In the spirit of William Heath's wonderful Ideal government blog, where his purpose is to ask "Wouldn't it be better if..." (or "Wibbi" for short), I've been having a quite grumble to myself this afternoon, in the midst of drafting the education chapter for my book, about how badly we as a nation deploy technology to enable education. To some degree it is all tied up with the kinds of problems I was referring to earlier in the day about ID cards. In any case, here's a random list of some of my wibbis on information and communications technologies in education...
Wibbi we didn't try to make kids and teachers use computers in school for the sake of using computers in school.
Wibbi in a digital, participative, collaborative age people used the technology to learn from each other.
Wibbi policy and decision makers public and private understood the difference between information technologies and information systems.
Wibbi if people had the skills to get access the information they need, like, are interested in.
Wibbi the suits could see the value of technology as an enabling tool rather than as something that you buy because it is expensive, flashy and it is good PR to be modern.
Wibbi kids growing up with and assimilating technology naturally were given the freedom to be creative with it.
Wibbi educators facilitated that freedom with ideas, sound information practices, and the imparting of critical assessment skills to interpret, assess and use the knowledge gained. Better to teach the kids where to find the information they need and how to decide whether it is trustworthy.
Wibbi we used computers in education to enable people who suffer from dyslexia to bypass that disability.
Wibbi we realised the technology is just the plumbing and it will eventually fade into the background. It i?s the message, the information, the knowledge, the sharing, the community thatÂ?s important, not the medium, the wine not the bottles. "E-learning" doesn't exist, so to quote a well known techie millionaire, "?get over it."
Wibbi teachers became less the gatekeepers of "?facts"? or approved curricula and more guides in the acquisition of knowledge.
Wibbi teachers were not just curriculum experts (if you'?re lucky!) but content creators and networkers -? models for the children/students to follow
Wibbi if we realised that anyone with a PC and internet connection now has access to a printing press of their own and a potential global audience.
Wibbi the school and college curricula were on wikipedia (like the South African high school curriculum or MIT OpenCourseWare).
Wibbi we learned how to compliment what we already do well in education with collaborative information generation along the lines of Wikipedia.
Wibbi school children and college students communicated and learned through books, periodicals, TV, blogs, wikis, creating, sharing and engaging with multimedia technologies, photos, videos, podcasting, digital stories, webpage building, browsers, databases, screencasts, RSS newsfeeds, IM, communities in the classroom and remotely?
Wibbi kids had the choice to publish their homework and/or hand it to the teacher or fellow learners who had acquired the skills to provide positive feedback and support. (Don't kid yourself - there i?s not a school in the world where some small number of children are not already doing a much better job of "?teaching"? their peers than any of the professionals in the institution and entirely without their knowledge)
Wibbi if we taught ourselves and our children how to manage the information firehose and how to be selective to facilitate healthy minds and communities (an information diet, if you like).
Wibbi we got over the notion that we have to change for change sake and started using the technology to establish stability in educational institutions; not stability in the sense of stagnation but stability in the sense of space and time to focus on learning (rather than boredom or fear, confusion or avoidance, keeping your head down, or enduring, testing, or form filling or procedures or artificial targets). Within that space and time the educational process can be as calm or anarchic or adventurous as the students and teachers want it to be in order to serve the personal development needs of every single individual
Wibbi we stopped concentrating on kids/students misusing the technologies and started focussing on how to enable and encourage them to use them constructively for their own and others'? benefits.
Wibbi we got over the fear factor and focussed on the potential of the students and how we and the technologies can help them reach that potential.
Wibbi some massively rich philanthropist or the government funded the nationwide construction of an open access, open architecture, broadband networks.
Wibbi all digital educational platforms were interoperable and based on open standards.
Wibbi the folks who really do know how to deploy computers in education (because we've done it - children, students and teachers alike - and have the scars to prove it) were able to help those who haven't yet done so, or who might be nervous about trying.
Wibbi we were able to use a pencil and paper when it is still the BAT (best available technology) for facilitating particular types of learning.
Finally for today, since blogger has been playing up badly again, wibbi blogger stopped mucking about and got back to normal, so that I didn't have to go through a ridiculous word verification process every time I wanted to post. Have a good weekend.
Pages
▼
Friday, October 28, 2005
Siva remains concerned about Google Print
Siva Vaidhyanathan remains seriously conerned about the happenings surrounding Google Print.
"can I get a shout out from some more librarians on this issue? Let's get control of this debate, please. We can't let the technologists and lawyers tell librarians what their job is and keep making facile comparisons between a company that merely ranks things and the process of effective and ethical information organization and management.
Bluntly: Librarians have ethical codes. Libraries have public duties and oversight. Is that enough "so what?"...
First, let me assert once again that Google of 2025 most certainly will not resemble the Google of 2005. It might not even exist. Think about it...
So just as the widespread worship of Google baffles me, the widespread faith in the reasonableness of courts (especially SDNY and the 2d Circuit) baffles me more. Have we not learned any hard lessons from the last few years...
I suspect the courts are exhausted by all the hard thinking we have made them do over the past few years and they are in fact more rigid, more fundamentalist, than in the recent past. The copyright moral panics have made a difference. And this one is no different.
And have we not learned not to count on private industry to stand up for principle and the public good? Where is the consumer electronics industry now in the DRM fight? ... "competition." I have not seen this mythical beast for many years. Google can only do this project because it has this amazing super-secret patented scanning machine. It controls the patents on it. There shall be no competition unless some other firms actually licenses the electronic files from publishers (a market that would dry up if Google continues).
I can't believe I have to remind anyone of this: DRM, nondisclosure, and patents destroy competition. That's why we have them. They are what Google depends on to do its job. These are not trivial problems. These are not neutral technologies. There are great complications and problems here. We should not be blind to them.
"a Google loss would choke off competition." Exactly. Before Google loses, there is a crowding-out effect. After it loses, there will be a chilling effect. Meanwhile, publishers fear that a market that Amazon created for them: "search inside the book" licensing, will evaporate. Worse, of course, is possible. A bad loss threatens everything we hold dear about the Internet.
And I am still waiting for anyone (Derek, Michael, Larry?) to come to terms with the privacy problems here. As Julie Cohen and Sonia Katyal have shown us, digital copyright and surveillance are intricately linked. What is Google doing to prevent anyone from snooping on our reading habits? Please read the Google privacy policy. I promise it will send chills up your spine. Check out the part about law enforcement. Then go ask your librarian if he would go to jail to protect your confidentiality. I know many librarians who would. Google: promises to turn you over to the Feds. Libraries: promise to do everything they can to protect you from the Feds. You decide who you trust.
So to review: a Google win (unlikely as it is) would choke off competition. A Google loss would choke off competition. And we are unlikely to get the really cool public library text-search index we deserve in any case.
This remains a good dream and a bad deal all around."
"can I get a shout out from some more librarians on this issue? Let's get control of this debate, please. We can't let the technologists and lawyers tell librarians what their job is and keep making facile comparisons between a company that merely ranks things and the process of effective and ethical information organization and management.
Bluntly: Librarians have ethical codes. Libraries have public duties and oversight. Is that enough "so what?"...
First, let me assert once again that Google of 2025 most certainly will not resemble the Google of 2005. It might not even exist. Think about it...
So just as the widespread worship of Google baffles me, the widespread faith in the reasonableness of courts (especially SDNY and the 2d Circuit) baffles me more. Have we not learned any hard lessons from the last few years...
I suspect the courts are exhausted by all the hard thinking we have made them do over the past few years and they are in fact more rigid, more fundamentalist, than in the recent past. The copyright moral panics have made a difference. And this one is no different.
And have we not learned not to count on private industry to stand up for principle and the public good? Where is the consumer electronics industry now in the DRM fight? ... "competition." I have not seen this mythical beast for many years. Google can only do this project because it has this amazing super-secret patented scanning machine. It controls the patents on it. There shall be no competition unless some other firms actually licenses the electronic files from publishers (a market that would dry up if Google continues).
I can't believe I have to remind anyone of this: DRM, nondisclosure, and patents destroy competition. That's why we have them. They are what Google depends on to do its job. These are not trivial problems. These are not neutral technologies. There are great complications and problems here. We should not be blind to them.
"a Google loss would choke off competition." Exactly. Before Google loses, there is a crowding-out effect. After it loses, there will be a chilling effect. Meanwhile, publishers fear that a market that Amazon created for them: "search inside the book" licensing, will evaporate. Worse, of course, is possible. A bad loss threatens everything we hold dear about the Internet.
And I am still waiting for anyone (Derek, Michael, Larry?) to come to terms with the privacy problems here. As Julie Cohen and Sonia Katyal have shown us, digital copyright and surveillance are intricately linked. What is Google doing to prevent anyone from snooping on our reading habits? Please read the Google privacy policy. I promise it will send chills up your spine. Check out the part about law enforcement. Then go ask your librarian if he would go to jail to protect your confidentiality. I know many librarians who would. Google: promises to turn you over to the Feds. Libraries: promise to do everything they can to protect you from the Feds. You decide who you trust.
So to review: a Google win (unlikely as it is) would choke off competition. A Google loss would choke off competition. And we are unlikely to get the really cool public library text-search index we deserve in any case.
This remains a good dream and a bad deal all around."
Kim Cameron on Engineering disaster lessons
Kim Cameron on engineering disaster lessons for digital security is spot on as usual.
"Much of our work is intended to correct early initiatives involving identity and identification so we don't end up as the subject matter for some future generation's history of engineering disasters.
Queryable fixed tracking devices when wrongly used can result in death (in the literal sense) as surely as the other disasters outlined above. Designing and massively deploying an infrastructure which is an identity-catastrophe-in-waiting is as irresponsible as the actions of earlier generations of engineers who lacked the doubt and capability for self-criticism and re-examination necessary to be an engineering professional."
"Much of our work is intended to correct early initiatives involving identity and identification so we don't end up as the subject matter for some future generation's history of engineering disasters.
Queryable fixed tracking devices when wrongly used can result in death (in the literal sense) as surely as the other disasters outlined above. Designing and massively deploying an infrastructure which is an identity-catastrophe-in-waiting is as irresponsible as the actions of earlier generations of engineers who lacked the doubt and capability for self-criticism and re-examination necessary to be an engineering professional."
Information Commissioner on ID cards
Information Commissioner, Richard Thomas, has again formally expressed his concerns at the government's plans for ID cards. He concludes:
"The measures in the Bill go well beyond establishing a secure, reliable and trustworthy ID card. The measures in relation to the National Identity Register and data trail of identity checks on individuals risk an unnecessary and disproportionate intrusion into individuals' privacy. They are not easily reconciled with fundamental data protection safeguards such as fair processing and deleting unnecessary personal information. An effective ID card can be established avoiding these unwarranted consequences for individuals as research has shown. The primary aim of Government with this legislation should be to establish a scheme which allows people to reliably identify themselves rather than one which enhances its ability to identify and record what its citizens do in their lives. The Commissioner hopes that during the passage of the Bill parliamentarians will not just focus on the desirability of ID cards but look into the acceptability of government recording so many unnecessary details of their own and their constituents' lives."
Government response? Yada, yada, yada... got my fingers in my ears... don't want to hear it... DON'T WANT TO HEAR IT... NOT LISTENING.
Thanks to Caspar Bowden for the link.
Here's a suggestion for the next big reality TV project - how the OU/BBC Child of Our Time series, presented by Robert Winston, can provide insights to the workings and psychology of government.
"The measures in the Bill go well beyond establishing a secure, reliable and trustworthy ID card. The measures in relation to the National Identity Register and data trail of identity checks on individuals risk an unnecessary and disproportionate intrusion into individuals' privacy. They are not easily reconciled with fundamental data protection safeguards such as fair processing and deleting unnecessary personal information. An effective ID card can be established avoiding these unwarranted consequences for individuals as research has shown. The primary aim of Government with this legislation should be to establish a scheme which allows people to reliably identify themselves rather than one which enhances its ability to identify and record what its citizens do in their lives. The Commissioner hopes that during the passage of the Bill parliamentarians will not just focus on the desirability of ID cards but look into the acceptability of government recording so many unnecessary details of their own and their constituents' lives."
Government response? Yada, yada, yada... got my fingers in my ears... don't want to hear it... DON'T WANT TO HEAR IT... NOT LISTENING.
Thanks to Caspar Bowden for the link.
Here's a suggestion for the next big reality TV project - how the OU/BBC Child of Our Time series, presented by Robert Winston, can provide insights to the workings and psychology of government.
Scathing parliamentary reports on ID cards
The Joint Committee on Human Rights (JCHR) and the House of Lords Constitution Committee have produced scathing reports criticising the UK government's ID cards proposals.
The JCHR report offers a detailed analysis of how the ID cards breach the Human Rights Act and the Constitution Committee say the scheme fundamentally alters the relationship between the individual and the state. The government, as per the previously mentioned thinking trap, have got their hands over their eyes and fingers (or probably thumbs) in their ears.
Thanks to Phil Booth for the links.
The JCHR report offers a detailed analysis of how the ID cards breach the Human Rights Act and the Constitution Committee say the scheme fundamentally alters the relationship between the individual and the state. The government, as per the previously mentioned thinking trap, have got their hands over their eyes and fingers (or probably thumbs) in their ears.
Thanks to Phil Booth for the links.
New Refuse ID Pledge
Simon Davies has started another anti ID card pledge.
"I will refuse to register for an ID card and will donate £10 to a legal defence fund but only if 15,000 other people will also make this same pledge."
— Simon Davies, Chairman, NO2ID
Over 11000 people signed the original. If he does succeed in getting another 15000, that will be over 26000 people actively out of their own pocket supporting a protest against the government's ID card plans. Mark Oaten the Liberal Demoncrats home affairs spokesperson has pledged to go to jail rather be scanned for an ID card. Every sensible security analyst who has looked at the scheme, including those from the companies who stand to benefit financially from it, has said it can't work in the form proposed.
Yet government can't back down, primarily for two reasons. Firstly it would be too embarrassing. Secondly they are locked into a thinking trap of their own making, whereby they have to "do something" big and expensive that affects everybody, just so they can be seen to be "doing something." And no matter how rational or sensible your explanation as to why there are problems, it will be treated by those within the bounds of their own thinking trap as irritating noise which needs to be shut out. Hence you get the situation William Heath describes
"The head of the Home Office's ID project team told me last Thursday that none of the companies she had met had felt the scheme was ill-advised or unfeasible. But concerned people in business tell me she refuses to meet them! *sigh*"
"I will refuse to register for an ID card and will donate £10 to a legal defence fund but only if 15,000 other people will also make this same pledge."
— Simon Davies, Chairman, NO2ID
Over 11000 people signed the original. If he does succeed in getting another 15000, that will be over 26000 people actively out of their own pocket supporting a protest against the government's ID card plans. Mark Oaten the Liberal Demoncrats home affairs spokesperson has pledged to go to jail rather be scanned for an ID card. Every sensible security analyst who has looked at the scheme, including those from the companies who stand to benefit financially from it, has said it can't work in the form proposed.
Yet government can't back down, primarily for two reasons. Firstly it would be too embarrassing. Secondly they are locked into a thinking trap of their own making, whereby they have to "do something" big and expensive that affects everybody, just so they can be seen to be "doing something." And no matter how rational or sensible your explanation as to why there are problems, it will be treated by those within the bounds of their own thinking trap as irritating noise which needs to be shut out. Hence you get the situation William Heath describes
"The head of the Home Office's ID project team told me last Thursday that none of the companies she had met had felt the scheme was ill-advised or unfeasible. But concerned people in business tell me she refuses to meet them! *sigh*"
Thursday, October 27, 2005
Lessig on fair use
Larry Lessig's creative commons newsletter this week tackles the widely misunderstood concept of "fair use" and the associated problems with DRM:
DRM, we fear, will add a layer of restriction to the Internet that will defeat content interoperability, and weaken "fair use."
"Fair use": No word is more used in debates about copyright with less understanding. What is "fair use" (in America, "fair dealing" in most of the rest of the world) and how does DRM threaten it?
The law recognizes three kinds of "uses" of copyrighted works:
1. Free uses (uses that don't trigger the law of copyright, such as reading a physical book);
2. Regulated uses (uses that do trigger the law of copyright, such as republishing a book;
3. Fair uses (uses that trigger the law of copyright, but which are nonetheless free because the law deems them "fair" — such as copying words from a book in a review of the book).
Digital technologies are changing the balance between these three kinds of uses. As life moves online, "free uses" shrink. Because every act on a digital network produces a copy, and "copies" trigger copyright law, there are vastly fewer "free uses" in digital space than in analog space.
This shrinkage means that "fair use" must now shoulder the burden of protecting uses that were before free. Yet there isn't much precedent protecting these new "fair uses." For example, there is no case that says it is a "fair use" to give someone a book. That's because in the analog world, giving someone a book never triggered copyright law, so no one ever needed the copyright defense of "fair use" to authorize that giving. But in the digital world, giving someone a book means making a copy. If that copy is not authorized, then it is only "fair use" that can secure the freedom to share. And those trying to defend the freedom to give must look to a body of "fair use" law built for a different world.
This point is crucial: we now must rely upon a clumsy and expensive legal defense ("fair use") to protect freedoms that were before taken for granted. No doubt, with all the money and time in the world, we might imagine that "fair use" freedoms would balance out. But this is where DRM becomes a particularly dangerous problem.
For before you can claim your use is "fair," you must have the technical ability to use the work in a particular way. "Fair use" is a defense; you have to be able to use the material in a way that creates a copyright question before you get to play your defense.
Yet if DRM is deployed the way most of it is designed, then the technology will remove the technical ability to use the work in a way that even gives you the right to make a fair use. "Fair use" would thus not be removed by the law. "Fair use" would be removed by code. And as in the United States at least, it is an offense to build tools to tinker with that code — even if the purpose is "fair use" — you begin to see the danger of DRM: digital technologies have shrunk the range of "free uses" (since every use produces a copy); this new generation of digital technology (DRM) will shrink the range of "fair uses," by removing even the ability to use content in a way that would otherwise be "fair."
Wednesday, October 26, 2005
Cory's 3-minute guide to the Broadcast Flag
Cory Doctorow has done a 3-minute guide to the broadcast flag.
"The Broadcast Flag technology mandate says that if you want to invent a better way to watch TV, you need to go to the entertainment companies for permission...
The entertainment companies don't like tools that give you more control. The movie studios boycotted TV because they thought it would clean out the movie theaters. Then they complained that the remote control would make it too easy to skip commercials. Then they freaked out over the VCR, saying it was the "Boston Strangler" of the American film industry and accusing the Japanese (i.e., Sony) of deliberately sabotaging the American economy by targeting the made-in-America film industry with their infernal VCRs. They're not fond of video-capture cards, sued into bankruptcy a personal video recorder company (like TiVo)...and the list goes on and on.
On to the Broadcast Flag. The Broadcast Flag says that if you want to build a device that can receive, pass along, or record a digital TV signal, you'll need to show that it won't disrupt the current entertainment company business. That's a test that the remote control, the VCR, the capture card, and the PVR all would have failed.
What's more, the Broadcast Flag demands that all digital TV devices be built so that people can't modify them. If you've ever come up with a cool way of repurposing some of your own gadgets, you can understand what you'll lose here. It's like a law ordering that every car sold in America have its hood welded shut. Sure, most of us never plan on fixing or modifying our own car, but very few of us would take a hood- welding law lying down. It's not fair for the government to tell us that we're not allowed to peek inside, fix, and improve our own property."
"The Broadcast Flag technology mandate says that if you want to invent a better way to watch TV, you need to go to the entertainment companies for permission...
The entertainment companies don't like tools that give you more control. The movie studios boycotted TV because they thought it would clean out the movie theaters. Then they complained that the remote control would make it too easy to skip commercials. Then they freaked out over the VCR, saying it was the "Boston Strangler" of the American film industry and accusing the Japanese (i.e., Sony) of deliberately sabotaging the American economy by targeting the made-in-America film industry with their infernal VCRs. They're not fond of video-capture cards, sued into bankruptcy a personal video recorder company (like TiVo)...and the list goes on and on.
On to the Broadcast Flag. The Broadcast Flag says that if you want to build a device that can receive, pass along, or record a digital TV signal, you'll need to show that it won't disrupt the current entertainment company business. That's a test that the remote control, the VCR, the capture card, and the PVR all would have failed.
What's more, the Broadcast Flag demands that all digital TV devices be built so that people can't modify them. If you've ever come up with a cool way of repurposing some of your own gadgets, you can understand what you'll lose here. It's like a law ordering that every car sold in America have its hood welded shut. Sure, most of us never plan on fixing or modifying our own car, but very few of us would take a hood- welding law lying down. It's not fair for the government to tell us that we're not allowed to peek inside, fix, and improve our own property."
Microsoft going the Google Print way
Microsoft have finally decided to follow Google into the book indexing game... but only with permission.
Govt Chief Scientist to check if ID biometrics work
According to today's Telegraph,
"The Government's top scientist is to head a panel of experts examining whether the biometrics underpinning the proposed ID card actually work."
Now there's a bright idea.
"The Government's top scientist is to head a panel of experts examining whether the biometrics underpinning the proposed ID card actually work."
Now there's a bright idea.
Tuesday, October 25, 2005
UK ID Card Pie in the Sky
Niels J Bjergstrom, the editor of Information Security Bulletin has been writing again about the UK proposals for a national ID card.
"If you still haven't gotten around to reading LSE's report into the UK government's Identity Project you can fetch it here: http://is.lse.ac.uk/idcard/identityreport.pdf
It's a bit over 300 pages long and fascinating reading. It concludes - like earlier editorials in ISB - that the proposed project is not feasible, saying that the proposals are too complex, technically unsafe, overly prescriptive and lack a foundation of public trust and confidence. LSE's report also concludes that the risk of failure in the current proposal is therefore magnified to the point where the scheme should be regarded as a potential danger to the public interest and to the legal rights of individuals.
I will add to this that the proposals are particularly unimaginative. Given a blank slate for such a fascinating potentially future-shaping project, is this really the best vision politicians and government employees can come up with?
The whole approach to this project is reactive rather than forward-looking and proactive. The justifications for introducing a national identity system in the Bill include 'the interest of national security', 'the enforcement of prohibitions on unauthorised working', 'enforcement of immigration controls' and 'prevention and detection of crime'.
These goals seem to be missing: 'enabling and facilitating a society based on e-commerce', 'increasing individual freedom by enhancing anonymity and privacy', 'enabling irrefutable authentication of humans to machines' and 'providing individuals with transactional security'. These are some of the positive drivers of an eID system, some of the drivers that will actually be able to underpin the acceptance by the public and justify the huge expenses initially associated with establishing and not least running an eID system...
With regard to the UK bill I am not going to argue with it here although - technical issues aside - it certainly is an obnoxious piece of legislation, moving the relationship between state and citizen several hundred years back, introducing important components of a totalitarian state by stealth - the ID card part is in a way the least important. It is a piece of legislation that does not belong in a democratic country (which of course, given the role of the unelected House of Lords, the UK isn't anyway).
Technically, it builds on a range of false assumptions, including the pie-in-the-sky idea that technologies to solve these issues exist and can be deployed. This is not the type of project you can simply give to a vendor or two and expect them to be able to deliver. More than anything I can recall ever seeing, this project requires a top-down architectural design process. It is not a vendor-problem that you can throw existing components at. This problem is so complex that it requires close co-operation between scientists, government and vendors. It will take a small extremely competent work group at least a year to identify possible solutions and consequences.
Unfortunately the current bill is so poorly drafted that it can't form the basis for discussion and amendment - back to square one. Normally that would make me complain bitterly over waste of my tax money but in this case there are only a handful of people in the world competent to do it right. Those are the individuals the UK government needs to find."
"If you still haven't gotten around to reading LSE's report into the UK government's Identity Project you can fetch it here: http://is.lse.ac.uk/idcard/identityreport.pdf
It's a bit over 300 pages long and fascinating reading. It concludes - like earlier editorials in ISB - that the proposed project is not feasible, saying that the proposals are too complex, technically unsafe, overly prescriptive and lack a foundation of public trust and confidence. LSE's report also concludes that the risk of failure in the current proposal is therefore magnified to the point where the scheme should be regarded as a potential danger to the public interest and to the legal rights of individuals.
I will add to this that the proposals are particularly unimaginative. Given a blank slate for such a fascinating potentially future-shaping project, is this really the best vision politicians and government employees can come up with?
The whole approach to this project is reactive rather than forward-looking and proactive. The justifications for introducing a national identity system in the Bill include 'the interest of national security', 'the enforcement of prohibitions on unauthorised working', 'enforcement of immigration controls' and 'prevention and detection of crime'.
These goals seem to be missing: 'enabling and facilitating a society based on e-commerce', 'increasing individual freedom by enhancing anonymity and privacy', 'enabling irrefutable authentication of humans to machines' and 'providing individuals with transactional security'. These are some of the positive drivers of an eID system, some of the drivers that will actually be able to underpin the acceptance by the public and justify the huge expenses initially associated with establishing and not least running an eID system...
With regard to the UK bill I am not going to argue with it here although - technical issues aside - it certainly is an obnoxious piece of legislation, moving the relationship between state and citizen several hundred years back, introducing important components of a totalitarian state by stealth - the ID card part is in a way the least important. It is a piece of legislation that does not belong in a democratic country (which of course, given the role of the unelected House of Lords, the UK isn't anyway).
Technically, it builds on a range of false assumptions, including the pie-in-the-sky idea that technologies to solve these issues exist and can be deployed. This is not the type of project you can simply give to a vendor or two and expect them to be able to deliver. More than anything I can recall ever seeing, this project requires a top-down architectural design process. It is not a vendor-problem that you can throw existing components at. This problem is so complex that it requires close co-operation between scientists, government and vendors. It will take a small extremely competent work group at least a year to identify possible solutions and consequences.
Unfortunately the current bill is so poorly drafted that it can't form the basis for discussion and amendment - back to square one. Normally that would make me complain bitterly over waste of my tax money but in this case there are only a handful of people in the world competent to do it right. Those are the individuals the UK government needs to find."
The Digital Dump
The NYT has an article about a report by the Basel Action Network, entitled "The Digital Dump: Exporting Reuse and Abuse to Africa." It's a damning indictment of US businesses which it alleges are exporting dodgy electronic equipment to developing nations to avoid having to recycle it properly. Laurie Flynn at the NYT writes:
"Much of the used computer equipment sent from the United States to developing countries for use in homes, schools and businesses is often neither usable nor repairable, creating enormous environmental problems in some of the world's poorest places, according to a report to be issued today by an environmental organization.
The report, titled "The Digital Dump: Exporting Reuse and Abuse to Africa," says that the unusable equipment is being donated or sold to developing nations by recycling businesses in the United States as a way to dodge the expense of having to recycle it properly. While the report, written by the Basel Action Network, based in Seattle, focuses on Nigeria, in western Africa, it says the situation is similar throughout much of the developing world."
"Much of the used computer equipment sent from the United States to developing countries for use in homes, schools and businesses is often neither usable nor repairable, creating enormous environmental problems in some of the world's poorest places, according to a report to be issued today by an environmental organization.
The report, titled "The Digital Dump: Exporting Reuse and Abuse to Africa," says that the unusable equipment is being donated or sold to developing nations by recycling businesses in the United States as a way to dodge the expense of having to recycle it properly. While the report, written by the Basel Action Network, based in Seattle, focuses on Nigeria, in western Africa, it says the situation is similar throughout much of the developing world."
Blogger problems
Blogger is chewing up my posts again and I haven't got the time today to be mucking about with it.
Officials recognise genuine problems with ID cards
William Heath is convinced that senior Whitehall officials are coming to understand how seriously flawed the government's ID card system really is. Even more importantly, from the point of view of doing something about it, there is a good chance that the plan will get entangled in procedural problems which would make it really difficult for the system to get formal Whitehall security accreditation.
"I'm told I can't say who said it or where but there's been some movement on the ID cards/register policy and there's considerable pressure for rather more.
Senior industry and Whitehall figures outside the Home Office agree that the lack of a business case is a problem. The notion that we don't yet understand enough about identity and what it means in an e-enabled world has wider credence than sceptics may have feared...
And just as Kable found earlier this year there was insufficient clarity about how the Home Office ID system proposals would work in practice to inform a market-sizing exercise (not that the Home Office much cared) so now it is becoming clear that the same lack of clarity makes it impossibe to do a formal Whitehall risk assessment and security accreditation. This information-assurance issue is rather more serious, since the ID system would form part of the critical national infrastructure...
There is the potential for the legislation to get through the Lords only to find one department irrevocably politically committed to introducing ID cards at loggerheads with other parts of government responsible for policing good practice in government's acquisition and management of the critical IT infrastructure, who will block the project.
These major Whitehall-procedural snags sit alongside philosophical differences about the role of identity and stability of democracy when stresses on society will be greater than they are today, and deep technical questions about future generations of technology. As devices proliferate and biometrics evolve, what architecture will prove robust? There's a strong case for holding our bets.
"I'm personally concerned about any system that claims to solve all problems in one go," said one senior source. "You can't have a gold standard which at the same time is easy to use for vast numbers of people. There tends to be a trade-off between ease of use and high security." Instead, he argued, we need to discover the relationship between the individual and the state, and set out the principles that underlie the future architecture. In the US, such a deep-lying and non-partisan issue would require an amendment to the Constitution.
You need to keep calm sitting on a panel trying to create dialogue with someone who never returns your emails and who studiously ignored various important people who try to offer vital insights, indeed denies they have ever tried to get in touch...
It'll take good science and good manners. But we'll get there."
I admire his persistence and his confidence but remain skeptical. He makes an interesting point about the US but arguably they've already laid the foundations of their own national ID card system with the Real ID Act and there were no questions of constitutional reform there. However, now that the Irish justice minister has done a U-turn and claimed Ireland will have to follow the UK on ID cards, having previously being opposed to the notion, I wonder if there is any mileage in exploring the potential contitutional hurdles to such a scheme in my homeland?
"I'm told I can't say who said it or where but there's been some movement on the ID cards/register policy and there's considerable pressure for rather more.
Senior industry and Whitehall figures outside the Home Office agree that the lack of a business case is a problem. The notion that we don't yet understand enough about identity and what it means in an e-enabled world has wider credence than sceptics may have feared...
And just as Kable found earlier this year there was insufficient clarity about how the Home Office ID system proposals would work in practice to inform a market-sizing exercise (not that the Home Office much cared) so now it is becoming clear that the same lack of clarity makes it impossibe to do a formal Whitehall risk assessment and security accreditation. This information-assurance issue is rather more serious, since the ID system would form part of the critical national infrastructure...
There is the potential for the legislation to get through the Lords only to find one department irrevocably politically committed to introducing ID cards at loggerheads with other parts of government responsible for policing good practice in government's acquisition and management of the critical IT infrastructure, who will block the project.
These major Whitehall-procedural snags sit alongside philosophical differences about the role of identity and stability of democracy when stresses on society will be greater than they are today, and deep technical questions about future generations of technology. As devices proliferate and biometrics evolve, what architecture will prove robust? There's a strong case for holding our bets.
"I'm personally concerned about any system that claims to solve all problems in one go," said one senior source. "You can't have a gold standard which at the same time is easy to use for vast numbers of people. There tends to be a trade-off between ease of use and high security." Instead, he argued, we need to discover the relationship between the individual and the state, and set out the principles that underlie the future architecture. In the US, such a deep-lying and non-partisan issue would require an amendment to the Constitution.
You need to keep calm sitting on a panel trying to create dialogue with someone who never returns your emails and who studiously ignored various important people who try to offer vital insights, indeed denies they have ever tried to get in touch...
It'll take good science and good manners. But we'll get there."
I admire his persistence and his confidence but remain skeptical. He makes an interesting point about the US but arguably they've already laid the foundations of their own national ID card system with the Real ID Act and there were no questions of constitutional reform there. However, now that the Irish justice minister has done a U-turn and claimed Ireland will have to follow the UK on ID cards, having previously being opposed to the notion, I wonder if there is any mileage in exploring the potential contitutional hurdles to such a scheme in my homeland?
Monday, October 24, 2005
Blogger problems
I've been having some problems posting today - blogger has metaphorically chewed up some of my posts which disappeared into the ether possibly never to see the light of day. I've also being having to go through the tedious process of filling in a word verifier with every post, so I'm calling it a day in the hope that everything will be back to normal tomorrow.
NHTCU launch Get Safe Online
The National Hi-Tech Crime Unit (NHTCU) is launching a campaign to provide clear guidance on how to interact with the Web safely and securely.
Wu leggo my ego
Tim Wu had an excellent article in Slate last week about the Google Print dispute.
"The idea that there is no tradeoff between authorial control and exposure is attractive. But it is also wrong. Individually, more control may always seem appealing—who wouldn't want more control? But collectively, it can be a disaster. Consider what it would mean, by analogy, if map-makers needed the permission of landowners to create maps. As a property owner, your point would be clear: How can you put my property on your map without my permission? Map-makers, we might say, are clearly exploiting property owners, for profit, when they publish an atlas. And as an individual property owner, you might want more control over how your property appears on a map, and whether it appears at all, as well as the right to demand payment.
But the law would be stupid to give property owners that right. Imagine how terrible maps would be if you had to negotiate with every landowner in the United States to publish the Rand McNally Road Atlas. Maps might still exist, but they'd be expensive and incomplete. Property owners might think they'd individually benefit, but collectively they would lose out—a classic collective action problem. There just wouldn't really be maps in the sense we think of today.
The critical point is this: Just as maps do not compete with or replace property, neither do book searches replace books. Both are just tools for finding what is otherwise hard to find. And if we really want to have true, comprehensive book searches, we cannot require that every author's permission be individually sought out. The book search engines that emerge would be a shadow of the real thing, just as a negotiated map would be a lousy one."
"The idea that there is no tradeoff between authorial control and exposure is attractive. But it is also wrong. Individually, more control may always seem appealing—who wouldn't want more control? But collectively, it can be a disaster. Consider what it would mean, by analogy, if map-makers needed the permission of landowners to create maps. As a property owner, your point would be clear: How can you put my property on your map without my permission? Map-makers, we might say, are clearly exploiting property owners, for profit, when they publish an atlas. And as an individual property owner, you might want more control over how your property appears on a map, and whether it appears at all, as well as the right to demand payment.
But the law would be stupid to give property owners that right. Imagine how terrible maps would be if you had to negotiate with every landowner in the United States to publish the Rand McNally Road Atlas. Maps might still exist, but they'd be expensive and incomplete. Property owners might think they'd individually benefit, but collectively they would lose out—a classic collective action problem. There just wouldn't really be maps in the sense we think of today.
The critical point is this: Just as maps do not compete with or replace property, neither do book searches replace books. Both are just tools for finding what is otherwise hard to find. And if we really want to have true, comprehensive book searches, we cannot require that every author's permission be individually sought out. The book search engines that emerge would be a shadow of the real thing, just as a negotiated map would be a lousy one."
Content communists
Lawgeek Jason Schultz thinks it is the IP maximalists who are the content communists.
Should we outlaw the gun or the VCR?
ScienTOMogy spoof site gets nastygram
A website, hosted in New Zealand, which ridicules Tom Cruise and his connections with Scientology has attracted the attention of institution's lawyers. Thanks to IPKat for the link.
History on a digital loop
John is on good form on the battle of the super-DVD formats and how it reflects the Betamax v VHS story of the late 1970s.
Durant drops landmark data protection case
From Out-law,
"Michael Durant, who lost a landmark Court of Appeal ruling on the meaning of "personal data" two years ago, has withdrawn his petition to the House of Lords. This means the House of Lords will no longer review the Court of Appeal's narrow interpretation of the definition.
The focus of attention now turns to the European Commission which has used the Durant decision as evidence that the UK's Data Protection Act of 1998 is a defective implementation of the Data Protection Directive of 1995."
"Michael Durant, who lost a landmark Court of Appeal ruling on the meaning of "personal data" two years ago, has withdrawn his petition to the House of Lords. This means the House of Lords will no longer review the Court of Appeal's narrow interpretation of the definition.
The focus of attention now turns to the European Commission which has used the Durant decision as evidence that the UK's Data Protection Act of 1998 is a defective implementation of the Data Protection Directive of 1995."
ID Cards to unlease bullies
Carol Sarler, writing in the Sunday Observer, sees the latest anti terrorism proposals and the ID card scheme as a boon for bureaucratic bullies.
"The act, like the suss laws before it and the ID cards to come, are all toys in the playbox of wannabe bullies and nothing that I have seen, either here or anywhere else, suggests that such people will ever learn to play nicely. Shortly after the fall of Ceausescu, I had Romanian friends to stay. En route to the theatre, one of them began to weep; they wouldn't let her in. She had left her passport at home. Passport? For the doorman at Cats? It can happen. That's all I'm saying.
In a land of ID cards I would be very afraid for my personal liberty. But only because Sod's law says if I were to be confronted one time too many by an officious twat, I'd be the one banged up. For slapping him."
A classic example of how clueless top down regulation can facilitate societal poisoning from the bottom up.
"The act, like the suss laws before it and the ID cards to come, are all toys in the playbox of wannabe bullies and nothing that I have seen, either here or anywhere else, suggests that such people will ever learn to play nicely. Shortly after the fall of Ceausescu, I had Romanian friends to stay. En route to the theatre, one of them began to weep; they wouldn't let her in. She had left her passport at home. Passport? For the doorman at Cats? It can happen. That's all I'm saying.
In a land of ID cards I would be very afraid for my personal liberty. But only because Sod's law says if I were to be confronted one time too many by an officious twat, I'd be the one banged up. For slapping him."
A classic example of how clueless top down regulation can facilitate societal poisoning from the bottom up.
US drug group fund drug import scare novel
Apparently the Pharmaceutical Research and Manufacturers of America (PhRMA), a powerful lobbying group in the US, through a "rogue employee" funded the development of a novel, where the story involved terrorists poisoning cheap drug imports from Canada. Or so says the Globe and Mail, a Canadian newspaper. Hardly a major conspiracy but you could see how the PR would work.
£30 ID card guarantee not all it seems
It looks like the £30 price touted by the government for our forthcoming ID cards is not the water tight promise it has been sold as, according to John Lettice.
" If Charles Clarke is announcing that ID cards are only going to cost £30, then the ID Cards Bill must be due back in Parliament any day now (yup, Tuesday), and Labour Party MPs must be looking for some threadbare justification for continuing to support it. And if that's not quite enough ('Isn't £30 pretty much what they said last time we bravely gave in?') then Clarke also has a report demonstrating "strong public support for the scheme" and an "independent analysis" from KPMG backing him up on the scheme costs.
We now propose to demonstrate how Clarke, who announced the £30, the report and the KPMG analysis in a written answer to a parliamentary question on 13th October, was to all intents and purposes misleading the House. We should however note that he was not lying as such - he was merely giving his target audience on the Labour benches the tools to believe what they desperately want to believe..."
" If Charles Clarke is announcing that ID cards are only going to cost £30, then the ID Cards Bill must be due back in Parliament any day now (yup, Tuesday), and Labour Party MPs must be looking for some threadbare justification for continuing to support it. And if that's not quite enough ('Isn't £30 pretty much what they said last time we bravely gave in?') then Clarke also has a report demonstrating "strong public support for the scheme" and an "independent analysis" from KPMG backing him up on the scheme costs.
We now propose to demonstrate how Clarke, who announced the £30, the report and the KPMG analysis in a written answer to a parliamentary question on 13th October, was to all intents and purposes misleading the House. We should however note that he was not lying as such - he was merely giving his target audience on the Labour benches the tools to believe what they desperately want to believe..."
Read two biometrics get worse results
John Lettice at the Register has been going over some of John Daugman's calculations about the effects of combining multiple biometrics to authenticate an individual. The results are actually quite straightforward when you stop to think about it, though not necessarily intuitive.
"On the one hand, a combination of different tests should improve performance, because more information is better than less information. But on the other, the combination of a strong test with a weak test to an extent averages the result, so the result should be less reliable than if one were relying solely on the strong test...
If the two biometric tests differ significantly in their power, and each operates at its own cross-over point, then combining them gives significantly worse performance than relying solely on the stronger biometric...
Daugman produces the calculations governing the use of two hypothetical biometrics, one with both false accept and false reject rates of one in 100, and the second with the two rates at one in 1,000. On its own, biometric one would produce 2,000 errors in 100,000 tests, while biometric two would produce 200. You can treat the use of two biometrics in one of two ways - the subject must be required to pass both (the 'AND' rule) or the subject need only pass one (the 'OR' rule). Daugman finds that under either rule there would be 1,100 errors, i.e. 5.5 times more errors than if the stronger test were used alone.
He concludes that a stronger biometric is therefore better used alone than in combination, but only when both are operating at their crossover points...
Which suggests to us that simply regarding a second or third biometric as a fall back to be used only if earlier tests fail constructs a scenario where the combined results will be worse than use of the single stronger test..."
"On the one hand, a combination of different tests should improve performance, because more information is better than less information. But on the other, the combination of a strong test with a weak test to an extent averages the result, so the result should be less reliable than if one were relying solely on the strong test...
If the two biometric tests differ significantly in their power, and each operates at its own cross-over point, then combining them gives significantly worse performance than relying solely on the stronger biometric...
Daugman produces the calculations governing the use of two hypothetical biometrics, one with both false accept and false reject rates of one in 100, and the second with the two rates at one in 1,000. On its own, biometric one would produce 2,000 errors in 100,000 tests, while biometric two would produce 200. You can treat the use of two biometrics in one of two ways - the subject must be required to pass both (the 'AND' rule) or the subject need only pass one (the 'OR' rule). Daugman finds that under either rule there would be 1,100 errors, i.e. 5.5 times more errors than if the stronger test were used alone.
He concludes that a stronger biometric is therefore better used alone than in combination, but only when both are operating at their crossover points...
Which suggests to us that simply regarding a second or third biometric as a fall back to be used only if earlier tests fail constructs a scenario where the combined results will be worse than use of the single stronger test..."
Mitchigan University President on Google Print
Mary Sue Coleman, president of the University of Michigan, sees the Google Print project as "Riches We Must Share..." in the Washington Post.
An author in the WP on the same day had a different perspective. The author, Nick Taylor, is president of the Authors Guild, the representative body which has sued Google for copyright infringement.
An author in the WP on the same day had a different perspective. The author, Nick Taylor, is president of the Authors Guild, the representative body which has sued Google for copyright infringement.