EFF News December The Electronic Fr

Found at: gopher.meulie.net:70/EFFector/effector1.00

***           EFF News #1.00  (December 10, 1990)        ***
***       The Electronic Frontier Foundation, Inc.       ***
***                        Welcome                       ***

Editors:  Mitch Kapor  (mkapor@eff.org) 
          Mike Godwin  (mnemonic@eff.org)

REPRINT PERMISSION GRANTED: Material in EFF News may be reprinted if you 
cite the source.  Where an individual author has asserted copyright in 
an article, please contact her directly for permission to reproduce.

E-mail subscription requests:  effnews-request@eff.org
Editorial submissions: effnews@eff.org

We can also be reached at:

Electronic Frontier Foundation
Cambridge, MA 02141

(617) 864-0665
(617) 864-0866 (fax)
USENET readers are encouraged to read this publication in the moderated 
newsgroup comp.org.eff.news.  Unmoderated discussion of topics discussed 

This publication is also distributed to members of the mailing list 


The EFF has been established to help civilize the electronic frontier; 
to make it truly useful and beneficial to everyone, not just an elite; 
and to do this in a way that is in keeping with our society's highest 
traditions of the free and open flow of information and communication. 

EFF News will present news, information, and discussion about the world 
of computer-based communications media that constitute the electronic 
frontier. It will cover issues such as freedom of speech in digital 
media, privacy rights, censorship, standards of responsibility for users 
and operators of computer systems, policy issues such as the development 
of national information infrastructure, and intellectual property.

Views of individual authors represent their own opinions, not 
necessarily those of the EFF.

***         EFF News #1.00: Table of Contents            ***

Article 1: Who's Doing What at the EFF

Article 2: EFF Current Activities - Fall 1990

Article 3: Contributing to the EFF

Article 4: CPSR Computing and Civil Liberties Project
           (Marc Rotenberg, Computer Professionals for Social

Article 5: Why Defend Hackers? (Mitch Kapor)

Article 6: The Lessons of the Prodigy Controversy

Article 7: How Prosecutors Misrepresented the Atlanta Hackers

***           EFF News #1.00: Article 1 of 7:            ***
***             Who's Doing What at the EFF              ***

	The EFF has hired its first full-time staff member, Mike Godwin.  
Mike is serving as the EFF's staff counsel and will be coordinating the 
ongoing legal work of the EFF as well.   Mike is a recent graduate of 
the University of Texas Law School.  Previously he served as editor-in-
chief of The Daily Texan student newspaper.  He has been a frequent 
contributor to the discussions of computing and civil liberties on the
net.  Welcome, Mike.

	As the scope of EFF activities increase, we anticipate hiring 
another full-time professional staff person at EFF. The new position is 
n the process of being defined, but the responsibilities are likely to
nclude involvement with our print and online publications as well as
the administrative tasks associated with raising contributions and 

	We have gotten settled in our remodelled quarters.  Leila 
Gallagher has joined us as an office volunteer helping with duplicating, 
mailing, and other administrative matters.

	There are currently additional volunteer opportunities at the 
EFF's Cambridge office.  Anyone with experience with PageMaker and 
FileMaker who is interested in helping us with our print newsletter and 
creating a inquiries database is encouraged to contact Mike Godwin.

	Gerard van der Leun (boswell@well.sf.ca.us)  has volunteered to 
organize and edit the first issue of the EFF's print newsletter, the 
EFFector.  He is getting lots of help from Dan Sokol and Rick Doherty.  
Look for a first issue this winter.

	Mitch Kapor is working full-time on public interest computing 
ssues, including the EFF, where he is currently serving as Acting
Executive Director.  John Barlow (barlow@well.sf.ca.us) is actively 
engaged in writing and speaking about issues on the electronic frontier.

	Harvey Silverglate and Sharon Beckman (slvrgood@well.sf.ca.us) of 
the law firm of Silverglate and Good and Terry Gross 
(tgross@well.sf.ca.us) of the Rabinowitz, Boudin, Standard, Krinsky, and 
Lieberman are the EFF's litigation counsel.

***           EFF News #1.00: Article 2 of 7:            ***
***         EFF Current Activities - Fall 1990           ***


	The EFF is continuing to investigate legal opportunities for 
users and sysops. We are closely tracking the known cases of BBS-related 
Devil and the computer-crime operation based in the Chicago U.S. 
Attorney's office. These  cases may provide us with critical 
opportunities to defend the rights of computer users and BBS operators.  

	We are continuing to track other cases of alleged computer-related 
crimes, many of which arose prior to the two federal operations 
mentioned above, but in which the EFF may be able to play some formal or 
nformal role.

	The EFF has also been following the Prodigy case and has been 
nvestigating the cases in which universities may have been ordered by
NSF officials to remove graphics files from their systems. We have been 
ncreasing our media presence through our cooperation with trade-
offices for feedback on computer-related news items.  

	We are increasing our contacts with attorneys around the country 
attorneys may ultimately become part of a network of attorneys who 
associate with EFF for the purpose of taking on pro bono cases in which 
EFF has an interest.  

	The EFF been working to provide the American Bar Association with 
nput concerning judicial guidelines for the issuance of search warrants
n computer- and BBS-related cases.


The EFF has drafted and is working for the passage of a computer crime 
bill, which has the backing of the Governor and Attorney General of 
Massachusetts. If passed, the bill will serve as model legislation in 
balancing  property and free speech interests.

Massachusetts Software Council, the bill came to our attention and we 
number of fundamental flaws, not the least of which was the unproven 
assumption that a bill that broadly criminalized whole ranges of 
computer-related activities was even called for. 

assumptions that we have seen too often in other EFF activities:  an 
untested belief that more regulation is necessarily better and a 
unwise as well as unconstitutional.

The preamble of the new  bill explicitly recognizes that the integrity 
of computer systems must be protected in a way that does not infringe on 
the rights of users of computer technology, including freedoms of 

ntention of causing damage and actually cause damage in excess of
$10,000.  The second provision of the bill is identical to the one above 
except that it covers activities undertaken with reckless disregard of 
the consequences as opposed to intent to cause damage, and it carries a 
lesser penalty.

The bill breaks new ground in the area of enforcement.  Prosecutions may 
be brought only by the Attorney General and only after guidelines are 
established to assure that searches of electronic media do not 
unnecessarily infringe on speech and privacy rights.  These guidelines 
must be consistent with the concerns stated in the preamble.

The bill also establishes a 17-person commission charged with 

Now that the Governor has sent the revised bill back to the Legislature, 
t is up to them.  We have met with the House and Senate sponsors of the
bill and are cautiously optimistic that the bill can be passed in the 


	On September 18 Mitch Kapor made a presentation about the EFF to 
the Computer Science and Telecommunications Board of the National 
Academy of Science and Engineering, of which he is a new member.  The 
Board is constituted to advise the government on technological issues 
at major corporations.  

	The CSTB viewed the issues raised as extremely important and 
the EFF.  Mitch is working on follow-up proposal ideas, including the 
CSTB conducting a national "strategic forum" on computing and civil 
liberties.  This venue is potentially very important because 

	On September 26, Steve Jackson (Austin game publisher whose BBS 
and computer equipment was seized in a Secret Service raid), Terry Gross 
(EFF attorney), and Sheldon Zenner (the lawyer who represented Craig 
Neidorf) appeared on a panel at a general meeting of the Boston Computer 
Society to discuss computing and civil liberties.  They were very well 

	On September 27, Mitch Kapor and Sheldon Zenner made  a 
corporations who support a program in computer security research at SRI, 

	On October 3-4, Dorothy Denning and Craig Neidorf attended the 
National Conference on Computer Security, Washington D.C.  

	On October 20th John Barlow gave a major address  at the annual 
meeting of Computer Professionals for Social Responsibility in San 
Fransisco on "Civilizing Cyberspace: Computers, Civil Liberties, and 

	On October 29, Harvey Silverglate and Mitch Kapor participated in 
a panel sponsored by Harvard's Office of Information Technology on 
"Electronic Communication and Political Freedom".  Gene Spafford of 
USENET fame was also present.  There was an audience of approximately 

	On October 30th Mitch appeared on a well-attended panel at MIT on 
ntellectual-property reform.

	On November 7 Mitch spoke before the American Society for 

	John, Mitch, Steve Jackson,  John Gilmore and Rick Doherty  all 
attended Hackers 6.0, held this year at Lake Tahoe, on November 16-18.  
There was a very active session devoted to the EFF on Sunday, which 


***           EFF News #1.00: Article 3 of 7:            ***
***               Contributing to the EFF                ***

	We have filed a 501c3 application with the Internal Revenue 
Service to qualify for eligibility to receive tax-deductible 
contributions.  We expect to hear from the service within a few months.  


***           EFF News #1.00: Article 4 of 7:            ***
***                  by Marc Rotenberg                   ***
***               (marcindc@well.sf.ca.us)               ***


	CPSR will host the first Computing and Civil Liberties policy 
the Advancement of Science in Washington, DC.  The purpose of the 
ssues: free speech and computer networks, and searches of computer
bulletin boards.  What speech restrictions currently exist?  Should 
federal agencies or private companies be allowed to restrict the content 
of a computer message and, if so, in what circumstances?  

	The second issue is the investigation of computer bulletin boards 
by law enforcement agents.  Are there any restrictions on the ways that 

	  The conference is the first in a series of policy roundtables 
that will be held in Washington, DC and that are made possible with 
funding from the Electronic Frontier Foundation


***             EFF News #1.00: Article 5 of 7:          ***
***                  Why Defend Hackers?                 ***
***                     by Mitch Kapor                   ***

	An all-too-common perception of the EFF that prevails in the 
computer industry and those who report on it--from John Sculley to the 
Wall St. Journal--is that the EFF is an organization that has "something 
to do with hackers."   (They use "hackers" as a term not of approbation 
but of rebuke).   Most of these sometime colleagues and associates of 
mine  are puzzled as to why I would be doing such a thing.  (A few think 
that I'm out to defend such practices, and they disapprove.

	But their disapproval is based on the pure misconception that the 
EFF's purpose is to defend people's right to break into computer 

	I regard unauthorized entry into computer systems as wrong and 
cause harm should be held accountable for their actions.  We need to 
make appropriate distinctions in the legal code among various forms of 
computer crime based on such factors as intent and the degree of actual 
Governor and Attorney General of Massachusetts and that embodies these 

	But if the EFF isn't trying to advance the cause of computer 

	As I began to find out the real story behind  government raids and 
ndictments last summer,  I became incensed at the fact that innocent
ndividuals were getting caught up in the blundering machinations of
certain law enforcement agencies and large corporations.  These were 
kids really, young people with whom I identified, who faced the prospect 
of having their lives ruined.

	Take Craig Neidorf, for example. Neidorf, a 20-year-old college 
felony charges of wire fraud and interstate transportation of stolen 
of the trial, the prosecution dropped the case after it became clear 
that the information in the "highly confidential" BellSouth document at 
ssue was publicly available for less than $20.

	Justice was served by the government's decision to drop the case, 
but it was expensive justice.  Neidorf and his family face $100,000 in 
legal bills, to say nothing of the disruption and suffering caused by 
the trial for an action that should never have been brought against him 
to begin with.  And the prosecution has had a chilling effect on 
Neidorf, who has stopped publishing PHRACK.

	In a second case, the EFF continues to assist Steve Jackson, a 
business losses after a Secret Service raid in early March resulted in 
the seizure of his BBS and of his forthcoming fantasy gamebook GURPS 
Cyberpunk.  The seizure of Jackson's computer equipment caused him to 
lay off nearly half of his staff and threatened the survival of the 
business.  As subsequent revelations have showed, there was no good 
the first place.  

	While helping defend the innocent is one role for the EFF to play,  
there is more at stake than trying to prevent individuals from being 

	The actions taken against Craig Neidorf and Steve Jackson -- the 
electronically stored book-in-progress -- demonstrate governmental 
the same strong First Amendment protections of freedom of speech and 
freedom of expression which we enjoy in our own lives and in the print 
media.   The government should not be able to seize a bulletin board any 
more easily than they can seize a printing press.  We must find ways for 
law enforcement to do its job in protecting the property interests of 
This is clearly a matter of protecting civil liberties and thus familiar 
to those who take an interest in upholding the Bill of Rights,  but it 
s also more than that.

	These embryonic media of electronic mail, computer bulletin boards 
and conferencing systems, provide open forums of communication.  They 
are  a healthy antidote to the corrosive effects of the power of large, 
centralized institutions, private and public,  and to the numbness 
nduced by one-way, least-common-denominator mass media.

	In the physical world, our sense of community withers.   Urban 
centers as places to live are being abandoned by all who can afford to 
leave.   In the global suburbs in which more and more of us live, one's 
often anonymous.  

	In the realities that can be created within digital media there 
are opportunities for the formation of virtual communities--voluntary 
through a common interests.  Computer and telecommunications systems 
only if we make it so.   I believe it is urgent, as a matter of national 
and developing infrastructure that are taking place on the Net every 
and play a constructive role in the working out of the new legal and 

	As John Barlow and I meditated together last June on the broader 
mplications of the initial events --a meditation that catalyzed the
formation of the EFF--we could see that what was at stake was not merely 
the preservation of  the civil liberties of all of us, although these 

	The larger issue is how our society will come to terms with the 
onrush of transformative technology. If we take the right steps now--and 
EFF is working to take those steps--new and increasing access to 
nformation technology will enhance rather than inhibit the positive
a whole.


***             EFF News #1.00: Article 6 of 7:          ***
***         The Lessons of the Prodigy Controversy       ***

	Many EFF supporters have asked what position, if any, the 
Electronic Frontier Foundation has taken with regard to the recent 
ts users.

	Although EFF is not involved at the moment in any activities 
touches some basic issues with which we are very concerned, and that it 
llustrates the potential dangers of allowing private entities such as
large corporations to try and dictate the market for online electronic 

	Although Prodigy, a joint project sponsored by Sears and IBM, has 
been available in some cities since October 1988, national availability 
of the service and a big advertising campaign only began this fall. New 
users who signed on during the membership  push would receive, for a 
ncluded online shopping, a news service, and a flight-scheduling

	Prodigy was originally intended to become an electronic shopping 
mall,, where consumers could directly order goods and services. While 
the top portion of a Prodigy user's computer display is dedicated to 

	Among the services Prodigy provides is a public conferencing 
(BBS), but national in scope. Users can carry on public discussions of 
topics ranging from politics to health issues.

	Prodigy management has hired editors "with journalistic 
backgrounds" to review messages for suitability before they are allowed 
to be publicly posted. The member agreement allows the management to 
limit public discussions of topics and to edit postings of individual 
members for obscenity or illegal content ... or for anything else, at 

	The result of this broad management prerogative? One member is 
countries censored, presumably out of the editors' fear that Catholic 
users would be offended. More significantly, some whole discussion 
topics, including a debate between Christian fundamentalists and gay 
activists, have been removed without warning from the conferences.

	But what bothers the Prodigy protesters is not just that 
"That's one of the most frustrating things--you can't even predict 

	The initial solution to the censorship problem was simple: Take 
the discussions to e-mail. Prodigy users began to rely on a mailing-list 
feature of the program to continue their (now-uncensored) discussions.

	But soon a crisis had brewed. The Prodigy users who had been told 
to take their no-longer-welcome public discussions to e-mail were now 
being told that they wouldn't be able to use the e-mail service at the 
flat rate any longer. Instead, each account would get 30 free messages 
meant, in effect, the end of the mailing lists, since just a few 
mailings could exhaust a user's free-message quota and rack up sizable 
charges. And it was disappointing as well to many non-mailing-list 
users, some of whom are disabled, who rely on Prodigy as a major social 

	The result of this policy change was predictable: irate Prodigy 
users began to protest, complaining on Prodigy's public boards about the 
new usage fee and attempting to organize a write-in campaign notifying  
that the protestors had violated their membership agreements, which 
forbade "harassment."

	Prodigy  management justifies the usage fees by arguing that their 
original hardware setup couldn't support the increases in electronic 
traffic.  The new policies were adopted to curb what management 
minority of users.  And, a Prodigy spokesman insists, the time Prodigy 
customers spend in e-mail is time that they aren't buying from Prodigy's 
advertisers. (Prodigy claims that ads are not visible during electronic 
mail; Prodigy users say this claim is misleading, and that while ads are 
nvisible at some points while editing and reading e-mail, they're
nevertheless visible elsewhere during e-mail sessions.)

	Of course, in many ways the issue of the fees for e-mail is a 
to rely on mass mailings is that they were barred from public discussion 
of issues on Prodigy's public message bases.

	The Prodigy experience to date reveals a serious mismatch between 
the expectations of Prodigy's management and its customers. Here the 
market clearly seemed to want unrestricted public conferencing and 
electronic mail. But as demand for these features has mounted, the 
the features' availability because it did not correspond to or fit with 
the company's view of the purpose of the service.  To the extent to 
commercial interests may offer on-line services, it clearly represents a 
turning away from the use of digital media as open forums of public 
communication.  In the extreme case, in a situation in which Prodigy and 
ts commercial competition all choose to censor and control
communication on their services, the public interest will not be well 

	"It is necessary to consider decisions that Prodigy is making 
carefully,"  Jerry Berman, director of the American Civil Liberties 
Union's Information Technology Project, told the New York Times last 
month. "We have no comparable models in the computer era," he said, "but 

	It is clear that Prodigy management is uncomfortable with the 
notion of a free forum; they have chosen to describe their service as a 
"publication" rather than as a forum precisely because they want to have 
an editor's prerogatives to dictate, absolutely, what the content of the 
"publication" will be.

	We at EFF do not dispute that Prodigy is acting within its rights 
as a private concern  when it dictates restrictions on how its system is 
used. We do think, however, that the Prodigy experience has a bearing on 
EFF interests in a couple of ways.

	First, it demonstrates that there is a market--a perceived public 
need--for services that provide electronic mail and public conferencing.

	Second, it illustrates the fallacy that "pure" market forces 
always can be relied upon to move manufacturers and service providers in 
the direction of open communications. A better solution, we believe, is 
a national network-access policy that, at the very least, encourages 
and mail services that the growing computer-literate public clearly 


***             EFF News #1.00: Article 7 of 7:          ***
***  How Prosecutors Misrepresented the Atlanta Hackers  ***

	Although the Electronic Frontier Foundation is opposed to 
unauthorized computer entry, we are deeply disturbed by the recent 
Grant. Not only are the sentences disproportionate to the nature 
of the offenses these young men committed, but, to the extent the 
memorandum, it relied on a document filled with 

	Robert J. Riggs, Franklin E. Darden, Jr., and Adam E. Grant  
Darden and Riggs had each pled guilty to a conspiracy to commit 
computer fraud, wire fraud, access-code fraud, and interstate 
transportation of stolen property. Grant had pled guilty to a 

	All received prison terms; Grant and Darden, according to a 
Department of Justice news release, "each received a sentence of 
as such use may be related to employment, during his post-
ncarceration supervision.

	The facts of the case, as related by the prosecution in its 
telephone service and unauthorized access to BellSouth computers, 
Damage to the systems was either minimal or nonexistent.
Although it is well-documented that the typical motivation of 
Steven Levy, 1984), the prosecution attempts to characterize the 
crackers as major criminals, and misrepresents facts in doing so.

	Examples of such misrepresentation include:

	1) Misrepresenting the E911 file. 

	The E911 file, an administrative document, was copied by 
Robert Riggs and eventually published by Craig Neidorf in the 
electronic magazine PHRACK. Says the prosecution: "This file, 
noteworthy because it contains the program for the emergency 911 
fire, and ambulance services. The evidence indicates that Riggs 
Security estimates the value of the E911 file, based on R&D costs, 
s $24,639.05."

	This statement by prosecutors is clearly false. Defense 
E911 document was not a program, that it could not be used to 
ordered from Bell South at a cost of less than $20. Under cross-
examination, the prosecution's own witness admitted that the 
nformation in the E911 file was available in public documents,
that the notice placed on the document stating that it was 
the document did not pose a danger to the functioning of the 911 

	 2) Guilt by association.

	The prosecution begins its memorandum by detailing two 
crimes: 1) a plot to plant "logic bombs" that would disrupt phone 
of calls from a probation office in Florida to "a New York Dial-A-

	Only after going to some length describing these two crimes 
not implicated in these crimes.*

	3) Misrepresentation of motives.
	As we noted above, it has been documented that young phone-
and master large systems, not to inflict harm or to enrich 
themselves materially. Although the prosecution concedes that 
"[d]efendants claimed that they never personally profited from 
their hacking activities, with the exception of getting 
unauthorized long distance and data network service," the 
obtain power through information and intimidation." The 
frighteningly powerful."

	The prosecution goes to great lengths describing the crimes the 
crime, nor does it admit, explicitly, that the defendants never 
conspired to cause such damage to the phone system.

	Elsewhere in the memorandum, the prosecution attempts to 
Because the defendants "freely and recklessly disseminated access 
nformation they had stolen," says the memorandum, a 15-year-old
that 15-year-old's alleged theft, the memorandum seeks to 
mplicate the defendants in that theft.

	4) Failure to acknowledge the outcome of the Craig Neidorf 

	In evaluating defendants' cooperation in the prosecution of 
Craig Neidorf, the college student who  was prosecuted for his 
two defendants, and recommends less leniency because of this. Says 
the memorandum: "The testimony was somewhat helpful, though the 
open as he had been in the earlier meeting." The memorandum fails 
to mention, however, that Riggs's testimony tended to support 
Neidorf's defense that he had never conspired with Riggs to engage 
n the interstate transportation of stolen property or that the
case against Neidorf was dropped. Riggs's failure to implicate 
Neidorf in a crime he did not commit appears to have been taken by 
telling the truth.

Sending a Message to Hackers?

	Perhaps the most egregious aspect of the government's 
memorandum is the argument that Riggs, Grant, and Darden should be 
mprisoned, not for what *they* have done, but send the right
"message to the hacking community." The government focuses on the 
case of Robert J. Morris Jr., the computer-science graduate 
year for his reckless release of the worm program that disrupted 
many computers connected to the Internet. Urging the court to 
mprison the three defendants, the government remarked that
"hackers and computer experts recall general hacker jubilation 

	The government's criticism is particularly unfair in light 
of the fact that the Morris sentencing took place almost a year 
*after* the activities leading to the defendants' convictions! (To 

	The memorandum raises other questions besides those of the 
BellSouth's statement of the damage the defendants did to its 
computer system. The memorandum states that "In all, [the 
and connect addresses (i.e., access information) from BellSouth. 
BellSouth spend approximately $1.5 million in identifying the 
ntruders into their system and has since then spent roughly $3
million more to further secure their network."

	It is unclear how these figures were derived. The stated 
cost of the passwords is highly questionable: What is the dollar 
value of a password? What is the dollar cost of replacing a 

	And it's similarly unclear that the defendants caused 
BellSouth to spend $4.5 million more than they normally would have 
network. Although the government's memorandum states that "[t]he 
n expenses by their actions," the actual facts as presented in
the memorandum suggest that BellSouth had *already embarked upon 
the expenditure of millions of dollars* before it had heard 
anything about the crimes the defendants ultimately were alleged 
to have committed. Moreover, if the network was insecure to begin 

	The Neidorf case provides an instructive example of what 
telephone company puts on its damages. But the example may not 

	Not only are there questions about the justice of the 
Grant, but there also are Constitutional issues raised by the 
s likely to be illegal; it ignores the fact that computers are a
communications medium, and that the prohibition goes beyond 

	EFF does not support the proposition that computer intrusion 
and long-distance theft should go unpunished. But we find highly 
Riggs, Darden, and Grant--stiff sentences that supposedly will 
"send a message" to the hackers and crackers.

	The message this memorandum really sends is that the 
computer crime.

                  -end EFF News #1.00-