The Daily Parker

Politics, Weather, Photography, and the Dog

The Art of the Possible, Illinois marijuana edition

Yet another Chicago-based medical marijuana company has merged with an out-of-state company ahead of an expected legalization of recreational pot this summer:

Chicago’s Cresco Labs on Monday unveiled a $120 million merger that allows it to expand into Florida, where analysts predict demand for medical marijuana will significantly grow in the coming years. By 2022, the market for medical pot could reach a whopping $1.7 billion, according to analysts’  projections.

Under the agreement, Cresco will acquire Florida marijuana grower and retailer VidaCann, a move that will allow Cresco to operate 30 medical dispensaries in the nation’s third most populous state. The company aims to significantly expand its operations by the end of the year, in part by doubling the size of its medical marijuana cultivation center. It also plans to have 20 dispensaries open by year’s end.

Last week, a Phoenix company announced one of the largest pot deals in U.S. corporate history by taking over Chicago-based Verano Holdings for $850 million.

If Cresco’s ownership of VidaCann is approved, Cresco could surpass another major marijuana player based in Chicago — Green Thumb Industries, which currently has 11 cultivation centers.

A vote on legalizing recreational cannabis could come as early as July, and is expected to pass.

More on the 737 MAX 8 crashes

Pilot and author James Fallows points out this Seattle Times article as a good explanation of how the Boeing-led safety process for the 737 MAX 8 airplane may have contributed to their recent accidents:

The FAA, citing lack of funding and resources, has over the years delegated increasing authority to Boeing to take on more of the work of certifying the safety of its own airplanes.

Early on in certification of the 737 MAX, the FAA safety engineering team divided up the technical assessments that would be delegated to Boeing versus those they considered more critical and would be retained within the FAA.

But several FAA technical experts said in interviews that as certification proceeded, managers prodded them to speed the process. Development of the MAX was lagging nine months behind the rival Airbus A320neo. Time was of the essence for Boeing.

A former FAA safety engineer who was directly involved in certifying the MAX said that halfway through the certification process, “we were asked by management to re-evaluate what would be delegated. Management thought we had retained too much at the FAA.”

“There was constant pressure to re-evaluate our initial decisions,” the former engineer said. “And even after we had reassessed it … there was continued discussion by management about delegating even more items down to the Boeing Company.”

Wow, that sounds familiar. And this is why we need competent, well-funded regulators for safety-critical industries.

The Ethiopian government says they'll release the preliminary accident report in 30 days.

Changes to US copyright law

On March 4th, the U.S. Supreme Court decided two cases that change how copyright infringement cases work in the U.S. In Fourth Estate Public Benefit Corporation v. Wall-Street.com, the Court held that a copyright owner must wait for the Copyright Office to accept or reject a registration application before the owner can sue for infringement:

Justice Ruth Bader Ginsburg (who had not attended the oral argument because she was home recovering from surgery) delivered the court’s opinion. She analogized the registration requirement to an administrative exhaustion requirement that an owner must satisfy before suing to enforce ownership rights.

The court concluded that the only satisfactory reading of the text of Section 411(a) is that the Copyright Office must have registered the copyright in order for registration to have been made. Fourth Estate had argued that the phrase should be read to refer to the copyright owner’s submission of a completed application.

Note that this does not mean creators need to register every creation. Copyright accrues to the author of a work at the moment of its creation. The registration requirement only applies to lawsuits for infringement. Neither creators nor the Copyright Office want to register every single creation in the United States; that's insane. But if you infringe on a copyright, the creator may register the work and then sue you, even if the work wasn't registered when you infringed on it.

Law firm K&L Gates still recommends registration: "An initial cease and desist letter to an infringer containing proof of copyright registration demonstrates that the claim may be filed in court, providing leverage to the copyright owner. Companies and other creators should consider routine copyright application filing to protect their valuable assets without loss of time and damages waiting for registration to occur after the infringement is discovered."

So calm down: don't send every blog post or Instagram photo you create to the Copyright Office. They don't want them. If you want to sue for infringement, then register the work. But how often does that happen?

The other case, Rimini Street, Inc. v. Oracle USA, Inc., clarified what "full costs" mean in an infringement suit, and won't apply to most creators the way Fourth Estate will.

Critics of the Web—30 years ago

Alexis Madrigal takes a look at criticisms of the World Wide Web from when it was new:

Thirty years ago this week, the British scientist Tim Berners-Lee invented the World Wide Web at CERN, the European scientific-research center. Suffice it to say, the idea took off. The web made it easy for everyday people to create and link together pages on what was then a small network. The programming language was simple, and publishing was as painless as uploading something to a server with a few tags in it.

Just a few years after the internet’s creation, a vociferous set of critics—most notably in Resisting the Virtual Life, a 1995 anthology published by City Lights Books—rose to challenge the ideas that underlay the technology, as previous groups had done with other, earlier technologies.

Maybe as a major technological movement begins to accelerate—but before its language, corporate power, and political economics begin to warp reality—a brief moment occurs when critics see the full and awful potential of whatever’s coming into the world. No, the new technology will not bring better living (at least not only that). There will be losers. Oppression will worm its way into even the most seemingly liberating spaces. The noncommercial will become hooked to a vast profit machine. People of color will be discriminated against in new ways. Women will have new labors on top of the old ones. The horror-show recombination of old systems and cultures with new technological surfaces and innards is visible, like the half-destroyed robot face of Arnold Schwarzenegger in Terminator 2.

Then, if money and people really start to pour into the technology, the resistance will be swept away, left dusty and coughing as what gets called progress rushes on.

The whole piece is worth a read.

Two on data security

First, Bruce Schneier takes a look at Facebook's privacy shift:

There is ample reason to question Zuckerberg's pronouncement: The company has made -- and broken -- many privacy promises over the years. And if you read his 3,000-word post carefully, Zuckerberg says nothing about changing Facebook's surveillance capitalism business model. All the post discusses is making private chats more central to the company, which seems to be a play for increased market dominance and to counter the Chinese company WeChat.

We don't expect Facebook to abandon its advertising business model, relent in its push for monopolistic dominance, or fundamentally alter its social networking platforms. But the company can give users important privacy protections and controls without abandoning surveillance capitalism. While some of these changes will reduce profits in the short term, we hope Facebook's leadership realizes that they are in the best long-term interest of the company.

Facebook talks about community and bringing people together. These are admirable goals, and there's plenty of value (and profit) in having a sustainable platform for connecting people. But as long as the most important measure of success is short-term profit, doing things that help strengthen communities will fall by the wayside. Surveillance, which allows individually targeted advertising, will be prioritized over user privacy. Outrage, which drives engagement, will be prioritized over feelings of belonging. And corporate secrecy, which allows Facebook to evade both regulators and its users, will be prioritized over societal oversight. If Facebook now truly believes that these latter options are critical to its long-term success as a company, we welcome the changes that are forthcoming.

And Cory Doctorow describes a critical flaw in Switzerland's e-voting system:

[E]-voting is a terrible idea and the general consensus among security experts who don't work for e-voting vendors is that it shouldn't be attempted, but if you put out an RFP for magic beans, someone will always show up to sell you magic beans, whether or not magic beans exist.

The belief that companies can be trusted with this power [to fix security defects while preventing people from disclosing them] defies all logic, but it persists. Someone found Swiss Post's embrace of the idea too odious to bear, and they leaked the source code that Swiss Post had shared under its nondisclosure terms, and then an international team of some of the world's top security experts (including some of our favorites, like Matthew Green) set about analyzing that code, and (as every security expert who doesn't work for an e-voting company has predicted since the beginning of time), they found an incredibly powerful bug that would allow a single untrusted party at Swiss Post to undetectably alter the election results.

You might be thinking, "Well, what is the big deal? If you don't trust the people administering an election, you can't trust the election's outcome, right?" Not really: we design election systems so that multiple, uncoordinated people all act as checks and balances on each other. To suborn a well-run election takes massive coordination at many polling- and counting-places, as well as independent scrutineers from different political parties, as well as outside observers, etc.

And even other insecure e-voting systems like the ones in the USA are not this bad: they decentralized, and would-be vote-riggers would have to compromise many systems, all around the nation, in each poll that they wanted to alter. But Swiss Post's defect allows a single party to alter all the polling data, and subvert all the audit systems. As Matthew Green told Motherboard: "I don’t think this was deliberate. However, if I set out to design a backdoor that allowed someone to compromise the election, it would look exactly like this."

Switzerland is going ahead with the election anyway, because that's what people do when they're called out on stupidity.

Spring, finally

I moved into my current place back in October. For the first time since then, just now, I opened one of the windows in my office. (I'll have to close it again pretty soon because of the squall line coming this way.)

That's because, for the first time since October 31st—when I wasn't home during the day to open it—it's 16°C at O'Hare.

It's about time.

Duke killed public transit?

CityLab reports that my alma mater has doomed the Durham-Orange Light Rail Transit project in North Carolina:

DOLRT has consumed more than $130 million in public money. In 2011 and 2012, voters in Durham and Orange counties approved half-cent sales taxes to fund transportation improvements, including the light rail, to better connect major employers like UNC-Chapel Hill, Duke University, N.C. Central University, a VA hospital, and businesses in bustling downtown Durham. Construction of the estimated $2.7 billion project was to start next year; an application to the Federal Transit Administration was due this spring for federal funding of $1.25 billion. The state agreed to contribute $190 million.

But all this came to a screeching halt on February 27, when Duke University officials said they would not sign a cooperative agreement. (The project required 11 partners to ink cooperative agreements; only Duke, Norfolk Southern, and the North Carolina Railroad Company, which manages a major rail corridor, remain unsigned.) A week later, Duke declined a request to participate in a mediated negotiation with GoTriangle, the region’s transportation authority.

What happened?

In a letter to GoTriangle, Duke President Vincent Price and other officials cited issues with the light rail’s alignment along Erwin Road in Durham, which runs next to the university’s sprawling medical complex. Price expressed concerns that magnetic interference could hurt high-tech diagnostic and research equipment. Other issues included construction disruption that could affect a utility line, and vibrations from digging and placing the supports for an elevated track, and legal liability. In declining further talks, the Duke leaders said that the project’s route “poses significant and unacceptable risks to the safety of the nearly 1.5 million patients who receive care at our hospital and clinics each year, and the future viability of health care and research at Duke.”

That seems...unlikely. So what is Duke really complaining about? It's unclear. But that they brought this point up now and not in 2016 or even earlier seems intentional. And that's really crappy.

Oops, pardon me!

This morning two bad things happened to convicted felon and all-around slimy guy Paul Manafort. First, he got sentenced to another 47 months in jail as a result of his second conviction:

In [Federal] court Wednesday, Judge Amy Berman Jackson criticized Manafort and his defense attorneys for repeatedly blaming his hard fall from power on his decision to work for Trump, which attracted the attention of the special counsel investigating Russian interference in that campaign.

“This defendant is not public enemy number one, but he’s also not a victim either,” Jackson said. “There’s no question this defendant knew better, and he knew exactly what he was doing.”

The question of whether anyone in Donald Trump’s campaign “conspired or colluded with” the Russian government “was not presented in this case,” she said, so for Manafort’s attorneys to emphasize that no such collusion was proved, she said, is “a non-sequitur.”

Just minutes later, a state grand jury in New York indicted Manafort on 16 felony counts that could keep him in prison for the rest of his life:

The new state charges against Mr. Manafort are contained in a 16-count indictment that alleges a yearlong scheme in which he falsified business records to obtain millions of dollars in loans, [Manhattan district attorney Cyrus] Vance said in a news release after the federal sentencing.

“No one is beyond the law in New York,” he said, adding that the investigation by the prosecutors in his office had “yielded serious criminal charges for which the defendant has not been held accountable.”

The indictment grew out of an investigation that began in 2017, when the Manhattan prosecutors began examining loans Mr. Manafort received from two banks.

Remember, whatever clemency Manafort could get under the President's pardon power, that power does not extend to state crimes. The same goes with related state-level investigations into the Trump Organization and the president himself that appear to have started within multiple New York law-enforcement agencies.

Josh Marshall has written often that the Trump Organization's business "would never survive first contact with law enforcement." As anyone who has followed Donald Trump's career over the year knows, this is axiom. And it is happening.

Once is accident, twice is conspiracy...

The House of Commons voted 391-242 this evening to reject PM Theresa May's slightly-revised Brexit deal, further throwing the country's prospects after March 29th into chaos:

Because of this defeat, tomorrow Commons will vote on whether to leave the EU without a deal, and if that vote fails, there will be a vote Thursday on whether to extend Article 50. If that vote fails...holy mother forking shirtballs, the UK is forked.

The world panics about an airplane

Two Boeing 737 Max 8 airplanes have crashed shortly after takeoff in the last few months, killing hundreds of passengers and crew. As a result, the European Union, the UK, China, and other countries have grounded the model pending investigations. Notably, the FAA has not. In the US, only American and Southwest are flying the new plane.

This is, simply put, panic. But no one wants to be the guy who will get blamed if another one goes down, even though that is highly improbable.

The Lion Air crash in Indonesia back in October seems related to a software change in the 737 Max 8 that the pilots didn't know about. That accident is still under investigation. Obviously so is Monday's crash in Ethiopia, with the flight data and voice recorders only retrieved yesterday.

While the Washington Post runs a story about how similar the crashes appear, and the President spouting off about how planes are too complex to fly these days, I turn to fellow pilot James Fallows for a dose of reason:

In the Lion Air crash, the pilots apparently kept trying to pull the plane’s nose back up. The MCAS system kept pushing it down. The automated system eventually won. The question that’s not yet answered about that crash is why the pilots didn’t turn off or disable this system. Such fail-safe override controls are built into every automated flight system I’ve ever heard about. As Patrick Smith discusses in his post, it’s possible that the pilots didn’t understand how the new MCAS system worked, or what it would be trying to do. It’s possible that they didn’t know where the overrides were. It’s possible that … well, anything might have occurred.

Is this what happened in the Ethiopian Airlines case as well? Was the AOA-sensing system that triggers the MCAS flawed or broken? Were the automatic controls trying to push the plane down, down, down, while the pilots fought to keep it up? Did the pilots try to override or disable the system? (For instance, by lowering the plane’s flaps, which happens on every landing and is designed to automatically disable the MCAS system.) Were they caught by surprise and unaware of what that system was doing? Were they fully aware, but still unable to alter the fatal path down?

Or was something else, something entirely unrelated, responsible for this crash? Something that had nothing to do with this model of airplane, or these new automated systems? At the moment, I believe no one knows. That is what Boeing, the Ethiopian authorities, the National Transportation Safety Board, and the world’s airlines are trying to figure out. There are enough differences between the two crashes—for instance, in the fluctuations in speed and altitude before impact—that the causes could turn out to be wholly unconnected.

Fallows links to "Ask the Pilot" Patrick Smith, with this also reasonable thought:

For pilots, dealing with the unwanted nose-down command would be, or should be, straightforward. The MCAS commands, faulty or not, can be overridden quickly through a pair of disconnect switches. Why the Lion Air pilots failed to do this, if in fact they did, is unclear, but unaware of the system’s defect in the first place, we can envision a scenario in which they became overwhelmed, unable to figure out in time what the plane was doing and how to correct it.

“Though it appears there’s a design flaw that Boeing will need to fix as soon as possible,” I wrote in November,“passengers can take comfort in knowing that every MAX pilot is now acutely aware of this potential problem, and is prepared deal with it.”

The Ethiopian accident, though, makes us wonder. With the Lion Air crash fresh on any 737 MAX pilot’s mind, you’d expect the crew to have recognized the malfunction right away and reacted accordingly. Did a disconnect somehow not work? Were they so inundated by a cascade of alarms, warnings, and erratic aircraft behavior that they failed to recognize what was happening? Or was the problem something else completely?

We won't know for a long time, in any event no sooner than the FDR and CVR data gets analyzed.