Looking back at the dajaz1.com case, and related issues

Some time ago, I wrote about the improper seizure of the domain dajaz1.com, which was at the time a legitimate blog (whether or not it’s about music is, of course, up to debate). I had not followed up on this story immediately after its resolution, but after finding out that the records were finally unsealed motivated me to write a somewhat belated retrospective. The actual website at dajaz1.com is of course long gone, a victim of the lengthy period of time during which it was offline (over a year).

Whether or not I agree or identify with the content that is/was on dajaz1.com is immaterial. I still consider it absolutely outrageous that this was allowed to happen in the US, with (as far as I know) zero compensation paid to the owners of the domain for the time they were unable to use it. On a popular website, a year’s worth of advertising revenue can easily pay for not only the website itself but a good chunk of the personal expenses of the owners, and in some cases quite a bit more than that, to the point where the owner need not have a real “9 to 5” type of job.

There is no getting around it: the government basically robbed the domain’s owners, and then over a year later, said “oops, we slipped” and gave the domain back. By then, of course, dajaz1.com’s original audience was long gone and the domain was effectively worthless. It’s not unlike stealing a car (for the sake of argument, an exotic like a Lamborghini) and letting it sit somewhere in the sun for around a year without driving it, before giving it back to its rightful owners; sure, they have the car back. But how much is it going to cost to get it running again? How much value have the rightful owners lost?

It’s the same here. When dajaz1.com is up and running again, it will be a huge undertaking to rebuild the site to what it was. This would have been the case even if the website’s owners had been able to do so the moment they got the domain back.

Anyhow, on to other related matters. Three years ago today (on 2013-04-05), the documents related to the dajaz1.com seizure were unsealed. Some time after that, The Electronic Frontier Foundation published the documents from the dajaz1.com case for everyone to look over. I have made these documents available on BitTorrent as well, mainly for ease of downloading. I have also prepared a new page on BitTorrent for those new to it, with recommendations on software and configuration, as I expect to be making documentation related to other posts available this way as well.

(Sidenote: Originally when I downloaded the files from EFF.org, they all came up inside the browser and I had to save them individually. I didn’t realize the PDF link next to each one allowed saving to disk easily for offline viewing. I am keeping the torrent online though, just in case some might prefer that method.)

Finally, notice I said when dajaz1.com is up and running again? I looked at what was there just out of curiosity, and I found this:

Dajaz1.com is being relaunched 05-1-2016

Just on principle, this is good news. Once the site is back online, the good guys will have finally won this one.

[Edit 2023-10-13: Update BitTorrent magnet link to reflect new hybrid (v1/v2) torrent]

Wireless phone companies tossing customer privacy with long retention periods

A recent story on rawstory.com highlights the rather disturbing and frightening data retention policies of two major phone carriers. Verizon and Virgin Mobile both keep the content of text messages after they are sent; the former for a mere “3 to 5 days”, but Virgin Mobile keeps around text message content for a staggering 90 days (but thankfully requires a search warrant for law enforcement agencies to get copies).

The story links this chart from the Department of Justice obtained by the ACLU. The numbers that texts are sent to and received from is one thing, but those shouldn’t even be kept for longer than is necessary to resolve billing disputes.

Also quite horrifying, is the length of time cell tower information is kept by certain carriers. Perhaps the worst offender here is AT&T, which merely states “from July 2008” and has no upper end on how long they will keep the information such as one year, two years, three years, five years, etc. Ideally, this information should not normally be kept beyond, say, a week up to a month, maybe longer when absolutely necessary for the express purpose of troubleshooting (such as while repairing a tower that drops a statistically significant number of calls higher than average), and securely deleted as soon as it’s no longer needed.

Perhaps the worst part of this story is that each company appears to have one area in which they are keeping certain records way too long, undermining most attempts to preserve privacy by switching companies. AT&T hangs on to store surveillance videos for 2 months, clearly not necessary if T-Mobile only keeps them two weeks (and then there’s Sprint, who doesn’t reassure me at all with their “depends” response, which could mean they’re buying hard drives every year to archive surveillance video indefinitely). Sprint (including Nextel and Virgin Mobile) keep call detail information the longest, and have no upper end on subscriber information retention (scary, as I was once a Sprint customer). Verizon keeps IP session information for a whole year, and IP destination information for 90 days, while Sprint keeps both for 60 days; however, it’s clearly not necessary to keep either if AT&T, T-Mobile, and Virgin Mobile don’t keep that information at all.

In response to receiving this document, ACLU affiliates in 32 states filed requests for information with local law enforcement agencies seeking to uncover exactly how they are using this information to track Americans. Unfortunately, Texas is not one of those states, and I am trying to find out why.

If there are legal minimum requirements for keeping information, that’s one thing. However, companies need to be held accountable when they make record retention decisions that have a potentially deleterious effect on customer privacy. Judging by the diverse range of record retention times, there appear to be no legal minimums for many categories. If anything, in the age where landline use is seen as antiquated, the laws should be revised to protect the privacy of wireless phone subscribers.

I will likely be following up with the most interesting parts of what the ACLU and ACLU affiliates find out regarding their requests for information, as well as what I find out, if anything, regarding Texas. It may not be for several months, though I will endeavor to post incremental followups if I uncover something particularly important or interesting.

Ticketed for cussing?

Wow. My understanding of the First Amendment with regard to profanity was recently challenged. I’m glad to see that at least the ACLU sides with me.

Law.com’s recent article explains the happenings in Pennsylvania where apparently there has been a rash of state troopers citing or even arresting citizens for disorderly conduct, including a pizza delivery driver who had to take off an entire day without pay to defend himself against the bogus charge.

[ACLU legal fellow Marieke] Tuthill said disorderly conduct charges for use of profanity have become common in Pennsylvania despite being routinely rejected and condemned by the courts. The suits allege that use of language that is “merely profane” and “not obscene” is protected by the First Amendment, and that criminal charges of any sort for the use of mere profanity therefore violate free speech rights.

It’s not surprising to me at all to see the ACLU’s Pennsylvania chapter has their hands full with this kind of thing. This is a classic case of “badge-itis” and an example where cops are at least nominally above the law, their badge becoming a “get away with it” card. I wonder how many cited for this so-called “disorderly” conduct are police officers? Probably none. I defy you to watch more than ten episodes of the TV show “Cops” or a similar reality-based show involving police officers without hearing one word from a cop beeped out. (While it’s probably possible to find ten such episodes, it would involve quite selective viewing habits.)

I do keep my three blogs profanity-free; this blog is the only one of the three that would be anywhere near likely to contain saltier language on occasion, and I still keep it clean as a matter of personal taste. The same cannot always be said of my Twitter stream and my Facebook feed. I’ll admit it; I can have quite the penchant for profanity. If this biases my perspective, so be it. But please remember, life is not a G-rated Disney movie!

I’d rather see cops writing speeding tickets for a known underposted stretch of road than writing tickets for swearing under the guise of “disorderly conduct.” And that says a lot, given I know a lot of speed limits are underposted on purpose.