Friday, December 23, 2005

French Parliament vote to legalise private p2p copying

It seems that the vote in the French parliament to legalise the private copying of music via P2P file sharing networks happened close to midnight when there were not many members of the House in attendance.

"The French vote needs to go through more steps to become law. It can be overturned if it is debated again and voted down in the lower house. It also needs a vote from the upper house, or the Senate.

The amendment, which is attached to a bill on intellectual property rights, states that ``authors cannot forbid the reproduction of works that are made on any format from an online communications service when they are intended to be used privately'' and not for commercial use."

So it's unlikely to become law.

Have France just legalised P2P music downloading?

An AP report is suggesting that France has legalised music downloading during their efforts to implement the EU copuyright directive. I expect we'll be hearing more about this.

Diebold withdraws from NC bidding process

Following their loss in court, evote machine vendor, Diebold, threatened to withdraw from the bidding process for electronic voting machines in North Carolina. Then the North Carolina Board of Elections agreed to certify Diebold as an approved supplier anyway, despite the companies insistence that it would not hand over the details of how their machines worked. Now Diebold have withdrawn from the bidding process.

"At various stages of this fight, both Diebold and the Board of Elections forcefully and repeatedly argued that voters have no direct interest in election integrity. Instead, the voting equipment certification process – one that merely selects the equipment on which voters will be forced to cast their vote – should be left to the “real” interested parties.

Such myopic sensibilities are not only absurd but dangerous. Too many (though certainly not all) election officials across the country treat the certification process as if the vendors were their clients, deserving of favors and rule bending. Voters – the only constituency that matters in this process – are too often treated like ill-mannered party-crashers when they try to ensure that their interests are being protected."

Mobile phone tacking

Mark Rasch has been astounded by the arguments of government lawyers in their recent unsuccessful attempts to get a court to allow law enforcement tracking of suspects through their cell phones:

"the government claimed (with a straight face, no less) that as soon as the cell towers in question determined your location and recorded this fact, these were now "historical" records subject to the lower standard. Thus, according to the government, there is no such thing as "real time" data or even data "in transmission."

As a technical matter, this is likely true. Indeed, I have argued that there is no such thing as interception of packets "in transmission." The packets have to be stopped, copied, and reassembled to be read. Nevertheless, the law makes a distinction between historical data and real time data. That the government would seek to extinguish this distinction in this case does not bode well for the government's position in other cases. The government could then argue that it could listen in on your VOIP calls with nothing more than a subpoena (for which no probable cause is required) because all it is doing is looking at "historical" packets - albeit merely hundredths of a second in the past. This is clearly the opposite of the delicate balance Congress sought to strike. Thus, it appears that the government is seeking to convert all interceptions into seizures of "historical" data, and adopt the lower standards for such data."

Thursday, December 22, 2005

Ukraine make open access a national priority

The Ukrainian parliament have made open access a national priority, according to Peter Suber. Good for them.

Reagan lawyer critical of Bush

From Ian Brown, Ronald Reagan's associate deputy attorney general Bruce Fein has been critical of George Bush on the domestic spying front.

"President Bush presents a clear and present danger to the rule of law. He cannot be trusted to conduct the war against global terrorism with a decent respect for civil liberties and checks against executive abuses. Congress should swiftly enact a code that would require Mr. Bush to obtain legislative consent for every counterterrorism measure that would materially impair individual freedoms."

That's strong language from someone who should be a natural Bush supporter.

Spy blog on ANPR

Spy blog has concerns about the ANPR system.

Posner on surveillance of US citizens

Judge Richard Posner has weighed into the debate about the surveillance of US citizens with an opinion piece in the Washington Post.

"The collection, mainly through electronic means, of vast amounts of personal data is said to invade privacy. But machine collection and processing of data cannot, as such, invade privacy. Because of their volume, the data are first sifted by computers, which search for names, addresses, phone numbers, etc., that may have intelligence value. This initial sifting, far from invading privacy (a computer is not a sentient being), keeps most private data from being read by any intelligence officer.

The data that make the cut are those that contain clues to possible threats to national security. The only valid ground for forbidding human inspection of such data is fear that they might be used to blackmail or otherwise intimidate the administration's political enemies."

Judge Posner is a man of outstanding intellect and someone I have the highest regard for but he is making a very big assumption here i.e. that the system is so good that the data that get filtered through for human inspection are those that contain clues to possible threats to national security. We know that software filters are terrible.

To the degree that he goes on to argue that the US might need a domestic spy agency like MI5, he may well have a point but it is disappointing to see the judge subscribing to the myth of the magic computer system.

That's the thing about what I'm calling "digital decision making" in my book - when making decisions about regulation and deployment of technology, even smart people make huge, unsustainable jumps in faith in the ability of that technology [which they don't understand] to deliver the solution to complex and often vaguely specified problems (which are more appropriately described as messes), like terrorism. Of course it's more common to say that it can "form part of the solution" but neither stance is defensible. Computers only do what they are programmed to do. If you program garbage in, you'll get garbage out. Justifying the collection of vasts amounts of personal data on everyone, on the basis that a computer system will magically sift that data and spit out clues that will lead to the bad guys, doesn't wash, at least with the technology at its current stage of development.

I'm not sure the kind of clue generating system that Judge Posner seems to assume is currently in operation will ever come about but if it does, that's when you can start getting into a substantive debate regarding the specific point in the data processing that personal privacy might be breached. As always with complex technology, though, the devil will be in the details.

ANPR network to cover UK

Two stories of interest in the Independent this morning. The headline on the front page, accompanied by a large picture of a fuzzy iris is:

You Are Being Watched

And on page two,

Surveillance UK: why this revolution is only the start

They cover the government's plans to turn the national network of CCTV cameras into a national automated number plate recognition network, which will record the whereabouts of every single car on the roads 24/7. No doubt the data will be stored for a number of years (the precise number as yet undetermined) and can be fished for patterns at will. I'm not going to even start on the consequences of false positives and false negatives.

Surprisingly only one sentence in the latter story really irritated me:

"Although the problems of facial recognition by computer are far more formidable than for car number plates, experts believe it is only a matter of time before machines can reliably pull a face out of a crowd of moving people."

Face recognition systems are nowhere near reliably pulling "a face out of a crowd of moving people" and don't be surprised if those so-called "experts" just happen to be the people selling face recognition systems.

As to the £24 million the government are going to spend on ANPR equipment next year, could it be used more effectively on other police resources? Probably. Will it be enough to get the system working nationwide. Almost certainly not.

Wednesday, December 21, 2005

Schneier on unchecked presidential power

Bruce Schneier is seriously critical of president Bush in an opinion piece at the Star Tribune.

"This is, fundamentally, why this issue crossed political lines in Congress. If the president can ignore laws regulating surveillance and wiretapping, why is Congress bothering to debate reauthorizing certain provisions of the Patriot Act? Any debate over laws is predicated on the belief that the executive branch will follow the law.

This is not a partisan issue between Democrats and Republicans; it's a president unilaterally overriding the Fourth Amendment, Congress and the Supreme Court. Unchecked presidential power has nothing to do with how much you either love or hate George W. Bush. You have to imagine this power in the hands of the person you most don't want to see as president, whether it be Dick Cheney or Hillary Rodham Clinton, Michael Moore or Ann Coulter."

Sony and Us computer fraud regulations

Ed Felten continues his insights on the Sony drm story with a consideration of whether the company may have breached US criminal law, in particular, the "Computer Fraud and Abuse Act (CFAA), which is the primary Federal law banning computer intrusions and malware."


The view from inside New Labour Whitehall

William Heath is concerned at the New Labour meme, "We're from the government and we're going to help you" or, put more bluntly:
New Labour was elected on a manifesto that promised personalised services. We're damn well going to deliver personalised services. We're not going to listen to a bunch of unrepresentative whiners. Sorry, but the human dignity implications of e-government were a complete non-issue last election. We can see a bunch of middle-class wafflers who share an irrelevant obsesion with privacy with a few IT suppliers. It's self-referential and introverted, so we're quite entitled to be robustly dismissive. They only ever talk to themselves so they're just not used to trenchant arguments based on reality. Why the hell should we pay any attention to the likes of Kim Cameron, Stefan Brands or closer to home EPG or these cranky NGOs who are only going to say things we dont want to hear? They should stop reading the Guardian, get out more and see what life is like on the local housing estate. Because our progress is not to be impeded; the rules have changed and we have to move forward into a diffrent world.
His response is

"The proponents are very articulate...

This is one half of the discussion that isn't taking place anywhere I can see...

I find class-based arguments strikingly unattractive...

I think the notion that human dignity & rights are the exclusive fixation of some middle-class wafflers is one to which history wil be unkind.

Unintrusive state services matter to everyone...

Should we be surprised if the people far-sighted enough to be concerned about the long-term implications of the complicated cross-fertilisation of technology and the work of bureaucracy turn out to be educated people professionally active in IT and trying to apply values to what they do? No. The minicab driver is too busy just now. But he'll care about it when it hits him...

We should examine longer-term the idea that bureaucratic intrusion is offensive only to an introspective group of wafflers and IT suppliers and is of no concern to "real people"."

It's just a piece of paper

I missed this. A couple of weeks ago, President Bush allegedly lost his temper in the Oval Office and said, in response to the suggestion that there was a valid case to be made that some of the provisions in the Patriot act undermine the US Constitution,

"Stop throwing the Constitution in my face. It’s just a goddamned piece of paper."

I can certainly imagine presidents getting frustrated with constitutional constraints but I can't imagine many of his predecessors expressing a similar sentiment. The president does, after all, at his/her inauguration, swear faithfully to uphold the constitution.

The ends justify the lies?

Ian Brown has selected a telling quote from Federal judge John Jones' ruling against the teaching of "intelligent design" as part of the science curriculum in a Pennsylvania school district:

"It is ironic that several of these individuals, who so staunchly and proudly touted their religious convictions in public, would time and again lie to cover their tracks and disguise the real purpose behind the ID Policy.

"We find that the secular purposes claimed by the board amount to a pretext for the board's real purpose, which was to promote religion in the public school classroom."

Good night and good luck

Wendy Seltzer says "If you care about politics or media, you owe yourself a viewing of Good Night, And Good Luck, the new film on Edward R. Murrow and his fight to expose Joseph McCarthy. The film, shot in black and white with McCarthy playing himself via old news footage, powerfully captures the horror of McCarthy's witch hunt. Equally important, it reminds us of journalism's power -- and its obligation -- to educate and lead."

Several of Murrow's speeches and broadcasts are apparently included in the film and retain a powerful resonance today.

Banned by Google

A small search engine company has accused Google of banning them from using Google. Thanks to John Battelle for the link.

Bush under fire

The Democrats are keeping the pressure on president Bush over the justification for the war in Iraq with Rep. John Conyers (D-MI) Investigative Status Report of the House Judiciay Committee Democratic Staff.

The executive summary is damning, as you might expect.

"In brief, we have found that there is substantial evidence the President, the Vice-President and other high ranking members of the Bush Administration misled Congress and the American people regarding the decision to go to war in Iraq; misstated and manipulated intelligence information regarding the justification for such war; countenanced torture and cruel, inhuman and degrading treatment in Iraq; and permitted inappropriate retaliation against critics of their Administration.

There is a prima facie case that these actions by the President, Vice-president and other members of the Bush Administration violated a number of federal laws including, (1) Committing a Fraud against the United States; (2) Making False Statements to Congress; (3) The War Powers Resolution; (4) Misuse of Government Funds; (5) federal laws and international treaties prohibiting torture and cruel, inhuman and degrading treatment; (6) federal laws concerning retaliating against witnesses and other individuals; and (7) federal laws and regulations concerning leaking and other misuse of intelligence.

While these charges clearly rise to the level of impeachable misconduct... more investigatory authority is needed before recommendations can be made regarding specific Articles of Impeachment."

It goes on to say that Bush and Cheney should be censured and that the Justice Department should investigate the legality of their behaviour. So a big part of the Democrats' efforts to regain the White House in 2008 looks likely to be a racking up of the pressure to get Mr Bush impeached. After all, President Clinton was impeached for lying about having extra-marital sex in the Oval Office and the charges they are laying against the president are a fair bit more serious than that. Mr Bush and his allies will be even more focussed, therefore, on retaining control of Congress after the mid term elections because if the Democrats do get a majority, there will almost certainly be an impeachment.

The whole report runs to over 200 pages but the executive summary is well worth a read.

Football Fanzine fight to print fixtures

An online football fanzine has received cease and desist letters from Data Co "a company owned by the Premier and Football Leagues, whose job is to charge for publication of the fixture lists, as well as the increasing volume of other data, including match statistics, to which the clubs claim copyright."

French to introduce copyright directive

After lots of posturing and legal action by the EU commission against member states who had not yet implemented the 2001 copyright directive, the French parliament are using an emergency procedure to fast-track their version of the law through.

Apparently it will still allow private copying and be targeted at those who benefit financially from piracy. Assertions along those lines from responsible ministers don't necessarily hold any weight unless we can see the actual details of the bill of course.

Pokemon scientist threatened with IP suit

From The Trademark Blog,

Nintendo, owner of the Pokemon property, has protested the use of the name POKEMON by scientist Pier Paolo Pandolfi... to refer to the POK erythroid myeloid ontogenic gene in his Nature article "Role of the proto-oncogene Pokemon in cellular transformation and ARF repression."

Pandolfi has now changed the name of the cancer-causing gene from "Pokemon" to Zbtb7.

Data retention, off-shoring and inducment

Jonathan Zittrain has asked some typically insightful questions about the EU data retention directive:

"I'm curious whether a US or other foreign market might arise for
turnkey startup-to-shutdown VPN services on European PCs, allowing
those inside Europe to render data retention moot in exchange for a
slight slowdown in network performance (as everything routes through
an overseas server) and the possibility of surveillance or retention
in that third location. One wonders if any of the member state
implementations of the directive will seek to penalize the provision
or use of such services under an "induce" or other standard."

Tuesday, December 20, 2005

Federal judge rules against intelligent design

A Federal judge has ruled against the teaching of "intelligent design" as part of the science curriculum of public schools in a Pennsylvania school district.

The judge said:

"we have addressed the seminal question of whether ID is science. We have concluded that it is not, and moreover that ID cannot uncouple itself from its creationist, and thus religious, antecedents."

He went on in fairly scathing fashion:

"Those who disagree with our holding will likely mark it as the product of an activist judge. If so, they will have erred as this is manifestly not an activist Court. Rather, this case came to us as the result of the activism of an ill-informed faction on a school board, aided by a national public interest law firm eager to find a constitutional test case on ID, who in combination drove the Board to adopt an imprudent and ultimately unconstitutional policy. The breathtaking inanity of the Board's decision is evident when considered against the factual backdrop which has now been fully revealed through this trial. The students, parents, and teachers of the Dover Area School District deserved better than to be dragged into this legal maelstrom, with its resulting utter waste of monetary and personal resources.

To preserve the separation of church and state mandated by the Establishment Clause of the First Amendment to the United States Constitution, and Art. I, § 3 of the Pennsylvania Constitution, we will enter an order permanently enjoining Defendants from maintaining the ID Policy in any school within the Dover Area School District, from requiring teachers to denigrate or disparage the scientific theory of evolution, and from requiring teachers to refer to a religious, alternative theory known as ID. We will also issue a declaratory judgment that Plaintiffs' rights under the Constitutions of the United States and the Commonwealth of Pennsylvania have been violated by Defendants' actions. Defendants' actions in violation of Plaintiffs' civil rights as guaranteed to them by the Constitution of the United States and 42 U.S.C. § 1983 subject Defendants to liability with respect to injunctive and declaratory relief, but also for nominal damages and the reasonable value of Plaintiffs' attorneys' services and costs incurred in vindicating Plaintiffs' constitutional rights."

That's a slam dunk then?

Words aren't property Mrs Google Print critic

Bill Herman is irritated at a journalist's misunderstanding of copyright and Google's fair use rights.

"Blogging a dead horse

I know I already complained about her article, but Susan Cheever's misunderstanding of copyright law is just driving me batty.

She literally maps the entirety of property law onto copyright law and uses this half-suited metaphor to guide her highly moralistic judgements. In a December 12 Newsday piece entitled "Just Google 'thou shalt not steal,'" she makes copyright claims that would make even Jack Valenti blush. (Okay, so that's a metaphor, too. BUSTED.)

To wit:
Words are property. This principle has been upheld by the law since 1710, when the first copyright law was passed.
Actually, Ms. Cheever, you're talking about the Statute of Anne, which (according to the text of the Act and every generation of British Parliament since its passage) says no such thing. Quite the contrary. British publishers even arranged a collusive lawsuit to try to apply common law principles of property to copyright in books, which failed. When a real lawsuit came out as the publishers wanted (Millar v. Taylor, 1769), that principle actually did make it onto the law books--for five whole years. It was overturned by Donaldson v. Becket in 1774, and the Donaldson precedent--that the copyright monopoly is not subject to the common law rules of tangible property--has stood ever since (Vaidhyanathan, 2001, pp. 42-43)...

One more:
Google doesn't like the copyright laws as they have existed for centuries.
This is a profound inversion of who's really changing the rules around here. At the behest of the copyright industries, we've gone from something resembling a coherent (if still not public-interest-minded) copyright law to what most commentators describe as a system of insane, overreaching, incomprehensible, First-Amendment-squashing copyright law...

In 1997, the exclusive right of publication wasn't enough for the copyright industries; they wanted to take away my freedom to tinker as well. It is now illegal to make a backup copy of my 5-year-old niece's favorite DVD. That's even though copying a software install CD for the exact same reason is 110% legal. Backup DVD? Illegal. Backup software? Legal. Making a new software key for legally purchased software? Illegal. Make sense to you? Me neither."

[Btw Ignore the comment at the bottom of the post - it's just spam]

It's a wonderful Internet

Here's a neat combined self-promotion and Christmas greeting creation: a virtual pop-up book take-off of Frank Capra's It's a Wonderful Life and Clement Clarke Moore's Twas the night before Christmas.

Sworn to uphold the law

From President Bush's press conference yesterday morning, there were some questions on his authorisation of spying on US citizens without judicial oversight:

"Q -- why, in the four years since 9/11, has your administration not sought to get changes in the law instead of bypassing it, as some of your critics have said?


I think I've got the authority to move forward...

Secondly, an open debate about law would say to the enemy, here is what we're going to do. And this is an enemy which adjusts. We monitor this program carefully. We have consulted with members of the Congress over a dozen times. We are constantly reviewing the program. Those of us who review the program have a duty to uphold the laws of the United States, and we take that duty very seriously...

Q Thank you, Mr. President. I wonder if you can tell us today, sir, what, if any, limits you believe there are or should be on the powers of a President during a war, at wartime? And if the global war on terror is going to last for decades, as has been forecast, does that mean that we're going to see, therefore, a more or less permanent expansion of the unchecked power of the executive in American society?

THE PRESIDENT: First of all, I disagree with your assertion of "unchecked power."

Q Well --

THE PRESIDENT: Hold on a second, please. There is the check of people being sworn to uphold the law, for starters. There is oversight. We're talking to Congress all the time, and on this program, to suggest there's unchecked power is not listening to what I'm telling you. I'm telling you, we have briefed the United States Congress on this program a dozen times...

Q What limits do you --

THE PRESIDENT: I just described limits on this particular program, Peter. And that's what's important for the American people to understand. I am doing what you expect me to do, and at the same time, safeguarding the civil liberties of the country..."

A slanted characterisation of this might read:

Q - Why not work to change the law rather than bypass it?
Ans. - I think it's ok to bypass the law.

Q - With a long war on terror, will there be unlimited expansion of executive powers?
Ans. - I don't like your question. I swore to uphold the law and I talk to Congress and I'll do what I like to protect your civil liberties.

That would be a bit unfair though, wouldn't it?

Oilogpoly report

The ETC Group have published a new report on the concentration of corporate power in various sectors. Apparently concentration in the sectors examined, pharmaceuticals, animal pharmaceuticals, biotechnology, pesticides, food and beverage processing, global grocery retailers, nanotechnology and synthetic biology has increased since their last report on this two years ago.

Wikipedia on steroids

When Wikipedia was launched I was one of the skeptics who thought that an encyclopedia that anyone could change would never work. It's proved to be a remarkable success, however and was recently judged to be nearly as accurate as the Encyclopedia Britannica. One of Wikipedia's founders, Larry Sanger, will launch an online encyclopedia to be policed by experts in the new year.

"Digital Universe aims to garner the best of both worlds: harness wide public input, but with acknowledged experts acting as stewards.

The project has a long list of institutions signed up, including the National Council for Science and the Environment, the American Museum of Natural History, the World Resources Institute, the UN and UCB."

Analysis of Bush surveillance of US citizens

For the legal eagles, Orin Kerr has an analysis of the legality of the Bush administration's controversial approval the surveillance of US citizens.

Adelphi Charter

John Howkins has been explaining the importance of intellectual property in the latest ediion of Script-Ed.

"An observer of current debates on intellectual property would surely draw two conclusions. One is that IP touches fundamental elements of public policy: on where to draw the line between the public and the private and on where the market should be allowed free rein...

We believe there is an urgent need for a public debate, addressing the real issues of IP, in which politicians and academics and the public and industry can all take part with some common ground. The Adelphi Charter was written to start this debate going, and from the public’s not the industry’s point of view...

IP is important to society as well as to a few rights-holders, and that the current regime is far from perfect...

Whenever I am asked why we did it, I have two answers, The firstly, only half flippant, is, ‘Someone had to’. The second is to refer to something topical, such as the EU opt-out of the TRIPS clause on compulsory licensing for the import of generic drugs in the case of a public healthy emergency. It’s a safe guess that no politician would be happy defending that opt-out against a constituent who was short of tamiflu. It’s also a safe bet that no constituent would ever think of asking the question. I hope the Adelphi Charter has done something to make g both policy-makers and public more aware of what is going on. There are plenty more examples like that one."

Politicians and constituents alike are barely aware of the existence of IP let alone its importance. If a public health emergency did hit the UK and IP got in the way of dealing with it, I'm not sure even then that people would realise its importance because of the relative complexity of the IP landscape.

Monday, December 19, 2005

Warber/Chappell apologise to lyrics site

When Warner Chappell CEO, Richard Blackstone, found out his lawyers had been sending cease and desist letters to lyrics sites he withdrew the threats and apologised.

UK MEPs for and against data retention

Spy Blog has the lowdown on which UK MEPs voted for and against the data retention directive in the EU parliament last Wednesday.

I had written to Emma Nicholson (Lib Dem) and Caroline Lucas (Green), two of my MEPs in the South East, in advance of the vote, expressing concerns about the proposal. Neither Baroness Nicholson nor Dr Lucas were present for the vote, though I did receive a response from two of Dr Lucas's office colleagues (one in Brussels, one in the UK) thanking me for my note and agreeing with my concerns. Dr Lucas was unable to attend for the vote due to attending the WTO talks in Hong Kong as part of the official delegation from the European Parliament. I have not yet heard from the Baroness or any of her colleagues.

EC withdraws proposals to harmonise criminal sanctions for counterfeiting

The European Commission have withdrawn proposals to harmonise criminal sanctions for for intellectual property infringement, according to Rouse & Co. International. New proposals will be put forward in 2006.

"Following a recent decision of the ECJ clarifying the basis on which Community legislature may provide criminal sanctions, the European Commission (EC) has decided to withdraw its previously published proposals for the harmonisation of criminal sanctions relating to counterfeiting and piracy. A new proposal will be introduced in 2006."

Is drm good for you

Conveniently in the wake of the introduction of the Analog Hole bill, Ed Felten has a nice clear comparison with copyright.

"Copyright can be understood as an agreement among all of us that we will not infringe. Even though each of us individually would prefer to use works without paying, we understand that if we all refrain from infringing this increases incentives for authors, leading to the creation of more works we can enjoy. By making and keeping this copyright deal with each other, we come out ahead. (That’s the theory anyway. We all know what happens when the lobbyists show up, but work with me here, okay?)

One of the practical problems with this kind of deal is that each individual can gain by defecting from the deal — in the case of copyright, by infringing at will. If enough people defect, the deal could collapse. This danger is especially acute when it’s technologically easy to defect. Some people argue that this is happening to the copyright deal...

here might be a similar deal in which we all agree to accept some kind of DRM in order to boost incentives for authors and thereby cause the creation of more works than would otherwise exist...

First, it turns out to be easy technologically to defect from the CD-DRM deal. Experience with the copyright deal teaches us that when it’s easy to defect, many people will, whether we like it or not.

Second, the costs of the CD-DRM deal seem much clearer than the benefits...

The best argument against the CD-DRM deal, though, is that it is inferior to the copyright deal. If we’re going to make and keep a deal of this general type, the copyright deal is the one to pick. Compared to the copyright deal, the CD-DRM deal is a loser: costs are higher, benefits are the same at best, and the deal is just as easy to defect from. If we can’t keep the copyright deal, then we won’t be able to keep the CD-DRM deal either. But more to the point, we shouldn’t make the CD-DRM deal in the first place...

Now I’m not arguing here that the current copyright deal is perfect or even close to perfect. The copyright deal is under stress and we need to keep thinking about how we might improve it or how we might renegotiate it to work better in the digital world. I’m not certain what the best deal would look like, but I’m pretty sure that it won’t try to lock in any kind of DRM."

Understanding law

Susan Crawford thinks that it would be a good idea for the politicos who pass new laws to understand the substance of the law they are proposing. She's specifically thinking of the Analog Hole bill, the latest effort drafted by lawyers of the entertainment industry and introduced by their friendly congressmen, Mr. Sensenbrenner and Mr. Conyers, to mandate drm in the US.

"So I want someone to call both Mr. Sensenbrenner and Mr. Conyers and ask them to explain how the Analog Hole bill (introduced late yesterday - 35 page PDF) works.

I bet they won't be able to do it. Oh, maybe they'll say something about "protecting digital content in a terrifying time," but they probably won't be able to go farther down the rhetorical ladder.

It's not an easy bill to parse. It looks as if two marking schemes, CGMS-A and VEIL, are going to be required to be acknowledged and adhered to through all analog-digital conversions of video. That's just my guess. The bill will probably affect an enormous variety of devices that have analog inputs."

DHS monitor inter library loans

A student at the University of Massachusetts Dartmouth has recently had a visit from a couple of federal agents after requesting a copy of Mao Tse-Tung's "The Little Red Book." The agents told him the book was on a watch list, so presumably branches of some agencies are monitoring interlibrary loans quite extensively? The PATRIOT Act gives federal authorities the right to access people's library records. The student had been doing research for a class paper on communism.

Update: Xeni Jardin wonders if this story is a hoax.

The myth of the magic computer

EPIC reports that

"At least 30,000 air passengers have been improperly matched to names on federal watch lists since last November, according to Jim Kennedy, head of the Transportation Security Administration redress office. Each of the 30,000 individuals submitted personal information and identification documents to the agency in hopes of resolving their misidentification problems, and were issued letters to help them clear security more quickly. A few dozen more people were unable to benefit from this redress process. Kennedy provided the information at a meeting of the Department of Homeland Security's Data Privacy and Integrity Advisory Committee in Washington last week. In related news, a Swedish newspaper cited European airline sources as saying that 80,000 names were on the watch list provided by the U.S. government to airlines for passenger screening."

This myth that if we collect enough information on enough people then a computer system will magically point a genie-like finger at the bad guys really does lead to a dangerous misappropriation of scarce resources. Money that could be used to recruit and train more intelligence officers etc and provide the resource base for them to gather intelligence, investigate, engage in preventative measures and emergency response in the face of serious crime, is being thrown at vaguely specified computer systems like that for the UK's ID card scheme and Secure Flight.

Think about it. 30000 people are obliged to apply for a letter to declare they are not really terrorist suspects and most of them probably shouldn't really be on a no fly list. How much effort is going into processing those claims alone? How does it help with airline security? What if someone getting an all clear letter really is a serious security risk?

EPIC also point to this neat idea - someone is selling the first ten parts of the US Bill of Rights on pocket sized pieces of metal and encouraging folks to carry them wherever they have to pass through metal detectors such as those at airports. They suggest:

"The next time you travel by air, take the Bill of Rights - Security Edition along with you. When asked to empty your pockets, proudly toss the Bill of Rights in the plastic bin.

You need to get used to offering up the bill of rights for inspection and government workers enforcing the USAPATRIOT ACT need to get used to deciding if you'll be allowed to keep the Bill of Rights with you when you travel."

Perhaps someone could do likewise on this side of the pond with the Human Rights Act, or the European Convention on Human Rights, or even the UN's Universal Declaration on Human Rights?

Friday, December 16, 2005

McCain blocks moves to permit torture

John Dean, White House legal counsel under Nixon, thinks the "The Bush/Cheney presidency has been pushing the nation toward an atrocity unmatched in the annals of American infamy and ignominy" in their efforts to change US law to permit the torture of terrorist suspects. Senator John McCain, a one of George Bush's rivals for the republican presidential nomination in 1999, and a victim of 5 years of torture during his military service in Vietnam, has been instrumental in blocking the plans.

Dean, author of Worse Than Watergate: The Secret Presidency of George W. Bush is not exactly known as a fan of the current presidential administration .

New New Jersey law on child abuse

On the question of offering protection for vulnerable children, the New Jersy Assembly have taken a different approach to the UK government, which is building a database on all children. The assembly, according to Larry Lessig, are passing a law to remove immunity from negligence in hiring in all cases involving abuse. This law provides those hiring people to work with children an incentive to do comprehensive checks to ensure those people are suitable to do so. Placing the responsibity and the resources in the hands of those organisations who can and actually do support vulnerable kids makes sense. Does spending money, which could otherwise be put into front line services, on a huge database make similar sense?

Schneier on EU data retention and music industry

Schneier also has a comment on the music industry's attempts to get the scope of the data retention directive expanded:

"The European music industry is lobbying the European Parliament,
demanding things that the RIAA can only dream about. They want
anti-terror laws to apply to music downloaders, too.
Our society definitely needs a serious conversation about the
fundamental freedoms we are sacrificing in a misguided attempt to keep
us safe from terrorism. It feels both surreal and sickening to have to
defend our fundamental freedoms against those who want to stop people
from sharing music. How is it possible that we can contemplate so much
damage to our society simply to protect the business model of a handful
of companies?"

Good question.

Airline security a waste of money

Bruce Schneier has a terrific piece on airline security in his latest crypto-gram.

"Since 9/11, our nation has been obsessed with air-travel security. Terrorist attacks from the air have been the threat that looms largest in Americans' minds. As a result, we've wasted millions on misguided programs to separate the regular travelers from the suspected terrorists -- money that could have been spent to actually make us safer.

Consider CAPPS and its replacement, Secure Flight. These are programs to check travelers against the 30,000 to 40,000 names on the government's No-Fly list, and another 30,000 to 40,000 on its Selectee list.

They're bizarre lists: people -- names and aliases -- who are too dangerous to be allowed to fly under any circumstance, yet so innocent that they cannot be arrested, even under the draconian provisions of the Patriot Act. The Selectee list contains an equal number of travelers who must be searched extensively before they're allowed to fly. Who are these people, anyway?

The truth is, nobody knows. The lists come from the Terrorist Screening Database, a hodgepodge compiled in haste from a variety of sources, with no clear rules about who should be on it or how to get off it. The government is trying to clean up the lists, but -- garbage in, garbage out -- it's not having much success.

The program has been a complete failure...

I know quite a lot about this. I was a member of the government's Secure Flight Working Group on Privacy and Security. We looked at the TSA's program for matching airplane passengers with the terrorist watch list, and found a complete mess: poorly defined goals, incoherent design criteria, no clear system architecture, inadequate testing. (Our report was on the TSA website, but has recently been removed -- "refreshed" is the word the organization used -- and replaced with an "executive summary" (.doc) that contains none of the report's findings. The TSA did retain two (.doc) rebuttals (.doc), which read like products of the same outline and dismiss our findings by saying that we didn't have access to the requisite information.) Our conclusions match those in two (.pdf) reports (.pdf) by the Government Accountability Office and one (.pdf) by the DHS inspector general...

These programs are based on the dangerous myth that terrorists match a particular profile and that we can somehow pick terrorists out of a crowd if we only can identify everyone. That's simply not true."

If we take the billions we're spending on crazy programs like ID cards, children's databases, passenger screening programs like Secure Flight, passenger data disclosure between the EU and US, and spent them on more better trained police, child support professionals and intelligence officers and the resources they need to carry out effective intelligence gathering, investigation and action to prevent and respond to criminal acts, we'd be a lot better off. Even when governments are told by their own experts that these big technology schemes are worse than useless, they still press ahead not only ignoring reality but actively covering up. What you have here is what Diane Vaughan would call the "normalisation of deviance." Government evolves to a state where the process of ignoring or covering up inconvenient evidence is normalised, everyone must stay "on message" no matter how warped that message might be and we end up with vast unwieldy messes like the UK's coming ID card system or the EU database directive.

Thursday, December 15, 2005

New Consumer Digital Rights campaign

A new European Consumers Digital Rights campaign has been launched. They have a list of six generic rights,
Right to choice, knowledge and cultural diversity
Right to the principle of “technical neutrality” – defend and maintain consumer rights in the digital environment
Right to benefit from technological innovations without abusive restrictions
Right to interoperability of content and devices
Right to the protection of privacy
Right not to be criminalised
which they urge policymakers to respect.

WIkipedia close to Brittanica for reliability

A study by Nature suggests that Wikipedia comes very close to Encyclopedia Britanica in accuracy.

Kazaa owners may face jail in Australia

In the spirit of the season that's in it, the music industry in Australia have made an application to a federal court to have Kazaa owners declared in contempt of that court's order to implement software filters. Representatives of Sharman Networks, which owns Kazaa, say they have implemented the filters and succeeded in preventing most Australians from downloading copyrighted music using their software. The music companies are annoyed that the filters do not apparently apply outside Australia.

The judge said "Contempt proceedings are fairly rare in this court and I've never yet sent anyone to jail. I've threatened to a few times, but there's always a first I suppose."

Ireland to contest data retention directive

It looks as though Ireland is going to challenge the the EU parliament's passing of the data retention directive. It will apparently be done on procedural grounds and to defend the principle of Ireland's autonomy on justice matters.

The Commission's lawyers have already pointed out that the process has no legal basis so there is a good chance that such action on the part of the Irish government will be successful, if it is pursued to a natural conclusion in the European Court of Justice (ECJ). This all takes time, though.

The data retention vote seems, thus far, to have bypassed the attention of most of the mainstream media outlets in the UK, apart from the Guardian.

Wednesday, December 14, 2005

News outlets pick up data retention decision

The news outlets are now picking up the data retention decision.

Nearly 60000 people have signed a petition against this proposal. Member government parliaments have refused to ratify similar proposals at national level. The EU parliament has rejected an almost identical proposal in the past. European data protection commissioners have severely criticised the proposal. Commission lawyers have declared it to be illegal. The telecommunications and internet services industries have severely criticised the proposal. Civil liberties groups have been apoplectic about it.

Yet a small group of politicians and officials can do a deal behind closed doors and a majority of MEPs vote it through on the nod. Ralf Bendrath of the European Digital Right Initiative has this to day about it:

"Very bad news from Europe.

The European Parliament this morning voted in favour of a backroom deal
that had been made between the two big parties in Brussels and the Council
of Ministers, currently chaired by the UK. The deal completely ignored the
amendmends proposed by the Parliament's Rapporteur and by the Justice and
Civil Liberties Committee that was (well - officialy) in charge of the
process. After a hot debate and a number of signs of cracks in the party
blocks, a majority of 378 parliamentarians voted in favour of mandatory
retention of telecommunications data, 197 against, 30 abstained.

This is in short what we will get now:

- retention of telephone and internet connection data (including email
addresses) and location data for mobile phone calls
- no harmonisation of the retention period (6 to 24 months but longer is
allowed: Poland wants 15 years)
- no harmonisation of cost reimbursement for the needed investments on the
providers' side
- no limitation to certain types of crimes for which access is allowed
- retention of unsuccessful call attempts
- no independent evaluation
- no extra privacy safeguards
- follow-up committee without representation from civil rights organisations

Civil liberties organizations, consumers organizations and all the telco
industry associations as well as journalists associations had been
fighting like hell against this major and unprecedented surveillance plan
until the last minute. We did not win (the outcome is in fact the worst
possible, exactly what the UK home affairs minister Clarke wanted), but we
at least raised a lot of awareness and disturbed the conservative and
social-democrat party lines. But the UK council presidency had pushed so
hard after the London bombings that this directive will enter the EU
history as the one which took the shortest time ever from the first
Commission draft to the final vote (less than three months - normally they
need years).

The next steps will be the adoption by the Council of Ministers (before
christmas) and then the implementation process into national laws. There
will be challenges to this plan before the constitutional courts. I am
pretty sure that the German constitutional court will not like it, as it
recently had ruled unconstitutional a major eavesdropping plan on phone
calls - and that one was only directed at suspicious persons, whereas the
EU directive applies to every single communication of all 450 Million
inhabitants of the EU.

More information, including recordings of the EP debate, is available at"

EU parliament vote for data retention

The EU parliament have voted for the data retention directive.

"Results of votes at plenary session on Wednesday 14 December
A list of the reports put to the vote in the European Parliament on Wednesday 14 December. More detailed analyses of votes will soon be available from Parliament's Press Service website

Results of votes on Wednesday 14 December
Data retention
Directive of the European Parliament and of the Council on the retention of data processed in connection with the provision of public electronic communication services and amending Directive 2002/58/EC
Rapporteur: Alexander Nuno Alvaro (ALDE, DE)
Parliament adopted a package of compromise amendments after agreement had been reached with the Council. The amendments were approved by 387 votes in favour to 204 against with 29. The final resolution was adopted by 378 votes in favour to 197 against with 30 abstentions."

I haven't noticed any of the major news sites picking this up yet.

Lyrics Browsers, iTunes and Copyright Law

From the EFF: Lyrics Browsers, iTunes and Copyright Law

"When I buy a CD, I look forward to having the lyrics printed in the liner notes. That's part of what I expect in exchange for my money. If the record label omits the lyrics, I feel I'm entirely within my fair use rights to listen closely to the recording and copy down the lyrics. Similarly, I'm within my fair use rights when I use a search engine to find the lyrics of the music I've legitimately purchased. And thanks to Apple's iTunes software, I now can add those lyrics to the digital copies of the music I've purchased and have them appear when the song plays on my iPod.

Apparently, at least one music publisher thinks that makes me a music pirate. Yes, annotating music I've legitimately purchased with lyrics makes me a pirate, according to music publishing giant Warner/Chappell.

Warner/Chappell sent a cease & desist letter last week to the developer of pearLyrics, a piece of software that automates the process of adding lyrics to iTunes tracks. (For more details, see the MacWorld review.)"

The best science that money can buy

David Bollier recounts the lack of trust of medical friends and acquaintances in medical journals which they believe have been compromised by the financial support of the large pharmaceutical companies; and draws on a Wall Street Journal article for support.

"Reporter Anna Wilde Mathews writes:
Many of the articles that appear in scientific journals under the bylines of prominent academics are actually written by ghostwriters in the pay of drug companies. These seemingly objective articles, which doctors around the world use to guide their care of patients, are often part of a marketing campaign by companies to promote a product or play up the condition it treats.
The article goes on to describe how ghostwriters are frequently hired to write articles that academics are invited to publish under their own names. It’s a sweet scam. Academics get to pad their publishing resumes. Medical journals get well-written articles by big-name scientists. And the drug companies get to exploit the credibility and independence of academic science for a relative pittance."

Monday, December 12, 2005

Digital Rights Ireland

A new digital rights group is about to be launched in Ireland.

Latest excuse... er reason for ID cards

The government's latest excuse for the ID cards scheme is that it wil cure online fraud, says John Lettice.

Canada may develop Patriot act shield

The federal government in Canada have, if this report is to be believed, have developed a plan that "would allow government departments to immediately cancel a contract with an American firm if it hands personal information about Canadians to U.S. anti-terrorism investigators" under the requirements of the PATRIOT Act. That's a fairly bold step on the part of the Canadians to take a stand against the PATRIOT act but where does it leave the companies that get stuck in the middle? As soon as they get served with a request for data by US authorities they break the law whichever way they turn.

Thanks to Michael Geist for the link.

ID cards for children by the back door

The Children Act of 2004 is back in the news with the announcement that the database to log the details of every child in the UK will cost £224 million plus another £41 million a year to operate. The Conservative party spokesman on the issue said:

"The government's nanny-state approach will do nothing to safeguard the children most at risk. We should be concentrating on the most vulnerable children who are on child protection registers, in care or in homes with a record of domestic violence.

We opposed this clause when it was proposed in the Children's Act 2004. It is bureaucratic nonsense and ID cards for children by the back door."

What's somewhat remarkable is that this law sailed through without the opposition that the ID card proposal has been facing. It suffers many of the same problems as the ID card system but just acts as another indicator of how difficult it is to politically oppose a plan with the stated aim of improving child protection, no matter how badly the actual details of the plan might, in practice, undermine that aim. The time that already stretched child care workers, police, NHS and others will have to put into bureaucratic processing of details of the vast majority of children who are not at risk, will take away from the already limited time and resources they have to work with the really vulnerable.

Remember Schneier's questions:

What problem are you trying to solve?
Protecting children.

How well does your solution solve the problem?
If there is joined up information and communications in the case of victims and tracking those who have abused children it may make a contribution to filling the holes that might have prevented some of the tragic cases we've seen in recent years. I'm not exactly sure that a central database of the type planned will necessarily do this, given the vast array of computing systems the various branches of public services engaged in child protection actually have.

How can the system fail naturally and how can it be made to fail by someone with malign intent?
Big databases have errors. People working with the system will make mistakes. A large number of people need access to the database so it will not be secure - it only takes a small number of malign actors internal or external to compromise a large database of this sort.

What other problems does it cause?
Scarce time and resources are lost in processing details and cases of children who are not at risk. False positive and false negative errors could have serious consequences.

How much does it cost?
£224 million plus £41 million per annum apparently.

Is it worth it?
Well could these resources be more effectively invested and targetted at frontline child protection services?

Setting up a system to assume every child is a victim is similar to setting up a system to assume every citizen is a terrorist. Neither will actively tackle the serious problems to which they are allegedly addressed and may very well end up compounding them.

Friday, December 09, 2005

IP geek

There's a new IP blog, IP Geek, in the blogosphere which looks promising.

Online journalism flourishing because it's trusted

David Bollier says the real reason that online journalism is flourishing is that it is trusted.

Felten on why drm inevitably becomes spyware

Ed Felten has a wonderful explanation of why drm vendors and spyware vendors are actually facing the same problems and so converge on the same solutions, so that drm inevitably becomes spyware.
"Here’s the key issue: Active protection only works if the DRM software is running on the user’s computer. But the user doesn’t want the software on his computer. The software provides no value to him at all. Its only effects are to stop him from doing things he wants to do (such as listening to the music with iTunes), and to expose him to possible security attacks if the software is buggy.

So if you’re designing a CD DRM system based on active protection, you face two main technical problems:
You have to get your software installed, even though the user doesn’t want it.
Once your software is installed, you have to keep it from being uninstalled, even though the user wants it gone.

These are the same two technical problems that spyware designers face.

People who face the same technical problems tends to find the same technical solutions. How do you get software installed against the user’s wishes? You mislead the user about what is being installed, or about the consequences of installation. Or you install without getting permission at all. How do you keep software from being uninstalled? You don’t provide an uninstaller. Or you provide an uninstaller that doesn’t really uninstall the whole program. Or you try to cloak the software so the user doesn’t even know it’s there.

Of course, you don’t have to resort to these tactics. But if you don’t, your software will have trouble getting onto users’ computers and staying there. If your whole business model depends on installing unwanted software and preventing its uninstallation, you’ll do what’s necessary to make that model work. You’ll resort to spyware tactics. (Or you’ll quit and go into another business.)

Having set off down the road of CD copy protection, the music industry shouldn’t be surprised to have arrived at spyware. Because that’s where the road leads."

iPod insurance

There's a nice article in The Big Issue this week about insurance companies attitudes to digital music. If you get your iPod or other MP3 player stolen, then don't expect your insurance company to replace the vast digital music collection you've built up on it. Basically, most people will "never have thought about how they would prove the financial value of their digital music collection if it became necessary."

Norwich Union replaced 36 iPods between January and September 2004. For the same period this year it was 1721. An insurance company manager offers the sound advice that people should keep a record of their online music purchases. But I doubt many people will be bothered enough to do so, particularly if their practice is to buy single tracks at 70p each.

John Gilmore in court

John Gilmore has finally had his appeal court hearing on his challenge to the secret US government regulations apparently making it compulsory for airlines to demand identification or subject a prospective passenger to a pat down search before boarding a flight.

There's some symmetry to the appearance of this hearing in the immediate wake of the UK House of Lords decision a couple of days ago ruling that evidence obtained under torture in foreign jurisdiction was not admissable in cases against terror suspects. The Court of Appeal had created quite a stir last year when they decided that such evidence could be used as long as the UK hadn't been involved in or condoned the torture.

Lord Bingham, said: "The issue is one of constitutional principle, whether evidence obtained by torturing another human being may lawfully be admitted against a party to proceedings in a British court, irrespective of where, or by whom, or on whose authority the torture was inflicted. To that question I would give a very clear negative answer."

MI5 chief, Eliza Manningham-Buller, told the law lords that she needed to rely on foreign intelligence to save lives, which is undoubtedly true. But the government lawyer's translation of that into the notion that they should not check the integrity or source of the intelligence, just in case it might upset the countries that do endorse and carry out torture, has got no basis in any kind of principle.

Thursday, December 08, 2005

Sony knocking the glass over

Ed Felten has more sound thoughts on the latest Sony drm security patch hole.

"Security is all about risk management. If you’re careful to avoid unnecessary risks, to manage the risks you must accept, and to have a recovery plan for when things go wrong, you can keep your security under control. If you plunge ahead, heedless of the risks, you’ll be sorry.

If you’re a parent, you’ll surely remember the time your kid left an overfull glass of juice on the corner of a table and, after the inevitable spill, said, “It was an accident. It’s not my fault.” And so the kid had to learn why we don’t set glasses at the very edges of tables, or balance paintbrushes on the top of the easel, or leave roller skates on the stairs. The accident won’t happen every time, or even most of the time, but it will happen eventually.

If you’re a software vendor, your software creates risks for its users, and you have a responsibility to your customers to help them manage those risks. You should help your customers make informed choices about when and how to use your software, and you should design your software to avoid exposing customers to unnecessary risks."

Felten's DRM, Incompatibility, and Market Power: A Visit to the Sausage Factory is also a must read on this sorry saga.

France to get the worst copyright law?

Cory wonders if France are about to adopt the worst copyright law in Europe.

Publishers should stop worrying about Google

Susan Crawford thinks publishers should stop worrying about Google and start thinking about the opportunities an evolving Web present them.

"What Google does is respond to search queries by providing snippets -- thumbnail pictures and a line of text here, a line from a page there, a headline -- and helping people get to where those things were posted. That's pointing, not copying, and it's a key element of Web 2.0.

The publishers, and the news agencies, are having trouble with this evolution -- heck, they had enough trouble with Web 1.0, much less the groupness we're seeing now-- and are relying on incumbent laws (like copyright law) to protect their ability to charge for content.

But there's a great opportunity here that shouldn't be missed: news companies can become not only providers of great stories (well-researched, well-written, unlike blog posts) but also sources of order. There is so much information now -- we need help! We need priority, and sense of impact, and sense of global connections. We need visualizations, and links, and commentary. All of these things are valuable. We'll pay -- with our attention, our loyalty to the brand, and maybe even with money if the reporters' own personalities are allowed out to play.

A search engine, alone, can't provide this kind of judgment. Not even Google can say which story is likely to have an important impact on our collective future. There is a Web 2.0 model for publishers, and they can only get there by letting go."

Major copyright reform in EU - uh oh.

IPKat has learnt from the Patent Office we're facing

"of an EU programme with potentially major implications for European copyright law. In, Implementing the Community Lisbon programme: A strategy for the simplification of the regulatory environment the European Commission explains the need for EU regulatory laws to be simplified so that a balance is struck between necessary regulation and the need to avoid overcomplicated legislation that entails “costs, hamper business, channel resources away from more efficient uses and in some cases act as a constraint to innovation, productivity and growth” .

The EU wants to save IP lawyers from confusion...
To this end, the EU is embarking on a programme designs to simplify the acquis of various of EU areas of influence. Included in the list of priorities is copyright. The following instruments are identified for “Recast[ing] with a view to improve[ing] the coherence and operation of the legal framework and adapt it to the new digital challenges:

* Council Directive 91/250/EEC of 14 May 1991 on the legal protection of computer programs
* Council Directive 92/100/EEC of 19 November 1992 on rental right and lending right and on certain rights related to copyright in the field of intellectual property
* Council Directive 93/83/EEC of 27 September 1993 on the coordination of certain rules concerning copyright and rights related to copyright applicable to satellite broadcasting and cable retransmission
* Council Directive 93/98/EEC of 29 October 1993 harmonising the term of protection of copyright and certain related rights
* Directive 96/9/EC of the European Parliament and of the Council of 11 March 1996 on the legal protection of databases
* Directive 2001/29/EC of the European Parliament and of the Council of 22 May 2001 on the harmonisation of certain aspects of copyright and related rights in the information society"

The idea of simplifying IP regulations is laudable but the devil, as usual, will be in the detail. It is arguable, for example, that the IPR enforcement directive sinmplifies the IP regulatory environment by theoretically harmonising across all the member states but you certainly won't get me signing up to such an argument. The real damage from that particular directive still remains to play itself out over the coming years but that it will certainly do.

US reject generic drugs even for emergencies

David Bollier and James Love have an important story about trade negotiations over generic drugs at the World Trade Organisation a couple of days ago.

Love says:

"Although not reported in the US mainstream media, and barely noted in the European, Australian or Canadian press, the decision will contain a provision that is intended to prevent the United States, the members of the European Community, and a few other countries from getting access to generic medicines, even in cases involving national emergencies, such as an avian flu pandemic.

Our trade officials will tell the WTO our countries will “opt-out” of a WTO agreement, as potential importers of generic medicines, no matter what the circumstances are. The push for the “opt-out” was engineered by the CEOs of large pharmaceutical companies, such as Pfzier CEO Hank, McKinnell, and GSK’s Jean-Pierre Garnier.

In the United States, the “opt-out” was backed by President Bush’s
advisor, Karl Rove, and top US trade official Bob Portman. Portman
refused to meet with public health groups to defend the decision.

News reporters for the New York Times, the Washington Post, the Wall Street Journal, Reuters and other major news outlets have not reported on the opt-out issue, claiming “it’s too complex for readers to understand.”"

The pharmaceutical companies are acting to protect their interests via the WTO, as you expect them to do. They exist to make money not for public health reasons. Intellectual property is a complex subject, so the press say it is too hard for ordinary people to understand. That is a defensable position. Say "intellectual property" to most people and their eyes will glaze over.

However, the fact that business is in the business of making money and that IP is complicated, is not an excuse for saying that what is going on is right or even acceptable. When commerce operates to exploit complex regulations in such a way as to undermine the public interest, the media, public officials and ordinary citizens who do grasp the complexities have a duty to shine a light on the activity, explain it in such a way that it is comprehensible (especially if it's reprehensible) and bring that activity to a grinding halt.

Bollier puts it like this:

"Is it really so hard to understand the implications of these developments at the WTO? People will die because medicines are artificially expensive. Big Pharma wants to protect its patents and revenues at all costs, the public health and poor countries be damned. Compliant governments and a lapdog press are happy to let Big Pharma have its way.

That wasn’t so complicated now, was it?

The WTO decision represents a decisive repudiation of the WTO’s 2001 Doha Declaration on TRIPS and Public Health, which called for policies to make it easier to export generic medicines under compulsory licenses."

FOI request on ID cards rejected

The Home Office has rejected a Freedom of Information request by Computer Weekly to publish the risk register relating to the ID card scheme.

Ordinary people turned war criminals

On the front page of today's Independent, a story entitles War Criminals describes three court cases.

" * Maya Evans, 25, convicted for reading out names of 97 British soldiers killed in Iraq at unauthorised protest.
* Douglas Barker, 72, threatened with jail for withholding part of his tax payment in protest at the Iraq conflict.
* Malcolm Kendall-Smith, a 37-year-old RAF medical officer, facing court-martial for refusing to serve in Iraq"

Evans apparently told magistrates "I didn't want to be arrested but, as far as I was concerned, I didn't think I was doing anything wrong standing there on a drizzly Tuesday morning with a colleague reading names of people who had died in a war. I don't think it's a criminal offence and I don't think I should have been arrested for it."

She was convicted under Section 132 of the Serious Organised Crime and Police Act 2005.

Barker told magistrates that he'd estimated that 10% of his taxes were going on military spending and he had therefore witheld that amount and intended to send it to a charity caring for children in Iraq. He wanted a guarantee that if he did pay the money it would not be used for military purposes.

Kendall-Smith refused to serve in Iraq because having reviewed the legal advice on the war, including that of the Attorney General, he came to believe the war was illegal. His court martial is due to take place in the Spring.

Heise liable for reader comments

The first-instance district court of Hamburg has ruled that the online news site Heise can be held liable for readers comments and "has had issued a temporary restraining order preventing heise online from publishing reader comments calling on others to overload a company's server by massively downloading a program."

The court said Heise should be liable for reader comments inciting destructive attacks online, whether they were aware of the specific comments or not. Heise had deleted the comments which has originally prompted the lawsuit but originally believed they only had to removed comments that they were aware of or had been notified of.

Heise apparently get about 200000 comments per month and software filters just aren't good enough to catch all the relevant subtleties (not to mention the false positive irritations they cause). Manual checking of that number of comments is not an option, so do Heise have to close down the commenting option? Well the German Supreme court ruled last year that sites like Heise could only be held liable if there were reasonable ways of reviewing the content third party contributors, so maybe not. The EU ecommerce directive of 2000 also says service providers don't have to comprehensively monitor comments they just transmit or store. So where does that leave Heise? Probably paying lawyers to test the limits of what the contradictions really mean.

Tuesday, December 06, 2005

IPR battle at Cambridge University resumes

The battle over the intellectual property rights of academics at Cambridge University has started up again, according to Patent Baristas.

You'll probably find Ross Anderson has one or two things to say about that.

The $100 laptop

John is a little skeptical of the real utility of Nicholas Negroponte's $100 laptops for children in the developing world.

" the pedagogical philosophy implicit in OLPC is clearly inspired by Negroponte's MIT colleague, Seymour Papert.

Papert is a visionary whose entire career has been driven by the idea of the digital computer as a revolutionary machine...

Papert is an engaging thinker and writer, but is essentially a techno-evangelist...

He is thus rather grandly contemptuous of mundane questions such as whether there is any evidence that giving kids computers is educationally better than giving them books..."

As I've said before, you can't get someone to understand the principles of drawing graphs by getting them to show you how many colours the graphics package on their computer can deploy in producing something that looks like a graph on screen. By all means exploit technology (including the humble pencil) in education where it is useful and let people play with technology in education in order to find out how it can be useful. But spending vast sums on technology in the blind faith belief that it will automatically improve things regardless of the context, is a mug's game.


The latest and possibly the last EDRI newsletter has been published.


Urgent call for pledges of support for EDRI-gram
1. Final push for single EP vote on data retention
2. EDRI and PI call on EP to reject data retention
3. Polish plans for 15 years mandatory data retention
4. Urgency procedure for draft French anti-terrorism law
5. New anti-terrorism measures in Denmark
6. Launch of Digital Rights Ireland
7. Illegal video surveillance on Slovenian motorways
8. Post-WSIS civil society letter to Kofi Annan
9. NL supreme court ruling on internet anonymity
10. Results e-society conference in Macedonia
11. Advocate General European Court rejects PNR deal
12. Cryptography almost banned in the Czech Republic
13. Agenda
14. About

Ireland to challenge data retention deal

Irish justice minister, Michael McDowell, suggested in the wake of the agreement amongst most EU justice ministers about data retention, that Ireland would challenge the directive in the European Court of Justice, if it gets passed by the EU parliament next week.

Wikipedia integrity

I had the priviledge of meeting the founder of Wikipedia, Jimmy Wales, last week, at the inaugural gathering of the Open Rights Group. Wikipedia is a fantastic online encyclopedia, which, given the fact that anyone can alter an entry, is mostly remarkably reliable. Occasionally things go wrong, however, as this story in the New York Times illustrates. A Mr. Seigenthaler was shocked to find an entry on himself in Wikipedia, suggesting he might have been involved in serious crimes. The entry has since been corrected but the poster has not been identified. Mr. Seigenthaler has decided not to pursue the issue, though it would be possible for him to get a court order to ask the poster's ISP to identify the culprit and then pursue a defamation case. Sensibly he forgoes the opportunity to invest large sums in lawyers and the associated stresses of lawsuits, though he says he's learned a clear lesson:

"We live in a universe of new media with phenomenal opportunities for worldwide communications and research, but populated by volunteer vandals with poison-pen intellects."

The article also describes Jimmy Wales reaction

"Mr. Wales said in an interview that he was troubled by the Seigenthaler episode, and noted that Wikipedia was essentially in the same boat. "We have constant problems where we have people who are trying to repeatedly abuse our sites," he said.

Still, he said, he was trying to make Wikipedia less vulnerable to tampering. He said he was starting a review mechanism by which readers and experts could rate the value of various articles. The reviews, which he said he expected to start in January, would show the site's strengths and weaknesses and perhaps reveal patterns to help them address the problems.

In addition, he said, Wikipedia may start blocking unregistered users from creating new pages, though they would still be able to edit them.

The real problem, he said, was the volume of new material coming in; it is so overwhelming that screeners cannot keep up with it."

Monday, December 05, 2005

Court upholds random NY subway searches

Professor Dan Solove is annoyed at a recent court decision upholding the right to the police to engage in random searches on the New York subway.

"After making its general incantation of deference (which means that the government will automatically win), Judge Berman goes on to articulate the "persuasive" arguments of the government:
The Court is also persuaded by Commissioner Sheehan's opinion that the Program "reinforces the awareness of police officers, transit workers and the public of the need to be alert."
This is a silly argument. Essentially, the court says that providing the police with greater abilities to engage in searches without constitutional protections will make the police more "alert." Well, that's nice -- we should all be happy to sacrifice liberties so that the police become more alert. And the court notes that it will teach the public to be more alert too. So the argument is that we can make the people more alert by intruding upon their privacy. Let's try strip searches -- these will certainly make the cops more alert, and it will have great effects on public alertness too, and the cops can have a lot of fun at the same time.

The court also reasons:
[T]he Court is persuaded that the randomness of the searches rather than the actual number of searches conducted is (primarily) what makes the Container Inspection Proogram effective.
In other words, the court is saying that any small increase in terrorists believing they might get caught makes such a policy an effective. But if "effectiveness" is to have any meaning, the benefits of a policy that requires a sacrifice in liberty should be more than just trivial or speculative. There is no evidence that this policy will have any deterrent effect...

It is bad enough that so much money and resources must be wasted on a largely symbolic exercise to make public officials look like they're doing something to protect us when they're not. This cosmetic program for public officials which drains money from other more serious threats. It is even worse that people must sacrifice liberty and convenience too."

You have to admit he has a point.

Felten: DMCA should not protect spyware

Ed Felten thinks the DMCA should not protect spyware and he's submitted a request for an exemption along these lines to the US copyright office.


Open University exam results will be available soon. To those who don't do as well as you'd hoped, just remember that it's not the end of the world. Even the best of students can and sometimes do find things going wrong.

Getting through the process of distance learning whilst holding down a job and looking after a family and all the other real life committments that OU students typically have, is a major success in itself. So give yourself a pat on the back even before the results arrive - you deserve it.

Open letter on data retention

A whole plethora of digital rights groups have written an Open Letter to the European Parliament on Data Retention.

58000 people from all over Europe have signed a petition against data retention.

Will it make a difference to the European Parliament vote on the issue on 13 December? Only time will tell but it looks like the version of the proposal to go before the parliament will require two years data retention.

This process of repeatedly sending back lousy legislative proposals through the EU system, until opposition is chipped away though the lack of energy to be bothered with it again, seriously undermines the EU. But then representative democracy, which is what the parliament is supposed to be based on, only works if a sufficient number of dedicated people (albeit that sufficent number can range from 1 upwards) take an active interest. Nearly 60000 people have shown an interest here but in this case I'm not sure it's going to be enough.

Parliamentary drm enquiry

From the All Party Internet Group website: "(APIG)The All Party Parliamentary Internet Group (APIG) is to hold a public inquiry into the issues surrounding Digital Rights Management (DRM)...

The inquiry seeks written evidence particularly focusing upon the following:

Whether DRM distorts traditional tradeoffs in copyright law;
Whether new types of content sharing license (such as Creative Commons or Copyleft) need legislation changes to be effective;
How copyright deposit libraries should deal with DRM issues;
How consumers should be protected when DRM systems are discontinued;
To what extent DRM systems should be forced to make exceptions for the partially sighted and people with other disabilities;
What legal protections DRM systems should have from those who wish to circumvent them;
Whether DRM systems can have unintended consequences on computer functionality;
The role of the UK Parliament in influencing the global agenda for this type of technical issue.

APIG calls upon interested parties to present written evidence to the inquiry before 21st December 2005.

Written evidence should be submitted to APIG may, at its discretion, ask for oral evidence from witnesses in January 2006 at the Houses of Parliament."

Transformational government

William Heath has posted his comments on the UK CIO Council IT strategy in four pieces. He thinks the main issues are:
- the fundamental premise that services should be personalised and directed at people, when I'd rather see simple, open and navigable government (which is less ambitious, cheaper and less intrusive)
- making identity government-controlled and tying it to the compulsory biometric scheme with audit trail
- grudging lip-service to privacy when human dignity is paramount
- whether or not the executive focus and energy is there to deliver changes like shared services.

Sunday, December 04, 2005

Diebold certified in spite of court order

It seems that the North Carolina Board of Elections has certified Diebold Election Systems to sell electronic voting equipment in the state, in spite of a federal judge's order that Diebold hand over their source code and list of programmers. Does this mean they have secretly handed over the required details (even though they claimed that they would rather withdraw from tendering) or that the Board officials were unaware of the judge's decision when they approved Diebold as an electronic voting machine vendor?

Saturday, December 03, 2005

UK intellectual property review

The UK Treasury has announced a review of intellectual property.

"At the Enterprise Conference on 2 December 2005, the Chancellor announced that, as part of the Pre-Budget Report 2005 package, he was asking Andrew Gowers to lead an Independent Review to examine the UK’s intellectual property framework, reporting to the Chancellor, the Secretary of State for Trade and Industry and the Secretary of State for Culture, Media and Sport in Autumn 2006."

Under "scope" the final bullet point says

"The review will provide an analysis of the performance of the UK IP system, including inter alia...

whether the current technical and legal IP infringement framework reflects the digital environment, and whether provisions for ‘fair use’ by citizens are reasonable."

Which is interesting because we don't have "fair use" in the UK. We have "fair dealing" which though similar is not the same. "Fair use" in the US, for example, allows the making of copies of CDs for personal use, whereas "fair dealing" in the UK does not.

Friday, December 02, 2005

Dutch e-citizen charter

William Heath thinks the Dutch 10 point e-Citizen Charter might be what we need for Europe. I'll have to come back to this as other things are pressing but it raises all kinds of interesting questions.

Turning the Net into cable TV

David Bollier advises:

"Beware the privateers! They whisper sweetly of fantastic new services they will provide – a faster Internet, better quality, even medical alerts for consumers….and blah-de-blah. Their unspoken agenda, however, is to convert the open Internet commons into a pay-for-performance marketplace. The companies who control the “pipes” of the Internet – i.e., the telephone and cable TV companies – are starting to make their move.

It’s imperative that we pay close attention to these plans – and register our objections to Congress and the companies themselves."

Thursday, December 01, 2005

Copyright dispute over book cover

Thomas Friedman and his publisher, Farrar, Straus and Giroux, have been sued over the cover on his latest book, The World is Flat. (Interestingly enough I see Amazon UK have "No Image Available" for the cover at the moment).

Freidman used an image from a poster he'd bought many years ago, of a painting done by artist Ed Miracle, showing boats sailing over the edge of the world, which featured the caption "I told you so." His publisher had duly licenced the right to use the image from the poster company. The poster company, unfortunately didn't hold the copyright in the image. They only had a licence to sell about a thousand posters and that licence expired in 1996.

The author said: "We didn't try to cheat anybody. We did it [purchased the rights] through normal channels. We thought this was all legal, kosher, and right. I feel bad that this happened, and I couldn't feel more bad for him [Miracle]."

The artist's agent, Rose von Perbandt, said "Is there no one in the press that sees the irony of a book on globalization—whose author stresses the need to protect against piracy and strengthen intellectual property protection—that is infringing the copyrights of the artist whose work was used on the cover?"

It's a fair point, which goes to show that even those with an interest in strong intellectual property rights, including Pulitzer Prize winning journalists/authors, can sometimes accidently get entangled in the complexity of the current IP landscape.

IPPR report

The Institute for Public Policy Research has just released a report "Markets in the Online Public Sphere." As the author of the report Will Davies puts it the report covers "the politics and economics of online information, and why policy-makers find it so hard to accertain the 'public interest' in this confusing terrain."

Tuesday, November 29, 2005

President Bush disaster

I don't think Rupert Murdoch really would have wanted this image to come across the way it does...

Diebold ordered to supply source code

A federal judge has ordered Diebold to hand over the source code on its electronic voting machines to North Carolina state officials. From the EFF:

"a North Carolina judge today told Diebold Election Systems that the e-voting company must comply with tough North Carolina election law and dismissed the company's case seeking broad exemptions from the law.

EFF intervened in the case earlier this month, after Diebold obtained a broad temporary restraining order that allowed it to evade key transparency requirements without criminal or civil liability. The law requires escrow of the source code for all voting systems to be certified in the state and identification of programmers. In today's hearing, the judge told Diebold if it wanted to continue in the bidding process for certified election systems in the state, it must follow the law and if it failed to do so, it would face liability...

Diebold could appeal the ruling, go forward with its bid, or withdraw from the process. However, Diebold told the court that it would likely withdraw the bid if the company did not have liability protection.

North Carolina experienced one of the most serious malfunctions of e-voting systems in the 2004 presidential election when over 4,500 ballots were lost in a voting system provided by Diebold competitor UniLect Corp. The new transparency and integrity provisions of the North Carolina election law were passed in response to this and other documented malfunctions that have occurred across the country."

It is very good news that a judge should enforce transparency requirements on a voting machine vendor. Given that Diebold have explicitly now threatened to withdraw from the bidding process rather than hand over theie source code, it will be interesting to watch to see if they follow through on that. Transparency is fundamental to the democratic process and no amount of technology or commerce should be allowed to undermine that.