As a prospective passenger, I do not appreciate people who book flights they do not intend to travel on. It's no surprise when Southwest flights are full. It's no surprise at all when the cheaper tickets on a flight are sold out.
So a service that assists those who are booking flights they don't intend to travel on raise costs for real passengers and simultaneously lower revenue for the operator.
Maybe there's no legal basis for Southwest to sue. I for one wouldn't might if they changed the cancellation notice requirements to break the fake travelers' ability to save money.
I do agree with most of your points about trademark, etc. Lawyers seem to fell they have to throw everything conceivable against the wall hoping something will stick.
But still, somewhere in there both real passengers and Southwest are worse off when "hidden city" fake passengers profit by booking in bad faith.
[T]he court made it clear that if (1) a public official is (2) using social media (3) for official purposes (4) to create a space of open dialogue (and all four of those factors are met) then they cannot block people from following them based on the views those users express, as it violates the 1st Amendment.
This effectively says that given those conditions, the public official has no freedom of association. As a public official, they are required to associate with the public. Those are the people they serve. Public business requires public participation. Get it?
If you are a public official and want freedom of association, you get it by not using your account for official purposes (part 3 of the conditions). Public officials are free to choose their associates when not acting for official purposes.
There is a very basic security process called identification, authentication, and authorization. Confusing identifiers and authenticators is a rookie mistake, like asking for Joe Johnson's social security number to authorize a phone caller claiming to be Joe to transfer money out of his bank account.
From the description in the article, Facebook's process uses a phone number as both an identifier and an authenticator (or an identifier needing no authentication -- what?). In fact, a phone number by itself is at most potentially an identifier for an endpoint in the telephone network. So to proceed on to authorization (allowing the response to supply facts about an account) is to ignore security altogether.
I suppose this is motivated by Facebook's desire to be frictionless, a word in wide use when the company started, so the interconnections between their users can grow very rapidly and Facebook will make lots of money. But as "security" it's not even the equivalent of an open door swinging in the breeze.
Facebook cannot possibly be considered to implement any privacy concerns whatsoever in this process. Nor is the integrity of Facebook's data nor the availability of FB's systems threatened. Facebook has no security complaint to make that isn't caused by its own negligence. Their users are the only ones harmed.
No one who has a telephone could possibly believe that the robocallers plaguing them have the slightest concern about whether the recipients want to be their "friends." And yet that's the basis that this particular system is built on.
So, yes, I agree that screen scraping has too much utility to be outlawed altogether. I believe that part of allowing it has to be authorization by any parties whose data is exposed. But FB's system is so basically flawed that I can only weep at the idea of it being used as a test case.
Ha. I thought it used to be possible to edit a comment after posting. At any rate, typo alerts:
"visit A.com, do something A.org needs to know" SHOULD BE "visit A.org..."
"Z.com will include the cookie you received while interacting with A.org" SHOULD BE "Z.com will include the cookie you received from Z.com while interacting with A.org"
I don't believe any browser is removing support for cookies in general. If you reread the article, it's about third-party cookies.
A "normal" cookie, such as are used to maintain your user session, are sent to you when you visit A.com, do something A.org needs to know (like, you've logged in, or put something in your shopping cart), and returned to A.org on your next request to A.org.
A third-party cookie is sent to you from... a third party. You visit A.org, and get a cookie from Z.com. Then you make a request to B.org, that also uses Z.com (perhaps for displaying ads). As part of loading the page from B.org, you load a component from Z.com (perhaps an ad). That request to Z.com will include the cookie you received while interacting with A.org. And BINGO! Z.com knows you visited both A.org and B.org.
So now Z.com "knows" that when you shop for diapers, you also order beer.
However, there are some folks who could deny that the sun rises daily in the temperate latitudes if it made them uncomfortable, angry, or afraid.
When I read The Color of Law: A Forgotten History of How Our Government Segregated America by Richard Rothstein, I was very uncomfortable. I pushed on, and became angry -- but not at Rothstein, who is extremely thorough and backs up everything he says. Instead, I became angry at the politicians and schools who had lied about what had been done.
It's hard to push on into something that might make you reevaluate the dream that you and your acquaintances are living in. But it's worth it.
Thank you for the link. Schneier usually says something sensible to think about. In this case, though I can't name it, I believe there's an informal fallacy in his argument:
Schneier: And without ubiquitous, cheap, fast, and accurate testing, you can't confirm the app's diagnosis. So the alert is useless.
[There's a straw man hiding there -- the app doesn't claim to provide diagnosis -- but it's not the fallacy I'm concerned with.]
Testing is an essential predicate for control until we have a vaccine or "herd immunity" (don't hold your breath for that). The general plan for control of the pandemic before a vaccine is available is
A(testing) + B(knowledge of contacts) => C(hope of control through isolation measures)
Schneier says without A, an app to help with contact tracing is useless. I agree. But then, "without ubiquitous, cheap, fast, and accurate testing" you can't do effective contact tracing (neither with nor without an app, especially if there's asymptomatic spreading).
But that doesn't mean an app to help with contact tracing is useless under all circumstances" does it?
That doesn't mean that an app to provide some help with contact tracing is useless. It seems more accurate to say it may be premature. Testing capability varies from place to place, and may improve with time.
There's a wee bit of confusion in your comment. May I try to clear it up?
AAC: I have some doubts about how many will sit through some TV program where they read out numbers for you to see if your a winner. I don't have TV, so it wouldn't work for me.
The "radio program" is part of the introductory analogy using raffle tickets, not part of any actual implementation. Apps implementing tracing using the facility provided by Apple and Google would download lists from the public health agency providing the app [the agencies might confederate the data so the app would work as the phone travels from one jurisdiction to another]:
Article: Phones download the list of positive keys and check to see if they have any of them in their on-device databases.
As for
AAC: How many times will any individual check, or how often?
Again, there's an app. The app does the checking. Perhaps the implementer provides a default frequency, and the user may have a preference to modify it.
This isn't about workers complaining about management's ideas of proper working conditions, or compensation, or other normal concerns.
If health care workers are unhealthy -- or dead -- they can't care as effectively -- or at all -- for the general population, and more will die. Triage policy discussions (for example, here) acknowledge that.
It's pretty obvious, though, that the FBI approach is worthy of its DNA. Note that SSA doesn't say the won't accept requests as usual, only that they won't process them "during the pandemic" (this phrase in the heading is softened by "until further notice" in the notice itself).
What workloads is SSA not doing during the COVID-19 pandemic?
Created: March 18, 2020
We have suspended the following workloads until further notice:
We will not start or complete any current medical continuing disability reviews. If you have a - medical continuing disability review pending, please do not request medical information from your doctors at this time. We will follow up with you for any medical evidence once the COVID-19 public health emergency subsides.
Where possible, we are suspending our processing and collection of overpayments.
We are not conducting organization or individual representative payee accountings.
We will not be able to process a third party requests for information, except from appointed representatives and representative payees
We will not process any Freedom of Information Act (FOIA) requests. [emphasis added]
Probably typing a little fast... but iirc from when I was in high school long ago, you might secure an indictment from a grand jury, but probably not a conviction
I'm not indicting Tim, just asking for cleanup before it becomes red meat for some troll.
The cell carriers NEED the "3rd-party billing" process to be fast and loose, with no setup required, no authorization by the customer, no customer contact at all. It's all about defining "due diligence" for a new business practice - they want the bar set low. They are salivating over the prospect of skimming merchant fees and transaction charges from payment systems that use cell phones to replace credit and debit cards, and those systems will never be widely used if customers are allowed to sign up and perform authorizations on a per-merchant or per-transaction basis. NOTHING will EVER get the carriers to make 3rd-party billing complicated.
Please! A monopoly is not illegal in and of itself. What is illegal is abuse of monopoly power. Sometimes the consequence of abuse of monopoly power is the breakup of the monopoly. Sometimes, as with IBM in the early 60's, it's careful oversight to prevent recurrence.
I don't believe Mike has ever said that copyright itself should be abolished. He often says that abuses of copyright should be curbed.
Techdirt has not posted any stories submitted by reticulator.
Re: expert witnesses for the defense
For the government, the cost of expert witnesses is chump change.
The government can throw multiple types of expert witnesses at the defense, still for chump change.
And that's for expert witnesses who will testify that their fellow prosecution expert witnesses have wonderful track records over years of experience.
For the defendant who isn't rolling in cash, not so much.
southwest may not have standing -- but I might
As a prospective passenger, I do not appreciate people who book flights they do not intend to travel on. It's no surprise when Southwest flights are full. It's no surprise at all when the cheaper tickets on a flight are sold out.
So a service that assists those who are booking flights they don't intend to travel on raise costs for real passengers and simultaneously lower revenue for the operator.
Maybe there's no legal basis for Southwest to sue. I for one wouldn't might if they changed the cancellation notice requirements to break the fake travelers' ability to save money.
I do agree with most of your points about trademark, etc. Lawyers seem to fell they have to throw everything conceivable against the wall hoping something will stick.
But still, somewhere in there both real passengers and Southwest are worse off when "hidden city" fake passengers profit by booking in bad faith.
Re: Moot point, semantics of same
I read the article. You might read it again.
In part, it says
This effectively says that given those conditions, the public official has no freedom of association. As a public official, they are required to associate with the public. Those are the people they serve. Public business requires public participation. Get it?
If you are a public official and want freedom of association, you get it by not using your account for official purposes (part 3 of the conditions). Public officials are free to choose their associates when not acting for official purposes.
repeat after me: (entity) is not an authenticator
There is a very basic security process called identification, authentication, and authorization. Confusing identifiers and authenticators is a rookie mistake, like asking for Joe Johnson's social security number to authorize a phone caller claiming to be Joe to transfer money out of his bank account.
From the description in the article, Facebook's process uses a phone number as both an identifier and an authenticator (or an identifier needing no authentication -- what?). In fact, a phone number by itself is at most potentially an identifier for an endpoint in the telephone network. So to proceed on to authorization (allowing the response to supply facts about an account) is to ignore security altogether.
I suppose this is motivated by Facebook's desire to be frictionless, a word in wide use when the company started, so the interconnections between their users can grow very rapidly and Facebook will make lots of money. But as "security" it's not even the equivalent of an open door swinging in the breeze.
Facebook cannot possibly be considered to implement any privacy concerns whatsoever in this process. Nor is the integrity of Facebook's data nor the availability of FB's systems threatened. Facebook has no security complaint to make that isn't caused by its own negligence. Their users are the only ones harmed.
No one who has a telephone could possibly believe that the robocallers plaguing them have the slightest concern about whether the recipients want to be their "friends." And yet that's the basis that this particular system is built on.
So, yes, I agree that screen scraping has too much utility to be outlawed altogether. I believe that part of allowing it has to be authorization by any parties whose data is exposed. But FB's system is so basically flawed that I can only weep at the idea of it being used as a test case.
Re: Re: politicians
"Politicians will not save you from cookies"...
nor will politicians save a cookie for you!
Re: Re: Re: "the" cookies
Ha. I thought it used to be possible to edit a comment after posting. At any rate, typo alerts:
"visit A.com, do something A.org needs to know" SHOULD BE "visit A.org..."
"Z.com will include the cookie you received while interacting with A.org" SHOULD BE "Z.com will include the cookie you received from Z.com while interacting with A.org"
Re: Re: "the" cookies
I don't believe any browser is removing support for cookies in general. If you reread the article, it's about third-party cookies.
A "normal" cookie, such as are used to maintain your user session, are sent to you when you visit A.com, do something A.org needs to know (like, you've logged in, or put something in your shopping cart), and returned to A.org on your next request to A.org.
A third-party cookie is sent to you from... a third party. You visit A.org, and get a cookie from Z.com. Then you make a request to B.org, that also uses Z.com (perhaps for displaying ads). As part of loading the page from B.org, you load a component from Z.com (perhaps an ad). That request to Z.com will include the cookie you received while interacting with A.org. And BINGO! Z.com knows you visited both A.org and B.org.
So now Z.com "knows" that when you shop for diapers, you also order beer.
Re: Re: Re: Crawling out on slow day as all bite nails over the
Oh, Khym, I agree with you sooooooo much!!!!!!
Re: "you can't deny"
Amen from me.
However, there are some folks who could deny that the sun rises daily in the temperate latitudes if it made them uncomfortable, angry, or afraid.
When I read The Color of Law: A Forgotten History of How Our Government Segregated America by Richard Rothstein, I was very uncomfortable. I pushed on, and became angry -- but not at Rothstein, who is extremely thorough and backs up everything he says. Instead, I became angry at the politicians and schools who had lied about what had been done.
It's hard to push on into something that might make you reevaluate the dream that you and your acquaintances are living in. But it's worth it.
Re: Contact tracing
Thank you for the link. Schneier usually says something sensible to think about. In this case, though I can't name it, I believe there's an informal fallacy in his argument:
Testing is an essential predicate for control until we have a vaccine or "herd immunity" (don't hold your breath for that). The general plan for control of the pandemic before a vaccine is available is
Schneier says without A, an app to help with contact tracing is useless. I agree. But then, "without ubiquitous, cheap, fast, and accurate testing" you can't do effective contact tracing (neither with nor without an app, especially if there's asymptomatic spreading).
But that doesn't mean an app to help with contact tracing is useless under all circumstances" does it?
That doesn't mean that an app to provide some help with contact tracing is useless. It seems more accurate to say it may be premature. Testing capability varies from place to place, and may improve with time.
Re: Re: Contact tracing
There's a wee bit of confusion in your comment. May I try to clear it up?
The "radio program" is part of the introductory analogy using raffle tickets, not part of any actual implementation. Apps implementing tracing using the facility provided by Apple and Google would download lists from the public health agency providing the app [the agencies might confederate the data so the app would work as the phone travels from one jurisdiction to another]:
As for
Again, there's an app. The app does the checking. Perhaps the implementer provides a default frequency, and the user may have a preference to modify it.
it's not just death for health care workers
This isn't about workers complaining about management's ideas of proper working conditions, or compensation, or other normal concerns.
If health care workers are unhealthy -- or dead -- they can't care as effectively -- or at all -- for the general population, and more will die. Triage policy discussions (for example, here) acknowledge that.
the FBI just wants to be special, eh?
As the notice below from the Social Security Administration shows, others in government are also (shall we say?) deprioritizing FOIA response.
It's pretty obvious, though, that the FBI approach is worthy of its DNA. Note that SSA doesn't say the won't accept requests as usual, only that they won't process them "during the pandemic" (this phrase in the heading is softened by "until further notice" in the notice itself).
conviction vs indictment
Probably typing a little fast... but iirc from when I was in high school long ago, you might secure an indictment from a grand jury, but probably not a conviction
I'm not indicting Tim, just asking for cleanup before it becomes red meat for some troll.
it's all about futures - cell phone as payment systems
monopolies are not illegal
I don't believe Mike has ever said that copyright itself should be abolished. He often says that abuses of copyright should be curbed.
Techdirt has not posted any stories submitted by reticulator.
Submit a story now.
Tools & Services
TwitterFacebook
RSS
Podcast
Research & Reports
Company
About UsAdvertising Policies
Privacy
Contact
Help & FeedbackMedia Kit
Sponsor/Advertise
Submit a Story
More
Copia InstituteInsider Shop
Support Techdirt