Newest Leak Shows NSA, GCHQ Infiltrated World Of Warcraft, Second Life

from the on-the-internet,-no-one-knows-you're-an-octopus dept

Apparently, there's nowhere our intelligence agencies won't go in ostensibly in search of terrorists. The latest leak from Snowden, as published by ProPublica, New York Times and The Guardian, shows the NSA and GCHQ are actively infiltrating MMOs and other online gatherings in order to fight terrorism.

Not limiting their activities to the earthly realm, American and British spies have infiltrated the fantasy worlds of World of Warcraft and Second Life, conducting surveillance and scooping up data in the online games played by millions of people across the globe, according to newly disclosed classified documents.

Fearing that terrorist or criminal networks could use the games to communicate secretly, move money or plot attacks, the documents show, intelligence operatives have entered terrain populated by digital avatars that include elves, gnomes and supermodels.

The spies have created make-believe characters to snoop and to try to recruit informers, while also collecting data and contents of communications between players, according to the documents, disclosed by the former National Security Agency contractor Edward J. Snowden.

According to the document (from 2008), online games like World of Warcraft and Second Life are potentially "target-rich environments" in which suspected terrorists "hide in plain sight." (And it's not just MMOs. Xbox Live has apparently been swept up in the surveillance efforts as well.) Despite this assertion, the documents contain no evidence that any terrorists have been uncovered by agents and analysts. In fact, experts and developers of games like these have found no evidence that terrorists are using their services to communicate or recruit new members.

Once again, the efforts of the NSA and GCHQ seem to be focusing time and energy searching locations where terrorists would be least likely to be "hiding in plain sight," much in the way that grabbing data from mainstream email services and social platforms is only going to find the most amateurish of wrongdoers.

Games “are built and operated by companies looking to make money, so the players’ identity and activity is tracked,” said Peter W. Singer of the Brookings Institution, an author of “Cybersecurity and Cyberwar: What Everyone Needs to Know.” “For terror groups looking to keep their communications secret, there are far more effective and easier ways to do so than putting on a troll avatar.”

Not only is the effort highly inefficient, but it's also highly redundant. As ProPublica points out, there are so many agents from the Pentagon, CIA and FBI chasing targets in virtual worlds that a "deconfliction" group was created just to avoid online "collisions."

Blizzard, the developer behind World of Warcraft, has gone on record stating that if intelligence agencies are using the service to track terrorists, it hasn't been informed or given its permission. Microsoft and Linden Lab (Second Life's developer) declined to comment.

There may be a good reason Linden Lab isn't issuing a statement. Its former CTO is an ex-military officer with top secret clearance.

In 2007, as the NSA and other intelligence agencies were beginning to explore virtual games, NSA officials met with the chief technology officer for the manufacturer of Second Life, the San Francisco-based Linden Lab. The executive, Cory Ondrejka, was a former Navy officer who had worked at the NSA with a top-secret security clearance.

He visited the agency’s headquarters at Fort Meade, Md., in May 2007 to speak to staff members over a brown bag lunch, according to an internal agency announcement. “Second Life has proven that virtual worlds of social networking are a reality: come hear Cory tell you why!” said the announcement. It added that virtual worlds gave the government the opportunity “to understand the motivation, context and consequent behaviors of non-Americans through observation, without leaving U.S. soil.”

GCHQ, in particular, has used Second Life to track down a crime ring selling stolen credit card information. While the use of these games in discovering and tracking terrorists still remains largely theoretical, GCHQ found the online games did offer one benefit:

According to the minutes of a January 2009 meeting, GCHQ’s “network gaming exploitation team” had identified engineers, embassy drivers, scientists and other foreign intelligence operatives to be World of Warcraft players — potential targets for recruitment as agents.

The NSA, on the other hand, seems to have found little more than evidence that terrorism suspects are largely like non-terrorists when they play online games -- they do it for enjoyment.

One NSA document said that the World of Warcraft monitoring “continues to uncover potential Sigint value by identifying accounts, characters and guilds related to Islamic extremist groups, nuclear proliferation and arms dealing.” In other words, targets of interest appeared to be playing the fantasy game, though the document does not indicate that they were doing so for any nefarious purposes.

Whether or not these agencies are actually hunting down terrorists, one this is for certain: large amounts of communications are being caught in the surveillance nets.

One document says that while GCHQ was testing its ability to spy on Second Life in real time, British intelligence officers vacuumed up three days’ worth of Second Life chat, instant message and financial transaction data, totaling 176,677 lines of data, which included the content of the communications.

Not surprisingly, there's also a profit motive tied into this infiltration of online games. SAIC, a government contractor specializing in surveillance systems (and building non-functional, incredibly expensive software), may have set this online surveillance in motion back in 2007.

In one 66-page document from 2007, part of the cache released by Mr. Snowden, the contracting giant SAIC promoted its ability to support “intelligence collection in the game space,” and warned that online games could be used by militant groups to recruit followers and could provide “terrorist organizations with a powerful platform to reach core target audiences.”

ProPublica notes that there's nothing in the documents that suggests SAIC ended up with a contract (at that time) as a result of its self-promotion, but it does appear that SAIC (along with Lockheed Martin) won a multi-million dollar contract a couple of years later, shortly after it participated in a discussion about a proposed government study of the link between online and offline behavior in MMO gamers.

The question is how useful these infiltrations have been after a half-decade of use. The agencies have stated they feel these games could be used for communication and recruitment, but nothing has surfaced indicating the surveillance is effective. It largely seems to be another way to gather data, something the agencies already have too much of. If nothing else, GCHQ seems to be using it for a headhunting tool, but I'm not sure how many potential employees would be flattered to know they've been "scouted" by a questionable surveillance program. For now, it seems to be another case of the reach far exceeding the grasp, not that this lack of success ever seems to result in scaling back the "reach."

Filed Under: gchq, mmos, nsa, second life, surveillance, virtual worlds, world of warcraft
Companies: blizzard, linden lab, microsoft

Second Life Dragged Into Legal Dispute Over Copyright Of Virtual Horses And Virtual Bunnies

from the virtual-madness dept

Way back in 2003, we warned that Second Life's copyright policy was going to be trouble. While many people celebrated the fact that Second Life had announced that participants would "own" the copyright on any works they created within the game, we feared that this would bring real world legal disputes into a virtual world that didn't make much sense -- and in retrospect many of the problems we expected have come true, though it's been mitigated by the fact that Second Life has lost a lot of its popularity over the past few years.

That said, Eric Goldman has the details on a recent bizarre legal dispute, which is summarized by the judge in the case as follows: "The gist of the copyright dispute between the parties is whether Plaintiff's virtual horses infringe on copyrights associated with Defendant's virtual bunnies." Yeah, so you know you're in for a treat. The details are that one company, Ozimals, makes "breedable" animals within Second Life, and believed that a competing company, Amaretto Ranch Breedables, was infringing on its copyrights. Ozimals insists that it's not claiming copyright on all breedable animals, but it does believe Amaretto directly copied much of its expression. After some back and forth between the companies, Amaretto went to court to try to get a restraining order, preventing Second Life from taking down their animals via a DMCA notice from Ozimals. The court agreed, and has barred Second Life from taking down the content.

Once you get past the fact that we're arguing over copyright on virtual animals, there are a variety of other issues here, including the question of why Second Life is barred from removing this content. Second Life wasn't a party to the lawsuit. Amaretto sued Ozimals, so at best, it seems like the court should only have issued an injunction against Ozimals from filing a DMCA takedown, but Second Life should be free to do whatever it wants. As Goldman notes:

The order binding Second Life also raises some troubling First Amendment issues. Second Life has the First Amendment rights to decide what to publish and what not to publish. If Second Life decides, for whatever reason, that it wishes to kibosh Amaretto's content, it seems improper for a court to force it to do otherwise. This point is completely unaddressed in the court's opinion because Second Life wasn't a litigant and couldn't advocate for its own interests. I could see why Second Life would basically agree to something analogous to an interpleader (effectively turning over the user-vs.-user copyright dispute to the judge and agreeing to abide by the judge's instructions). However, in a quick perusal of PACER, I didn't see anything that looked like Second Life consented to be bound by the proceedings. Were Second Life to fight this order on First Amendment grounds, I think it would have some mojo in that challenge.

That said, it is interesting to see a court step in and go so strongly against the filer of a DMCA takedown notice. It's quite rare to see anyone get in trouble for filing a bogus DMCA notice, that it's nice to see at least some courts recognize this could be a problem, even if the court then directed its injunction at the wrong party.

Filed Under: breedables, copyright, second life, virtual horses
Companies: amaretto, linden lab, ozimals

Lawsuit Questions Whether Or Not Second Life Users Really 'Own' Their Virtual Land

from the ownership-society dept

For many, many years, we've discussed the problems of trying to apply real world laws to virtual worlds. The reason many real world laws are in place is to deal with the facts and limitations associated with the real world. But, when you move to a virtual world, where the actual physics (literally and figuratively) may be entirely different, real world laws might not make much sense. For example, if you "steal" a magic sword in a virtual world, is that theft? What if the point of the virtual world is to pillage and steal? Then things get troubling. Virtual worlds should be effectively separated entirely from real world laws, because the basic reasoning behind the real world laws doesn't apply in the virtual worlds -- and mixing the two only leads to problems down the road.

That's why, despite the cheering from many folks who we normally agree with, we were somewhat worried, back in 2003, when Second Life announced that it was letting people actually "own" their own virtual goods and land in Second Life. Those in favor of this seemed to think that this was better than Second Life making arbitrary decisions, but the downside was that it brought all the problems of copyright law into a virtual world where the very basis for copyright law didn't quite apply. Bringing the outside law into a virtual world just seemed like a dangerous precedent.

And, now, it looks like Second Life may be regretting that earlier decision. Apparently, it recently tried to move away from at least part of it, changing how the virtual "land" that people had bought was defined, so that it was no longer "property" owned by the users, but a "service" provided by the company, Linden Lab, that runs Second Life. In response, there's now a class action lawsuit against Linden Lab, suggesting there was some sort of bait-and-switch, in that people were told they were actually buying "property" that they would own, but with a single change to the terms of service, that property reverted back to Linden Lab. While I think the latter position is the only really legally defensible one for Linden Lab to take, it brought this on itself by thinking it should bring outside world laws of copyright and ownership into the virtual world in the first place...

Filed Under: copyright, ownership, second life, virtual worlds
Companies: linden lab

Linden Lab Gets Legal With Helpful Resource On Using Second Life For Education

from the trademark-abuse dept

Chalk up another victory for trademark bullying. Linden Lab, the creator of Second Life, apparently just got around to registering certain Second Life trademarks, but wasted no time using them to shove around at least one site that was only helping to get more people to use Second Life. Game Politics points us to the news that the operator of the Second Life in Education Wiki was on the receiving end of a legal nastygram. This is, frankly, dumb.

The site has been around for over two years without an issue, and helps educators better understand ways to use Second Life as a tool for education. It's clearly put together outside of the auspices of Linden Lab, but is a useful tool for educators who want to use the virtual world. It's the sort of thing Linden Lab should be encouraging. No "moron in a hurry" would go to the wiki and think that it was run by Linden Lab. Linden Lab's lawyers will, of course, claim that they have to monitor uses of their marks to avoid it going generic, but that's a cop out. They do not need to go after anyone who uses the mark in any way. In a case like this, where it's clearly an educational tool, not being used to describe a different or competing platform, there's no issue. Still, the operator of the site has decided it's not worth fighting, and will be changing the name of the site and moving it to a different domain. Too bad. Another win for needless trademark bullying.

Filed Under: educational resource, second life, second life for education, trademark, wiki
Companies: linden lab

Linden Lab Sued Over Copied Virtual Goods

from the dmca,-anyone? dept

Way back in 2003, when Linden Lab announced that individuals owned the real world copyright on virtual trinkets they made in the game, we noted that this was a bad idea that would lead to problems. It was, in effect, taking bad real world laws and bringing them into a virtual world. It was even worse, because it was taking real world laws that were designed for a world of scarcity, and bringing them into a world of abundance -- and effectively allowing the laws to reach from the real world into the virtual world. That's a recipe for trouble.

And, indeed, a few years back there were lawsuits over "copied" products, though the main one we know of ended with both sides dropping the case. However, a new lawsuit has been filed, but this time, Linden Lab itself is a target, and the guy suing is claiming both copyright and trademark infringement. It's the same basic story. A guy creates virtual things (in this case, "sex toys") in Second Life, others copy them, and he's pissed off, so he sues. But he's suing Linden Lab, perhaps because it's better to sue a company that actually has money.

But legally, it seems like a huge longshot. The copyright claim should get tossed out pretty quickly due to DMCA safe harbors. The guy filing the lawsuit claims they don't apply "because it is aware of the rampant infringement of Alderman's copyrights and trademarks, and hasn't take proactive steps to prevent that piracy." Unless there's specific evidence of Linden Lab being informed of a particular infringement that Second Life ignored, it's hard to see how this isn't protected by the safe harbor. The trademark claim isn't covered by safe harbors (which is a problem...), but it's difficult to see how anyone could claim that Linden Lab is the one violating anyone's trademark here. Yet again... someone who can't handle the fact that digital goods are copyable feels he needs to lash out and sue everyone, rather than adapt.

Filed Under: copyright, dmca, liability, safe harbors, trademark, virtual goods
Companies: linden lab

Taser Sues Second Life For Having Virtual Tasers

from the no,-seriously dept

Stun gun maker Taser is notoriously overprotective of its brand, even pushing judges and medical examiners never to list a Taser as a cause of death. However, this latest, as pointed out by Dave Title has the company going "virtual." Taser is suing Second Life because of virtual Tasers found in the game. Specifically, Taser seems upset that these virtual stun guns are being sold next to pornographic material, which (the company claims) will harm its brand. I'd argue that going around suing everyone probably does a lot more harm.

Of course, Second Life parent corp. Linden Lab doesn't actually make or sell these things, but just provides the platform -- so you might think that the company is protected by safe harbors. Except... one of the little loopholes in safe harbor rules is on trademark claims, which mostly aren't covered by either the DMCA's safe harbors or the CDA's. However, it should be covered by common sense (which is not so common, unfortunately).

If the virtual Tasers actually do infringe on Taser's trademark, then it seems that the liable party should be the user who made/sold them in the first place -- not Linden Lab, the platform creator. On top of that, there's the big question of whether or not this is actually trademark infringement at all. You could make an argument that users might believe that virtual Tasers were somehow endorsed by the company itself, but do such products really "harm" the Taser brand? Again, it seems a lot more harm is being done to the brand by silly lawsuits. And, yes, people will point out (they always do!), that the company has an obligation to protect its marks, but there are better ways to do so than suing.

Filed Under: safe harbors, second life, tasers, trademark, virtual tasers
Companies: linden lab, taser

No, Second Life's Bank Crash Did Not Predict Real World Bank Crash

from the get-real,-people dept

MSNBC is running an article claiming that last year's virtual bank collapse in Second Life somehow foretold the current financial crisis. It makes for a good headline, but it's simply not true. The factors that resulted in the real world financial crash, as compared to the one in Second Life were entirely different. While there may have been some similarities (people not taking the time to understand the risk of certain investments) to compare the two is a pretty big stretch. From there, the article gets even worse, pretending that both financial crashes show that free markets don't work.

That's simply not true.

The eventual crash actually does show that free markets can work properly, punishing those who took risks without fully understanding the risks. The response in Second Life, to ban banks like the one that crashed, seems like the wrong way to go about things as well. Yes, many people were fooled, and ended up losing money, but that should help educate people not to blindly rush into putting money in a totally unregulated "bank" that made promises that were clearly beyond reasonable (40% interest?). Having regulations that prevent outright fraud (lying) seem reasonable, but banning all banks in response to such a poorly run one seems like going to far. The problem isn't just with the fact that it was an "unregulated free market." It was with the fact that people blindly believed that something too good to be true was legit.

Filed Under: bank crash, economy, free market, regulations, second life
Companies: linden lab

Reuters Bails On Second Life After Figuring Out It's Really Not That Interesting

from the if-a-tree-falls-in-a-forest... dept

One of the sillier attempts by businesses to look cool by setting up shop in Second Life was that of Reuters, which assigned a reporter to hang out in the virtual world full-time and report on it as if it were any other economy. While we noted at the time there might be some interesting stories in Second Life, that seemed to be taking a back seat to the publicity value of the stunt. It was surprising to learn that the Reuters reporter was still there until recently, when he finally gave up the beat, calling it "about as fun as watching paint dry." With 9 out of 10 efforts by businesses going into Second Life ending in failure, perhaps there wasn't much for a business reporter to cover any longer. For what it's worth, the reporter says Linden Labs should give up on the idea that Second Life is a business application -- not because of its shaky in-game economics, or because there's no value for there for most businesses, but because of technical problems. While those may be easier to solve for the company, they pale in comparison to the sheer pointlessness of real-world businesses establishing themselves in Second Life.

Filed Under: reporting, second life
Companies: linden lab, reuters

Well, At Least Second Life Won't Need A Gov't Bailout

from the too-small-to-care dept

Remember a couple years ago, when you could hardly go a day without hearing some press story hyping up how the virtual world Second Life was the biggest thing since the internet itself? Those days went away pretty quickly once people noticed that the numbers Second Life was claiming weren't really representative of how many people were there, and all the brands that bought into the hype and jumped on the Second Life bandwagon started realizing that it didn't do much for them, as most of the folks in Second Life were there for the virtual sex and gambling, which the company has cracked down on.

However, apparently, there are still some folks using Second Life, and the company wants to let you know that as the financial crisis spreads around the world, the fundamentals of the economy in Second Life remain strong. Over the past few weeks, I've seen press announcements from plenty of tech companies trying to spin the financial crisis as a reason to write about their company, but this one might be the most ridiculous. It's not as if people are going to start moving money into Lindens any time soon as an investment vehicle.

Filed Under: economy, financial crisis, second life
Companies: linden lab

Shockingly, Businesses Who Set Up Shop In Second Life Because It's 'Cool' Don't Fare So Well

from the who-woulda-thunk-it? dept

Over the last year or so, it seems like the halo around Second Life has worn off, especially for all the big companies who rushed in, believing it was the next big thing. A new report now notes that approximately 90% of companies who rushed into virtual worlds saw their projects fail. Not surprisingly, most of the failed projects involved companies who got involved because they thought it was "cool" or because a competitor was there. Apparently, not having a real business purpose or strategy pretty much guarantees that you're not going to achieve very much of either.

Filed Under: businesses, second life, virtual worlds
Companies: linden lab