Get Smart about Business Spending
MIT students fight to keep card hacking material confidential
A new controversy is brewing in the lawsuit pitting three Massachusetts Institute of Technology students against the Massachusetts transit agency: Whether or not their unpublished research notes and other material must be handed over to the state government.
The MIT students are asking a federal judge not to require them to hand over unpublished research notes and other material to the Massachusetts Bay Transportation Authority, which obtained a restraining order against a conference presentation earlier this month. They already have turned over their prepared presentation and have prepared a separate security analysis for the agency.
First page of subway-hacking presentation that was the subject of an injunction to stop its distribution--after it had already been distributed.
The students filed a motion over the weekend saying that a judge hearing the case "plainly erred" by ordering them to divulge the material. Instead of turning over more material by a Saturday deadline, the students apparently handed over only correspondence with organizers of the Defcon conference.
This dispute is likely to come to a head at a hearing scheduled for 7:30 a.m. PDT on Tuesday before U.S. District Judge George O'Toole Jr. in Boston. Last week, O'Toole denied the students' request to postpone the document-delivery deadline to allow an emergency appeal to the U.S. First Circuit Court of Appeals.
The hearing is required under federal court rules because the temporary restraining order expires on Tuesday. O'Toole has the option of converting the order into a more formal preliminary injunction (with or without modifications) or allowing it to expire.
So far, O'Toole has not proven especially sympathetic to the students, who are represented by the San Francisco-based Electronic Frontier Foundation. He refused to lessen the sting of the original temporary restraining order, even though the MBTA had suggested it. He also granted much of the MBTA's request for unpublished documents, which EFF says runs afoul of clear legal precedent.
MBTA has demanded copies of documents including correspondence with the Defcon conference, a paper prepared for an MIT class, software, physical equipment, modified MBTA farecards, notes from meetings, and so on. MBTA also wants to conduct a four-hour deposition of computer science major Zack Anderson and a two-hour deposition of MIT professor Ron Rivest. (The other student defendants are Alessandro Chiesa and R.J. Ryan.)
Here's an excerpt from EFF's latest brief, filed over the weekend, which objects to its clients being forced to turn over unpublished material in a prior restraint case:
More broadly, the Discovery Order amounts to a grant of pre-publication review and, as such, flies in the face of long established free speech principles. Such an order would never be permitted if the content in question were, for example, a reporter's notes, and it should not stand here. Through this discovery process, MBTA has enlisted the court's power to obtain pre-publication review of academic speech by a public authority, and delay publication until its review is complete...
Prepublication review has been permitted only in the most extraordinary circumstances. For example, a contract requiring such review was held constitutional where the defendant, a former Central Intelligence Agency agent, had voluntarily agreed to limit publications regarding CIA activities. The Court held that the government had "a compelling interest in protecting both the secrecy of information important to our national security and the appearance of confidentiality so essential to the effective operation of our foreign intelligence service" and the prepublication review requirement was a reasonable means for protecting that interest. Even in these extraordinary cases, there has never been discovery to determine what the CIA agent knew (or court review of the agent's knowledge), just a review of what they proposed to publish.
No such extraordinary circumstance exists here. The MBTA already has ample information about its own security systems, what the students know, what they intended to say at Defcon, and what they would like to be free to say now if the TRO is lifted. The MBTA appears to wish to review everything the students have ever done or thought related to their research in order to pass judgment (in the context of the preliminary injunction proceeding) on anything they might say about it in the future. The First Amendment does not countenance that type of pre-publication review, and neither should this Court.
Declan McCullagh, CNET News' chief political correspondent, chronicles the intersection of politics and technology. He has covered politics, technology, and Washington, D.C., for more than a decade, which has turned him into an iconoclast and a skeptic of anyone who says, "We oughta have a new federal law against this." E-mail Declan. 
With all the money and time they are wasting they could be working on fixing all of these problems. Much of the problem can be solved by enforcing rules about securing certain areas of the subway and hiring people to monitor the security equipment.
While there is more then enough information to follow the students work with regards to the more technical parts, it is not something that Joe Sixpack could do.
- by Renegade Knight August 18, 2008 12:14 PM PDT
- MBTA doesn't have the authority to sieze property. That's reserved for actual governments not quasi governments. Even if MBTA was an actual government agency they would be required by the constitution to compensate the students for the take. Based on how much MBTA is spending on the issue, I think the students are sitting on a gold mine.
- Like this Reply to this comment
-
(5 Comments)