There is nothing against the law about photographing federal buildings from public property. And yet, there have been plenty of stories about security guards and law enforcement trying to block photographers from taking those shots. There have been stories of seized cameras, demands to delete photos, etc., and the usual defense is that they’re just “protecting against terrorism.” However, after a settlement in a lawsuit concerning a guy who was arrested for videotaping outside the Federal courthouse in NY, Homeland Security has issued a notice to federal employees not to disrupt the photographing of federal buildings. An excerpt from the now released document (which is fully embedded below):

For properties under the protective jurisdiction of FPS, there are currently no general security regulations prohibiting exterior photography of any federally owned or leased building, absent a written local rule or regulation established by a Court Security Committee or Facility Security Committee. Furthermore, it is important to understand that this regulation does not prohibit photography by individuals of the exterior of federally owned or leased facilities from publicly accessible spaces such as streets, sidewalks, parks and plazas…. Absent reasonable suspicion or probable cause, law enforcement and security personnel and (sic) must allow individuals to photograph the exterior of federally owned or leased facilities from publicly accessible space.

The report does say they can go speak to the photographer to determine the purpose of the photography if they believe it’s warranted. However, unless they establish a higher bar of suspicion, they need to allow the photography to continue. They also are not allowed to seize cameras and cannot demand that a photographer delete the contents of the camera.

Permalink | Comments | Email This Story





&partnerID=167&key=segment”/> .8626,cat.TechBiz
.rss”/>

Techdirt Mike Masnick

Okay, maybe I’m being a bit sarcastic with the title.  But according to a recent article and study (i.e., the Sophos Security Threat Report), spam, phishing, and malware attacks on social networking sites doubled from 2009 to 2010.  Not surprisingly, identity theft and third party use of personal information were primary goals of cybercriminals.

This is hardly shocking and it wouldn’t be surprising if these numbers doubled again from 2010 to 2011 given the increasing importance of social media—for better or worse—in our personal and business lives.  But what do people really expect?  Criminals go where the people are and when Facebook has 600 million users, that’s a big crowd to fleece.  And criminals can do so in the comfort of their own homes and in foreign countries knowing full well that their chances of getting nabbed are about as likely as Apple stopping production of the iPhone.  What do they really have to lose?

Not surprisingly according to the article, users want sites like Facebook to take stronger security measures.  And while sites can certainly do so in some instances voluntarily, it may take a court ruling (as it often does) to force a company to implement more substantive protections. But first you have to get past those nasty contractual disclaimers that we lawyers put into practically all user agreements about not holding the site liable for almost anything that happens on it:  “Identity theft be damned—so sorry, but it’s just not our problem!” 

Remember when you clicked “I AGREE” on that user agreement?  You can be sure Facebook does, because that’s an enforceable contract in most instances.  (No need to thank us, by the way—the public’s opinion of lawyers is thanks enough!)  Very tough to challenge, but not impossible if the right facts present themselves.  Combined with the right judge, of course.  Sometimes the lottery’s easier to win though.

The fact is that while social media sites have to do more, especially those that operate on the massive scale Facebook does, we have ourselves to blame also.  How much personal information do we really need to disclose about ourselves?  I’ve always believed that less is usually more, but perhaps because I’m over 40 (which is 95 in cyberyears), many young ’uns believe that more is more.  And that even more is still not enough.  I forget:  Does TMI stand for “Too Much Information” or “Too Many Idiots” when we  ”overshare?”  Because cybercriminals count on both meanings to do their dirty work.

Do we really need to tell everyone when we won’t be home, thereby inadvertently notifying criminals when the best time to rob us is?  Or are we so egotistical that we have to “friend” a ton of people so we can brag about how big our network is, only to unwittingly let in unsavory characters? Or to post a lot of personal details until the inevitable privacy breach thereby exposing all of that information to the world—and to sophisticated criminals who can then make use of it in all sorts of ways that decent law-abiding people have never thought of.

I often wonder where the proper practical balance is.  Because if you’re expecting the law to catch up to address some of these informational privacy and security issues, we’ll be on Web 5.0 at that point … and on Cybercriminal 7.0.  And do you really want to be the “test case” anyway?

Sigh.  Although I’m not surprised–especially given this pernicious and false belief that if it’s on the internet then it must be free–it’s been estimated that 43 sites which engage in digital piracy account for about 21 billion visits per year.  That’s roughly 3 times the current population of the Earth.  As an intellectual property attorney, I always find such statistics sobering given the rampant copyright and trademark infringement which occurs on the internet.  Predictable, but sobering nonetheless.  And no doubt the public hates those lawyers who pursue the infinitesimally small percentage of infringers that they’re able to find and sue, let alone actually stop or collect against.  The battle continues!

I’m not sure whether to be amused or upset by this story, but I thought it was worth a quick post.  It seems that a petulant 19 year-old in Florida took the law into his own hands when he was told by a Starbucks customer that he couldn’t use the customer’s laptop to check his Facebook account. 

So what did this genius do?  What anyone would do, of course.  Wait a little while and check his account from home, you ask?  No, that would take too long.  And since we live in a society of instant gratification, he decided to snatch the laptop and run out of Starbucks.  Needless to say, he was apprehended in the parking lot and arrested.  Now he’s been charged with robbery (which is a felony). 

I guess when you need your hit, you need your hit.  And you won’t let something as trivial as the law stand in your way.  Just ask any drug addict.  Is Facebook really that addictive?  I haven’t yet experienced any tremors or nightmares from failing to check my various e-mail accounts, but maybe I’m just not hip enough.

While this guy is clearly an idiot, it does portend ominous things for the future.  Facebook junkies.  Social networking lifers.  Will they have entire wings in drug rehab centers or prisons for people like this?  I know it sounds ridiculous, but with social networking sites like Facebook growing by 4 to 5 million users a week, the power of the medium can’t be underestimated. 

Some people will obviously take it to the extreme.  Some always do, but it does make me wonder.  And I wonder what this guy will do when he can’t check Facebook from his prison cell.  The withdrawal pains may be incapacitating.

In today’s world, where fraud is just a mouse click away, it’s nice to know that every so often the good guys win.  Three international hackers were indicted by the Department of Justice (“DOJ”) last week for trying to steal and sell credit card information from customers of Dave & Buster’s, the popular restaurant/entertainment chain.

According to the indictment, the hackers were able to install “packet sniffers” on many of the company’s servers to copy credit card information as it traveled between restaurants and Dave & Buster’s corporate headquarters in Dallas.  The company detected the intrusion and alerted the authorities, but not before 5,000 credit/debit card numbers were stolen and sold to other criminals to make fraudulent purchases.

One of the foreign hackers was arrested in Miami.  No problem there.  The other two, however, were arrested in the Ukraine and in Germany by those countries’ authorities.  It’s certainly not a done deal yet.  The DOJ is seeking the extradition of the other two, but no word yet whether those efforts will be successful. 

While these sorts of arrests are still few and far between given the magnitude of data theft and online fraud, it’s a start.  The DOJ is obviously taking the problem seriously.  Hopefully, other countries will too and the cooperation will continue.  With any luck, if these hackers are extradited, tried, and found guilty, the court will make an example out of them. 

France once again reminds us how fortunate we are to live in a truly free country, where freedom of speech is often taken for granted.  Apparently, France is in the process of trying to pass a law to ban what it deems to be “pro-anorexia” websites and publications.  The new law would impose jail sentences of 2 to 3 years and impose fines of 30,000 euros ($47,400) to 45,000 euros ($71,100) on anyone who violates the law.  The legal standard is dubious (if not laughable):  ”Incitement to excessive thinness by publicising of any kind.”

According to the French health ministry, 90% of the country’s estimated 30,000 to 40,000 anorexics are young women, who are supposedly under constant pressure from the fashion, advertising, and movie industries to attain unhealthy weight levels.  No one will deny that encouraging young, impressionable girls to starve themselves, vomit, lie to doctors, and take appetite suppressants are bad things.  But the idea of trying to ban and fine websites—and jail the site operators—is a draconian cure that’s worse than the disease. 

And talk about a slippery slope.  What’s next?  How about sites that encourage excessive weight gain? Or consumption of fried foods?  Or excessive exercise (surely that’s killed quite a few people)?  And how does one even define “excessive thinness” anyway, let alone “incitement”?  The French ban doesn’t have quite the same urgency to it as the “incitement to imminent lawless action” standard articulated by the Supreme Court in Brandenburg v. Ohio to ban certain speech in extraordinary situations.  While encouraging anorexia is appalling, it certainly doesn’t rise to the level of mandating censorship.  The French government may be asking the right questions, but it’s getting the wrong answers. 

Of course such a law could never be passed in America.  Or rather, it could never go into effect.  It would be struck down by the courts so quickly on content discrimination, overbreadth, and/or vagueness grounds that the ink wouldn’t have time to dry.  Our democracy subscribes to the “marketplace of ideas” concept which provides that a free exchange of ideas will allow for the creation of the best policies and practices.  Quite simply, the cure for bad speech is good speech—or at least, more speech.  (While our government can curtail advertising for things such as smoking and alcohol, “commercial speech” is subject to some restriction and regulation.)

This isn’t the first time that France has demonstrated its tendency towards censorship.  In November of 2000, a French court ordered Yahoo! to stop selling Nazi memorabilia to French internet shoppers on auction sites due to France’s law that banned incitement of racial hatred.  (The French do like that “incitement” standard, don’t they?) Of course, this is the same country that passed a law banning the use of foreign words on television shows, radio broadcasts, business communications, and public service announcements if the French language had a “suitable local equivalent” which could be used instead.  What chutzpah!  What cojones!  Oh well, c’est la vie . . . .