Friday, October 24, 2003

Young Aaron Swartz is annoyed about Diebold using copyright law to cut off the publication of their embarrassing internal memos.

Meanwhile the Swarthmore students who have set up a campaign of civil disobedience against Diebold are beingopposed by their college authorities. Next step the ACLU or similar group launching a legal suit to fight for the students' constitutional rights anyone? Especially after the university decided to start terminating the internet accounts of any student linking to any site that links to a political protest site that links to the Diebold memos.

Bruce Schneier does a typically incisive piece on the data mining I was talking about yesterday

"There's a common belief - generally mistaken - that if we only had enough data we could pick terrorists out of crowds...

Security is always a trade-off: How much security am I getting, and what am I giving up to get it? These "data-mining" programs are not very effective. Identifiable future terrorists are rare, and innocents are common. No matter what patterns you're looking for, far more innocents will match the patterns than terrorists because innocents vastly outnumber terrorists. So many that you might as well not bother. And that assumes that you even can predict terrorist patterns. Sure, it's easy to create a pattern after the fact; if something identical to the 9/11 plot ever happens again, you can be sure we're ready. But tomorrow's attacks? That's much harder."

All is not well on the IPR front at Cambridge University. Dr M.R. Clark of the Department of Pathology has "detailed practical experience of how the University policy was operated for many years by the Wolfson Industrial Liaison Office (WILO) and also more recent experience of the Research Services Division (RSD) and the Technology Transfer Office (TTO). What I can say immediately is that there has been a profound philosophical change in the way that the TTO operates
when compared to the WILO, particularly with regard to the involvement of University academics in the discussions over commercial exploitation of their IPR."

Via such routes does the abuse of intellectual property interfere with education.

A report commissioned by the Danish government concluded in early October that open source software was critical for any serious attempt at "e-government".

"RightsWatch is the name of a research project aimed at developing consensus and
promoting awareness of self-regulatory notice and takedown (NTD) procedures for
Europe, as a tool to achieve prompt removal of copyright-infringing material from the

They've just produced a white paper that summarises their work. "The RightsWatch partners would welcome your views on the project's findings. "

Reporters without Borders have just published their Second world press freedom ranking. Finland, Iceland, Netherlands and Norway top the rankings. Ireland is 17th, the UK 27th.

"The ranking distinguishes behaviour at home and abroad in the cases of the United States and Israel. They are ranked in 31st and 44th positions respectively as regards respect for freedom of expression on their own territory, but they fall to the 135th and 146th positions as regards behaviour beyond their borders. "

The EU gets good ratings apart from Italy (54th) and Spain (equal 42th).
According to MIT are winding down their RFID research and closing their Auto ID Center that did the research. Expect RFID tags to get widely deployed by the retail value chain in the none too distant future.
Gator have been suing to stop their name being associated with the term "spyware." In "See you later, anti-Gators?" at, Paul Festa reports:

'In response to a libel lawsuit, an antispyware company has settled with Gator and pulled Web pages critical of the company, its practices and its software. And other spyware foes are getting the message.

"There is this feeling out there that they won the lawsuit, and people are starting to get scared," said one employee of a spyware-removal company, who asked not to be named. "We haven't been sued, but we've heard that other companies are being sued for saying this and that, so we've changed our language" on the company Web site... '

...Companies like Gator are the Goliath that average computer users are up against in the war for online privacy," Ed English, CEO of InterMute, said last month.'

Personally I detest pop up ads, whatever you call them. I'm no fan of the surreptitious collection of personal data either.

The Australian ISP that has been sued by the music industry is denying that it acted as a host for copyright infringing files.

Thursday, October 23, 2003

The Max Planck Society this week issued "The Berlin Declaration on Open Access to Knowledge in the Sciences and Humanities." Extract:

"The Internet has fundamentally changed the practical and economic realities of distributing scientific knowledge and cultural heritage. For the first time ever, the Internet now offers the chance to constitute a global and interactive representation of human knowledge, including cultural heritage and the guarantee of worldwide access.

We, the undersigned, feel obliged to address the challenges of the Internet
as an emerging functional medium for distributing knowledge. Obviously,
these developments will be able to significantly modify the nature of
scientific publishing as well as the existing system of quality assurance.

In accordance with the spirit of the Declaration of the Budapest Open
Acess Initiative, the ECHO Charter and the Bethesda Statement on Open
Access Publishing, we have drafted the Berlin Declaration to promote the
Internet as a functional instrument for a global scientific knowledge base and
human reflection and to specify measures which research policy makers,
research institutions, funding agencies, libraries, archives and museums need
to consider.


Our mission of disseminating knowledge is only half complete if the
information is not made widely and readily available to society. New
possibilities of knowledge dissemination not only through the classical form
but also and increasingly through the open access paradigm via the Internet
have to be supported. We define open access as a comprehensive source
of human knowledge and cultural heritage that has been approved by the
scientific community.

In order to realize the vision of a global and accessible representation of
knowledge, the future Web has to be sustainable, interactive, and
transparent. Content and software tools must be openly accessible and

Very noble.
How do we use data mining to catch the bad guys whilst at the same time not catching or undermining the civil liberties of the good guys? According to Wired, "A panel of lawmakers, think tankers, data miners and civil libertarians" on Tuesday "couldn't even begin to make up their minds."

I'm not surprised. As I've said before, it appears intuitively obvious that he best available technologies should be put at the disposal of the good guys in order to stop/catch the bad guys. The real world is not quite so simple, however, and the checks and balances as well as the information overload and resource issues associated with this are anything but intuitively obvious. Not to mention the fact that the good guys and bad guys cannot be easily identifed by their respective white and black clothing.
The MPAA has launched its classroom campaign to educate children about "digital citizenship." (No I'm not kidding). The associated propaganda sheet... er, sorry... I mean booklet... is called "What's the Diff? A Guide to Digital Citizenship." All the usual soundbites are in there. According to Donna Wenthworth, Wendy Seltzer of the EFF and Berkman Center at Harvard has done her own interpretation of some of the soundbites:

* To legally own it, legally buy it.

Sorry, kids--no more birthday presents!

* If you haven't paid for it, you've stolen it.

The library will now be closing its doors.

* Copying a movie or CD for a friend is illegal.

Mommy taped ABC's "movie of the week" for Sally's
mommy. Now Mommy is going to jail.

* If you wouldn't take a movie or CD from the
shelves of a store without paying for it, then why do
it online?

It only looks like the song is still online on the "shelf."
Via the EDRi-gram newsletter: The European Parliament's Judicial Affairs Committee (JURI)
should have discussed its Report on the Enforcement of Intellectual Property Rights on Monday.

But 199 amendments have been proposed already and the translators were so overwhlemed they didn't get it translated into the EU's eleven official languages on time. English, Greek and Danish versions of the 159 page document were available just hours before the meeting. So no substantive business was done.

French MEP Janelly Fourtou (who is married to the chief executive of Vivendi Universal, Jean-René Fourtou) wants this directive to become law before the EU elections next summer.

"Mrs. Fourtou has been under attack from a large number of her Parliament colleagues, even from within her own Conservative Group. She is criticised for introducing a set of amendments criminalising even small-scale file sharers - and for her defence of an article in the draft directive that constitutes a violation of the EU's rules of procedure.

Article 20 of the draft directive deals with criminal law provisions for infringements of intellectual property rights. Some of the sanctions foreseen pre-empt a possible decision by a Court of Justice on whether such an infringement has taken place at all, and therefore constitutes so-called substantive law. In the EU's complicated lawmaking process, which foresees different procedures for different fields of competence, creating substantive criminal law is still an intergovernmental competence and can not take place under the co-decision procedure.

4 of the amendments aim at deleting Article 20, but Mrs. Fourtou and Commission officials alike are not willing to even discuss this. The initial discussion of the Report will now, as it seems, take place either on Tuesday, November 4th - the date initially foreseen for the vote in the Committee - or on November 6. The vote in the Committee would then take place either on November 26 or the following day, which would mean the vote in Plenary would have to take place in the week following December 15.

EU Commission: Proposal for a Directive on measures and procedures to
ensure the enforcement of intellectual property rights [COM (2003) 46]

Janelly Fourtou's Draft Report on this Directive

199 Amendments to the Fourtou Report

Law Professors criticise IPR Enforcement Directive

(Contribution by Andreas Dietl, consultant on EU privacy issues)"

Wednesday, October 22, 2003

The music industry have taken their first direct action against an ISP for copyright infringement in Australia.

The CDT have released a report on their concerns about the broadcast flag and how to make it work. Ernie Miller has already taken them to task over it. Donna, as usual, has lots of interesting links on the subject. One of which is to Cory Doctorow, who is really annoyed at a sloppy piece in Wired News on the subject.

A group of students have launched a campaign against Diebold over their attempts to silence the websites providing links to the companies embarrassing internal memos. This one is going to run and run. Ernest Miller likens the students' approach to a game of whack the mole.

A small Texas company, Bluecurrent, has apparently got a US patent on installing software over the internet. Do I see another Microsoft v Eolas on the horizon?

Finally for this evening, yet another member of Congress demonstrates she just does not get the importance of the end to end architecture of the net in freeing up innovation. Congresswoman Diana DeGette accuses a group of companies she calls "the Microsoft crew" of "seeking to dumb-down the heart of the network in order to strengthen" their own power. Now I'm under no illusions that the Microsofts of this world are primarily interested in their own bottom line, but the Congresswoman's belief that you can facilitate freedom by building control into the "heart of the network" is naive at best. I wonder which of the "broadband providers ... teaming with other companies to offer consumers joint products and services" stem from her own district of Colorado?
I mentioned Ross Anderson's and Bill Cornish's objections to the EU intellectual property enforcement directive on Monday. I neglected to mention that the UK Patent Office have launched a public consultation exercise on the proposal.
A federal judge has told Disney that they can go ahead and release 'George of the Jungle 2' on DVD. Caterpillar Inc. had been claiming trademark infringement because the bad guys "drive bright-yellow Caterpillars in a big battle, and Caterpillar argued its reputation would be tarnished by association." The judge found the argument "unpersuasive". You just couldn't make some of these stories up.
The Foundation for a Free Information Infrastructure (FFII) have hit the panic button on the likelihood of the Council of Ministers overturning the European Parliament's stance on software patents and adopting a draft text from November last year. The ministers' meeting scheduled for 10th November is to be "negotiated" at a meeting of senior patent officials from across Europe tomorrow, Thursday 23rd October.

FFII want anyone with concerns about the issue to write to their MP immediately.

I can only echo Tim O'Reilly that it defies belief that just because something, which is otherwise obvious, can be done on a computer, that it can be considered new or to involve an inventive step. Yet that is what the proposals from last November would facilitate. Again this is slightly academic because the European Patent Office have been granting these kind of patents since about the mid 1990s. FFII, however, are keen to have any formal EU wide legislation on this firmly put a spoke in that particular works.

They've been very successful lobbying the EU parliament in that regard. They may find it harder to outmanoeuvre the patent officials and the Council of Ministers.
In the New York Times "Students Find $100 Textbooks Cost $50, Purchased Overseas"

The EU are getting in on the ID card game now, with ministers agreeing on a scheme to introduce "an EU-wide health identity card able to store a range of biometric and personal data on a microchip by 2008."

Wired had a slightly shorter story on electronic voting on Monday than the one I posted earlier. The voting machine companies want to spend money on a PR campaign to convince people their machines are sound, though they are apparently also considering introducing some version of the paper audit trails their critics have been asking for. David Dill said: "The voting machine industry doesn't have a PR problem. It has a technology problem. It is impossible to determine whether their machines, in their current form, can be trusted with our elections."

NewFactor are reporting that Massachusetts has directed the state's chief technology officer to choose open-source and open-standards technologies whenever possible. That's likely to have a bigger impact on Microsoft than all the battles the state has fought on the antitrust front. Massachusetts is the lone state still fighting the Microsoft antitrust settlement, so that is likely to have influenced their decision.

As a colleague recently commented, this story has been hijacked by the open source and the closed source camps.

The original idea was the state should encourage open formats not just open source code. Open formats would mean user access to source code, whether the software was proprietary or not. I guess this is slightly academic because arguably the only really open format software is open source at the moment.

Speaking of Microsoft a report at the weekend suggested that the music buying feature in Windows XP might well violate the company's antitrust settlement of 2001. The company has also launched a PR campaign aimed at Australian MPs, "in the wake of Democrat Bills in the South Australian and federal parliament, that would require governments to give preference to open-source software over proprietary applications."
In the New York Times "Students Find $100 Textbooks Cost $50, Purchased Overseas"

The EU are getting in on the ID card game now, with ministers agreeing on a scheme to introduce "an EU-wide health identity card able to store a range of biometric and personal data on a microchip by 2008."

Wired had a slightly shorter story on electronic voting on Monday than the one I posted earlier. The voting machine companies want to spend money on a PR campaign to convince people their machines are sound, though they are apparently also considering introducing some version of the paper audit trails their critics have been asking for. David Dill said: "The voting machine industry doesn't have a PR problem. It has a technology problem. It is impossible to determine whether their machines, in their current form, can be trusted with our elections."
If you've been following the electronic voting machine problems in the US, then William Rivers Pitt's interview with Barbara Simmons, David Dill and Rebecca Mecuri is as terrific insight into the issues.

" DD: You know, being an engineer involves making choices about the appropriate use
of technology. It is not using the highest tech solution to every problem, whether it's
appropriate or not. It's focused on solving the problem by the best means that are
available. The best engineers will use the best means that are available even if they
don't involve any significant technology at all. I think it's the responsibility of everybody
in technology to weigh in with their opinions about the appropriate use of technology
and the inappropriate use of technology. And I think it's particularly important for
academics and educators to do that. I think part of our job in universities is to try to
advise the rest of society, and the policy makers, of what the right things to do are.
And to share our expertise and that's really what we're trying to do.

My greatest worry is really an erosion of confidence in the elections. When people
can no longer trust the elections I think that that will undermine the legitimacy of
everybody in government and I wouldn't like to see that happen.

BS: The confidence is very important. I also fear that if there is the capability of
undermining elections sooner or later. Somebody will exploit this technology to steal an
election. And to me, our democracy and our right to vote and our right to choose the
people who run this country is fundamental and if I feel we've lost that then what makes
this country special is gone.

RM: My feeling is that it is a bamboozling of the American public. We're trading away
a lot of the checks and balances that we have always had in elections. We're trading
this off for high-tech, for faster returns, and it's not true, what we're being told is not
the full truth about what is actually going on and I think that we're giving away much
more than we're getting. We're giving the opportunity to have an entire election stolen,
just because of bad code, not even stolen, just screwed up, fouled up.

DD: We're driving too fast along the side of a mountain road with no guardrail. And
maybe you won't go over the side or maybe you will. Do you want to risk it? If you do it
long enough you'll eventually go off the mountain. "

Monday, October 20, 2003

Frank Field is highlighting a McGill University (Canadian) development studies student's objection to having US company vetting all his assignments for plagiarism. Might be interesting to keep tabs on that one.
Derek Slater has pointed me to Pam Samuelson's review of Jessica Litman's book, Digital Copyright. Both the review and the book are well worth a read. Actually, virtually anything by these two formidable scholars of intellectual property is worth a read, if you really want to get to grips with the lie of the IP landscape.
The Digital Imprimatur: How Big Brother and Big Media Can Put the Internet Genie Back in the Bottle by John Walker, who created AutoCAD. He's come round to agreeing with Larry Lessig on the future of the Net, having previously been an optimist on the subject.

Also recommended is Walker's Unicard essay on privacy from 1994.
There have been a number of interesting articles published recently on the subject of protecting children from inappropriate content on the Internet. Angela M. Xenakis argues in the North Carolina Journal of Law & Technology that the answer is in technology and not regulation.

Christopher Scott Maravilla in the West Virginia Journal of Law & Technology also suggests the answer might be in zoning and filtering technologies. But, for example, that these should be mandated by government regulation requiring virtual red light district domain names to be used for pornography.

Edgar Burch looks at censoring hate speech also in the North Carolina Journal of Law & Technology. He argues that hate speech on the Net presents real dangers in the wake of the tragedy of 11th September 2001. He concludes:

"The First Amendment and the peripheral rights that it embodies severely restrict the government’s ability to regulate hate speech... calls for implementation of legislation (regulation of Internet-based hate speech) or private procedures
(use of filtering systems) to protect youth who lack the sophistication to truly carry out the marketplace of ideas concept...
If the September 11th attacks on America have not conveyed any other message, they have reminded
people that some rights we have come to value may have to be limited to maintain safety and order in this nation."

I disagree on many fronts but probably most importantly in relation to his notion that young people are incapable of negotiating the marketplace of ideas. Give young people freedom and responsibility and they will amaze you.

Dawn S. Conrad in the Richmond Journal of Law & Technology says that "joint efforts by the government, consumers, parents, law
enforcement, the technology industry, and the adult Internet industry will be required."

Robert Chalmers argues for education not censorship in the Murdoch University Electronic Journal of Law.

Finally (for now) the BBC are highlighting an LSE report on Children on the Internet

"While the industry, government, schools and parents should continue to
highlight risks, there are also some exciting opportunities being missed for
engaging with young people online. "
The New York Times is reporting on the EU's plans for an intellectual property enforcement directive. And if you thought the EUCD and the DMCA were bad, you should see this.

"Lawyers who have studied a draft of the proposed law say that not only could a teenager who downloaded a music file be sent
to jail under it; so too could managers of the Internet service provider that the teenager happened to use, whether they knew
what the teenager was doing or not."

I had not previously appreciated that the lady in charge of shepherding the directive through, Janelly Fourtou, a French member of the European Parliament, is married to the chief executive of Vivendi Universal, Jean-René Fourtou. She doesn't believe she faces a conflict of interest.

FIPR and Ross Anderson in particular have been warning us about this for months.

And world renowned intellectual property specialists such as Bill Cornish, Josef Drexel, Rito Hilty, Annette Kur and others have just published a article seriously criticising the proposals.
Courtesy of Donna, who in her turn got it from Lawrence Solum, I learn of an excellent paper by Professor Joseph Liu at Boston College, The DMCA and the Regulation of Scientific Research. From the abstract:

"This Article analyzes the impact of the Digital Millennium Copyright Act
(DMCA) on academic encryption research. In this Article, I argue that for
both legal and practical reasons academic encryption researchers should be
able to conduct and publish certain types of research without significant
fear of liability under the DMCA. However, the DMCA will have a
non-trivial impact on the conditions under which such research takes place,
and this impact can be expected to have several undesirable effects. More
broadly, this impact highlights the problematic way in which the DMCA
regulates scientific research in furtherance of intellectual property rights.
The Article concludes with a number of suggestions for mitigating some of
these negative effects. "

From the paper:

"Specifically, the DMCA: imposes additional hurdles,
which researchers must overcome before engaging in
and publishing their research; limits the universe of
individuals with whom researchers can freely
communicate about their research; requires disclosure of
the intention to engage in research to third-parties;
affects the content of academic research papers; and
limits avenues for publication of the research. "
There has been a flurry of blogging about the FCC's apparent willingness to adopt the broadcast flag. Donna has many of the interesting links. Nice to see Senator McCain getting back into Larry Lessig's good books with his letter to FCC Chairman, Michael Powell, on the issue. He's concerned about the impact on consumers.

Brad Templeton's new pledge of allegiance is amusing:

"I pledge Allegiance to the Flag
of the prohibition of copying
and to the monopoly for which it stands
One protocol, under Valenti*, innovation-free,
without liberty or fair use for all.

*Unlike God, there is no dispute over whether Valenti's
name can appear in the pledge."
Andrew McLaughlin at the Berkman Center has a new weblog.
Ernie Miller is taking an idea from Mary Hodder at the Berkeley intellectual property weblog and running with it. The idea?

"The Piracy Meter: if I pirated movies, this is how I'd rate them, as to what's worth clogging my dsl connection
for 24-36 hours to get one."

Prof Miller's expansion:

"he details of the meter aren't quite clear, but might I suggest the following rankings (from worst to best)?:

CAM - Who cares if the movie was recorded in a cinema with a consumer-quality camcorder and/or where the audience can
be seen or heard? The movie is simply not worth the effort of getting a quality copy. Download only when desparate.

Telesync - Better than CAM, still recorded in a cinema, but usually with professional-level equipment and a separate audio
source (so the audience cannot be heard). Getting better, but download only if you're not going to be using your broadband for
a day or so, like during a weekend trip.

Screener - Generally recorded from promotional videotapes or DVDs which have been sent to film critics, marketing firms,
Academy voters, etc. This ranking has been discontinued until further notice upon request of the MPAA.

LD/DVD Rip - Accomplished simply by copying a LaserDisc or DVD. Picture and audio quality are generally very good.
Good movie and definitely worth renting on DVD, but who wants to make the trip to the local Blockbuster? Go ahead and
download, unless you're too busy grabbing MP3s.

Telecine - A high quality copy taken directly from the film reel. Popular with professional pirating operations. Great movie - go
ahead and download even if it makes surfing unbearably slow and then burn to DVD-R."

The RIAA have sent warning letters to 204 more individuals suggesting they might like to settle out of court before they get sued.
I had vaguely registered but in the thick of other things not thought to blog the story about Diebold sending out dozens of cease and desist letters to ISPs, until the EFF alerted me to it again over the weekend. They are embarrassed about the internal memos which suggested they knew about the problems with their voing machines but were not concerned about them. So they are claiming copyright on the memos and copyright infringement against the Independent Media Center (IndyMedia) website which has published links to the memos. As far as the EFF know, every ISP apart from the non profit Online Policy Group (OPG) have taken down the 'offending' page.

"The Digital Millennium Copyright Act (DMCA) passed by Congress in 1998 provides a "safe harbor" as an incentive for ISPs
to take down user-posted content when they receive cease-and-desist letters such as the ones sent by Diebold. By removing
the content, or forcing the user to do so, for a minimum of 10 days, an ISP can take itself out of the middle of any copyright
claim. As a result, few ISPs have tested whether they would face any liability for such user activity in the first place."

I've said before I'm a great believer in the cock up rather than the conspiracy theory of history and it seems that is what is going on here as well. There is absolutely no evidence to suggest that any funny business has been going on in the way of rigging elections. It is just that the Diebold machines are insecure and sometimes faulty. Rather than trying to close the stable door now the horse has bolted, they should be acting to secure their systems. Computer scientists, such as David Dill at Stanford, don't believe that it is too difficult a task - there is no rocket science involved, just plenty of legwork. Trying to hide the problems gives the impression of cover up, which in turn suggests they have some seriously dark skeletons in the cupboard. Conspiracy theorists get hold of that and they've got the makings of an exciting crime thriller. Somebody is probably already writing it.