************************************************************
************************************************************
*** EFF News #1.00 (December 10, 1990) ***
*** The Electronic Frontier Foundation, Inc. ***
*** Welcome ***
************************************************************
************************************************************
Editors: Mitch Kapor (mkapor@eff.org)
Mike Godwin (mnemonic@eff.org)
REPRINT PERMISSION GRANTED: Material in EFF News may be reprinted if you
cite the source. Where an individual author has asserted copyright in
an article, please contact her directly for permission to reproduce.
E-mail subscription requests: effnews-request@eff.org
Editorial submissions: effnews@eff.org
We can also be reached at:
Electronic Frontier Foundation
Cambridge, MA 02141
(617) 864-0665
(617) 864-0866 (fax)
USENET readers are encouraged to read this publication in the moderated
newsgroup comp.org.eff.news. Unmoderated discussion of topics discussed
This publication is also distributed to members of the mailing list
eff@well.sf.ca.us.
************************************************************
The EFF has been established to help civilize the electronic frontier;
to make it truly useful and beneficial to everyone, not just an elite;
and to do this in a way that is in keeping with our society's highest
traditions of the free and open flow of information and communication.
EFF News will present news, information, and discussion about the world
of computer-based communications media that constitute the electronic
frontier. It will cover issues such as freedom of speech in digital
media, privacy rights, censorship, standards of responsibility for users
and operators of computer systems, policy issues such as the development
of national information infrastructure, and intellectual property.
Views of individual authors represent their own opinions, not
necessarily those of the EFF.
************************************************************
*** EFF News #1.00: Table of Contents ***
************************************************************
Article 1: Who's Doing What at the EFF
Article 2: EFF Current Activities - Fall 1990
Article 3: Contributing to the EFF
Article 4: CPSR Computing and Civil Liberties Project
(Marc Rotenberg, Computer Professionals for Social
Responsibility)
Article 5: Why Defend Hackers? (Mitch Kapor)
Article 6: The Lessons of the Prodigy Controversy
Article 7: How Prosecutors Misrepresented the Atlanta Hackers
************************************************************
*** EFF News #1.00: Article 1 of 7: ***
*** Who's Doing What at the EFF ***
************************************************************
The EFF has hired its first full-time staff member, Mike Godwin.
Mike is serving as the EFF's staff counsel and will be coordinating the
ongoing legal work of the EFF as well. Mike is a recent graduate of
the University of Texas Law School. Previously he served as editor-in-
chief of The Daily Texan student newspaper. He has been a frequent
contributor to the discussions of computing and civil liberties on the
net. Welcome, Mike.
As the scope of EFF activities increase, we anticipate hiring
another full-time professional staff person at EFF. The new position is
n the process of being defined, but the responsibilities are likely to
nclude involvement with our print and online publications as well as
the administrative tasks associated with raising contributions and
We have gotten settled in our remodelled quarters. Leila
Gallagher has joined us as an office volunteer helping with duplicating,
mailing, and other administrative matters.
There are currently additional volunteer opportunities at the
EFF's Cambridge office. Anyone with experience with PageMaker and
FileMaker who is interested in helping us with our print newsletter and
creating a inquiries database is encouraged to contact Mike Godwin.
Gerard van der Leun (boswell@well.sf.ca.us) has volunteered to
organize and edit the first issue of the EFF's print newsletter, the
EFFector. He is getting lots of help from Dan Sokol and Rick Doherty.
Look for a first issue this winter.
Mitch Kapor is working full-time on public interest computing
ssues, including the EFF, where he is currently serving as Acting
Executive Director. John Barlow (barlow@well.sf.ca.us) is actively
engaged in writing and speaking about issues on the electronic frontier.
Harvey Silverglate and Sharon Beckman (slvrgood@well.sf.ca.us) of
the law firm of Silverglate and Good and Terry Gross
(tgross@well.sf.ca.us) of the Rabinowitz, Boudin, Standard, Krinsky, and
Lieberman are the EFF's litigation counsel.
************************************************************
*** EFF News #1.00: Article 2 of 7: ***
*** EFF Current Activities - Fall 1990 ***
************************************************************
>>>LEGAL EFFORTS<<<
The EFF is continuing to investigate legal opportunities for
users and sysops. We are closely tracking the known cases of BBS-related
Devil and the computer-crime operation based in the Chicago U.S.
Attorney's office. These cases may provide us with critical
opportunities to defend the rights of computer users and BBS operators.
We are continuing to track other cases of alleged computer-related
crimes, many of which arose prior to the two federal operations
mentioned above, but in which the EFF may be able to play some formal or
nformal role.
The EFF has also been following the Prodigy case and has been
nvestigating the cases in which universities may have been ordered by
NSF officials to remove graphics files from their systems. We have been
ncreasing our media presence through our cooperation with trade-
offices for feedback on computer-related news items.
We are increasing our contacts with attorneys around the country
attorneys may ultimately become part of a network of attorneys who
associate with EFF for the purpose of taking on pro bono cases in which
EFF has an interest.
The EFF been working to provide the American Bar Association with
nput concerning judicial guidelines for the issuance of search warrants
n computer- and BBS-related cases.
>>> MASSACHUSETTS COMPUTER CRIME BILL<<<
The EFF has drafted and is working for the passage of a computer crime
bill, which has the backing of the Governor and Attorney General of
Massachusetts. If passed, the bill will serve as model legislation in
balancing property and free speech interests.
Massachusetts Software Council, the bill came to our attention and we
number of fundamental flaws, not the least of which was the unproven
assumption that a bill that broadly criminalized whole ranges of
computer-related activities was even called for.
assumptions that we have seen too often in other EFF activities: an
untested belief that more regulation is necessarily better and a
unwise as well as unconstitutional.
The preamble of the new bill explicitly recognizes that the integrity
of computer systems must be protected in a way that does not infringe on
the rights of users of computer technology, including freedoms of
ntention of causing damage and actually cause damage in excess of
$10,000. The second provision of the bill is identical to the one above
except that it covers activities undertaken with reckless disregard of
the consequences as opposed to intent to cause damage, and it carries a
lesser penalty.
The bill breaks new ground in the area of enforcement. Prosecutions may
be brought only by the Attorney General and only after guidelines are
established to assure that searches of electronic media do not
unnecessarily infringe on speech and privacy rights. These guidelines
must be consistent with the concerns stated in the preamble.
The bill also establishes a 17-person commission charged with
Now that the Governor has sent the revised bill back to the Legislature,
t is up to them. We have met with the House and Senate sponsors of the
bill and are cautiously optimistic that the bill can be passed in the
>>>MEETINGS<<<
On September 18 Mitch Kapor made a presentation about the EFF to
the Computer Science and Telecommunications Board of the National
Academy of Science and Engineering, of which he is a new member. The
Board is constituted to advise the government on technological issues
at major corporations.
The CSTB viewed the issues raised as extremely important and
the EFF. Mitch is working on follow-up proposal ideas, including the
CSTB conducting a national "strategic forum" on computing and civil
liberties. This venue is potentially very important because
On September 26, Steve Jackson (Austin game publisher whose BBS
and computer equipment was seized in a Secret Service raid), Terry Gross
(EFF attorney), and Sheldon Zenner (the lawyer who represented Craig
Neidorf) appeared on a panel at a general meeting of the Boston Computer
Society to discuss computing and civil liberties. They were very well
On September 27, Mitch Kapor and Sheldon Zenner made a
corporations who support a program in computer security research at SRI,
On October 3-4, Dorothy Denning and Craig Neidorf attended the
National Conference on Computer Security, Washington D.C.
On October 20th John Barlow gave a major address at the annual
meeting of Computer Professionals for Social Responsibility in San
Fransisco on "Civilizing Cyberspace: Computers, Civil Liberties, and
Freedom".
On October 29, Harvey Silverglate and Mitch Kapor participated in
a panel sponsored by Harvard's Office of Information Technology on
"Electronic Communication and Political Freedom". Gene Spafford of
USENET fame was also present. There was an audience of approximately
On October 30th Mitch appeared on a well-attended panel at MIT on
ntellectual-property reform.
On November 7 Mitch spoke before the American Society for
John, Mitch, Steve Jackson, John Gilmore and Rick Doherty all
attended Hackers 6.0, held this year at Lake Tahoe, on November 16-18.
There was a very active session devoted to the EFF on Sunday, which
-end-
************************************************************
*** EFF News #1.00: Article 3 of 7: ***
*** Contributing to the EFF ***
************************************************************
We have filed a 501c3 application with the Internal Revenue
Service to qualify for eligibility to receive tax-deductible
contributions. We expect to hear from the service within a few months.
-end-
************************************************************
*** EFF News #1.00: Article 4 of 7: ***
*** CPSR COMPUTING AND CIVIL LIBERTIES PROJECT ***
*** by Marc Rotenberg ***
*** (marcindc@well.sf.ca.us) ***
************************************************************
>>> UPCOMING CPSR POLICY ROUNDTABLE <<<
CPSR will host the first Computing and Civil Liberties policy
the Advancement of Science in Washington, DC. The purpose of the
ssues: free speech and computer networks, and searches of computer
bulletin boards. What speech restrictions currently exist? Should
federal agencies or private companies be allowed to restrict the content
of a computer message and, if so, in what circumstances?
The second issue is the investigation of computer bulletin boards
by law enforcement agents. Are there any restrictions on the ways that
The conference is the first in a series of policy roundtables
that will be held in Washington, DC and that are made possible with
funding from the Electronic Frontier Foundation
-end-
************************************************************
*** EFF News #1.00: Article 5 of 7: ***
*** Why Defend Hackers? ***
*** by Mitch Kapor ***
************************************************************
An all-too-common perception of the EFF that prevails in the
computer industry and those who report on it--from John Sculley to the
Wall St. Journal--is that the EFF is an organization that has "something
to do with hackers." (They use "hackers" as a term not of approbation
but of rebuke). Most of these sometime colleagues and associates of
mine are puzzled as to why I would be doing such a thing. (A few think
that I'm out to defend such practices, and they disapprove.
But their disapproval is based on the pure misconception that the
EFF's purpose is to defend people's right to break into computer
I regard unauthorized entry into computer systems as wrong and
cause harm should be held accountable for their actions. We need to
make appropriate distinctions in the legal code among various forms of
computer crime based on such factors as intent and the degree of actual
Governor and Attorney General of Massachusetts and that embodies these
But if the EFF isn't trying to advance the cause of computer
As I began to find out the real story behind government raids and
ndictments last summer, I became incensed at the fact that innocent
ndividuals were getting caught up in the blundering machinations of
certain law enforcement agencies and large corporations. These were
kids really, young people with whom I identified, who faced the prospect
of having their lives ruined.
Take Craig Neidorf, for example. Neidorf, a 20-year-old college
felony charges of wire fraud and interstate transportation of stolen
of the trial, the prosecution dropped the case after it became clear
that the information in the "highly confidential" BellSouth document at
ssue was publicly available for less than $20.
Justice was served by the government's decision to drop the case,
but it was expensive justice. Neidorf and his family face $100,000 in
legal bills, to say nothing of the disruption and suffering caused by
the trial for an action that should never have been brought against him
to begin with. And the prosecution has had a chilling effect on
Neidorf, who has stopped publishing PHRACK.
In a second case, the EFF continues to assist Steve Jackson, a
business losses after a Secret Service raid in early March resulted in
the seizure of his BBS and of his forthcoming fantasy gamebook GURPS
Cyberpunk. The seizure of Jackson's computer equipment caused him to
lay off nearly half of his staff and threatened the survival of the
business. As subsequent revelations have showed, there was no good
the first place.
While helping defend the innocent is one role for the EFF to play,
there is more at stake than trying to prevent individuals from being
The actions taken against Craig Neidorf and Steve Jackson -- the
electronically stored book-in-progress -- demonstrate governmental
the same strong First Amendment protections of freedom of speech and
freedom of expression which we enjoy in our own lives and in the print
media. The government should not be able to seize a bulletin board any
more easily than they can seize a printing press. We must find ways for
law enforcement to do its job in protecting the property interests of
This is clearly a matter of protecting civil liberties and thus familiar
to those who take an interest in upholding the Bill of Rights, but it
s also more than that.
These embryonic media of electronic mail, computer bulletin boards
and conferencing systems, provide open forums of communication. They
are a healthy antidote to the corrosive effects of the power of large,
centralized institutions, private and public, and to the numbness
nduced by one-way, least-common-denominator mass media.
In the physical world, our sense of community withers. Urban
centers as places to live are being abandoned by all who can afford to
leave. In the global suburbs in which more and more of us live, one's
often anonymous.
In the realities that can be created within digital media there
are opportunities for the formation of virtual communities--voluntary
through a common interests. Computer and telecommunications systems
only if we make it so. I believe it is urgent, as a matter of national
and developing infrastructure that are taking place on the Net every
and play a constructive role in the working out of the new legal and
As John Barlow and I meditated together last June on the broader
mplications of the initial events --a meditation that catalyzed the
formation of the EFF--we could see that what was at stake was not merely
the preservation of the civil liberties of all of us, although these
The larger issue is how our society will come to terms with the
onrush of transformative technology. If we take the right steps now--and
EFF is working to take those steps--new and increasing access to
nformation technology will enhance rather than inhibit the positive
a whole.
-end-
************************************************************
*** EFF News #1.00: Article 6 of 7: ***
*** The Lessons of the Prodigy Controversy ***
************************************************************
Many EFF supporters have asked what position, if any, the
Electronic Frontier Foundation has taken with regard to the recent
ts users.
Although EFF is not involved at the moment in any activities
touches some basic issues with which we are very concerned, and that it
llustrates the potential dangers of allowing private entities such as
large corporations to try and dictate the market for online electronic
Although Prodigy, a joint project sponsored by Sears and IBM, has
been available in some cities since October 1988, national availability
of the service and a big advertising campaign only began this fall. New
users who signed on during the membership push would receive, for a
ncluded online shopping, a news service, and a flight-scheduling
Prodigy was originally intended to become an electronic shopping
mall,, where consumers could directly order goods and services. While
the top portion of a Prodigy user's computer display is dedicated to
Among the services Prodigy provides is a public conferencing
(BBS), but national in scope. Users can carry on public discussions of
topics ranging from politics to health issues.
Prodigy management has hired editors "with journalistic
backgrounds" to review messages for suitability before they are allowed
to be publicly posted. The member agreement allows the management to
limit public discussions of topics and to edit postings of individual
members for obscenity or illegal content ... or for anything else, at
The result of this broad management prerogative? One member is
countries censored, presumably out of the editors' fear that Catholic
users would be offended. More significantly, some whole discussion
topics, including a debate between Christian fundamentalists and gay
activists, have been removed without warning from the conferences.
But what bothers the Prodigy protesters is not just that
"That's one of the most frustrating things--you can't even predict
The initial solution to the censorship problem was simple: Take
the discussions to e-mail. Prodigy users began to rely on a mailing-list
feature of the program to continue their (now-uncensored) discussions.
But soon a crisis had brewed. The Prodigy users who had been told
to take their no-longer-welcome public discussions to e-mail were now
being told that they wouldn't be able to use the e-mail service at the
flat rate any longer. Instead, each account would get 30 free messages
meant, in effect, the end of the mailing lists, since just a few
mailings could exhaust a user's free-message quota and rack up sizable
charges. And it was disappointing as well to many non-mailing-list
users, some of whom are disabled, who rely on Prodigy as a major social
outlet.
The result of this policy change was predictable: irate Prodigy
users began to protest, complaining on Prodigy's public boards about the
new usage fee and attempting to organize a write-in campaign notifying
that the protestors had violated their membership agreements, which
forbade "harassment."
Prodigy management justifies the usage fees by arguing that their
original hardware setup couldn't support the increases in electronic
traffic. The new policies were adopted to curb what management
minority of users. And, a Prodigy spokesman insists, the time Prodigy
customers spend in e-mail is time that they aren't buying from Prodigy's
advertisers. (Prodigy claims that ads are not visible during electronic
mail; Prodigy users say this claim is misleading, and that while ads are
nvisible at some points while editing and reading e-mail, they're
nevertheless visible elsewhere during e-mail sessions.)
Of course, in many ways the issue of the fees for e-mail is a
to rely on mass mailings is that they were barred from public discussion
of issues on Prodigy's public message bases.
The Prodigy experience to date reveals a serious mismatch between
the expectations of Prodigy's management and its customers. Here the
market clearly seemed to want unrestricted public conferencing and
electronic mail. But as demand for these features has mounted, the
the features' availability because it did not correspond to or fit with
the company's view of the purpose of the service. To the extent to
commercial interests may offer on-line services, it clearly represents a
turning away from the use of digital media as open forums of public
communication. In the extreme case, in a situation in which Prodigy and
ts commercial competition all choose to censor and control
communication on their services, the public interest will not be well
"It is necessary to consider decisions that Prodigy is making
carefully," Jerry Berman, director of the American Civil Liberties
Union's Information Technology Project, told the New York Times last
month. "We have no comparable models in the computer era," he said, "but
limited."
It is clear that Prodigy management is uncomfortable with the
notion of a free forum; they have chosen to describe their service as a
"publication" rather than as a forum precisely because they want to have
an editor's prerogatives to dictate, absolutely, what the content of the
"publication" will be.
We at EFF do not dispute that Prodigy is acting within its rights
as a private concern when it dictates restrictions on how its system is
used. We do think, however, that the Prodigy experience has a bearing on
EFF interests in a couple of ways.
First, it demonstrates that there is a market--a perceived public
need--for services that provide electronic mail and public conferencing.
Second, it illustrates the fallacy that "pure" market forces
always can be relied upon to move manufacturers and service providers in
the direction of open communications. A better solution, we believe, is
a national network-access policy that, at the very least, encourages
and mail services that the growing computer-literate public clearly
-end-
************************************************************
*** EFF News #1.00: Article 7 of 7: ***
*** How Prosecutors Misrepresented the Atlanta Hackers ***
************************************************************
Although the Electronic Frontier Foundation is opposed to
unauthorized computer entry, we are deeply disturbed by the recent
Grant. Not only are the sentences disproportionate to the nature
of the offenses these young men committed, but, to the extent the
memorandum, it relied on a document filled with
misrepresentations.
Robert J. Riggs, Franklin E. Darden, Jr., and Adam E. Grant
Darden and Riggs had each pled guilty to a conspiracy to commit
computer fraud, wire fraud, access-code fraud, and interstate
transportation of stolen property. Grant had pled guilty to a
All received prison terms; Grant and Darden, according to a
Department of Justice news release, "each received a sentence of
as such use may be related to employment, during his post-
ncarceration supervision.
The facts of the case, as related by the prosecution in its
telephone service and unauthorized access to BellSouth computers,
Damage to the systems was either minimal or nonexistent.
Although it is well-documented that the typical motivation of
Steven Levy, 1984), the prosecution attempts to characterize the
crackers as major criminals, and misrepresents facts in doing so.
Examples of such misrepresentation include:
1) Misrepresenting the E911 file.
The E911 file, an administrative document, was copied by
Robert Riggs and eventually published by Craig Neidorf in the
electronic magazine PHRACK. Says the prosecution: "This file,
noteworthy because it contains the program for the emergency 911
fire, and ambulance services. The evidence indicates that Riggs
Security estimates the value of the E911 file, based on R&D costs,
s $24,639.05."
This statement by prosecutors is clearly false. Defense
E911 document was not a program, that it could not be used to
ordered from Bell South at a cost of less than $20. Under cross-
examination, the prosecution's own witness admitted that the
nformation in the E911 file was available in public documents,
that the notice placed on the document stating that it was
the document did not pose a danger to the functioning of the 911
2) Guilt by association.
The prosecution begins its memorandum by detailing two
crimes: 1) a plot to plant "logic bombs" that would disrupt phone
of calls from a probation office in Florida to "a New York Dial-A-
Only after going to some length describing these two crimes
not implicated in these crimes.*
3) Misrepresentation of motives.
As we noted above, it has been documented that young phone-
and master large systems, not to inflict harm or to enrich
themselves materially. Although the prosecution concedes that
"[d]efendants claimed that they never personally profited from
their hacking activities, with the exception of getting
unauthorized long distance and data network service," the
obtain power through information and intimidation." The
frighteningly powerful."
The prosecution goes to great lengths describing the crimes the
crime, nor does it admit, explicitly, that the defendants never
conspired to cause such damage to the phone system.
Elsewhere in the memorandum, the prosecution attempts to
Because the defendants "freely and recklessly disseminated access
nformation they had stolen," says the memorandum, a 15-year-old
that 15-year-old's alleged theft, the memorandum seeks to
mplicate the defendants in that theft.
4) Failure to acknowledge the outcome of the Craig Neidorf
case.
In evaluating defendants' cooperation in the prosecution of
Craig Neidorf, the college student who was prosecuted for his
two defendants, and recommends less leniency because of this. Says
the memorandum: "The testimony was somewhat helpful, though the
open as he had been in the earlier meeting." The memorandum fails
to mention, however, that Riggs's testimony tended to support
Neidorf's defense that he had never conspired with Riggs to engage
n the interstate transportation of stolen property or that the
case against Neidorf was dropped. Riggs's failure to implicate
Neidorf in a crime he did not commit appears to have been taken by
telling the truth.
Sending a Message to Hackers?
Perhaps the most egregious aspect of the government's
memorandum is the argument that Riggs, Grant, and Darden should be
mprisoned, not for what *they* have done, but send the right
"message to the hacking community." The government focuses on the
case of Robert J. Morris Jr., the computer-science graduate
year for his reckless release of the worm program that disrupted
many computers connected to the Internet. Urging the court to
mprison the three defendants, the government remarked that
"hackers and computer experts recall general hacker jubilation
The government's criticism is particularly unfair in light
of the fact that the Morris sentencing took place almost a year
*after* the activities leading to the defendants' convictions! (To
The memorandum raises other questions besides those of the
BellSouth's statement of the damage the defendants did to its
computer system. The memorandum states that "In all, [the
and connect addresses (i.e., access information) from BellSouth.
BellSouth spend approximately $1.5 million in identifying the
ntruders into their system and has since then spent roughly $3
million more to further secure their network."
It is unclear how these figures were derived. The stated
cost of the passwords is highly questionable: What is the dollar
value of a password? What is the dollar cost of replacing a
And it's similarly unclear that the defendants caused
BellSouth to spend $4.5 million more than they normally would have
network. Although the government's memorandum states that "[t]he
n expenses by their actions," the actual facts as presented in
the memorandum suggest that BellSouth had *already embarked upon
the expenditure of millions of dollars* before it had heard
anything about the crimes the defendants ultimately were alleged
to have committed. Moreover, if the network was insecure to begin
The Neidorf case provides an instructive example of what
telephone company puts on its damages. But the example may not
Atlanta.
Not only are there questions about the justice of the
Grant, but there also are Constitutional issues raised by the
s likely to be illegal; it ignores the fact that computers are a
communications medium, and that the prohibition goes beyond
EFF does not support the proposition that computer intrusion
and long-distance theft should go unpunished. But we find highly
Riggs, Darden, and Grant--stiff sentences that supposedly will
"send a message" to the hackers and crackers.
The message this memorandum really sends is that the
computer crime.
-end EFF News #1.00-
