Tag: wireless broadband services

Obama’s Secret Attempt to Ban Cellphone Unlocking, While Claiming to Support It

By Derek Khanna
http://www.slate.com/blogs/future_tense/2013/11/18/tpp_wikileaks_white_house_claims_to_support_cellphone_unlocking_but_treaty.html
Last week, WikiLeaks made public a portion of a treaty that the White House has been secretly negotiating with other nations and 600 special interest lobbyists. The draft of the Trans-Pacific Partnership Treaty, which is on intellectual property, shows that HealthCare.gov isn’t the only tech topic on which the Obama administration has some serious explaining to do.
The White House claims that it supports copyright reform. It should be in favor of remaking the framework, because today’s copyright system is a mess: It grants protection that is too long (70 years or more), fair use is notoriously unclear and vague, and statutory damage laws create a massive deterrent to lawful creation. Economists and scholars argue that modern copyright, as opposed to constitutional copyright, greatly impedes innovation and content creation. But the TPP, which is being negotiated by 11 countries, would be a step in the completely wrong direction.
In its present state, treaty would expand copyright and effectively make real reform impossible. Worse, it would essentially disregard constitutional limitations on copyright and reject pillars like fair use, the first-sale doctrine, and having copyright be for “limited times.” The worst part: While the White House was publicly proclaiming its support of cellphone unlocking, it was secretly negotiating a treaty that would ban it.
Cellphone unlocking is the ability to take a phone and alter its settings so that it can be used on other carriers. Essentially this technology allows a consumer to bring her phone from one carrier to another when her contract expires (if technologies are compatible). In January, following appeals by AT&T/Verizon’s main trade association, the Librarian of Congress issued a ruling making unlocking a felony punishable by five years in prison and a $500,000 fine. This was a terrible idea: Economists and market participants have explained that this ruling would result in reduced competition in the industry, a decimated resale market, and restricted consumer rights. And indeed the impact has been devastating.
At the time, I spearheaded an unpaid national campaign to legalize unlocking, which included a White House “We the People” petition (I wrote a bit about our campaign here). Our petition reached 114,000 signatures, and the White House responded in favor of cellphone unlocking:
“The White House agrees with the 114,000+ of you who believe that consumers should be able to unlock their cell phones. … It’s common sense, crucial for protecting consumer choice, and important for ensuring we continue to have the vibrant, competitive wireless market that delivers innovative products and solid service to meet consumers’ needs.”
The FCC came out in favor of our petition, as did numerous outside groups such as Freedomworks, Public Knowledge, R Street and the editorial boards of the New York Times and the Washington Examiner. We were unable to find a single group, or Member of Congress, that was in favor of unlocking being a felony. But somehow, while a number of bills were introduced, none passed, and the one that had widespread support, H.R. 1892, never received a hearing or was brought up for a vote.
The leaked treaty draft shows that while the White House was championing restoring free market principles to phones, the U.S. proposed that the TPP lock in the process that allowed the Librarian of Congress to rule this technology as illegal through international law. This would make potential reforms like H.R. 1892 impossible.* It should be noted that Canada did submit an amendment proposal that could allow unlocking, but neither the United States nor any other country supported it.
But the TPP draft doesn’t stop there. It would ban numerous other technologies that have beneficial uses. In particular, the legislation would ensure that jailbreaking—which is installing a different operating system on your phone, tablet, or e-reader—is illegal. It’s already on precarious ground in the United States, but under TPP it would be illegal in all circumstances. What type of nation would arrest 23 million people for installing a different operating system on their own device?
This treaty is still being negotiated, so all of these issues could be addressed in the final text, but so far what has been made public demonstrates a massive and nearly unprecedented power grab by special interests rather than sound public policy considerations.
This treaty has long been shrouded in unprecedented secrecy. Congressional staff, press and general public weren’t allowed to read it; in many cases, even members of Congress were kept in the dark. Meanwhile, special interests were given full access. Now we know why: The White House didn’t want the public to know what was being negotiated in their name.
Correction, Nov 18, 2013: This blog post originally misstated effect of the U.S. proposal to TPP.
< — >
http://www.slate.com/blogs/future_tense/2013/11/18/tpp_wikileaks_white_house_claims_to_support_cellphone_unlocking_but_treaty.html

Another FISC judge: “NSA exceeded the scope of authorized acquisition continuously”

Another FISC judge: “NSA exceeded the scope of authorized acquisition continuously”

Judge: “NSA exceeded the scope of authorized acquisition continuously”

New declassifed documents show legal arguments over bulk metadata collection.

by Cyrus Farivar – Nov 19 2013, 1:36am EST
Yet another Foreign Intelligence Surveillance Court (FISC) judge has blasted United States government and intelligence officials for disregarding the court’s guidelines for domestic surveillance of American e-mail metadata traffic, a program that ran for around a decade before ending in 2011.
“As noted above, [National Security Agency’s] record of compliance with these rules has been poor,” wrote Judge John D. Bates, in a 117-page opinion (PDF) whose date was redacted. The opinion is one of was just one of a series of documents released and declassified late Monday evening by the Office of the Director of National Intelligence (ODNI).
“Most notably, NSA generally disregarded the special rules for disseminating United States person information outside of NSA until it was ordered to report such disseminations and certify to the FISC that the required approval had been approved. The government has provided no meaningful explanation why these violations occurred, but it seems likely that widespread ignorance of the rules was a contributing factor.”
The documents, which include annual reports from the Attorney General to Congress, memos, presentations, and training documents, were released in relation to an Electronic Frontier Foundation lawsuit. The second batch was released in September 2013, and the first in August 2013. In total, ODNI says it has now released nearly 2,000 new documents in recent months.
“Release of these documents reflects the Executive Branch’s continued commitment to making information about this intelligence collection program publicly available when appropriate and consistent with the national security of the United States,” James Clapper, the head of the ODNI, wrote on Monday.
“Additionally, they demonstrate the extent to which the Intelligence Community kept both Congress and the Foreign Intelligence Surveillance Court apprised of the status of the collection program under Section 215 [of the Patriot Act]. Some information has been redacted because these documents include discussion of matters that continue to be properly classified for national security reasons and the harm to national security would be great if disclosed.”
The Bates opinion is the second of the two most revealing documents in this new tranche. The first, written by FISC Judge Colleen Kollar-Kotelly, responds to a government request that allows the NSA to use pen register and trap and trace devices (“pen/trap devices”) as a way to access metadata on electronic communication. She granted approval for the bulk surveillance, but laid out specific guidelines.
The subsequent second FISC opinion, authored by Judge Bates, is in response to a government request that aimed to expand the metadata collection program by “11-24 times.” Bates slams the government for not adhering to its guidelines, but “reluctantly” allows them to continue, citing deference to the Executive Branch (and intelligence agencies, like the NSA, whose powers are granted through the Reagan-era Executive Order 12333). In the opinion, Judge Bates appears unwilling or unable to meaningfully punish any government officials despite clear violations of the court’s prior orders.
“I see a lot of similarities between the Bates opinion and the Walton opinion,” Mark Rumold, a staff attorney at the Electronic Frontier Foundation, told Ars. Rumold was referring to a 2009 opinion by FISC Judge Reggie Walton, who equally lambasted the government.
“It’s essentially the same thing, FISC taking NSA and [the Department of Justice] to task for violating their orders, for accessing more information than they were allowed to access under the orders and laying out under the ways that they had violated the court’s orders, [but then] letting them continue,” Rumold added. “The executive branch has pushed the judiciary so far and hopefully now we’re at that tipping point that the judiciary is comfortable with and they’ll start pushing back on executive misrepresentations.”
Not your father’s pen/trap application
The Kollar-Kotelly opinion (PDF) describes her response to a government application that “seeks authority for a much broader type of collection than other pen register/trap and trace applications,” compared to what had previously been done before.
As we’ve reported in the past, pen/trap devices are a type of legal order that has recently skyrocketed in use in the US. Originally designed to apply to telephone companies, they are now being increasingly applied to tech companies as a way to capture user metadata, too. Of the total number of American law enforcement orders that it received in six months, Google said recently that 2 percent of those were pen/trap orders.
Applied to a Google user, for example, a pen register would likely record who that user was sending e-mail to. A corresponding “trap and trace order” would likely include metadata from e-mails received, likely including date, time, IP address, and other routing information. It could also include attachments, and perhaps even—if broadly interpreted enough—anything but the actual content of an e-mail. Secure e-mail service Lavabit recently received such an order prior to its shutdown.
In the Monday night Tumblr post, the ODNI defined this program this way:
http://arstechnica.com/tech-policy/2013/11/judge-nsa-exceeded-the-scope-of-authorized-acquisition-continuously/

Leading Internet Engineers Agree to Upgrade Standards to Improve Internet Privacy and Security

IETF Chair Blog
http://www.ietf.org/blog/2013/11/strengthening-the-internet/
IETF Technical Plenary Video archive
http://www.ietf.org/live/
IETF Technical Plenary Consensus report
http://www.ietf.org/mail-archive/web/ietf/current/msg83857.html

LEADING INTERNET ENGINEERS AGREE TO UPGRADE STANDARDS TO IMPROVE INTERNET PRIVACY AND SECURITY

IETF reaches broad consensus to improve the security of Internet protocols to respond to pervasive surveillance

VANCOUVER, British Columbia–(BUSINESS WIRE)– Internet security has been a focus this week for the more than 1100 engineers and technologists from around the world gathered at the 88th meeting of the Internet Engineering Task Force (IETF). As the Internet’s premier standards organization responsible for developing the foundation of services and technologies used billions of times every day, IETF participants are rethinking approaches to security across a wide range of technical areas.
“Ensuring the global Internet is a trusted platform for billions of users is a core and ongoing concern for the IETF community. Discussions over the past few months, including many in the more than 100 working group sessions this week, are carefully and systematically reviewing Internet security and exploring ways to improve privacy and other aspects of security for different applications,” said Jari Arkko, Chair of the IETF. “Internet security has many facets, and the IETF is focused on ensuring that the technical Internet protocols that it develops provide a strong foundation for privacy and security.”
“The Internet has been turned into a giant surveillance machine,” said Bruce Schneier, who spoke at the meeting’s technical plenary. “This is not just about any particular country or individual action. We need to work broadly to fix the problems of today and tomorrow.”
“At the IETF technical plenary, participants agreed that the current situation of pervasive surveillance represents an attack on the Internet,” said Stephen Farrell, one of the IETF’s two Security Area Directors. “While there are challenges isolating the specific areas of attack that IETF protocols can mitigate, all of the working groups that considered the topic have started planning to address the threat using IETF tools that can mitigate aspects of the problem.”
The Internet depends upon standards developed in an open and transparent manner. Openness allows any interested party to participate, review, critique, or question the work of others. Transparency provides visibility into all steps of the process and an appropriate audit trail for inspection. Broad consensus, after review from a wide range of interests and perspectives, fosters agreement on the resulting standards.
“The IETF is taking steps to develop the technical specifications to improve the privacy and security of the Internet,” said Russ Housley, Chair of the Internet Architecture Board. “However, others need to take on the non-technical aspects that are part of a comprehensive response to mass surveillance on the Internet.”
In nearly 30 years, the IETF has published more than 4500 documents that describe standards for the fundamental technologies and widely used services on today’s global Internet. IETF participation is open to any interested individual and includes experts from industry, academia, and government from across the globe. While the work of the IETF mainly takes place online to reduce barriers to participation, its in-person meetings bring together participants three times each year at locations around the world.
For archives of video and other materials from the meeting, see:
http://www.ietf.org/live/
For more information about the IETF 88 meeting, see:
http://www.ietf.org/meeting/88/index.html
About the Internet Engineering Task Force
The Internet Engineering Task Force (IETF) is the Internet’s premier technical standards body. It gathers a large open international community of network designers, engineers, operators, vendors, and researchers concerned with the evolution of the Internet architecture and the smooth operation of the Internet. The IETF seeks broad participation. The work of the IETF takes place online, largely through email lists, reducing barriers to participation and maximizing contributions from around the world. IETF Working Groups (WGs) are organized by topic into several areas (e.g., routing, transport, security, etc.). For more information, see: http://www.ietf.org/

SAFE Act

The Securing Adolescents from Exploitation-Online Act of 2007

ISPs already have a duty to notify authorities if they stumble across anything that appears to be child pornography or molestation evidence. The new bill ups the penalties for not reporting this information; ISPs now face up to $150,000 for a first violation and up to $300,000 for subsequent violations. The bill also requires ISPs to retain copies of all information filed in these reports, and to do so for 180 days in case they are needed for use as evidence in court.  Now, what does the bill not do? It explicitly tells ISPs that they do not need to “monitor any user, subscriber, or customer,” they do not need to “monitor the content of any indication,” or even “affirmatively seek facts or circumstances.” In other words, if you see it, you are legally obligated to report it, but ISPs do not need to become child porn detectives.
110th CONGRESS
1st Session
H. R. 3791
AN ACT

To modernize and expand the reporting requirements relating to child pornography, to expand cooperation in combating child pornography, and for other purposes.

Be it enacted by the Senate and House of Representatives of the United States of America in Congress assembled,

SECTION 1. SHORT TITLE.

This Act may be cited as the “Securing Adolescents From Exploitation-Online Act of 2007” or the “SAFE Act of 2007”.

SEC. 2. REPORTING REQUIREMENTS OF ELECTRONIC COMMUNICATION SERVICE PROVIDERS AND REMOTE COMPUTING SERVICE PROVIDERS.

(a) In General.—Chapter 110 of title 18, United States Code, is amended by inserting after section 2258 the following:

“SEC. 2258A. REPORTING REQUIREMENTS OF ELECTRONIC COMMUNICATION SERVICE PROVIDERS AND REMOTE COMPUTING SERVICE PROVIDERS.

“(a) Duty To Report.—

“(1) IN GENERAL.—Whoever, while engaged in providing an electronic communication service or a remote computing service to the public through a facility or means of interstate or foreign commerce, obtains actual knowledge of any facts or circumstances described in paragraph (2) shall, as soon as reasonably possible—

“(A) complete and maintain with current information a registration with the CyberTipline of the National Center for Missing and Exploited Children, or any successor to the CyberTipline operated by such center, by providing the mailing address, telephone number, facsimile number, electronic mail address of, and individual point of contact for, such electronic communication service provider or remote computing service provider; and

“(B) make a report of such facts or circumstances to the CyberTipline, or any successor to the CyberTipline operated by such center.

“(2) FACTS OR CIRCUMSTANCES.—The facts or circumstances described in this paragraph are any facts or circumstances that appear to indicate a violation of—

“(A) section 2251, 2251A, 2252, 2252A, 2252B, or 2260 that involves child pornography; or

“(B) section 1466A.

“(b) Contents Of Report.—To the extent available to an electronic communication service provider or a remote computing service provider, each report under subsection (a)(1) shall include the following information:

“(1) INFORMATION ABOUT THE INVOLVED INDIVIDUAL.—Information relating to the Internet identity of any individual who appears to have violated a Federal law in the manner described in subsection (a)(2), which shall, to the extent reasonably practicable, include the electronic mail address, website address, uniform resource locator, or any other identifying information, including self-reported identifying information.

“(2) HISTORICAL REFERENCE.—Information relating to when any apparent child pornography was uploaded, transmitted, reported to, or discovered by the electronic communication service provider or remote computing service provider, as the case may be, including a date and time stamp and time zone.

“(3) GEOGRAPHIC LOCATION INFORMATION.—Information relating to the geographic location of the involved individual, hosting website, or uniform resource locator, which shall include the Internet Protocol Address or verified billing address, or, if not reasonably available, at least one form of geographic identifying information, including area code or zip code. The information shall also include any self-reported geographic information.

“(4) IMAGES OF APPARENT CHILD PORNOGRAPHY.—Any image of any apparent child pornography relating to the incident such report is regarding.

“(5) COMMINGLED IMAGES.—Any images, data, or other digital files (collectively referred to as ‘digital files’) which are commingled or interspersed among the images of apparent child pornography. If it would impose an undue hardship to provide these commingled digital files as part of the report, because of the volume of the digital files or for other reasons, the reporting company shall, in lieu of providing those digital files, inform the CyberTipline of the existence of such digital files, and retain those digital files as if they were part of the report as required pursuant to subsection (h).

“(c) Forwarding Of Report To Law Enforcement.—

“(1) IN GENERAL.—The National Center for Missing and Exploited Children shall forward each report made under subsection (a)(1) to any appropriate law enforcement agency designated by the Attorney General under subsection (d)(2).

“(2) STATE AND LOCAL LAW ENFORCEMENT.—The National Center for Missing and Exploited Children may forward any report made under subsection (a)(1) to an appropriate official of a State or political subdivision of a State for the purpose of enforcing State criminal law.

“(3) FOREIGN LAW ENFORCEMENT.—The National Center for Missing and Exploited Children may forward any report made under subsection (a)(1) to any appropriate foreign law enforcement agency designated by the Attorney General under subsection (d)(3), subject to the conditions established by the Attorney General under subsection (d)(3).

“(d) Attorney General Responsibilities.—

“(1) IN GENERAL.—The Attorney General shall enforce this section.

“(2) DESIGNATION OF FEDERAL AGENCIES.—The Attorney General shall designate promptly the Federal law enforcement agency or agencies to which a report shall be forwarded under subsection (c)(1).

“(3) DESIGNATION OF FOREIGN AGENCIES.—The Attorney General shall promptly—

“(A) designate the foreign law enforcement agencies to which a report may be forwarded under subsection (c)(3);

“(B) establish the conditions under which such a report may be forwarded to such agencies; and

“(C) develop a process for foreign law enforcement agencies to request assistance from Federal law enforcement agencies in obtaining evidence related to a report referred under subsection (c)(3).

“(e) Failure To Report.—An electronic communication service provider or remote computing service provider that knowingly and willfully fails to make a report required under subsection (a)(1) shall be fined—

“(1) in the case of an initial knowing and willful failure to make a report, not more than $150,000; and

“(2) in the case of any second or subsequent knowing and willful failure to make a report, not more than $300,000.

“(f) Protection Of Privacy.—Nothing in this section shall be construed to require an electronic communication service provider or a remote computing service provider to—

“(1) monitor any user, subscriber, or customer of that provider;

“(2) monitor the content of any communication of any person described in paragraph (1); or

“(3) affirmatively seek facts or circumstances described in subsection (a)(2).

“(g) Conditions Of Disclosure Information Contained Within Report.—

“(1) IN GENERAL.—Except as provided in paragraph (2), a law enforcement agency that receives a report under subsection (c) shall not disclose any information contained in that report.

“(2) PERMITTED DISCLOSURES.—A law enforcement agency may disclose information in a report received under subsection (c)—

“(A) to an attorney for the government for use in the performance of the official duties of that attorney;

“(B) to such officers and employees of that law enforcement agency, as may be necessary in the performance of their investigative and recordkeeping functions;

“(C) to such other government personnel (including personnel of a State or subdivision of a State) as are determined to be necessary by an attorney for the government to assist the attorney in the performance of the official duties of the attorney in enforcing Federal criminal law;

“(D) if the report discloses a violation of State criminal law, to an appropriate official of a State or subdivision of a State for the purpose of enforcing such State law;

“(E) to a defendant in a criminal case or the attorney for that defendant, to the extent the information relates to a criminal charge pending against that defendant;

“(F) to an electronic communication service provider or remote computing provider if necessary to facilitate response to legal process issued in connection to that report. The electronic communication service provider or remote computing service provider shall be prohibited from disclosing the contents of that report to any person, except as necessary to respond to the legal process; and

“(G) as ordered by a court upon a showing of good cause and pursuant to any protective orders or other conditions that the court may impose.

“(h) Evidence Preservation.—

“(1) IN GENERAL.—For the purposes of this section, the notification to an electronic communication service provider or a remote computing service provider by the CyberTipline of receipt of a report under subsection (a)(1) shall be treated as notice to preserve, as if such notice was made pursuant to section 2703(f).

“(2) PRESERVATION OF REPORT.—Pursuant to subsection (h)(1), an electronic communication service provider or a remote computing service shall preserve the contents of the report provided pursuant to subsection (b) as well as the information in subsection (c)(2) of section 2703 pertaining to the involved individual for not less than 180 days after such notification by the CyberTipline.

“(3) AUTHORITIES AND DUTIES NOT AFFECTED.—Nothing in this section shall be construed as replacing, amending, or otherwise interfering with the authorities and duties under section 2703.

“SEC. 2258B. LIMITED LIABILITY FOR ELECTRONIC COMMUNICATION SERVICE PROVIDERS, REMOTE COMPUTING SERVICE PROVIDERS, OR DOMAIN NAME REGISTRAR.

“(a) In General.—Except as provided in subsections (b) and (c), a civil claim or criminal charge against an electronic communication service provider, a remote computing service provider, or domain name registrar, including any director, officer, employee, or agent of such electronic communication service provider, remote computing service provider, or domain name registrar arising from the performance of the reporting responsibilities of such electronic communication service provider, remote computing service provider, or domain name registrar under this section, section 2258A, or section 2258C may not be brought in any Federal or State court.

“(b) Intentional, Reckless, Or Other Misconduct.—Subsection (a) shall not apply to a claim if the electronic communication service provider, remote computing service provider, or domain name registrar, or a director, officer, employee, or agent of that electronic communication service provider, remote computing service provider, or domain name registrar—

“(1) engaged in intentional misconduct; or

“(2) acted, or failed to act—

“(A) with actual malice;

“(B) with reckless disregard to a substantial risk of causing injury without legal justification; or

“(C) for a purpose unrelated to the performance of any responsibility or function under this section, section 2258A, or section 2258C.

“(c) Ordinary Business Activities.—Subsection (a) shall not apply to an act or omission relating to an ordinary business activity of an electronic communication service provider, a remote computing service provider, or domain name registrar, including general administration or operations, the use of motor vehicles, or personnel management.

“(d) Minimizing Access.—An electronic communication service provider, a remote computing service provider, and domain name registrar shall—

“(1) minimize the number of employees that are provided access to any image provided under section 2258A or 2258C; and

“(2) ensure that any such image is permanently destroyed, upon notification from a law enforcement agency.

“SEC. 2258C. USE OF IMAGES FROM THE CYBERTIPLINE TO COMBAT CHILD PORNOGRAPHY.

“(a) In General.—The National Center for Missing and Exploited Children is authorized to provide elements relating to any image reported to its CyberTipline to an electronic communication service provider or a remote computing service provider for the sole and exclusive purpose of permitting that electronic communication service provider or remote computing service provider to stop the further transmission of images. Such elements may include unique identifiers associated with a specific image, Internet location of images, and other technological elements that can be used to identify and stop the transmission of child pornography.

“(b) Use By Electronic Communication Service Providers And Remote Computing Service Providers.—Any electronic communication service provider or remote computing service provider that receives elements relating to an image from the National Center for Missing and Exploited Children under this section may use such information only for the purposes described in this section, provided that such use shall not relieve that electronic communication service provider or remote computing service provider from its reporting obligations under section 2258A.

“SEC. 2258D. LIMITED LIABILITY FOR THE NATIONAL CENTER FOR MISSING AND EXPLOITED CHILDREN.

“(a) In General.—Except as provided in subsections (b) and (c), a civil claim or criminal charge against the National Center for Missing and Exploited Children, including any director, officer, employee, or agent of such center, arising from the performance of the CyberTipline responsibilities or functions of such center, as described in this section, section 2258A or 2258C of this title, or section 404 of the Missing Children’s Assistance Act (42 U.S.C. 5773), or from the effort of such center to identify child victims may not be brought in any Federal or State court.

“(b) Intentional, Reckless, Or Other Misconduct.—Subsection (a) shall not apply to a claim or charge if the National Center for Missing and Exploited Children, or a director, officer, employee, or agent of such center—

“(1) engaged in intentional misconduct; or

“(2) acted, or failed to act—

“(A) with actual malice;

“(B) with reckless disregard to a substantial risk of causing injury without legal justification; or

“(C) for a purpose unrelated to the performance of any responsibility or function under this section, section 2258A or 2258C of this title, or section 404 of the Missing Children’s Assistance Act (42 U.S.C. 5773).

“(c) Ordinary Business Activities.—Subsection (a) shall not apply to an act or omission relating to an ordinary business activity, including general administration or operations, the use of motor vehicles, or personnel management.

“(d) Minimizing Access.—The National Center for Missing and Exploited Children shall—

“(1) minimize the number of employees that are provided access to any image provided under section 2258A; and

“(2) ensure that any such image is permanently destroyed upon notification from a law enforcement agency.

“SEC. 2258E. DEFINITIONS.

“In sections 2258A through 2258D—

“(1) the terms ‘attorney for the government’ and ‘State’ have the meanings given those terms in rule 1 of the Federal Rules of Criminal Procedure;

“(2) the term ‘electronic communication service’ has the meaning given that term in section 2510;

“(3) the term ‘electronic mail address’ has the meaning given that term in section 3 of the CAN–SPAM Act of 2003 (15 U.S.C. 7702);

“(4) the term ‘Internet’ has the meaning given that term in section 1101 of the Internet Tax Freedom Act (47 U.S.C. 151 note);

“(5) the term ‘remote computing service’ has the meaning given that term in section 2711; and

“(6) the term ‘website’ means any collection of material placed in a computer server-based file archive so that it is publicly accessible, over the Internet, using hypertext transfer protocol or any successor protocol.”.

(b) Conforming Amendments.—

(1) REPEAL OF SUPERCEDED PROVISION.—Section 227 of the Crime Control Act of 1990 (42 U.S.C. 13032) is repealed.

(2) TABLE OF SECTIONS.—The table of sections for chapter 110 of title 18, United States Code, is amended by inserting after the item relating to section 2258 the following:

“2258A. Reporting requirements of electronic communication service providers and remote computing service providers.
“2258B. Limited liability for electronic communication service providers and remote computing service providers.
“2258C. Use of images from the CyberTipline to combat child pornography.
“2258D. Limited liability for the National Center for Missing and Exploited Children.
“2258E. Definitions.”.

Passed the House of Representatives December 5, 2007.
Attest: