Punch to user privacy as Twitter surrenders Occupy protester’s tweets

Facing the threat of criminal and civil contempt charges, Twitter surrendered the data requested by the government about Occupy Wall Street protester Malcolm Harris. Although Harris is only charged with disorderly conduct in connection with an October 2011 Occupy Wall Street protest on the Brooklyn Bridge, it’s a battle about constitutional rights. Manhattan Criminal Court Judge Matthew Sciarrino has continually tried to stop Twitter from challenging the subpoena. This time, Judge Sciarrino had ordered Twitter to disclose the last two quarters of earning statements to decide an appropriate contempt fine. Before handing over a thick white envelope of Harris’ information, Twitter’s lawyer said it was “unfair” and “unjust” to force it to decide between “waiving its right to appeal or being in held in contempt of court.”

“Putting Twitter between a rock (turn the data over without a warrant) and a hard place (be held in contempt of court and face a potentially expensive fine) before the complicated legal issues at stake have been resolved by the appeals court is a miscarriage of justice,” the EFF wrote. 

The Manhattan District Attorney Office wanted three months of Harris’ tweets, contacts, and IP address information that would link to his location because it believes the “messages undermine Mr Harris’ claim that New York police led protesters on to the Brooklyn Bridge to make it easier to arrest them,” BBC reported. “It claims the messages will show Mr Harris was aware of police orders that he then disregarded.”

But as the EFF pointed out, “If Judge Sciarrino is worried that Twitter is making a mountain out of a molehill by continuing to press its challenge to the subpoena, the same has to be asked of the prosecutors who are using a misdemeanor disorderly conduct arrest that occurred more than a year ago as a pretense to obtain a wealth of information.”

According to Reuters, Judge Sciarrino plans to keep the records sealed until after a Sept. 21 hearing challenging his ruling on the messages. The judge said, “I strongly encourage the appellate court … to decide the case on the merits, as I too agree that this is a more important issue than maybe the trial itself.”

The ACLU wrote, “While Twitter’s loss is disappointing, the bottom line is that Twitter should never have even had to get involved in this case at all-and it wouldn’t have, if the court hadn’t ruled that Harris did not have standing to protect his own constitutional rights. The court wrongly ruled that Harris forfeited those rights by using a third-party Internet service (i.e., Twitter).”

Harris’ lawyer intends to keep fighting, but the case goes much deeper than the potential maximum punishment of a $250 fine or 15 days in jail; it was “shaping up to be a constitutional showdown on a contested and unclear area of the law.” Marcia Hofmann, senior staff attorney with the EFF, told Reuters, “It’s what I would call a canary-in-a-coal-mine case. I am concerned that companies will look at this case and say it’s not a good idea to push back against governments we think are overreaching. That’s troubling.”

The EFF added, “At a time when companies need to feel empowered to stand up for user privacy, Judge Sciarrino’s actions have made it difficult for Twitter to do that. We urge companies not to falter in the face of this setback, and continue to fight for the users.”

Another privacy tidbit that deals with Twitter includes a new service called “Please Don’t Stalk Me.” It allows you to fake the geolocation data attached to your tweets. The Next Web reported that the Please Don’t Stalk Me app lets users pinpoint any place on the planet, via a Google Maps interface, and embed that spoofed locational data in their tweets. “It certainly adds an extra layer of privacy, but it could also get you into a good bit of trouble…”

Meanwhile, CNET’S Elinor Mills reported that Twitter has hired famous Apple hacker Charlie Miller for its “security dream team;” he will be “working with encryption expert Moxie Marlinspike.” Miller tweeted that he starts on Monday, but would not comment for articles about precisely what he will be doing. Forbes reported there have been “rumors since last winter that Twitter has sought to hire Miller as a full-time penetration tester to probe the service for hackable vulnerabilities and help fix them.”

Miller’s security research often overlaps with privacy issues as well. His most recent Def Con presentation, “Don’t Stand So Close To Me,” dealt with hacking NFC (Near Field Communications) in Android and Nokia smartphones. Computerworld added, “Miller demonstrated how, in a crowd such as Disney or Def Con, an attacker only needs to brush up against a victim to hijack the phone.”

Now, back to Twitter handing over Occupy Wall Street protester Harris’ info; “Twitter has a hearing pending in appellate court.” Harris is also challenging the court. As the ACLU said, “Stay tuned to see whether they succeed in establishing that Internet users do in fact have standing to protect their own constitutional rights on the Internet.”

Like this? Here’s more posts:

• Rise of the AI Overlord: Machines monitor, automatically detect suspicious behavior
• Feds Warn of Zombie Apocalypse! Buy emergency kit, but you might be a terrorist if…
• Apache fires at Microsoft over IE10’s DNT privacy settings
• Emerging technology: Cool or creepy innovation?
• Microsoft raises privacy issues with tweaked TOS to share data across the cloud
• Unblinking surveillance stare: Army’s 7-story flying football field-sized blimp
• Virtual avatar CBP agent Elvis screens travelers for lies at the border
• Citizen Lab discovers mobile malware: FinFisher spyware variants target smartphones
• Loathe lowdown scareware scams? Lawsuit claims Speedy PC Pro is fraudulent software
• P2P blocklists fail to protect privacy from copyright cops’ mass monitoring
• WikiLeaks dumps Stratfor email dirt on TrapWire, a CIA-connected global spying system
• Laptop fingerprint reader destroys ‘entire security model of Windows accounts’
• Massive Leak: Project HellFire Hackers Dump 1 Million Accounts from 100 Sites

Follow me on Twitter @PrivacyFanatic