AT&T Announces Plans to Filter Copyright Content

An anonymous reader writes "The LA Times reports that AT&T has announced plans to work with the Hollywood movie studios and major recording labels to implement new content filtering systems on their network. The plans raise many troubling legal issues including privacy concerns, false positive filtering, and liability for failure to filter."

Oh good...

I was wondering when they were going to give up their common carrier status. Now they can all go to jail for monopoly!

Re:Ouch.

[AKAImBatman]

Yeah, I don't get that either. They can have the absolute best filtering software in the world, and it will all go tits up the moment the client encrypts his communications. The users will continue to swap pirated material, and AT&T will find itself on the legal hook for it.

I mean, how stupid can you get?

It'll be neat...

... when AT+T takes down an iTMS download of a purchased movie for being a copy. Which, of course, it would be. Merely one being paid for correctly.

Dinosaur Managers: Please Retire!

[Futurepower(R)]

We need to wait for all those dinosaur top managers to retire.

Practically every business I know is managed by someone who started managing before the personal computer revolution. It surprises me, but in more than a decade they don't seem to have learned anything. They hit blindly without understanding what they are doing, or even caring what they are doing.

We are seeing in our culture HUGE disrespect for technically knowledgeable people. The wild imaginings of someone who knows nothing are considered better than the counsel of those who have learned how things work.

Re:Dinosaur Managers: Please Retire!

[drinkypoo]

We are seeing in our culture HUGE disrespect for technically knowledgeable people. The wild imaginings of someone who knows nothing are considered better than the counsel of those who have learned how things work.

We're talking about a culturally pervasive issue, though. Although I hate to bring it into a discussion here for various obvious reasons, Al Gore's Truth movie raises this point quite significantly. We have nothing but contempt for the only people actually qualified to make decisions on a scientific basis in this country.

Frankly, I blame this on religion, which has a stranglehold on many aspects of our existence here.

SSL For All My Friends!

[Doc+Ruby]

If Firefox and Apache both made HTTPS their default protocol instead of HTTP, AT&T wouldn't be able to invade any of our private traffic that happens to get routed over their WANs. Then they'd have only their Net Doublecharge, preferential routing between IPs paying their extortion fees, to work against us, and that gambit will likely get killed by the government that otherwise protects AT&T's resurgent monopoly.

If we act now, while we still can, before AT&T and their telco/cableco cartel shuts us down.

Re:SSL For All My Friends!

[Blakey+Rat]

If we act now, while we still can, before AT&T and their telco/cableco cartel shuts us down.

We're almost convinced, but I think we need a few more random bold tags before it can happen...

Re:SSL For All My Friends!

[ortholattice]

This is not correct. You can have your own private certificate server on the same server as Apache is on, and a man-in-the-middle attack will not work. The only problem is that it is a nuisance for the user to click through the "Accept this certificate" screen, but the user only has to do it once.

How do you think SSH works? There is no third-party certificate server, and man-in-the-middle certainly can't defeat it.

To install a private certificate server under Apache is trivial; see for example my post. (On Windows, it is a little more complex, as that post indicates.)

The purpose of the third-party certificate is to provide some degree of trust that you are going to the web site you think you are, so that you can have some confidence that you aren't submitting your credit card number to an imposter. If all you are interested in is encryption and the prevention of man-in-the-middle interception, SSL with a private certificate server will work fine. The encryption is accomplished via public key cryptography, which allows you to exchange the private key used for the encrypted session. A third party is not required for public key cryptography to work.

Won't work.

[serviscope_minor]

It won't work. If they block P2P, people will use a different port. If they search traffic for P2P, people will use encryption. If they look at traffic analysis, people will figure out how to disguise traffic patterns. And so on.

And by people, I mean that a few clever hackers will implement it and everyone will just use it (kind of like bittorrent).

Of course, they could start by blocking youtube... that'll make them really popular.

Well, the figure for losses about bootlegs I can kind of believe. After all you have to pay cash for a bootleg, and that is real money which isn't going to the copyright holder. The figure for online piracy seems like one of those bogus ones. It is only a loss if the person would otherwise have paid. I doubt that they have a good way of measuring that.

And finally, can we PLEASE get some accuracy in the titles. Everything (bar public domain) is under copyright. If they filtered out copyright content, there would be nothing left for the customers. How would they even find the public domain content without any search engine's copyrighted front (and filtered) page?

Re:Ouch.

[ScrewMaster]

As I understand it, the telcos aren't common-carriers with regards to so-called "data services" anyway, so they can perfectly well get away with this. Granted the distinction between a voice service and a data service is technologically non-existent anymore, but from a legal perspective it's still very important (as it happens, I have AT&T's Callvantage VoIP service at home ... which set of laws would apply to AT&T in the case?) That's part of the law that does need to be changed, I think.

Now, whether or not they'll have many customers when it's all over is another story. The moment my ISP starts making decisions for me about what I can and cannot download is the day I find another provider. If there aren't any other providers, then I'm going to drive to Washington, D.C. (probably none of us will be able to actually board aircraft at that point), grab Orrin Hatch and a few other select Congresspeople by their lapels and shake some sense into them.

What's amazing about this is the level of influence the media companies are able to wield, in both the government and private sectors. Honestly, they must have some part of their organization whose only job it is to dig up dirt on Congressmen and corporate CEOs. Otherwise I can't see why AT&T would just roll over on this.

Re:Ouch.

[daeg]

Exactly. By the time AT&T gets anywhere with filtering, BitTorrent clients will come with encryption enabled by default and will all select a random set of ports.

Is AT&T suggesting they can somehow go up against an encrypted, data-heavy connection using random ports? Or even well-known ports like 443? You can't very well just block long transfers, either. If you do that, P2P clients will be programmed to cycle connections, only transmitting one MB or such per connection before resetting.

Best to build for the capacity you sell to your users. If you can't handle what you sold, downgrade their plans, raise prices, or install new lines.

I'm not for piracy at all, but the ISPs should stay out of criminal and civil matters altogether until they have a public order from a judge instructing them otherwise.

ISPs are not common carriers.

ISPs are not common carriers. There is a difference between voice and data, according to (stupid) law.

Re:So much for my business

[omeomi]

I had been considering switching from Comcast to AT&T as soon as DSL became available at my house... so much for that idea.

Talk about a choice between Giant Douchebag and Turd Sandwich...

Re:Ouch.

[kimvette]

This will render ecommerce impossible, and I'm sure that if they go to that extent, they'll block VPN and ssh, which will make a home internet connection useful only for instant messaging, viewing porn, and arguing endlessly on slashdot. ;)

Encrypt everything

[Harmonious+Botch]

They can have the absolute best filtering software in the world, and it will all go tits up the moment the client encrypts his communications Yes, P is right. Now we should start writing free, low-strength, fast encrytion/decryption software. Nothing that requires the NSA to break, but just enough to make it economically impractical for ATT to decrypt.

Re:Encrypt everything

[Phil+Karn]

Why write low-strength encryption software when high-strength software already exists and is plenty fast? Why do people just assume that high-strength cryptography has to be unacceptably slow?

For years I've routinely encrypted as much of my communications as I can (e.g., when I control both ends of the connection) and the overhead is completely invisible.

Re:Encrypt everything

[FraterNLST]

Can't you see how depressing this kind of reasoning is? That you - hell, we, my country is no better - live in a place where your first thought is "despite the perfectly good, high strength, fast encryption we've got, lets make a dodgy kludge one to avoid confrontation with the government." In a true democracy, the government is an extension, a physical manifestation, of the will of the people. There should never be a situation where the people have to make concessions to the government. Of course, if the majority of people were against encryption, that would be a different matter. And might even happen, as the current world governments wield the word terrorist like a weapon and steal liberties in the name of security, whilst the masses applaud. And, this argument assumes that America is a true democracy, which is quite laughable, but an entirely different discussion.

Re:Ouch.

[tx_kanuck]

what are you talking about? We don't endlessly argue on slashdot!!! Everything here is nice and polite.

Do we really need more laws?

[Nymz]

Unless you believe that companies (AT&T, Google, MS) and government agencies (Big Brother) have a right to listen in on every conversation you have, review every site you visit, and examine every transaction you make, then either don't let them or stop complaining.

Instead of sending everything by postcard, send everything by envelope (encrypted), and stop expecting every lawyer, politician, company, government agency, and identity thief to respect your privacy.

So I'd better make other plans

[overshoot]

to get my holiday movies from North Africa to my relatives on NewATT?

I'm guessing they're not going to like a file transfer of casablanca.mov

Try Again

I think you meant to say, "Everything here is nice and polite, jackass."

piratebay blocked

[seven+of+five]

I wasn't looking for anything in particular, but when I put the url of piratebay in my browser a blocking service page came up. First time I saw anything like this. I get DSL in Chicago thru, I guess it's AT&T now...

This is all well and good if it's like a parental control thing but I'm a 50 year old paying customer and I'm not used to getting flipped off by my ISP. I suppose I should be looking over my shoulder.

AT&T is NOT AT&T, it is SBC.

[Futurepower(R)]

AT&T is not AT&T now, because the name was sold to an abusive west coast telephone company named SBC.

My understanding is that everything else of value in the original AT&T was sold piece-by-piece, and SBC bought mostly just the name. My understanding is that the SBC trademark was worse than useless because the company is so abusive. So, the managers bought another name.

Apparently, for $16 Billion SBC got AT&T's VOIP customers, and the AT&T name.

AT&T's VOIP customers were Sheila and Gerald Funk, who have since moved to Elbonia. Wait... That last sentence my contain an error.

So, what we are seeing is SBC mismanagement under a new name. Soon just saying the name AT&T will cause people to become upset.

Communications Decency Act Section 230

[michaelmalak]

AT&T may not be a "Common Carrier" with respect to data, but it is (was) provided immunity by Section 230 of the Communications Decency Act:

No provider or user of an interactive computer service shall be treated as the publisher or speaker of any information provided by another information content provider.

In analyzing the availability of the immunity offered by this provision, courts generally apply a three-prong test. A defendant must satisfy each of the three prongs to gain the benefit of the immunity:

1. The defendant must be a "provider or user" of an "interactive computer service."
2. The cause of action asserted by the plaintiff must "treat" the defendant "as the publisher or speaker" of the harmful information at issue.
3. The information must be "provided by another information content provider," i.e., the defendant must not be the "information content provider" of the harmful information at issue.

Re:Communications Decency Act Section 230

[Dread+Pirate+Skippy]

It seems to me to be more along the lines of, there's no real legal need for AT&T to do this, as they're already immune to prosecution by copyright holders if users transmit copyrighted information across their networks. Thus, the only reason they would have to implement something like this involves the crisp, green lining in their pockets getting a bit thicker.

But IANAL either, so the cycle of speculation continues.

How do you really detect in real time?

[maxwells_deamon]

Real time is the KEY here. They promise to block and not to just detect.

Sure, you can detect ssh, etc, known protocals and block them.

But if today the server encripted an MP3 file with rot13 no computer would automatically detect it as an mp3. And tomarow they just do it different. Tomarrow they make a jpg out of it. Change the extention and Bob's your uncle.

An application is written that everytime it starts it downloads a plugin with todays encription standard. There is no way they could even think of keeping up without breaking things for there customers on a daily basis.

Re:Ouch.

[aztracker1]

Well, given block/chunk size in bittorrent clients, they should recover from any sporadic disconnects after 1-2 blocks are transferred, will have an increased overhead in terms of new connections, but should still work... I also have to agree that AT&T should stay out of content blocking... I know that if I hosted britney_spears.mp3, which turned out to be a commentary file, and it was blocked, I might have something to sue about... AT&T is opening a can of worms on the legitimate side alone.. I know for a fact I wouldn't use AT&T for services before, let alone now.

Re:Fairly easy to by-pass filtering

[Phil+Karn]

It's not that difficult to exchange symmetrical keys using an asymmetrical encryption method.

Indeed. When I read the documents on the passive optical splitters that AT&T installed for the NSA, it became utterly obvious to me that those of us who developed the present generation of Internet encryption protocols in the 1990s (and I'm one of them) made a big mistake. We were too concerned about major-league threats like active man-in-the-middle attacks and not concerned enough about simple, transparent and totally automatic encryption that would still be 100% effective against passive eavesdropping. Our existing crypto protocols generally require a heavy-duty public-key infrastructure and administrator or user action to generate those keys and get them signed. Most people don't bother, so they just operate in the clear. Had we standardized a simple unkeyed Diffie-Hellman exchange as the starting default with signatures as an option, we could have stopped this kind of massive dragnet eavesdropping in its tracks.

I still think one of the most brilliant developments in practical cryptography was SSH. The idea of simply caching the public key on the first connection and checking to see if it has changed on later connections is vulnerable to a man-in-the-middle attack on that very first connection, but it still solves 99% of the problem with 1% of the effort. That's the proper model for any new effort to routinely encrypt everything, all the time, to make the haystacks as big as we can.

Re:Loss of Common Carrier Status? Why?

[Phil+Karn]

Spam filters like Spamassassin actually work remarkably well. Why? Because spam recipients, by definition, are unwilling. The users, filter maintainers, blacklist operators, ISPs and sometimes even the government are all willing to cooperate to a common goal.

It's an entirely different story when you have two resourceful parties who want to communicate and will deploy all sorts of resourceful defenses and countermeasures -- starting with end-to-end encryption -- to ensure that they can continue to communicate. Stopping spam is absolutely trivial by comparison.

Odd thought

[nehumanuscrede]

The article doesn't mention AT&T as an ISP. It merely states they plan on filtering this content as it runs across their network. Well, the bad news is that most ISP data in the US traverses the AT&T network in the form of optical longhaul systems ( Read that Sonet ) at some point in it's journey. Your ISP leases lines from Company X who, in turn, leases their lines from AT&T. Is similar to when your WoW session is hit with a lag storm and you start yelling at your ISP to ' FIX YOUR SH*T ', when it's actually an optical level issue on lines owned by someone else that is taking the data longhaul across the country. Sprint, AT&T, whatever ) Given the technology that allowed the NSA to split the optical signal so they could watch traffic, I wonder if they're considering applying their ' filtering ' technology in the same manner. In other words, would they act as big brother over all the data packets that travel ' their ' pipes and filter anything they feel is necessary ?

Re:Ouch.

[DragonWriter]

The safe harbor provision of the DMCA applicable to carriers (there are different provisions for hosts and caches) requires, in part, that, for its protection to be available, that the "transmission, routing, provision of connections, or storage" of material be carried out "without selection of the material by the service provider". (17 U.S.C. Sec. 512(a)(2))

I don't know if there is any case law yet on this, but at first blush it would seem that the more selectivity the carrier applies to what content is allowed and what is blocked, the less clear it is that they are within the protection of the safe harbor. And while it might seem paradoxical that the carrier could become more liable for copyright infringement for blocking some infringing materials, there is a good reason for this—it makes a carrier choose whether it wants copyright to be the responsibility of the users (and thus, it is "hands off"), or whether it wants to seek the potential rewards (in terms of favorable details with copyright holders to monitor and enforce) along with the potential costs (in terms of liability to those whose rights are violated despite the carrier's intervention) of taking a "hands on" policy.

Re:Ouch.

[PopeRatzo]

(T)hey'll block VPN and ssh, which will make a home internet connection useful only for instant messaging, viewing porn, and arguing endlessly

Bingo. That's the whole idea. This internet thing has been nothing but a headache to those in power anyway. You get foul-mouthed hippie bloggers who say bad things about our sainted politicians, you have web sites that actually help people find the lowest prices on products, and there are even ways for people on the internet to send messages that are hard to eavesdrop. We can't have that, now, can we?

The ideal internet for the people who run things would be a place where people shop, watch movies and TV (but only what they pay for) and buy songs from iTunes and msTunes and sonyTunes and warnerTunes. It's OK for folks to talk to one another, as long as they do it over a clear channel (say!) and they can post pictures of their dogs and babies but not police beating protesters or (God forbid!) that troublemaker Michael Moore.

Once this mess of an internet gets straightened out, people will have all the freedom they could want, as long as it's within these reasonable parameters.

Oh, I forgot: THE CHILDREN! THE CHILDREN!

Clearly not thinking...

[FellowConspirator]

Every post on Slashdot is copyrighted -- it's a creative form of expression in a fixed medium (namely bits on a disk somewhere). Yet here they are... How can that be? It's because the posters are granting a public license to view their work, implicitly by placing it in a public forum.

The fact of the matter is that the vast majority of the content flowing through AT&T's networks are copyrighted. It's not sufficient that a work is copyrighted, but rather that the exchange itself is a violation of copyright. But how can the computer know? If you have a license to the work through some asset purchase, it's not infringing; if you have a license agreement that grants certain rights to obtain/distribute copies, it's not infringement; if you are using the content for academic research, the purpose of criticism, or in parody, it's not infringing. So, how is their computer system to know, a priori, of the legal arrangements, or your intent to use a work? What if you live in a jurisdiction that doesn't recognize the copyright (e.g., it may be public domain because the copyright expired in your jurisdiction).

The point is that it's technically not feasible to police copyrights. AT&T may be inerefering with network traffic on behalf of a third party for fun and profit, but they are most certainly not protecting copyrights. It's a little disingenuous.

Re:Ouch.

[Perseid]

Because there is no money to be made by saving the children.