In a lawsuit by Viacom against YouTube, a judge has ordered that YouTube produce its log files of every video ever watched on YouTube. These logs will contain the user ID and IP address of every viewer. The privacy implications are obviously huge. This information is clearly personally identifying. The judge does not agree with me on this point. Here is the relevant part of the decision:

Defendants argue that the data should not be disclosed because of the users’ privacy concerns, saying that 

“Plaintiffs would likely be able to determine the viewin and video uploading habits of YouTube’s users based on the user’s login ID and the user’s IP address” (Do Decl. ¶ 16).   

But defendants cite no authority barring them from 

disclosing such information in civil discovery proceedings,5 and their privacy concerns are speculative.  Defendants do not refute that the “login ID is an anonymous pseudonym that users create for themselves when they sign up with YouTube” which without more “cannot identify specific individuals” (Pls.’ Reply 44), and Google has elsewhere stated:   

We . . . are strong supporters of the idea that 

data protection laws should apply to any data 

that could identify you.  The reality is though 

that in most cases, an IP address without additional information cannot. 

Google Software Engineer Alma Whitten, Are IP addresses personal?, GOOGLE PUBLIC POLICY BLOG (Feb. 22, 2008), http://googlepublicpolicy.blogspot.com/2008/02/are-ip-addresses-personal.html (Wilkens Decl. Ex. M). 

Therefore, the motion to compel production of all data 

from the Logging database concerning each time a YouTube video has been viewed on the YouTube website or through embedding on a third-party website is granted. 

Yahoo and MSN helping to root out Tibetan rioters | The ObserversYahoo China posted pictures of “most wanted” Tibetan protestors on Yahoo! China’s home page. Cooperation with lawful process in a repressive country is bad enough, here they are actively collaborating. Yahoo!’s claim that this was done by Yahoo! China, not by the Yahoo! mother-ship, seems disingenuous at best.Active support of censorship and oppression is clearly unethical. If this is not clearly on the wrong side of the line, then what in the world is?

Swiss bank in Wikileaks case abruptly abandons lawsuit | The Iconoclast – politics, law, and technology – CNET News.comIn a follow up to the earlier story, it seems that the judge finally realized the implications of his actions to free speech, and the fact that his injunction was almost completely ineffective. This is a really good thing. If the ruling had stood under appeal and become precedent, it would have significantly changed the Internet landscape.

Wikileaks domain name yanked in spat over leaked documents | The Iconoclast – politics, law, and technology – CNET News.comDeclan does a really good job here of discussing a fascinating case. WikiLeaks is a Wiki based website designed to enable completely anonymous posting of tips and leaked documents. It is focused around enabling disclosure of information from repressive countries.A US court recently ordered WikiLeak’s domain name registrar to disable their domain name because of some documents on the site about questionable off shore banking activities by a group of Swiss bankers.The real shocker here is the draconian action against WikiLeaks prior to the resolution of the claim. It is also ineffective action because WikiLeaks is openly hosted under a number of domains in a number of different countries.I am very interested to see how this story develops and whether the injunction will stand up once the details of the offending materials become clear.

FindLaw’s Writ – Colb: Does the Fifth Amendment Protect the Refusal to Reveal Computer Passwords? In a Dubious Ruling, A Vermont Magistrate Judge Says YesThis case raises some interesting questions about using cryptography. Not the usual ones about technical attacks, but about how strong crpyto behaves in court. In general, if someone finds an encrypted volume on your computer, is that prima fascia evidence of illegal materials and thus probable cause? Suppose it was called “my plans to kill the president”? In this particular case the defendant actually showed law enforcement people the contents of the encrypted directory, and the files located therein clearly indicated illegal content. That would seem to be his big mistake. The prosecutors are not guessing about the files in there, they know what is there already, and just want access.At the end of the day, the defendant can always decide if the punishment for contempt for not revealing the password is worse than the punishment for what will be found inside. If the contents are really bad, he is best off resisting. I can’t see anyone doing 20 years in jail to compel production of the password.Of course, in that amount of time, computers may be fast enough that brute forcing the password may be trivial. This is a real concern if the statute of limitations for your crime is very long or there is no limitation.