Chilling Effects
Home Weather Reports Report Receiving a Cease and Desist Notice Search the Database Topics
Sending
Monitoring the legal climate for Internet activity
Chilling Effects
 Chilling Effects Clearinghouse > Weather Reports > Feeling the NSA Chill: Fear, Uncertainty and Doubt. Location: https://www.chillingeffects.org/weather.cgi?WeatherID=805


snowy

Feeling the NSA Chill: Fear, Uncertainty and Doubt.

Adam Holland, September 12, 2013

Abstract: In which we discuss notices that may be in some way questionable, and take a closer look at two recent stories in which the NSA and its interests are invoked as the reason for taking material down.

Although the vast majority of the notices and cease-and-desist requests that Chilling Effects receives are premised on some aspect of law, most notably the provisions of the Digital Millennium Copyright Act, from time to time we do hear about, or obtain a copy of a "notice" or other request to remove online content that isn't framed in traditional terms. These come in a wide range of types.
Sometime the notice is an informal request. E.g.
"Hi, I noticed that you have this content up, which I wish were down for (Reasons). Could you take it down please?"
Depending on the nature of the content, and reasons for which the person asking want it down, it's entirely possible that the informal request could have just as easily have been made according to the DMCA, or referenced possible defamation, or some other appropriate legal framework. Why wasn't it?
Well, sometimes the requester doesn't know about the legal options available to them, like the well-oiled mechanisms of the DMCA. Sometimes, there isn't any legal way in which to compel the removal of the material, so the only hope the requester has is to hope the poster will do it "out of the goodness of their heart." But sometimes the requester just thinks being friendly and informal is the best place to start. If the response isn't the desired one, it's easy to escalate. Needless to say, large institutional rights-holders like music and movie companies don't often bother sending "friendly requests" to take material down. There's nothing in it for them. Far easier to just send the DMCA notice.
Sometimes intermediaries may create procedures where disputes are apparently resolved contractually, without referencing the mechanisms of copyright law at all. And when the law does get invoked, some rights holders do often simply send a demand letter or settlement offer, (with what really looks like no intent to prosecute), because as the old joke has it, if even one in a hundred say yes....
Sometimes there's the "friendly" request to an online entity this episode with Paypal and this one. My suspicion is that Paypal did not take the initiative to do that latter one on its own.

Another often-seen type of non-traditional request to take material down from online is the request that's, for lack of a better word, "disguised" as one of the more established types, most often as a DMCA notice. For example, we have several good examples on Chilling Effects of what appear to be fairly straightforward Trademark claims, but which have been sent, in terms of their formatting and mechanisms, as DMCA notices. Or there's this sort of thing where a URL that doesn't contain any infringing content is lumped in with a long list of those that do, perhaps in hopes that it won't get noticed, and that the DMCA mechanisms are so automatic at this point that the URL will disappear despite there being no real infringement. [As a brief aside, note that not everyone has as much clout or as many resources as Google, and therefore may not be as likely to catch things like this, or to push back if they do catch them.]
Then there's the DMCA request in which the sender knows (or really should) that there are no grounds for sending one. Sometimes they even admit their lawyers told them it wasn't legit! But that's apparently OK, as of September 11, 2013. See also the DMLP on this.

But the most intriguing variety of requests that aren't actually couched in the terms of traditional takedown notices are the ones that purport to be allowed by law, rely on a putative legal authority, or beyond even that, reference real law without invoking it, or claim to rely on some existing law or legal authority without having any actual connection to same. It's not going too far to say that these notices are typically sent primarily as a result of #FUD - Fear, Uncertainty and Doubt. Institutions looking to minimize liability, and individuals seeking to avoid having to exercise judgment are both quick to take what seems like a quick, easy and "safe" way out of potentially controversial situations, often without stopping at all to think about consequences, appropriateness, or our favorite, the Streisand Effect.
In the wake of the past month or so's series of astonishing and chilling revelations about the scope of the NSA's surveillance, it's probably not surprising that there are institutions seeking to hide from the All-Seeing Eye of the NSA panopticon, or at least not call its gaze down upon them.

There are two recent stories that have caught our attention. The first, broken by Kevin Collier at the Daily Dot, involves a Zazzle user, Dan McCall, founder of politically themed T-shirt company Liberty Maniacs. McCall designed some T-shirts featuring the NSA logo. You can see the shirt here"
The NSA is described as "the only part of government that actually listens." and as "peeping while you're sleeping."

Of course, this shirt is obviously parodic/satirical.
If the choice has to be made, we vote satirical, although the distinction is utterly irrelevant for the purposes of a trademark analysis or under the specific law referenced in the later discussion of why the shirt had to come down from Zazzle.
The notice McCall received claimed that not only did the shirt violate Zazzle's acceptable use guidelines ( a by-now familiar theme, see Paypal links above), but that Zazzle had "been contacted by the intellectual property right holder." Note that the rightsholder isn't named. Dubious.
Of course, a reading of 512(c) reveals that strictly speaking, a legitimate DMCA notice does not have to include the name of the ultimate rightsholder. But a quick perusal of our database will reveal that they almost always do. Although it was originally formulated to apply to defamation claims, there's also Ken from Popehat's rule that "Vagueness in legal threats is the hallmark of meritless thuggery."
But if this wasn't bad enough, the story gets even better. When McCall followed up with Zazzle, he was told Zazzle had been "contacted by legal representatives from the National Security Agency, and at their request, have removed the product from the Zazzle Marketplace."
The NSA later gave a statement to the Daily Dot that included this:

The NSA seal is protected by Public Law 86-36, which states that it is not permitted for "...any person to use the initials 'NSA,' the words 'National Security Agency' and the NSA seal without first acquiring written permission from the Director of NSA.”

Whoa. The NSA is getting personally involved. Scary, right?
But government scrutiny aside, re: the logo, this seems pretty straightforward. But can it be that simple?

First, that’s not really the right law. [thanks to The Volokh Conspiracy for pointing this out!] Whoops.
The one the putative NSA missive probably meant to cite is [(50 U.S.C. Section 3613(a), Pub.L. 97-89] which yes, says you can't use the NSA logo. . . in a manner reasonably calculated to convey the impression that such use is approved, endorsed, or authorized by the National Security Agency.
We're pretty sure no one would get that impression from the T-shirt in question, nor was it calculated to give such an impression. So, if the NSA did make this claim, it was bogus. Talk about a chill!
But then, to gild the lily, the NSA soon after sent a second statement to the Daily Dot, which stated

NSA has not sent a cease and desist letter to Zazzle since March 2011 regarding a mug they were selling using the NSA Seal. At any time that NSA is made aware that the NSA Seal is being used without our permission, we will take appropriate actions.

So we're left with the conclusion that either the NSA did this, and for some reason doesn't want to admit it, (frighteningly plausible in the current climate) or that Zazzle, perhaps still spooked (pun intended) from the still-dubious 2011 encounter with the NSA, is proactively policing uses of the NSA logo on Zazzle products. Regardless, it's getting pretty chilly in here. It also, again courtesy of the Daily Dot, came to light on Thursday 9/12 that at least one other Zazzle user has been similarly treated.

The second NSA story is a little more complex. Matthew Green, a Johns Hopkins professor published a great discussion and analysis of the new revelations about the NSA's ability to break crypto. He published it on both his personal blog and on a blog hosted on University servers.
Soon after, he got asked by his Dean to take the post down. (It wasn't the Dean's fault and the university has [spoiler!] since apologized .
OK, so why did the blog post have to come down? Ars Technica did some great reporting, and learned from the University that:

The university received information this morning that Matthew Green's blog contained a link or links to classified material and also used the NSA logo. For that reason, we asked Professor Green to remove the Johns Hopkins-hosted mirror site for his blog.

But from whom? The NSA? If true, that would be eyebrow raising at best, since linking of this type isn't illegal (yet?) and we've covered the logo issue.
Nope. This is another Zazzle-style scenario. Johns Hopkins told Ars:

"we did not receive any inquiry from the federal government about the blog or any request from the government to take down the mirror site. . . As to where the information came from, we are still tracing the path of this event. . . ."

Professor Green, who is understandably discomfited by the whole thing,
Jay Rosen, an NYU journalism professor, dug deeper, and emerged with troubling conclusions. There's nothing good about this. A private educational institution decided for reasons still not entirely clear, to seek to censor one of their employees based on. . . what? Certainly not a careful legal analysis.
We're left with FUD. And maybe a bit of obsequious obeisance, too.

The putative source of the original complaint, APL, is apparently "more of a defense contractor than an academic institution" which raises its own set of concerns.
On that note, courtesy of Dan Gillmor
"At 47:54, listen to @JHUAPL staffer comments at same time the institution went after a prof's blog post about #NSA."

Hi, my name is (inaudible), I work for the Johns
Hopkins Applied Physics Laboratory. As a technical person who's given all of these issues a lot of deep thought, I love to debate certain little pieces with you, but what I really want to say is the level of sophistication of the thinking that I've been hearing here is such a huge relief to me
because I don't hear it in my day-to-day work, and I just want to say, if any
of you guys want to go to work like as a general, you know, as U.S. Cyber
Com, you know, you get my vote.


Go team!

There's no way to avoid the conclusion that simply knowing what we now know about the NSA's activities has created a chilling effect on cultural participation and discourse. To say nothing of the actual effects of a surveillance police state.
Chilling Effects Clearinghouse - www.chillingeffects.org
Chilling Effects Clearinghouse page printed from: https://www.chillingeffects.org/weather.cgi?WeatherID=805

disclaimer / privacy / about us & contacts