Automattic is an ORG Sponsor

This week we were proud to be unveiled as an official corporate sponsor of the Open Rights Group (‘ORG’), the very same week that the controversial Investigatory Powers Bill is being debated in the British Parliament.

Open Rights Group
ORG has been fighting tirelessly for digital rights in the UK since 2005. Despite their relatively small size, they have achieved some significant victories. They have campaigned against damaging legislation such as ACTA (which was rejected by the European Parliament in 2012); been instrumental in the implementation of the HTTP Error 451 status code to highlight sites that are rendered inaccessible for legal reasons; challenged mass surveillance in court; helped secure a ‘right to parody’ in the UK; and particularly close to our heart… fought for the rights of bloggers when they’ve been threatened with frivolous copyright takedown demands.

The work that ORG do is vital to protecting many of the online values Automattic shares, and we’re happy to support their mission.

Find out more about the Open Rights Group on their site.

Automattic and WordPress.com Stand with Apple to Support Digital Security

At Automattic, we’re very mindful of the trust our users place in us to keep their information private and secure, and we work hard to build systems, software, and legal policies to safeguard that information. We’re also very mindful of threats to user trust and security, and we believe that the recent federal court order, issued against Apple in the San Bernardino case, poses just such a threat.

The order requires Apple to write code to deliberately weaken standard security measures on an iPhone, in furtherance of the federal criminal investigation. Though the investigation is very important, the court’s order could pose a great threat to the security of all digitally stored information, and undermine the trust that users have placed in companies, like Automattic or Apple, to keep their sensitive personal information and data safe.

Apple has challenged the order, and today, Automattic has joined many leading Internet and technology companies in filing an amicus brief in support of Apple’s legal challenge.

Weaker Security Hurts Everyone

Like Apple, we respect the rule of law, and honor the valid government orders we receive to furnish data in connection with criminal investigations. But deliberately weakening information security, as Apple has been asked to do here, is a step too far that makes everyone less safe.

Undermining security measures – even in situations where there appear to be good intentions – will inevitably have unintended consequences for regular people. As Apple said in a letter to its customers, intentionally weakening security at the government’s request “would hurt only the well-meaning and law-abiding citizens who rely on companies like Apple to protect their data.” The fact is that if a security flaw exists, there is no way to ensure that only trusted governments, investigating a crime, can exploit that vulnerability. Improving security for everyone means aggressively finding and closing holes, not creating new ones.

Dangerous Legal Precedent

This case is not simply about access to one iPhone. It’s a decision that will serve as a (possibly global) precedent for what software, and the companies that build it, can and can’t do to protect user information. These protections exist to thwart anyone that seeks unauthorized access to user information (like hackers), and they need to be as strong and sophisticated as possible. If the San Bernadino order stands, the precedent it sets – that companies can be forced to weaken their own security – will be a dangerous one. Future orders could apply to not just smartphones and other hardware, but also to Internet services like those provided by Automattic.

Standing With Apple

Automattic takes great pride in building software that is not only free and open, but also secure. We stand with Apple in both condemning terrorism and defending the privacy and security of our users. If Automattic was faced with a government order like the one issued in San Bernadino, we, like Apple, would do everything within the law to challenge it. That’s why we’re joining with a sizable group of leading tech companies today to support Apple in this case.

You can read our full legal brief below.

 

Transparency Report Update and a Closer Look at Turkey

Our latest transparency report is hot off the press, complete with data and details about the intellectual property infringement notices, government takedown demands, and government requests for information we received between July 1 and December 31, 2015.

You can view our updated report here.

Taking a closer look at the numbers, you may notice that we’ve seen quite an increase in government takedown demands since we launched our transparency report, with 156% more demands in 2015 (346) than in 2014 (135). The majority of these demands are from two countries in particular: Russia and Turkey.

Russia is no surprise as we’ve been dealing with their demands for years (you can read more about our process for handling their demands here), but Turkey came out of the woodwork for the first time with 4 demands in 2014, jumping up dramatically with 113 in 2015.

Generally we receive Turkish court orders in two scenarios. In the first, the Telecommunication and Communication Presidency can ban content in the interest of protecting “national security and public order,” preventing crime, and protecting general health… which are open to their interpretation. In the other, when someone’s rights are violated (privacy rights or defamation, for example), Turkish law allows the complaining party to request content removal by obtaining a court order.

As with most censorship laws, the real world consequences reveal the chilling of a significant amount of legitimate, political speech. For example, we’ve received takedown orders covering:

  • A site that criticizes the President of Turkey and his government’s activities relating to a terrorist organization. The President’s recent and past speeches were shared in a way to show that he contradicts himself as the time passes. If that weren’t sufficiently worrisome, Article 299 of Turkish Criminal Code, which governs defaming the President of Turkey, states that anyone who insults the president shall be sentenced from one to four years.
  • A news site’s report on a child sex sting, covering the details of a Turkish man who arranged to meet an underaged girl. A photo from a court hearing and a mug shot of the complaining party, were included in the removal demand.
  • A site that criticized a terrorist organization. We believe this site was wrongfully included with the others that did support the terrorist organization, but that didn’t stop a Turkish court from issuing a takedown demand against it. It’s eerily similar to when copyright takedown bots run amok.

Under our legal guidelines, we require a U.S. court order before proceeding with the removal of content from WordPress.com. To this point, we have refused to take action in response to the takedown demands from Turkey. After we receive notice of an order, Turkish ISPs, who are bound to obey the court orders, move to block the sites named in an order, making it unavailable to all visitors from Turkey without any further explanation.

Overall, compared to the tens of millions of sites that we host, we continue to receive a relatively small number of demands from governments and other national authorities.

For more details, dive into the specific report pages. As always, please drop us a line if you have any suggestions for future reports!

Error 451: Unavailable for Legal Reasons

Internet Service Providers and online platforms like WordPress.com are increasingly facing demands to block access to URLs in different countries. These orders can come as the result of court decisions (in the case of the UK and Turkey), or directly from governmental authorities (in the case of Russia or Georgia) and are usually directed at content that governments find illegal or objectionable.

Before now, there has been no standard error message that is both machine-readable and also explains to visitors the reason that the site is unavailable.

Default messages like the infamous ‘Error 404 – Page not found’ or its close cousin, ‘Error 403 – Forbidden’ strike us as inadequate for situations where sites are unavailable for legal reasons. Enter the Internet Engineering Task Force (IETF). They have approved a new HTTP error status code: Error 451, named after Ray Bradbury’s dystopian novel ‘Fahrenheit 451’. This development comes after 2 years of campaigning by groups such as the Open Rights Group and Article 19.

We are strongly opposed to Internet censorship, and believe that geo-blocking is both inappropriate and an ineffective remedy for controversial speech. The introduction of the new HTTP error code is a welcome one, and we have gladly adopted it on WordPress.com. The error code will be returned to visitors from those countries where we have been forced to block websites for legal reasons, and allow statistics to be gathered on the number of these kind of blocks worldwide more easily.

For more information on the requests we receive from governments, please see our latest Transparency Report.

‘451 unavailable’ header image modified from original logo by the Open Rights Group under CC-BY-SA 4.0 Licence.

The Baby Dances On: A Win for Fair Use

Last week saw an important victory in the battle to protect the fair use of copyrighted material online. A Federal Appeals Court held in Lenz v. Universal that the DMCA requires rights holders to consider the important doctrine of ‘fair use’ before issuing a takedown notification. We submitted an amicus brief in this case, and are very pleased to see the court agree with many of our arguments.

Behold, the dancing baby that started the whole thing off:

The outcome of the case underlines and highlights the importance of fair use, and will hopefully cause copyright holders to pause and take the doctrine more seriously than many of them have done in the past.

In the words of the court:

Fair use is not just excused by the law, it is wholly authorized by the law.

This is critical. Sharing excerpts of articles, commenting on the news, and re-blogging portions of popular blog posts have become the lifeblood of the social internet, and important to the community we are building on WordPress.com. We have long fought to preserve legitimate rights to fair use, through the courts, through education of users and copyright holders and by pushing back on DMCA notices that target fair use on WordPress.com. In the last reporting period, we rejected 43% of notices for being either incomplete or abusive.

Our approach to honoring fair use is not meant to help our users to ‘get away’ with anything; we are defending their wholly legitimate rights from abuse. With that in mind, it is heartening to see that the 9th circuit agree with us: fair use is fundamental to copyright law, and all valid DMCA requests must give fair use due consideration.

Not the end of the story

Despite the importance of the decision, we shouldn’t be cracking out the champagne just yet. For one, we wish the court had taken the opportunity to provide a clearer, more objective standard for the consideration of fair use than they have. In our amicus brief we argued strongly for requiring complainants to form an objective belief that material in question was not fair use before submitting a takedown notification. The court relied instead on a subjective standard, that will be difficult to enforce, and provides less deterrent against the trampling of fair use rights.

Most of all, we hope the decision causes rights holders to take a closer look at their process for evaluating potential infringing activity, particularly those who make use of third party agents to send bulk automated takedowns. We have always believed that this process is nuanced, and requires some sort of human review to prevent abuse. We would like the Lenz decision to act as a catalyst for more thoughtful use of the DMCA’s notification and takedown process. There needs to be a recognition that simply finding a ‘matching’ file or text algorithmically does not signal the end of the investigation process, but just the beginning. This sentiment was expressed by Judge Smith in the opinion, who noted that while automated systems can be a useful tool for identifying the use of copyrighted material, that does not mean that they are capable of analyzing whether that use is fair, and therefore legal.

The battle to protect fair use isn’t over by a long shot, but for now – the baby dances on.

Read more over at the EFF.

Header image by Kjell Reigstad.

Defending Net Neutrality

Net neutrality – the principle that providers of internet service must treat all traffic equally – is a cornerstone of the free, open internet. This once-obscure principle has been in the news, as federal agencies, Congress, and even the President debated the proper scope of net neutrality regulations.

Automattic supports net neutrality. We recently joined our users to advocate strong net neutrality rules, and cheered the FCC’s decision to reclassify broadband service under Title II of the Communications Act; a decisive move that supplies a sturdy legal foundation for real net neutrality. Even with this victory, we knew the battle for net neutrality was far from over.

The ink was barely dry on the FCC’s rules when opponents of net neutrality rushed to court in an attempt to dismantle what we, and much of the internet, fought so hard to win. The fate of net neutrality is now in the hands of a Washington DC appeals court, and we’re now adding our voice the case.

Today, we filed an amicus brief with the Court of Appeals for the DC Circuit in the case of United States Telecom Assn. v. FCC (the full brief is below). We’re proud to be joined on the brief by five other leading internet companies: Medium, Reddit, Squarespace, Twitter, and Yelp. Our tools, along with many others, have helped make the internet a global engine of free expression. We deeply appreciate the critical role net neutrality plays in ensuring that speech and expression, on all platforms, is free from interference, throttling or blocking by the gatekeepers who provide access to the internet. Very simply: net neutrality is necessary for free speech to flourish online. On behalf of Automattic, and especially the millions who rely on WordPress to speak to the world, we submit our brief in support of strong, enforceable, net neutrality rules.

WordPress.com, and the WordPress open source project are living examples of what is possible on a neutral internet, open for creation, collaboration, and expression. We urge the court to consider our example, as well the voices of internet users worldwide, as it considers this important case.

 

Leave No Trace!

Earlier this year, we talked about the dangers of relying on third-party bots to chase down potential copyright infringement, and the ironic circumstances that ensue when the rights holder’s own content becomes a target. It’s a frustrating situation for everyone, but this kind of oversight is no surprise when automation is let off the leash. What’s even more shocking are cases in which this paradoxical level of enforcement is employed by humans, as we recently experienced with Subaru for America.

The car manufacturer is currently sponsoring a nonprofit organization, The Leave No Trace Center for Outdoor Ethics. For the uninitiated, “Leave No Trace” is the concept of enjoying the wilderness responsibly, with an eye towards conservation and preservation of natural beauty. A noble cause to be sure, but two WordPress.com users discovered the hard way that a corporation’s actions can sometimes speak louder than its words.

In the application for The Subaru Leave No Trace Traveling Trainer Program, it’s suggested that, among other things, applicants should be able to generate social media content via creating blogs, posting photos, and creating videos. This is exactly what Sam and Jenna attempted to do when they created this blog as part of their application process.

Surprisingly, however, Subaru was less than thrilled with this harmless use of the brand name, and accused our users of trademark infringement and cybersquatting. Apparently the legal department at Subaru wasn’t aware of their company’s sponsored initiative. Yikes!

We passed along the notice to Sam and Jenna with the understanding that we would not be taking any action against their blog as their content does not constitute trademark infringement. In good faith, though, our bloggers took the high road and removed most instances of ‘Subaru’ from their blog to appease the automaker’s demands.

While Subaru reminded us that it “aggressively protects its trademarks and other intangible assets,” it’s unfortunate in this case that they didn’t maintain that same level of overzealous enthusiasm for our users or the great outdoors.