Friday, January 21, 2005

Software patent directive through agriculture

Looks like there may be another attempt to pass the EU software patent directive at an EU Council agriculture and fisheries meeting on Monday.

Even if the proposal did have merit and had not been widely criticised, sneaking it through in an underhand way like this is bound to create suspicion.

Berkman Center Report on Digital Media

The Berkman Center's, Digital Media Project have released

"a new report assessing how the digitization of music and movies has transformed not only businesses but copyright law and the idea of intellectual property. The report -- Copyright and Digital Media in a Post-Napster World -- updates a foundational whitepaper, released originally in 2003, to reflect major areas of change. In addition to new lawsuits and proposed legislation, one of the major developments since 2003 lies in international policy changes. The White Paper includes an International Supplement that offers an overview of the most fundamental shifts."

John Palfrey, Donna Wentworth and Derek Slater were amongst the contributers.

Donna also pointed me at what she calls the book review to end all book reviews by Robert S. Boynton

"Who owns the words you're reading right now? if you're holding a copy of Bookforum in your hands, the law permits you to lend or sell it to whomever you like. If you're reading this article on the Internet, you are allowed to link to it, but are prohibited from duplicating it on your web site or chat room without permission. You are free to make copies of it for teaching purposes, but aren't allowed to sell those copies to your students without permission. A critic who misrepresents my ideas or uses some of my words to attack me in an article of his own is well within his rights to do so. But were I to fashion these pages into a work of collage art and sell it, my customer would be breaking the law if he altered it. Furthermore, were I to set these words to music, I'd receive royalties when it was played on the radio; the band performing it, however, would get nothing. In the end, the copyright to these words belongs to me, and I've given Bookforum the right to publish them. But even my ownership is limited. Unlike a house, which I may pass on to my heirs (and they to theirs), my copyright will expire seventy years after my death, and these words will enter the public domain, where anyone is free to use them. But those doodles you're drawing in the margins of this page? Have no fear: They belong entirely to you...

In December 2004, Google announced "Google Print," a project to bring millions of easily searchable, digitized books to the Internet. The project, which has already begun and may take a decade to complete, will further heighten awareness of our vexed relationship to intellectual property. After digitizing the entire holdings of Stanford and the University of Michigan libraries (as well as sections of the libraries of Harvard, Oxford and the New York Public Library), Google Print will search the texts of these books—although one will only be able to read the entire text of those works whose copyright has lapsed and are therefore in the public domain. As for copyrighted titles, one will be able to search their text for names and key phrases but won't be allowed to read the books themselves (a function like Amazon's helpful, but similarly limited, "Search inside this book" service). Instead, one will be directed to a library or bookstore where the book can be located.

As amazing an effort as Google Print is (creating nothing less than a virtual "universal library of knowledge"), its logical goal—giving readers full access to the entire contents of that library—will be undercut by our intellectual property laws. It is an inherently unstable situation, and it is only a matter of time before someone (Amazon? Random House?) develops software to link this vast cache of literature to a convenient print-on-demand service (for which the hardware already exists). When it becomes possible to hold an inexpensive, physical copy of one of Google's digitized titles in one's hands—but only if it was first published prior to 1923 and is therefore in the public domain—people will begin to understand the implications of having something so obviously beneficial (universal access to universal knowledge) tethered to laws from another era. Google Print may be the Trojan Horse of the copyright wars...

Boyle is one of the founders of "digital environmentalism," the movement that is fashioning a new understanding of what the public domain—the "commons," as Boyle and others have called it—might be. The great achievement of the environmental movement, from which Boyle draws inspiration, was its ability to convince a swath of the population—consumers and industrialists alike—that they all had a stake in this thing called "the environment," rather than just the small patch of land where they lived. Similarly, digital environmentalists are raising our awareness of the intellectual "land" to which people ought to feel entitled.

Digital environmentalism is a two-pronged movement, with one group raising the awareness of the cultural stakes of intellectual property among everyday citizens, and the other pressing for legislative and legal change. The difference between the two is one of emphasis, with each participating in the battles of the other. Neither are anarchists or utopians; rather, both perceive of themselves as conservatives in the traditional sense of the term."

Well worth reading the entire piece. Terrific analysis.

Carvivore retirement reports outdated

There have been recent reports on the FBI retiring their surveillance tool Carnivore, which have been irritating Orin Kerr.

"The Associated Press reports that the FBI has retired its "Carnivore" Internet surveillance tool. (It actually happened about two years ago, but no one knew about it until now.) The Carnivore debate was premised on a profound misunderstanding of Internet surveillance practices...

Why did the FBI retire Carnivore? For a reason I explained in an article published two years ago on the Patriot Act (see footnote 247 if you're really interested): in the last few years, the private sector finally caught up with the government. Commercial surveillance tools now have the same privacy-enhancing filter technology that the Carnivore tool has, meaning that the government no longer needs to use Carnivore. Strange, but true."

Thursday, January 20, 2005

California proposal jolts Felten

Ed Felten was shocked to find that the latest proposal to regulate P2P networks by California would make him a candidate for the slammer.

"Kevin Murray, a California legislator, has introduced a bill that would fine, or imprison for up to one year, any person who "sells, offers for sale, advertises, distributes, disseminates, provides, or otherwise makes available" software that allows users to connect to networks that can share files, unless that person takes "reasonable care" to ensure that the software is not used illegally. TechDirt argues that my TinyP2P program would violate the proposed law.

Actually, the bill would appear to apply to a wide range of general-purpose software:

"[P]eer-to-peer file sharing software" means software that once installed and launched, enables the user to connect his or her computer to a network of other computers on which the users of these computers have made available recording or audiovisual works for electronic dissemination to other users who are connected to the network. When a transaction is complete, the user has an identical copy of the file on his or her computer and may also then disseminate the file to other users connected to the network.

That definition clearly includes the web, and the Internet itself, so that any software that enabled a user to connect to the Internet would be covered. And note that it's not just the author or seller of the software who is at risk, but also any advertiser or distributor. Would TechDirt be committing a crime by linking to my TinyP2P page? Would my ISP be committing a crime by hosting my site?"

Wednesday, January 19, 2005

Response from SiteKiosk

I've just had an email from Thorsten Abdinghoff, Technical Sales Manager for PROVISIO GmbH, offering to add the url for this blog to the list of allowed sites for their SiteKiosk filter system.

Many thanks to Thorsten.

Jail for P2P developers in California?

A new bill being introduced in California could lead to jail time for developers of P2P software. Not clever.

Initial IT Support response

I've just had a phone call from a very helpful IT specialist called Brice at Initial, in response to the email I sent yesterday about having this blog blocked. He said he'll be able to get the block lifted but it will involve sending someone down to Harben House to do it because no one in the conference centre would have the expertise. Initial apparently use sitekiosk.com software, which comes bundled with filters. I've emailed SiteKiosk vendor, PROVISIO GmbH (contact@provisio.de), to see what they have to say. Apparently they have 2500 customers for their SiteKiosk sofware, based in 50 countries all blocked from a blog on the politics of technology.
Maybe I should ask Ben Edelmann at Harvard to look into it.

Americans on trial in China

Two Americans are amongst those on trial in a Shanghai court in China for selling pirated DVDs through eBay and a Russian website.

Tuesday, January 18, 2005

Candian DOJ watch US patent case

The Canadian Department of Justice have filed an amicus brief in a US patent case.

"The federal government has stepped into the middle of a high-stakes patent infringement battle between Research in Motion Inc. and a U.S. company, claiming a recent U.S. court ruling against the creator of the iconic BlackBerry communications device threatens to chill innovation by Canadian firms and give extra-territorial reach to U.S. patent law."

Filter stories

There are two more filtering stories I wanted to point to in the light of the Verizon decision to block email from selected parts of Europe including the UK.

The Australian Securities and Investments Commission would like Aussie ISPs to block fraudulent websites because Aussies allegedly "tend to be quite susceptible" to them. The Australian trade association representing ISPs are not keen on the idea, not surprisingly. Firstly, I seriously doubt Australians are any more susceptible to online scams than any other nationality but continue to be amazed by the huge numbers of people who are taken in by things like phishing and the Nigerian 519 emails [which, amongst other things, is a function of greed and simultaneous trust in the output of technology, however skeptical these folk would be of a similar offer on a street corner].

Secondly it raises a whole host of questions, similar to those asked by folk like Cyber Rights in relation to things like high tech crime, hate speech and child pornography on the Internet and how organisations such as the Internet Watch Foundation are operated, overseen and regulated. Plus who pays for it?

Ultimately forcing ISPs to filter out suspected fraud sites is no substitute for spending money on well trained police officers, skilled in the prevention, detection and prosecution of high tech crimes.

The second filtering story was the report in Net Family News pointing to websites that evaluate filter software. Just remember that installing filter software can instil a false sense of security. It is easy to believe the problem of children getting access to inappropriate material is solved once the software is installed. Yet it has been demonstrated repeatedly that these filters do allow pornography, for example, to get through. In this case, there is no substitute for talking to and trusting your children (and they will probably be more skilled in disabling such software than you will be in installing it in any case).

Plus I remain irritated about filter software blocking this blog, presumably because it has xxx in the title. I've not been back to Harben House since I discovered they were censoring me, so I've no idea whether they did as promised and had a human being review the block. But I've emailed them again to ask, in the first instance, what the outcome of their promised investigation was.

Copyright killing documentaries

Interesting article in the Globe and Mail yesterday about the increasing difficulties documentary film makers are having as a result of the changes in the copyright landscape of recent times.

"As Americans commemorate Martin Luther King Jr. and his legacy today, no television channel will be broadcasting the documentary series Eyes on the Prize. Produced in the 1980s and widely considered the most important encapsulation of the American civil-rights movement on video, the documentary series can no longer be broadcast or sold anywhere.

Why?

The makers of the series no longer have permission for the archival footage they previously used of such key events as the historic protest marches or the confrontations with Southern police. Given Eyes on the Prize's tight budget, typical of any documentary, its filmmakers could barely afford the minimum five-year rights for use of the clips. That permission has long since expired, and the $250,000 to $500,000 needed to clear the numerous copyrights involved is proving too expensive.

This is particularly dire now, because VHS copies of the series used in countless school curriculums are deteriorating beyond rehabilitation. With no new copies allowed to go on sale, "the whole thing, for all practical purposes, no longer exists," says Jon Else, a California-based filmmaker who helped produce and shoot the series and who also teaches at the Graduate School of Journalism of the University of California, Berkeley."

Monday, January 17, 2005

Schneier on Secure Flight evaluation group

Bruce Schneier is now also a member of a working group evaluating the replacement of the CAPPS II passenger profiling programme, "Secure Flight."

"I am participating in a working group to help evaluate the effectiveness and privacy implications of the TSA's Secure Flight program. We've had one meeting so far, and it looks like it will be an interesting exercise.

For those who have not been following along, Secure Flight is the follow-on to CAPPS-I. (CAPPS stands for Computer Assisted Passenger Pre-Screening.) CAPPS-I has been in place since 1997, and is a simple system to match airplane passengers to a terrorist watch list. A follow-on system, CAPPS-II, was proposed last year. That complicated system would have given every traveler a risk score based on information in government and commercial databases. There was a huge public outcry over the invasiveness of the system, and it was cancelled over the summer. Secure Flight is the new follow-on system to CAPPS-I.

Many of us believe that Secure Flight is just CAPPS-II with a new name. I hope to learn whether or not that is true.

I hope to learn a lot of things about Secure Flight and airline passenger profiling in general, but I probably won't be able to write about it. In order to be a member of this working group, I was required to apply for a U.S. government SECRET security clearance and sign an NDA, promising that I would not disclose something called "Sensitive Security Information."

SSI is one of three new categories of secret information, all of I think have no reason to exist. There is already a classification scheme -- CONFIDENTIAL, SECRET, TOP SECRET, etc. -- and information should either fit into that scheme or be public. A new scheme is just confusing. The NDA we were supposed to sign was very general, and included such provisions as allowing the government to conduct warrantless searches of our residences. (Two federal unions have threatened to sue the government over several provisions in that NDA, which applies to many DHS employees. And just recently, the DHS backed down.)

After push-back by myself and several others, we were given a much less onerous NDA to sign."

So why is he participating at all given his concerns? He says:

" I hope I can help make Secure Flight an effective security tool. I hope I can help minimize the privacy invasions on the program if it continues, and help kill it if it is ineffective. I'm not optimistic, but I'm hopeful.

I'm not hopeful that you will ever learn the results of this working group. We're preparing our report for the Aviation Security Advisory Committee, and I very much doubt that they will release the report to the public."

Irish e-voting

Schneier also points to the Irish Commission on Electonic Voting report analysing the e-voting system bought by the Irish government. They conclude

It is easy to use

It eliminates many inadvertent voter errors

It has been piloted in an election and a referendum

The system suppliers also supply e-voting machines to Germany and Holland

It has been tested and can accurately and consistently record and count votes in most situations including "unusual or difficult electoral situations"

End to end testing suggests it can accurately record and count votes in mulitple simultaneous elections

It can produce results quickly

It may save costs in the future


"However, within the timeframe of this report the Commission has not been able to satisfy itself suffiently as to the accuracy and secrecy of the chosen system."

...and then they go on to outline a range of important concerns. The Summary and Conclusion (Part 6) of the report are well worth a read for anyone with an interest in the integrity of electronic voting systems.

Fingerprinting schoolkids

Bruce Schneier explains why fingerprinting schoolkids to combat child kidnapping is an ineffective way of fulfilling the stated purpose. However, if you consider the agenda of the folks who introduced the scheme,

"If a kidnapping occurs on school property, the subsequent investigation could easily hurt school officials. They could even lose their jobs. If you view this security countermeasure as one protecting them just as much as it protects children, it suddenly makes more sense. The trade-off might not be worth it in general, but it’s worth it to them.

Kidnapping is a real problem, and countermeasures that help reduce the risk are a good thing. But remember that security is always a trade off, and a good security system is one where the security benefits are worth the money, convenience, and liberties that are being given up. Quite simply, this system isn’t worth it."

Schneier's latest Crypto-Gram full of sensible commentary on a wide range of security issues has just been posted.

Verizon blanket ban on UK emails

I missed an interesting story in Wired last week. Verizon have apparently been blocking all email from the UK and other parts of Europe for several weeks.

I guess censorship by a communications service provider is ok in the Land of the Free, as long as it's only those foreigners that get censored. I'm being a little unfair. Private corporations are, of course, fully entitled to engage in censorship in the free market.

According to Wired,

"Verizon began blocking ranges of IP addresses belonging to British and European ISPs on Dec. 22, according to the company. The blacklisting of e-mail from abroad was in response to spam coming from the region, according to a customer service representative at Verizon who identified himself only as "Gary." He said company policy prevents him from giving out his last name."

I recall a similar case about 5 years ago, which I wrote about at the time. On 20 October, 1999, IDT, a New Jersey based ISP, blocked all email from the UK because some of its customers had received a large number of offensive unsolicited emails, apparently from a UK address. The spammer had actually exploited a security hole in a UK university's system. This made it appear as if the bulk emails were originating from there. The university (of Leeds) claim that IDT did not contact them before they took their action.

Even if the emails had come from that university, or some of the spam currently bothering Verizon is sprouting from the UK, it is a bit drastic to cut off an entire country in response [if that is what is actually happening].

The infamous torture memo

The Dean of Yale law school, Harold Koh, has testified during Alberto Gonzales' confirmation hearings for the position of Attorney General of the United States. Koh said the infamous torture memo, which attempted to provide a legal justification for engaging in torture, was:

"in my professional opinion as a law professor and a law dean, the Bybee memorandum is perhaps the most clearly legally erroneous opinion I have ever read."

Gonzales is the White House counsel who asked for the torture opinion and received the "Memorandum from Assistant Attorney General Jay S. Bybee to The White House Counsel on interrogation methods that do not violate prohibitions against torture" in response in August 2002. He has now repudiated the part of the memo that stated:

"The Congress may no more regulate the president's ability to detain and interrogate enemy combatants than it may regulate his ability to direct troop movements on the battlefield"

The Gonzales hearings have proved to be less contentious than a number of people were predicting they might be.

John Dean, former White House Counsel to President Nixon, who writes this Findlaw report on the issue, is not exactly a fan of the current administration, of course.