one of the most vocal critics of Peacefire's campaign against AboveNet's Web filtering, said that he would have opposed the bill but didn't bother because it didn't have much chance of passing. Well, it didn't, but the bill was significant not because of its likelihood of passage, but because it articulated the principles that the Net Neutrality coalition had rallied around, and with the momentum behind the movement, it's likely to achieve at least some of its goals, by legislation or otherwise.

Paul Vixie, Dave Rand, and Steve Linford did not respond to requests for comment on Net Neutrality. But Paul Vixie wrote something very interesting in a May 2006 blog post:

Second, there's network neutrality. In telephone service, the government mandates that all companies providing voice-grade telephony interconnect with eachother at preset rates, thus ensuring that any phone can call any other phone and that new phone companies can enter the field to help ensure competition. In Internet service, the government mandates nothing. Recently SBC (I mean AT&T, I think, is it Wednesday?) rattled its sabre and said that Google and other content supplying companies should be paying for the use of SBC's backbone to reach SBC's eyeballs. Most of us said, uh, what? "Aren't SBC's own customers paying SBC to carry that traffic?" Some of us even said "I am not an eyeball, I am a person!" But anyway, from time to time these Internet companies shut down interconnects in hopes of creating new cash flows among eachother, and until the government regulates this, we're all at risk of higher prices or lower service with zero notice. Some well meaning democrats are trying to challenge this with "network neutrality" legislation, but this probably isn't their year. Or their decade.

San Francisco has a government, though. And if San Francisco owned and operated its own wireless Internet plant, we could mandate that any Internet company wishing to do business in this city interconnect at fair and reasonable cost to all other Internet companies wishing to do business in this city.

"Until the government regulates this"? "Government mandates"? "Fair and reasonable cost"? Quick, call the anti-socialist intervention squad! How long does it take those San Francisco hippies to suck the new arrivals' brains out anyway? Of course, I agree with everything he said. It's just that if you replace "create new cash flows" with "try to get ISPs to remove content from their servers", this describes exactly what Vixie and AboveNet were doing a few years earlier. He's a smart guy, and I'm sure this didn't escape his sense of irony, so perhaps this confirms something I'd suspected all along, which is that Vixie understood the subtleties of the issue better than most of his cheerleaders, and may be having second thoughts about AboveNet's Web-blocking misadventure. From the beginning, in a 1997 interview with Sun World, he sounded like someone trying to at least keep an open mind:

Concentration of power into a single individual: It's very true that power has corrupted every individual in whom it has ever been concentrated in the history of mankind. I do not feel that I am necessarily above whatever elements of human nature give rise to that. I worry about it. Probably other people worry about it more than I do.

Although, he didn't get to making any such frank statements during the controversy over AboveNet's Web site blocking. (Perhaps MAPS's lawyers were worried that he was a little too unfiltered and advised him not to comment; at the time, the MAPS Web site had a "How to sue MAPS" link on the front page.)

Speaking of which, Anne Mitchell, Director of Legal and Public Affairs for MAPS during the time when AboveNet was blocking Web sites, was the only MAPS adherent from the era that I could find who has since clearly and publicly come out against Net Neutrality. In May 2006 she wrote:

Here's the thing that the 3Ns (Net Neutrality Nuts) don't get: bandwidth costs money. And if you can't charge those who use the majority of it accordingly, then you are going to have to amortize it across everybody.

So, if a net neutrality law passes, don't be surprised when your costs to have an Internet account skyrocket.

Because somebody has to pay those bills, and if the law says that the ISPs can't charge the big guys - the big users - differently, it means that they have to charge them the same rate that they charge everyone else. And that means not that their rate will go down, but that everybody else's rate will go up.

And then again in February 2007 in another blog post titled "Towards A Nanny Internet", she wrote, "Network neutrality is the idea that ISPs should be forced to charge everybody the same for their Internet use", grouping it together with proposed anti-bullying and anti-anonymity laws.

Well, points to Anne for being consistent, and for publicly declaring her views in no uncertain terms, which is all I'm asking of the other supporters of AboveNet's website blocking policy. (Although she's coming at it from a different angle this time, "How do we work out who pays for the traffic" rather than "ISPs should be allowed to block whatever they want without telling anybody".) But this is also a textbook example of what I think are the three major fallacies of opposition to Net Neutrality:

First, lumping it together with other examples of unpopular regulation and calling it one more example of Big Government -- an argument also tried in other editorials ("Politicians and public figures alike should realize the absurdity of advocating more red tape to keep the Internet free"). This meme has never really caught on, possibly because groups like the ACLU and the EFF that have traditionally opposed true Internet censorship, have lined up in favor of Net Neutrality. All the proposed "red tape" and "regulation" really says is that if a user attempts to access a Web site over a connection that they've paid for, the ISP may not block or slow down their access, a law which most people would hardly consider tyrannical.

Second, asserting that "Network neutrality is the idea that ISPs should be forced to charge everybody the same for their Internet use." I've never actually heard anyone advocate anything close to that, but a common question among skeptics is why different "tiers" for Internet traffic are really any different from different-tiered pricing for dial-up vs. DSL, or for different levels of Web hosting. The difference is that when users and Web site owners pay for those connections, they are paying for their respective connections to the rest of the Internet. But an ISP charging a Web site owner to carry their traffic the last mile to the user's house, is not charging for a product or service, but really charging a fee not to break a service that they've already agreed to provide to the user.

Which leads to the third misconception: "Here's the thing that the 3Ns (Net Neutrality Nuts) don't get: bandwidth costs money... So, if a net neutrality law passes, don't be surprised when your costs to have an Internet account skyrocket." But it's not about how much a service costs, but about the ethics of double-billing for it. We know that ISP pricing models can already support the total traffic that people consume today, and ISPs do already follow net neutrality principles most of the time, so nobody's costs will "skyrocket" just because a neutrality law passes. If vastly more people start trying to stream CNN over the Internet 24/7, and fully using the services that ISPs have "only been pretending to sell" as Brad Templeton put it, then ISPs may have to charge more for users who consume too much bandwidth, encouraging people to stay at today's average levels by rationing themselves and perhaps watching 24 on their $5,000 TV sets sometimes instead of downloading it off of BitTorrent to their laptop every week because it makes them feel like a haX0r. Much as we all love our unmetered connections, it wouldn't be a violation of Net Neutrality for ISPs to charge users for bandwidth hogging, to keep everyone from going too far above today's levels. What ISPs should not do is charge users for implied full-throttle connections, and then turn around to charge publishers for moving bits over those same lines, or block the connection for any other reason.

So, yes, Virginia, blocking of Web sites does happen -- and by "Virginia", I mean FTC Chairman Deborah Platt Majoras, who said in a speech in August 2006: "I have to say, thus far, proponents of net neutrality regulation have not come to us to explain where the market is failing or what anticompetitive conduct we should challenge; we are open to hearing from them." This was echoed in an editorial later that month from Sonia Arrison of the Pacific Research Institute:

Internet service providers have voluntarily upheld content-neutral practices without the need for government intervention, and consumers would never stand for blocked Web sites... If the loss of net neutrality principles was really a problem, advocates wouldn't need to scare Americans in order to win their support. Using government regulation preemptively to shortchange business partners is a reckless abuse of the public policy process. New laws should be based on facts and reality, not fear and hypothetical situations.

I guess both of those ladies' ISPs must be blocking access to the SaveTheInternet.com Web site, so I e-mailed both of them the coalition's list of examples, and added a note about the AboveNet/TeleGlobe incident as well. No personal response from either of them yet, but I'm sure they just got lost in the shuffle while they were so busy sending out corrections. (On the other hand, I did get a courteous response from Randolph J. May of the Free State Foundation, when I wrote to him about an editorial he penned which also argued that violations have not happened: "It is generally agreed that except for a few isolated and quickly remedied incidents, neither the cable operators nor the telephone companies providing broadband Internet services have blocked, impaired or otherwise restricted subscriber access to the content of unaffiliated entities." He said he hadn't known about the AboveNet/TeleGlobe incident either.)

Another theme in some anti-Net-Neutrality editorials is that existing laws are enough to deal with the problem. In Majoras's speech, she said, "We should not forget that we already have in place an existing law enforcement and regulatory structure." Arrison's echoed that "Numerous federal agencies already have set a basic legal framework in place to preserve fair competition and business practices on the Internet". Well, as Yogi Berra says, in theory, there is no difference between theory and practice, but in practice, there is. After I found out AboveNet and TeleGlobe were blocking my Web site, I called about twenty lawyers in the Bellevue phone book, figuring: I wasn't greedy, but surely there would be financial damages for deceiving users and blocking our site, enough to pay a lawyer in return for handling the case? I think about two lawyers called me back, and they both said that even though what the backbone companies were doing clearly looked like fraud, it would take tens of thousands of dollars just to get started, and even if we ever got to court, the judge could call it however they wanted. Whatever laws exist now, they may help the slightly smaller big guy against the bigger big guy, but are not much use to the little or medium-sized guy.

So, any informed debate about Net Neutrality has to include the fact that, yes, some providers have blocked Web sites on purpose, for long periods of time, and no, the free market didn't fix it by itself. Even if something on that scale never happens again, if the free market and the anti-trust laws didn't automatically correct a case where Web sites were being blocked outright, then it's wishful thinking to think that those forces will prevent ISPs from merely slowing down Web access to sites that haven't paid a "toll", as they have made noises about doing. One AboveNet customer, Sam Knutson, said when he found out about the Web site blocking, "This type of behavior on the part of an ISP is reprehensible. I pay for a pipe and don't expect this type of monkey business." Well, I agree that it's reprehensible; whether we should "expect" more of it or not, depends on how much the Net Neutrality movement achieves its goals.

The FTC has struck a deal with Sony punishing Sony for the rootkits it included on millions of CDs in 2005. The deal is exactly like the Texas and California settlements — $150 a rootkit. The settlement isn't final yet. There will be a 30-day public consultation. American citizens who read Slashdot might want to put in their two cents. Comments will be accepted through March 1 at: FTC, Office of the Secretary, Room H-135, 600 Pennsylvania Avenue, N.W., Washington, D.C. 20580 (snail mail only). Here is the FTC page announcing the settlement.

WebHostingGuy writes "As reported by MSNBC, the FTC has fined Xanga.com $1 million dollars for repeatedly allowing children under 13 to sign up for the service without getting their parent's consent. This is the largest penalty ever issued for violations of the Children's Online Privacy Protection Act." From the article: "'Protecting kids' privacy online is a top priority for America's parents, and for the FTC,' FTC Chairman Deborah Platt Majoras said in a statement. 'COPPA requires all commercial Web sites, including operators of social networking sites like Xanga, to give parents notice and obtain their consent before collecting personal information from kids they know are under 13. A million-dollar penalty should make that obligation crystal clear.'" What impact, if any, do you think this will have on other community sites that may not always follow the COPPA statutes?

surfingmarmot writes to tell us that in a recent ruling the Federal Trade Commission declared that Rambus had unlawfully monopolized four computer memory technology markets. From the article: "In an opinion by Commissioner Pamela Jones Harbour, the Commission found that, through a course of deceptive conduct, Rambus was able to distort a critical standard-setting process and engage in an anticompetitive 'hold up' of the computer memory industry. The Commission held that Rambus's acts of deception constituted exclusionary conduct under Section 2 of the Sherman Act and contributed significantly to Rambus's acquisition of monopoly power in the four relevant markets. The Commission has ordered additional briefings to determine the appropriate remedy for 'the substantial competitive harm that Rambus's course of deceptive conduct has inflicted.'"

TheSixth1 writes "ZDNet is reporting that the FTC announced in a recent report to Congress [PDF Warning] that the Can-Spam act is 'effective in providing protection for consumers.' The report boasts that the substantive provisions of the Act have mandated adoption of a number of commercial email "best practices" that many legitimate online marketers are now following. Second, the Act has provided law enforcement agencies and ISPs with an additional tool to use when bringing suit against spammers. The more than 50 cases brought to date by the FTC, the Department of Justice, state Attorneys General, and ISPs demonstrate CAN-SPAM's enforcement efficacy."

Iphtashu Fitz writes "The Chinese government has joined an international anti-spam effort started by the U.S. and UK. Over the weekend China stated that it would join international enforcement efforts against spam by adopting the London Action Plan on Spam Enforcement Collaboration. The London Action Plan was launched after a conference on spam enforcement hosted jointly by the UK Office of Fair Trading and the US Federal Trade Commission in London in October 2004. It was the first international forum to focus exclusively on spam enforcement. China is well known for being one of the biggest origins of spam, with as much as 20% of all junk e-mail originating from within its borders."

Rei writes "According to a recent CipherTrust study, the majority of Zombie PCs reside not in the US or China, but in Europe. Of the European zombies, 2/3 were either in Germany, France, or Britain. The results were released with the announcement of CipherTrust's new ZombieMeter. As a response to previous reports of high zombie activity, the London Action Plan launched Operation Spam Zombies in cooperation with numerous governments around the world."

rbochan writes "The Register is reporting that the U.S. Federal Trade Commission is consulting on proposed changes to the CAN-SPAM Act. Changes would include clarifying the definitions of the terms person and sender, and altering the time allowed for a sender to to honor an opt-out request. The FTC proposal is available as a PDF on the official FTC site." From the article: "Critics have accused the Act of being narrow and weak, accusations that may be hard to deny given that the US sends more spam than any other, according to a recent report by anti-virus firm Sophos."

Iphtashu Fitz writes "The FTC has just issued its final report on how it will define Spam with regards to the federal CAN-SPAM act. According to the FTC, bulk e-mail is commercial if it includes advertising and promotion or if the subject line or beginning of the message would be reasonably considered to be advertising or promotion. This is very similar to the proposed rules that were announced back in August. The modified rules also deal with the issues of transactional messages (an e-mail regarding an order that also includes advertising) and relationship-based e-mail (messages about product updates, etc)."

Iphtashu Fitz writes "The FTC has just issued its final report on how it will define Spam with regards to the federal CAN-SPAM act. According to the FTC, bulk e-mail is commercial if it includes advertising and promotion or if the subject line or beginning of the message would be reasonably considered to be advertising or promotion. This is very similar to the proposed rules that were announced back in August. The modified rules also deal with the issues of transactional messages (an e-mail regarding an order that also includes advertising) and relationship-based e-mail (messages about product updates, etc)."

octalgirl writes "The FTC hosted 'Peer-to-Peer File-Sharing Technology: Consumer Protection and Competition Issues' workshop is in December, but public comments are due by tomorrow (Nov 15th). If you have something to say about the how P2P file sharing is used today or ways it might be used in the future, get your 2 cents in now. You know the RIAA/MPAA certainly will. Guidelines for submitting are in the Federal Register Notice"

octalgirl writes "The FTC hosted 'Peer-to-Peer File-Sharing Technology: Consumer Protection and Competition Issues' workshop is in December, but public comments are due by tomorrow (Nov 15th). If you have something to say about the how P2P file sharing is used today or ways it might be used in the future, get your 2 cents in now. You know the RIAA/MPAA certainly will. Guidelines for submitting are in the Federal Register Notice"

gal1264 writes "The FTC is hosting an email authentication summit today and tomorrow in Washington, DC conveniently happening at the same time as the IETF meeting in the same town. Today mainily was comprised of an overview of the various outstanding proposals. It was interesting to see the whole crowd cheer as the Yahoo representative reiterated that their proposal was full open, much unlike the recent Sender-ID proposal which caused great furor in the IETF MARID working group as well as the open source community. It does seem however, that all of the participants were excited to be testing various techniques (personally I found the Bounce Address Tag Validation very compelling) and were communally comitted to converging on the most effective solutions without anything other than defensive patent structure."

An anonymous reader writes "Groklaw has the scoop. The Federal Trade Commission and National Institute of Standards and Technology (NIST) will co-host a two-day 'summit' November 9-10 to explore the development and deployment of technology that could reduce spam. The E-mail Authentication Summit will focus on challenges in the development, testing, evaluation, and deployment of domain-level authentication systems. The FTC will be accepting public comments until Sept. 30, 2004 via snail-mail or email (authenticationsummit at ftc.gov). The FTC has a list of 30 questions they would like answers/comments to. The list available in this PDF of the Federal Register Notice." In a related subject, reader Fortunato_NC submits this writeup of the sequence of events that led to Sender-ID's abandonment.

Portigui writes "CNN is reporting that the FTC is considering imposing a bounty on spammers. They are guessing it would take between $100,000 to $250,000 to get people to rat out their friends, coworkers, etc... Interstingly enough is that it is 'higher than rewards in most high-profile criminal and terrorism cases. For example, the FBI pays $50,000 for tips leading to the arrests of most of its top 10 fugitives.'"

Thanks to GameSpot for its interview with Entertainment Software Rating Board (ESRB) president Patricia Vance, following yesterday's publishing of a 'Marketing Violent Entertainment To Children' report [PDF link] by the Federal Trade Commission. The report's findings are discussed by 1UP, noting the FTC "still gives mixed marks to the American games industry when it comes to marketing mature games to a younger audience." Vance indicates that "ESRB's focus will continue to be on getting retailers to display signage at the point of purchase that increases awareness and use of the rating system", although, even after improvement over previous years: "69% of survey participants (aged between 13 and 16) were able to buy an M-rated game without hindrance, including 55% of unaccompanied customers." Outside of the ESRB's duties, "The FTC's chief sticking point was still with the placement of [M-rated] videogame advertisements... [which] still frequently appear in enthusiast gaming magazines and other publications technically aimed at a teenage audience."

securitas writes "Computerworld's Todd R. Weiss reports that the USA, Britain and Australia have signed a Memorandum of Understanding (MoU) for six agencies to share resources to fight spam. The MoU lets the government agencies 'share information and work together to detect, investigate and track spammers' as well as 'exchange evidence and coordinate enforcement efforts.' The agencies involved include the US Federal Trade Commission (FTC), its counterparts in the UK and Australia, and several other consumer protection agencies. You can get a full list of participating government bodies from the FTC press release, 'Consumer Protection Cops Join Forces to Fight Illegal Spam'. You can also get the spam MoU full text in PDF format from the FTC. More at The Register, vnunet, The Age/Sydney Morning Herald and InfoWorld."

securitas writes "Computerworld's Todd R. Weiss reports that the USA, Britain and Australia have signed a Memorandum of Understanding (MoU) for six agencies to share resources to fight spam. The MoU lets the government agencies 'share information and work together to detect, investigate and track spammers' as well as 'exchange evidence and coordinate enforcement efforts.' The agencies involved include the US Federal Trade Commission (FTC), its counterparts in the UK and Australia, and several other consumer protection agencies. You can get a full list of participating government bodies from the FTC press release, 'Consumer Protection Cops Join Forces to Fight Illegal Spam'. You can also get the spam MoU full text in PDF format from the FTC. More at The Register, vnunet, The Age/Sydney Morning Herald and InfoWorld."

Decaffeinated Jedi writes "The AP reports today that the U.S. government has no plans to create a do-not-spam registry in the immediate future. Why not? They argue that the proper technology is not yet in place. 'A national do-not-e-mail registry, without a system in place to authenticate the origin of e-mail messages, would fail to reduce the burden of spam and may even increase the amount of spam received by consumers,' said the commission." The moral of the story is: never try. See the FTC's press release or their report (pdf).

Decaffeinated Jedi writes "The AP reports today that the U.S. government has no plans to create a do-not-spam registry in the immediate future. Why not? They argue that the proper technology is not yet in place. 'A national do-not-e-mail registry, without a system in place to authenticate the origin of e-mail messages, would fail to reduce the burden of spam and may even increase the amount of spam received by consumers,' said the commission." The moral of the story is: never try. See the FTC's press release or their report (pdf).

markclong writes "Every year numerous illegitimate patent applications make their way through the United States patent examination process without adequate review. The problem is particularly acute in the software and Internet fields where the history of prior inventions (often called "prior art") is widely distributed and poorly documented. As a result, we have seen patents asserted on such simple technologies as One-click online shopping (U.S. Patent No. 5,960,411.), Online shopping carts (U.S. Patent No. 5,715,314.), The hyperlink (U.S. Patent No. 4,873,662.). The EFF is hosting a patent busting project to fight the most egregious abuses of the patent system."

gManZboy writes "The AP (through Yahoo) is reporting that the FTC is now requiring that all sexually explicit spam carry the wholly original 'SEXUALLY-EXPLICIT:' moniker in the subject line. I don't know why the porn industry is complaining about this, it seems like now everyone who really wants porn spam (not I!) can finally create a filter that delivers it to their inbox, highlighted, and bolded!" The FTC's regulation is available, and so is Slashdot's earlier story.

WoodenRobot writes "This article claims that Earthlink have discovered that the average user's PC has 28 spyware programs on it. More details can be found on Earthlink's spyware auditing page." Compare to a university study. The FTC is hosting a Spyware Workshop.

enforcer999 writes "As you know, the CAN SPAM ACT preempted many state laws that were tougher on spammers. For instance, many of the laws that were enacted by states included a requirement that sexually explicit SPAM be labeled as such. The FTC, in charge of adopting rules, came up with a new rule that will require sexually explicit SPAM to be labeled as such. Hmm? I think the states were already trying to do this before the Federal government preempted them. Anyway, I wonder if it will work?"

An anonymous reader writes "Well, in this story in the South Florida Sun-Sentinel, two men were nailed by the FTC for sending out spam just to try to collect valid e-mail addresses and social security numbers, for resale to others. Another good reason just to simply forward the spam to uce@ftc.gov."

hayek writes "The Federal Trade Commission issued a report yesterday regarding failings in current U.S. patent policy. Among other things, the FTC recommends that the burden of proof on parties challenging patents in court be lowered from the current 'clear and convincing' standard, to the easier 'preponderance of the evidence' standard. Even if you don't think the FTC recommendations go far enough, implementing them would be a good start to solving some of the problems caused by the current system." nolife points out a report at Law.com indicating that, under the current system, "Patent examiners have from 8 to 25 hours to read and understand each application, search for prior art, evaluate patentability, communicate with the applicant, work out necessary revisions, and reach and write up conclusions."

hayek writes "The Federal Trade Commission issued a report yesterday regarding failings in current U.S. patent policy. Among other things, the FTC recommends that the burden of proof on parties challenging patents in court be lowered from the current 'clear and convincing' standard, to the easier 'preponderance of the evidence' standard. Even if you don't think the FTC recommendations go far enough, implementing them would be a good start to solving some of the problems caused by the current system." nolife points out a report at Law.com indicating that, under the current system, "Patent examiners have from 8 to 25 hours to read and understand each application, search for prior art, evaluate patentability, communicate with the applicant, work out necessary revisions, and reach and write up conclusions."

Thanks to an anonymous reader for pointing to the FTC report on children buying potentially inappropriate adult-rated games. According to the survey, "69 percent of the teenage shoppers were able to buy M-rated games", but this figure is down from 85 percent in 2000 and 78 percent in 2001. However, only 27 percent of stores where the games were bought had "signs, posters, or other information to inform customers about the rating system or the seller's policy on rating enforcement", and only 24 percent asked the 13-to-16 year old child's age, in this "mystery shopper" study funded by The Office of Juvenile Justice and Delinquency Prevention.

TCPALaw writes "Reuters is reporting that the Tenth Circuit Court of Appeals has just ruled that the FTC can go ahead with administration and enforcement of the national Do-Not-Call list, staying a lower court ruling that blocked the FTC from implementing the list. Now I can sue those pesky telemarketers .. I have already gotten 3 telemarketing calls to the phone number I put on the national list since the list went into effect." Reader jhlund1976 points to the court's decision itself. Note, as strredwolf does, that this only means the FTC can "run the registry while a challenge from telemarketers winds its way through the courts." Strredwolf also points to the all-knowing Google News link.

Iphtashu Fitz writes "The Associated Press is reporting that the Federal Communications Commission will step in and enforce the national Do Not Call list for the Federal Trade Commission. The FCC is coming to the aid of the FTC because of the recent lawsuit filed against the FTC over the list."

An anonymous reader writes "Not sure if this is new or merely corrected: Network Solutions, Inc. has settled Federal Trade Commission charges that its deceptive marketing practices unlawfully tricked consumers into transferring their Internet domain name registrations to the company. The terms of the settlement permanently bar Network Solutions from misrepresenting that a consumer's domain name is about to expire or that the transfer of a domain name is actually a renewal. The order also requires the defendant to pay consumer redress pursuant to the terms of a previously settled class action lawsuit."

ariehk writes "As of today, Osirusoft, distributer of the SPEWS and open relay blocklists, among others, is no longer operational. Servers using these lists (including the FTC) are currently rejecting ALL email. This shutdown seems to be in response to a several-week-long DDoS attack on Osirusoft, SPEWS and others, resulting in both sites being down. This has caused much discussion on n.a.n-a.e, including the suggestion that the attack is somehow related to the SoBig worm. The spammers must be hurting if they can devote these kinds of resources to attacking blocklists." Read on below a related submission.

NSXDavid writes "Earlier today our site mysteriously ended up on Joe Jared's Osirusoft SPAM blacklist which is used by lots of antispam software (like SpamAssassin and sendmail). Since he is currently under a serious DDoS attack, there was no way to appeal this decision. We contacted Mr. Jared by phone who informed us that 'everyone needs to stop using Osirusoft and that he's going to be shutting the service down.' Then he says he's going to blacklist 'the world' (aka, ban *.*.*.*) to get his point across. Later on this evening, he apparently went ahead and did just that. Succumbing to lawsuits and DDoS, a once great blacklist is dead. SpamAssassin is removing it from their config in the next release (rc3) and email admins around the globe are reconfiguring their mail servers."

prockcore writes "The National Do Not Call Registry is up and running. Sign up so most telemarketers cannot call you starting October 1st. There are exemptions though, like for charities and political organizations." Note that many of the states which have opened their own registries will be sharing that data with the national list, so you may not have to re-register - check and see what your state is doing.

tbase writes "AdAge.com has an article about the new FTC "Do-Not-Call" List which will be opening for registrations earlier than previously announced. The FTC Press Release says online registration will be available "on or around July 1." and that "Companies will face an $11,000 fine for each telemarketing call that violates the FTC's new consumer-protection provisions.""

tbase writes "AdAge.com has an article about the new FTC "Do-Not-Call" List which will be opening for registrations earlier than previously announced. The FTC Press Release says online registration will be available "on or around July 1." and that "Companies will face an $11,000 fine for each telemarketing call that violates the FTC's new consumer-protection provisions.""

HighOrbit writes "Cnet reports on news.com.com that The U.S. Federal Trade Commission, several state Attorneys General, and Australia, Canada and Japan are sending this letter (pdf) to operators of open relay mail servers to educate them on the dangers of open relays and how they help spread spam. Although the letter does not threaten direct law enforcement action, it does let open relayers know that they have been noticed and warned. The threat of being blacklisted has not worked yet, so will this finally convince mail server admins to shut down those open relays?"

kiwimate writes "According to this press release, the state of Virginia has just passed a statute making 'the worst, most egregious and fraudulent kinds of spam' legally actionable. And yes, this includes header forging. The article reads like a big AOL PR piece in some places -- the VA governor led the signing at the AOL HQ in Dulles. The story also states this comes on the eve of the first-ever FTC forum on spam in Washington D.C." The FTC also made the insightful discovery that most spam is fraudulent in some fashion.

linuxwrangler writes "In preparation for the national do not call registry, California's Attorney General has established a pre-registration site for California residents. Based on how slow the site already is, this is going to be one popular program. The AG's announcement also mentions that they have shut down some scam sites offering do-not-call registration so caveat emptor. Are any other states offering similar services?"

Marasmus writes "CNN is reporting that memory-chip maker Rambus has been found guilty of destroying evidence which was 'critical' to the anti-trust case brought by the U.S. government. Interestingly, the Judge has denied the FTC's request to move on to the penalty phase of the trial. Destruction of evidence in an anti-trust case normally yields a forfeiture of trial, but Rambus 'will have the burden of proving its innocence" instead.'

Slashback updates and clarifications regarding recent posts on CodeCon, the rumored takeover of Vivendi by Microsoft, SDF, DDoS and NWLink (and IRC and AUPs), and more. Read on for the details, I'm out of letters.

"Uhh ... isn't this the 'Slammer'?" An anonymous reader writes "According to the BBC, two people suspected of creating the Slammer worm have been arrested in a combined operation by the FBI and the UK's National Hi-Tech Crime Unit. The raids in the UK resulted in the seizure of two men, aged 19 and 21, accused of being members of a hacker group that calls itself THr34t-Krew."

Gather together, hoist a few drinks. We've made a few mentions of this year's CodeCon; Len Sassaman writes "The schedule for CodeCon 2.0 is now online. CodeCon is already starting to get some media attention. There's less than two weeks left to register at the reduced rate, and conference seats are filling up quickly.If this conference is anything like its predecessor, expect to see some of the most interesting new technology of the coming year discussed."

And a slightly different type of gathering: Tony Stanco writes: "The agenda is up for the March 17-19 Open Source in Government conference and the free registration is now open. Please see www.eGovOS.org.

It promises to be another educational and exciting event with over 120 sessions and the keynote from the White House. Even Microsoft is trying to directly engage the community at this conference."

On the count of three, everyone shrug at once. In January, I posted a link ("far from confirmed") about the possibility that Microsoft would buy Vivendi. Now, Yagdrasil writes "USA today is reporting that the Microsoft buyout of Vivendi's game division (which includes Blizzard) was a hoax. It looks like the hoax originated from a student at Purdue."

But the EOLs are nearly upon us! Flee! Wister285 writes "Mandrake announced that they are going to stop updating the packages of 'legacy products.' It seems as though they took their cue from Red Hat and their continuing financial problems. I was a little surprised though about how short the support periods will be. Mandrake 9.0 will be considered obsolete September 30, 2003 (for desktop) and March 31, 2004 (for the base). This brings up two questions. First of all, do distros release too often thus creating too many versions to maintain? Secondly, how much faith do you have in the upgrade feature of install?"

I hope it features a dunk tank and some perpetrators. The ongoing war on spam continues; here's your chance to influence its direction (or at least to hear about what's going on in that sphere), even if you missed the conference at MIT. wayne writes "The Federal Trade Commission (FTC) announced today that they will be holding a three day public SPAM workshop in the end of April. I wonder if they will get an overflow crowd they way the MIT SPAM conference did. I hope they also make streaming video available."

Bandwidth is expensive. ndogg writes "NWLink.com has posted a response to the events that have happened in regards to SDF. In short, they say that they support SDF and what it is doing, however, the DDoS attack over the last three weeks has been costing them a lot of money."

fonixmunkee puts it differently: "The message is an interesting read, to say the least. instead of working the issue, NWLink's apparent (unofficial) solution to combating DDoS'es is to simply terminate the subscriber's connection. with all the slammer worms & Code Reds nowadays, NWLink should have no more customers left in about 2 years."

Legal liability is expensive, too. Tom Allender writes "irc-chat.net has announced a more restrictive Acceptable Use Policy after being contacted by the MPAA. They also refer to DALnets AUP changes mentioned here recently."

Slashback updates and clarifications regarding recent posts on CodeCon, the rumored takeover of Vivendi by Microsoft, SDF, DDoS and NWLink (and IRC and AUPs), and more. Read on for the details, I'm out of letters.

"Uhh ... isn't this the 'Slammer'?" An anonymous reader writes "According to the BBC, two people suspected of creating the Slammer worm have been arrested in a combined operation by the FBI and the UK's National Hi-Tech Crime Unit. The raids in the UK resulted in the seizure of two men, aged 19 and 21, accused of being members of a hacker group that calls itself THr34t-Krew."

Gather together, hoist a few drinks. We've made a few mentions of this year's CodeCon; Len Sassaman writes "The schedule for CodeCon 2.0 is now online. CodeCon is already starting to get some media attention. There's less than two weeks left to register at the reduced rate, and conference seats are filling up quickly.If this conference is anything like its predecessor, expect to see some of the most interesting new technology of the coming year discussed."

And a slightly different type of gathering: Tony Stanco writes: "The agenda is up for the March 17-19 Open Source in Government conference and the free registration is now open. Please see www.eGovOS.org.

It promises to be another educational and exciting event with over 120 sessions and the keynote from the White House. Even Microsoft is trying to directly engage the community at this conference."

On the count of three, everyone shrug at once. In January, I posted a link ("far from confirmed") about the possibility that Microsoft would buy Vivendi. Now, Yagdrasil writes "USA today is reporting that the Microsoft buyout of Vivendi's game division (which includes Blizzard) was a hoax. It looks like the hoax originated from a student at Purdue."

But the EOLs are nearly upon us! Flee! Wister285 writes "Mandrake announced that they are going to stop updating the packages of 'legacy products.' It seems as though they took their cue from Red Hat and their continuing financial problems. I was a little surprised though about how short the support periods will be. Mandrake 9.0 will be considered obsolete September 30, 2003 (for desktop) and March 31, 2004 (for the base). This brings up two questions. First of all, do distros release too often thus creating too many versions to maintain? Secondly, how much faith do you have in the upgrade feature of install?"

I hope it features a dunk tank and some perpetrators. The ongoing war on spam continues; here's your chance to influence its direction (or at least to hear about what's going on in that sphere), even if you missed the conference at MIT. wayne writes "The Federal Trade Commission (FTC) announced today that they will be holding a three day public SPAM workshop in the end of April. I wonder if they will get an overflow crowd they way the MIT SPAM conference did. I hope they also make streaming video available."

Bandwidth is expensive. ndogg writes "NWLink.com has posted a response to the events that have happened in regards to SDF. In short, they say that they support SDF and what it is doing, however, the DDoS attack over the last three weeks has been costing them a lot of money."

fonixmunkee puts it differently: "The message is an interesting read, to say the least. instead of working the issue, NWLink's apparent (unofficial) solution to combating DDoS'es is to simply terminate the subscriber's connection. with all the slammer worms & Code Reds nowadays, NWLink should have no more customers left in about 2 years."

Legal liability is expensive, too. Tom Allender writes "irc-chat.net has announced a more restrictive Acceptable Use Policy after being contacted by the MPAA. They also refer to DALnets AUP changes mentioned here recently."

TamMan2000 writes "This story over at Yahoo makes it look like the federal government is going after some spammers with gusto... Although they seem to be busting them for fraud via spam rather than just the fact that they spam, it is still good to see them going after them. Also interesting, it looks like one of the things they are nailing them for is the fraudulent 'remove me from your mailing list' that actually brings more spam."

fadden writes: "I recently started blocking IP addresses in China and Korea that were sending me spam. Instead of a blanket ban, I only blocked the subnets from which spam was being sent. After my first week of scanning and banning, I wrote up a report on the effectiveness of the blocks." In related news, SSKennel adds that: "The U.S. Federal Trade Commission has discovered (prepare to be amazed!) that revealing your email address in chat rooms can get you spammed. It claims to have taken action against spammers who harvest email addresses and use them to send fraudulent spam." Shocker!

fadden writes: "I recently started blocking IP addresses in China and Korea that were sending me spam. Instead of a blanket ban, I only blocked the subnets from which spam was being sent. After my first week of scanning and banning, I wrote up a report on the effectiveness of the blocks." In related news, SSKennel adds that: "The U.S. Federal Trade Commission has discovered (prepare to be amazed!) that revealing your email address in chat rooms can get you spammed. It claims to have taken action against spammers who harvest email addresses and use them to send fraudulent spam." Shocker!

maitas writes " Acording to this article, now any developer can GPL'd his Java implementation. Can't wait to see C# go the same path..."