In a major victory for free speech enthusiasts on the Internet, Diebold Inc. has agreed not to sue voting rights advocates who publish leaked documents about the alleged security breaches of electronic voting.
A Diebold spokesman promised in a conference call Monday with U.S. District Judge Jeremy Fogel and attorneys from the Electronic Frontier Foundation that it would not sue dozens of students, computer scientists and ISP operators who received cease-and-desist letters from August to October.
Diebold also promised not to file lawsuits against two Swarthmore College students and a San Francisco-based Internet service provider for copyright infringement, according to a motion that company attorneys filed Nov. 24 in San Jose’s federal court.
Diebold did not disclose specifics on why it had dropped its legal case, but the decision is a major reversal of the company’s previous strategy. North Canton, Ohio-based Diebold, which controls more than 50,000 touch-screen voting machines nationwide, had threatened legal action against dozens of individuals who refused to remove links to its stolen data.
“This is a huge victory that shows we have weapons on our side to protect free speech from overbearing copyright laws so that the Internet remains a forum for public discussion,” said EFF staff attorney Wendy Seltzer. “We’re trying to hammer home that you can’t go around making idle threats that aren’t backed up by the law.”
Diebold spokesman David Bear emphasized Monday that while the company had dropped its case, it will continue to monitor the online proliferation of the leaked documents, and may file lawsuits against others who publish the data.
“We certainly reserve our right to protect our proprietary information in future cases,” Bear said.
Diebold’s battle began in March, when a hacker broke into the company’s servers using an employee’s ID number, and copied a 1.8-gigabyte file of company announcements, software bulletins and internal e-mails dating to January 1999.
The vast majority of the file included banal employee e-mails, software manuals and old voter record files. But several items raise security concerns about electronic voting that voting rights advocates have been trying to publicize for more than a year.
In one series of e-mails, a senior engineer dismissed concern from a lower-level programmer who questioned why Diebold lacked certification for the operating system in touch-screen voting machines. The Federal Election Commission requires such software to be certified by independent researchers.
In another e-mail, an executive scolded programmers for leaving software files on an Internet site without password protection.
In August, the hacker e-mailed data to voting activists, who published the information on their Web logs. Wired News published an online story. The documents have been widely circulated.
Seltzer said free speech advocates should hail Diebold’s promise not to sue, but she warned that numerous individuals have already removed the offending material from Web sites.
EFF plans to continue with its case against Diebold, arguing under the Digital Millennium Copyright Act that Diebold must pay damages for intimidating Internet service providers. The hearing is scheduled for Feb. 9.
“The implicit threat was, ’If you don’t take this material down, we might sue,”’ Seltzer said. “Without them ever needing to file a federal complaint, they got these documents taken down from a huge number of sites. It was a chill on free speech that stopped discussion of electronic voting issues without ever getting before a judge.”