This Weekend: Celebrate the Life and Work of Aaron Swartz at the Internet Archive (Electronic Frontier Foundation)

On November 4 and 5, the Internet Archive will host the Fifth Annual Aaron Swartz Day and Hackathon. Aaron would have turned 31 on November 8. The late activist, political organizer, programmer, and entrepreneur was a dear friend of EFF’s who made a lasting imprint on the Internet and the digital community. Aaron’s life was tragically cut short after overzealous prosecutors sought to make an example out of him under the Computer Fraud and Abuse Act for using MIT’s computer network to download millions of academic articles from the online archive JSTOR. At EFF, we carry on Aaron’s legacy every day through our work on open access and CFAA reform. And this weekend, we’ll join our friends at the Internet Archive in celebrating Aaron’s life and work.

This weekend’s events include a two-day hackathon focused on SecureDrop, the whistleblower submission system Aaron created just before he passed away, and a Saturday evening memorial event. Speakers at the memorial event include Chelsea Manning, Gabriella Coleman, Barrett Brown, EFF’s Cindy Cohn, Aaron Day co-founder Lisa Rein, and many more.

Aaron died on January 11, 2013, at the age of 26, after being charged with 11 counts under the notoriously vague and draconian CFAA for systematically downloading academic journal articles from JSTOR. Facing decades in federal prison, Aaron took his own life. Aaron’s case stands as an example of how prosecutors abuse the CFAA’s vague language and harsh penalties to craft trumped up criminal charges for any behavior involving a computer they don’t like. Systematically downloading academic journal articles does not rise to the level of culpability that Congress had in mind when it enacted the CFAA—i.e., malicious computer break-ins for the purpose of causing damage or stealing information. But the law makes it illegal to intentionally access any computer connected to the Internet “without authorization” or in excess of authorization without actually telling us what “without authorization”—the statute’s most critical term—means. This overly vague language likely seemed innocuous to some back in 1986, but it has opened the statute up to rampant abuse by those seeking to stretch its reach.

EFF has been pushing for CFAA reform for years, and we increased those efforts after Aaron’s death. Since 2013, we’ve pushed for the passage of Aaron’s Law, which would reduce the CFAA’s disproportionately harsh penalties, shield security researchers and innovators from prosecution for doing their work, and clarify that violating a website’s terms of service is not a crime. Unfortunately, so far our efforts in Congress have been blocked, with tech giants like Google, Facebook, and Oracle shamefully unwilling to support reform even as the law needlessly claims lives and results in massively overbroad sentences.

We’ve also been fighting the CFAA in court. Over the past few years, we’ve convinced multiple federal courts of appeal that violations of private computer use restrictions cannot give rise to CFAA liability. This year, we urged the Supreme Court to take up US v. Nosal, a long-running CFAA case that would have provided the high court with the opportunity to clarify once and for all that the CFAA was meant to target malicious computer breaks—not to enforce computer use preferences. The court unfortunately turned down that opportunity, rejecting Nosal’s petition for Supreme Court review. We’re disappointed in this decision, but we’ll continue to advocate for a narrow interpretation of the CFAA’s vague language in lower courts across the country. We’ll soon be filing an amicus brief in the Ninth Circuit Court of Appeals in a case challenging LinkedIn’s use of the CFAA as a tool to limit access to publicly available data—an abusive use of the CFAA that we know would have disappointed Aaron.

While he was alive, Aaron railed hard against the idea of government-funded scientific research being unavailable to the public and his passion continues to motivate the open access community. While EFF continues to push for reforms to the CFAA, it's crucial to keep in mind that if open access were the standard for scientific research, then sharing it wouldn't be a crime at all—and Aaron never would have been charged in the first place.

As part of our work fighting for open access to data, EFF strongly supports the Fair Access to Science and Technology Act (FASTR), a bill that would require every federal agency that spends more than $100 million on grants for research to adopt an open access policy. The bill gives each agency flexibility to implement an open access policy suited to the work it funds—so long as research is available to the public after an “embargo period.”

One of the points of debate around FASTR is how long that embargo period should be. Last year, the Senate Homeland Security and Governmental Affairs Committee approved FASTR unanimously, but only after extending that embargo period from six to twelve months—a change that put FASTR in line with the 2013 White House open access memo. That’s the version that was recently reintroduced in the Senate. The House bill sets the embargo period at six months. In the fast-moving world of scientific research, even six months is an eternity to wait for open access, let alone twelve. But that said, FASTR would serve as an essential first step on which to build further reforms—and one we hope Aaron would be proud of.

We hope to see some of you at this weekend’s Aaron’s Day celebration. To find out more information about the hackathon or to buy tickets to the Saturday memorial event, visit the Internet Archive’s event page. And to support EFF’s efforts on open access and CFAA reform, visit https://supporters.eff.org/donate

Related Cases: 
Posted in Uncategorized Tagged

Federal employees can now support the FSF through the Combined Federal Campaign (FSF News)

The Combined Federal Campaign (CFC) is the world's largest annual workplace giving campaign, allowing US federal civilian, postal, and military employees to pledge donations to nonprofit charities such as the Free Software Foundation (FSF). Last year, federal employees voluntarily participating in the CFC contributed more than $167 million to charitable causes.

The FSF's work relies on thousands of individual supporters and members across the United States and around the world, who contribute, on average, less than $200 each. "We know there are many free software supporters working in the US federal government," said FSF executive director John Sullivan. "We're glad they will have this new way to contribute to the free software movement."

Pledges to support the FSF through the Combined Federal Campaign can be made by designating the Free Software Foundation as the beneficiary charity. The FSF's CFC identification code is 63210. Donors can pledge until the end of the campaign period on January 12, 2018.

About the Free Software Foundation

The Free Software Foundation, founded in 1985, is dedicated to promoting computer users' right to use, study, copy, modify, and redistribute computer programs. The FSF promotes the development and use of free (as in freedom) software -- particularly the GNU operating system and its GNU/Linux variants -- and free documentation for free software. The FSF also helps to spread awareness of the ethical and political issues of freedom in the use of software, and its Web sites, located at https://fsf.org and https://gnu.org, are an important source of information about GNU/Linux. Donations to support the FSF's work can be made at https://donate.fsf.org. Its headquarters are in Boston, MA, USA.

More information about the FSF, as well as important information for journalists and publishers, is at https://www.fsf.org/press.

Media Contacts

Georgia Young
Program Manager
Free Software Foundation
+1 (617) 542 5942
campaigns@fsf.org

Posted in Uncategorized Tagged

Stupid Patent of the Month: Bad Patent Goes Down Using Procedures at Patent Office Threatened by Supreme Court Case (Electronic Frontier Foundation)

At the height of the first dot-com bubble, many patent applications were filed that took common ideas and put them on the Internet. This month’s stupid patent, U.S. Patent No. 6,738,155 (“the ’155 patent”), is a good example of that trend.

The patent is titled “System and method of providing publishing and printing services via a communications network.” Generally, it relates to a “printing and publishing system” that provides “workflow services...using a communication network.” The original application was filed in 1999, and the patent issued in 2004.

The ’155 patent has a significant litigation history. Starting in 2013, its owner1 CTP Innovations, LLC, filed over 50 lawsuits alleging infringement, and told a court it intended to file as many as 200 additional cases. CTP claimed [PDF] that infringement of its patent was “ubiquitous” by the printing and graphic communications industry.

In response to CTP’s claims of infringement, several defendants challenged the patent at the Patent Office, using a procedure called “inter partes review” (or “IPR” for short). The IPR procedure allows third parties to argue to the Patent Office that a patent shouldn’t have been granted because what was claimed in the patent was either known or obvious (two requirements for being awarded a patent) at the time it was allegedly invented. The challenger presents what's called “prior art,” that is, material known to the public before the alleged invention. The challenger uses the prior art to show that the patent’s claims weren’t new or non-obvious when the application was filed. A patent owner is then given the chance to show why they are entitled to a patent.

Here is claim 10 of the ’155 patent, one of the claims challenged by the defendants:

10. A method of providing printing and publishing services to a remote client in real time using a communication network, the method comprising:

storing files on a computer server, the files containing information relating to images, text, art, and data;

providing said files to a remote client for the designing of a page layout;

generating a portable document format (PDF) file from the designed page layout;

generating a plate-ready file from said PDF file; and

providing said plate-ready file to a remote printer.

Here’s how the Patent Office presiding over the IPR described [PDF] claim 10:

Claim 10 is drawn to a method that requires: (1) storing files; (2) providing the files to a remote user for designing a page layout; (3) generating a PDF from the designed page layout; (4) generating a “plate-ready file” from the PDF; and (5) providing the plate-ready file to a remote printer.

In order to show that this claim should be cancelled, the challenger relied on several pieces of prior art to show that claim 10 of the ’155 patent was obvious.

During the IPR, the parties generally did not dispute that steps (1)-(4) were disclosed by the prior art. The only dispute noted by the Patent Office about what was disclosed by one particular prior art combination known as “Dorfman and Apogee” was whether sending a file to a remote printer (step (5)) was new or non-obvious. The Patent Office originally found [PDF] that even though the prior art disclosed all the other parts of the alleged invention, the prior art didn’t disclose sending files to a remote printer. That was enough to rule that claim 10 was new and non-obvious, and in favor of the patent owner.

We don’t think that minor difference from the prior art should matter. The ’155 patent doesn’t claim to have invented how to send files to a remote printer (nor could it in 1999, as a quick search reveals). Such a trivial change shouldn’t allow someone to claim a monopoly, especially when everyone was doing things “on the Internet” in 1999. For this reason, this patent is worthy of our award.

Fortunately, the Patent Office changed its mind [PDF] on the patentability of claim 10 and sending files remotely, after the challenger pointed out that the prior art did disclose doing exactly that. In January 2017, the Patent Office ruled that claim 10, as well as claims 11-7, 19 & 20, should be cancelled, and CTP did not appeal that decision.

Thanks to IPR, CTP can no longer use many of the claims of the ’155 patent to sue others. Indeed, it does not appear that CTP has brought suit against the 200 parties it threatened to sue.

IPR is currently facing an existential threat: the Supreme Court is currently deciding whether it is constitutional for the Patent Office to double-check its work after a patent has issued. We think it is. As this short story shows, the Patent Office sometimes misses things in the prior art, and unsurprisingly then, often allows patents that it shouldn’t. The public should be able to point out those mistakes to the Patent Office and not have to pay patent owners for things that rightfully belong to the public.

  • 1. It turned out that at the time CTP filed its lawsuits, it didn’t actually own the patent [PDF].
Posted in Uncategorized Tagged

The Apache Software Foundation Announces Apache® Juneau™ as a Top-Level Project (Apache Software Foundation Blogs)

Open Source framework for quickly and easily creating Java-based REST microservices and APIs in use at IBM, The Open Group, and Salesforce, among others.

Forest Hill, MD –31 October 2017– The Apache Software Foundation (ASF), the all-volunteer developers, stewards, and incubators of more than 350 Open Source projects and initiatives, announced today that Apache® Juneau™ has graduated from the Apache Incubator to become a Top-Level Project (TLP), signifying that the project's community and products have been well-governed under the ASF's meritocratic process and principles.

Apache Juneau is a cohesive framework that allows developers to marshal POJOs (Plain Old Java Objects) and develop REST (Representational State Transfer) microservices and APIs. Marshalling is used to transform an object’s memory representation to a data format suitable for moving between different parts of a computer program (or across programs), and to simplify communications to remote objects with an object.

"We've worked hard on making the Apache Juneau code as simple and easy to use as possible," said James Bognar, Vice President of Apache Juneau. "We packed Juneau with rich features and functionality, and have successfully directed our efforts on building a diverse community that will help drive the project’s future. We’re very proud to graduate as an Apache Top-Level Project."

Apache Juneau consists of:

  1. A universal toolkit for marshalling POJOs to a wide variety of content types using a common cohesive framework;
  2. A universal REST server API for creating self-documenting REST interfaces using POJOs, simply deployed as one or more top-level servlets in any Servlet 3.1.0+ container;
  3. A universal REST client API for interacting with Juneau or 3rd-party REST interfaces using POJOs and proxy interfaces; and
  4. A REST microservice API that combines all the features above with a simple configurable Jetty server for creating lightweight standalone REST interfaces that start up in milliseconds.


Apache Juneau is in use at IBM, The Open Group, and Salesforce, among others. The Apache Streams project began incorporating Apache Juneau libraries in late 2016.

"Removing Dropwizard and Jackson in favor of Apache Juneau simplified our dependency tree, increased the performance of our APIs, and added several features, especially HTML rendering, that have been a huge hit," said Steve Blackmon, Vice President of Apache Streams. "An on-going collaboration between our projects continues to expand the capabilities of Juneau's Remoteable library. As Apache Streams adds additional data provider Java SDKs powered by Juneau, the variety of HTTP interfaces that can be modeled and integrated with Juneau has expanded."

"We were able to replace existing home-grown REST interfaces on top of EMF objects with ones based on Apache Juneau and dramatically reduced the size of our codebase," said Craig Chaney, former Jazz Repository team lead at IBM. "We also used it as the basis for our Docker-based microservices in our CLM-as-a-Service offering."

"I have used Apache Juneau on projects where I need to work with Web Services," said David Goddard, Executive IT Specialist at IBM. "Juneau has saved us many development hours, enabling me to easily consume third-party REST APIs and construct my own Web Services far more quickly than I would otherwise be able to. Juneau also aids the development of robust, maintainable applications with clear logical code structure."

"When The Apache Software Foundation moved the JSON.org license to Category X, successors for JSON processing were needed," said John D. Ament, Vice President of the Apache Incubator, and Apache Juneau incubation mentor. "Apache Juneau was identified as a clean solution. It provides an easy to use API, great performance and a large number of features that made it a strong recommendation for others to leverage."

"As Apache Juneau grows, we welcome new contributors to join the project and take an active role in its development," added Bognar. "Whether reviewing user code, helping with feedback, or contributing code changes through the mailing list, we look forward to learning more about usage patterns to further improve the product."

Meet members of the Apache Juneau community at the Salesforce Dreamforce 2017 conference 6-9 November 2017 in San Francisco.

Availability and Oversight
Apache Juneau software is released under the Apache License v2.0 and is overseen by a self-selected team of active contributors to the project. A Project Management Committee (PMC) guides the Project's day-to-day operations, including community development and product releases. For downloads, documentation, and ways to become involved with Apache Juneau, visit http://juneau.apache.org/ and https://twitter.com/ApacheJuneau

About the Apache Incubator
The Apache Incubator is the entry path for projects and codebases wishing to become part of the efforts at The Apache Software Foundation. All code donations from external organizations and existing external projects wishing to join the ASF enter through the Incubator to: 1) ensure all donations are in accordance with the ASF legal standards; and 2) develop new communities that adhere to our guiding principles. Incubation is required of all newly accepted projects until a further review indicates that the infrastructure, communications, and decision making process have stabilized in a manner consistent with other successful ASF projects. While incubation status is not necessarily a reflection of the completeness or stability of the code, it does indicate that the project has yet to be fully endorsed by the ASF. For more information, visit http://incubator.apache.org/

About The Apache Software Foundation (ASF)
Established in 1999, the all-volunteer Foundation oversees more than 350 leading Open Source projects, including Apache HTTP Server --the world's most popular Web server software. Through the ASF's meritocratic process known as "The Apache Way," more than 680 individual Members and 6,300 Committers across six continents successfully collaborate to develop freely available enterprise-grade software, benefiting millions of users worldwide: thousands of software solutions are distributed under the Apache License; and the community actively participates in ASF mailing lists, mentoring initiatives, and ApacheCon, the Foundation's official user conference, trainings, and expo. The ASF is a US 501(c)(3) charitable organization, funded by individual donations and corporate sponsors including Alibaba Cloud Computing, ARM, Bloomberg, Budget Direct, Capital One, Cash Store, Cerner, Cloudera, Comcast, Facebook, Google, Hewlett Packard, Hortonworks, Huawei, IBM, Inspur, iSIGMA, ODPi, LeaseWeb, Microsoft, PhoenixNAP, Pivotal, Private Internet Access, Red Hat, Serenata Flowers, Target, WANdisco, and Yahoo. For more information, visit http://apache.org/ and https://twitter.com/TheASF

© The Apache Software Foundation. "Apache", "Juneau", "Apache Juneau", "Streams", "Apache Streams", and "ApacheCon" are registered trademarks or trademarks of the Apache Software Foundation in the United States and/or other countries. All other brands and trademarks are the property of their respective owners.

# # #