Friday, December 09, 2005

IP geek

There's a new IP blog, IP Geek, in the blogosphere which looks promising.

Online journalism flourishing because it's trusted

David Bollier says the real reason that online journalism is flourishing is that it is trusted.

Felten on why drm inevitably becomes spyware

Ed Felten has a wonderful explanation of why drm vendors and spyware vendors are actually facing the same problems and so converge on the same solutions, so that drm inevitably becomes spyware.
"Here’s the key issue: Active protection only works if the DRM software is running on the user’s computer. But the user doesn’t want the software on his computer. The software provides no value to him at all. Its only effects are to stop him from doing things he wants to do (such as listening to the music with iTunes), and to expose him to possible security attacks if the software is buggy.

So if you’re designing a CD DRM system based on active protection, you face two main technical problems:
You have to get your software installed, even though the user doesn’t want it.
Once your software is installed, you have to keep it from being uninstalled, even though the user wants it gone.

These are the same two technical problems that spyware designers face.

People who face the same technical problems tends to find the same technical solutions. How do you get software installed against the user’s wishes? You mislead the user about what is being installed, or about the consequences of installation. Or you install without getting permission at all. How do you keep software from being uninstalled? You don’t provide an uninstaller. Or you provide an uninstaller that doesn’t really uninstall the whole program. Or you try to cloak the software so the user doesn’t even know it’s there.

Of course, you don’t have to resort to these tactics. But if you don’t, your software will have trouble getting onto users’ computers and staying there. If your whole business model depends on installing unwanted software and preventing its uninstallation, you’ll do what’s necessary to make that model work. You’ll resort to spyware tactics. (Or you’ll quit and go into another business.)

Having set off down the road of CD copy protection, the music industry shouldn’t be surprised to have arrived at spyware. Because that’s where the road leads."

iPod insurance

There's a nice article in The Big Issue this week about insurance companies attitudes to digital music. If you get your iPod or other MP3 player stolen, then don't expect your insurance company to replace the vast digital music collection you've built up on it. Basically, most people will "never have thought about how they would prove the financial value of their digital music collection if it became necessary."

Norwich Union replaced 36 iPods between January and September 2004. For the same period this year it was 1721. An insurance company manager offers the sound advice that people should keep a record of their online music purchases. But I doubt many people will be bothered enough to do so, particularly if their practice is to buy single tracks at 70p each.

John Gilmore in court

John Gilmore has finally had his appeal court hearing on his challenge to the secret US government regulations apparently making it compulsory for airlines to demand identification or subject a prospective passenger to a pat down search before boarding a flight.

There's some symmetry to the appearance of this hearing in the immediate wake of the UK House of Lords decision a couple of days ago ruling that evidence obtained under torture in foreign jurisdiction was not admissable in cases against terror suspects. The Court of Appeal had created quite a stir last year when they decided that such evidence could be used as long as the UK hadn't been involved in or condoned the torture.

Lord Bingham, said: "The issue is one of constitutional principle, whether evidence obtained by torturing another human being may lawfully be admitted against a party to proceedings in a British court, irrespective of where, or by whom, or on whose authority the torture was inflicted. To that question I would give a very clear negative answer."

MI5 chief, Eliza Manningham-Buller, told the law lords that she needed to rely on foreign intelligence to save lives, which is undoubtedly true. But the government lawyer's translation of that into the notion that they should not check the integrity or source of the intelligence, just in case it might upset the countries that do endorse and carry out torture, has got no basis in any kind of principle.

Thursday, December 08, 2005

Sony knocking the glass over

Ed Felten has more sound thoughts on the latest Sony drm security patch hole.

"Security is all about risk management. If you’re careful to avoid unnecessary risks, to manage the risks you must accept, and to have a recovery plan for when things go wrong, you can keep your security under control. If you plunge ahead, heedless of the risks, you’ll be sorry.

If you’re a parent, you’ll surely remember the time your kid left an overfull glass of juice on the corner of a table and, after the inevitable spill, said, “It was an accident. It’s not my fault.” And so the kid had to learn why we don’t set glasses at the very edges of tables, or balance paintbrushes on the top of the easel, or leave roller skates on the stairs. The accident won’t happen every time, or even most of the time, but it will happen eventually.

If you’re a software vendor, your software creates risks for its users, and you have a responsibility to your customers to help them manage those risks. You should help your customers make informed choices about when and how to use your software, and you should design your software to avoid exposing customers to unnecessary risks."

Felten's DRM, Incompatibility, and Market Power: A Visit to the Sausage Factory is also a must read on this sorry saga.

France to get the worst copyright law?

Cory wonders if France are about to adopt the worst copyright law in Europe.

Publishers should stop worrying about Google

Susan Crawford thinks publishers should stop worrying about Google and start thinking about the opportunities an evolving Web present them.

"What Google does is respond to search queries by providing snippets -- thumbnail pictures and a line of text here, a line from a page there, a headline -- and helping people get to where those things were posted. That's pointing, not copying, and it's a key element of Web 2.0.

The publishers, and the news agencies, are having trouble with this evolution -- heck, they had enough trouble with Web 1.0, much less the groupness we're seeing now-- and are relying on incumbent laws (like copyright law) to protect their ability to charge for content.

But there's a great opportunity here that shouldn't be missed: news companies can become not only providers of great stories (well-researched, well-written, unlike blog posts) but also sources of order. There is so much information now -- we need help! We need priority, and sense of impact, and sense of global connections. We need visualizations, and links, and commentary. All of these things are valuable. We'll pay -- with our attention, our loyalty to the brand, and maybe even with money if the reporters' own personalities are allowed out to play.

A search engine, alone, can't provide this kind of judgment. Not even Google can say which story is likely to have an important impact on our collective future. There is a Web 2.0 model for publishers, and they can only get there by letting go."

Major copyright reform in EU - uh oh.

IPKat has learnt from the Patent Office we're facing

"of an EU programme with potentially major implications for European copyright law. In, Implementing the Community Lisbon programme: A strategy for the simplification of the regulatory environment the European Commission explains the need for EU regulatory laws to be simplified so that a balance is struck between necessary regulation and the need to avoid overcomplicated legislation that entails “costs, hamper business, channel resources away from more efficient uses and in some cases act as a constraint to innovation, productivity and growth” .



The EU wants to save IP lawyers from confusion...
To this end, the EU is embarking on a programme designs to simplify the acquis of various of EU areas of influence. Included in the list of priorities is copyright. The following instruments are identified for “Recast[ing] with a view to improve[ing] the coherence and operation of the legal framework and adapt it to the new digital challenges:

* Council Directive 91/250/EEC of 14 May 1991 on the legal protection of computer programs
* Council Directive 92/100/EEC of 19 November 1992 on rental right and lending right and on certain rights related to copyright in the field of intellectual property
* Council Directive 93/83/EEC of 27 September 1993 on the coordination of certain rules concerning copyright and rights related to copyright applicable to satellite broadcasting and cable retransmission
* Council Directive 93/98/EEC of 29 October 1993 harmonising the term of protection of copyright and certain related rights
* Directive 96/9/EC of the European Parliament and of the Council of 11 March 1996 on the legal protection of databases
* Directive 2001/29/EC of the European Parliament and of the Council of 22 May 2001 on the harmonisation of certain aspects of copyright and related rights in the information society"

The idea of simplifying IP regulations is laudable but the devil, as usual, will be in the detail. It is arguable, for example, that the IPR enforcement directive sinmplifies the IP regulatory environment by theoretically harmonising across all the member states but you certainly won't get me signing up to such an argument. The real damage from that particular directive still remains to play itself out over the coming years but that it will certainly do.

US reject generic drugs even for emergencies

David Bollier and James Love have an important story about trade negotiations over generic drugs at the World Trade Organisation a couple of days ago.

Love says:

"Although not reported in the US mainstream media, and barely noted in the European, Australian or Canadian press, the decision will contain a provision that is intended to prevent the United States, the members of the European Community, and a few other countries from getting access to generic medicines, even in cases involving national emergencies, such as an avian flu pandemic.

Our trade officials will tell the WTO our countries will “opt-out” of a WTO agreement, as potential importers of generic medicines, no matter what the circumstances are. The push for the “opt-out” was engineered by the CEOs of large pharmaceutical companies, such as Pfzier CEO Hank, McKinnell, and GSK’s Jean-Pierre Garnier.

In the United States, the “opt-out” was backed by President Bush’s
advisor, Karl Rove, and top US trade official Bob Portman. Portman
refused to meet with public health groups to defend the decision.

News reporters for the New York Times, the Washington Post, the Wall Street Journal, Reuters and other major news outlets have not reported on the opt-out issue, claiming “it’s too complex for readers to understand.”"

The pharmaceutical companies are acting to protect their interests via the WTO, as you expect them to do. They exist to make money not for public health reasons. Intellectual property is a complex subject, so the press say it is too hard for ordinary people to understand. That is a defensable position. Say "intellectual property" to most people and their eyes will glaze over.

However, the fact that business is in the business of making money and that IP is complicated, is not an excuse for saying that what is going on is right or even acceptable. When commerce operates to exploit complex regulations in such a way as to undermine the public interest, the media, public officials and ordinary citizens who do grasp the complexities have a duty to shine a light on the activity, explain it in such a way that it is comprehensible (especially if it's reprehensible) and bring that activity to a grinding halt.

Bollier puts it like this:

"Is it really so hard to understand the implications of these developments at the WTO? People will die because medicines are artificially expensive. Big Pharma wants to protect its patents and revenues at all costs, the public health and poor countries be damned. Compliant governments and a lapdog press are happy to let Big Pharma have its way.

That wasn’t so complicated now, was it?

The WTO decision represents a decisive repudiation of the WTO’s 2001 Doha Declaration on TRIPS and Public Health, which called for policies to make it easier to export generic medicines under compulsory licenses."

FOI request on ID cards rejected

The Home Office has rejected a Freedom of Information request by Computer Weekly to publish the risk register relating to the ID card scheme.

Ordinary people turned war criminals

On the front page of today's Independent, a story entitles War Criminals describes three court cases.

" * Maya Evans, 25, convicted for reading out names of 97 British soldiers killed in Iraq at unauthorised protest.
* Douglas Barker, 72, threatened with jail for withholding part of his tax payment in protest at the Iraq conflict.
* Malcolm Kendall-Smith, a 37-year-old RAF medical officer, facing court-martial for refusing to serve in Iraq"

Evans apparently told magistrates "I didn't want to be arrested but, as far as I was concerned, I didn't think I was doing anything wrong standing there on a drizzly Tuesday morning with a colleague reading names of people who had died in a war. I don't think it's a criminal offence and I don't think I should have been arrested for it."

She was convicted under Section 132 of the Serious Organised Crime and Police Act 2005.

Barker told magistrates that he'd estimated that 10% of his taxes were going on military spending and he had therefore witheld that amount and intended to send it to a charity caring for children in Iraq. He wanted a guarantee that if he did pay the money it would not be used for military purposes.

Kendall-Smith refused to serve in Iraq because having reviewed the legal advice on the war, including that of the Attorney General, he came to believe the war was illegal. His court martial is due to take place in the Spring.

Heise liable for reader comments

The first-instance district court of Hamburg has ruled that the online news site Heise can be held liable for readers comments and "has had issued a temporary restraining order preventing heise online from publishing reader comments calling on others to overload a company's server by massively downloading a program."

The court said Heise should be liable for reader comments inciting destructive attacks online, whether they were aware of the specific comments or not. Heise had deleted the comments which has originally prompted the lawsuit but originally believed they only had to removed comments that they were aware of or had been notified of.

Heise apparently get about 200000 comments per month and software filters just aren't good enough to catch all the relevant subtleties (not to mention the false positive irritations they cause). Manual checking of that number of comments is not an option, so do Heise have to close down the commenting option? Well the German Supreme court ruled last year that sites like Heise could only be held liable if there were reasonable ways of reviewing the content third party contributors, so maybe not. The EU ecommerce directive of 2000 also says service providers don't have to comprehensively monitor comments they just transmit or store. So where does that leave Heise? Probably paying lawyers to test the limits of what the contradictions really mean.

Tuesday, December 06, 2005

IPR battle at Cambridge University resumes

The battle over the intellectual property rights of academics at Cambridge University has started up again, according to Patent Baristas.

You'll probably find Ross Anderson has one or two things to say about that.

The $100 laptop

John is a little skeptical of the real utility of Nicholas Negroponte's $100 laptops for children in the developing world.

" the pedagogical philosophy implicit in OLPC is clearly inspired by Negroponte's MIT colleague, Seymour Papert.

Papert is a visionary whose entire career has been driven by the idea of the digital computer as a revolutionary machine...

Papert is an engaging thinker and writer, but is essentially a techno-evangelist...

He is thus rather grandly contemptuous of mundane questions such as whether there is any evidence that giving kids computers is educationally better than giving them books..."

As I've said before, you can't get someone to understand the principles of drawing graphs by getting them to show you how many colours the graphics package on their computer can deploy in producing something that looks like a graph on screen. By all means exploit technology (including the humble pencil) in education where it is useful and let people play with technology in education in order to find out how it can be useful. But spending vast sums on technology in the blind faith belief that it will automatically improve things regardless of the context, is a mug's game.

EDRI

The latest and possibly the last EDRI newsletter has been published.

Contents:

Urgent call for pledges of support for EDRI-gram
1. Final push for single EP vote on data retention
2. EDRI and PI call on EP to reject data retention
3. Polish plans for 15 years mandatory data retention
4. Urgency procedure for draft French anti-terrorism law
5. New anti-terrorism measures in Denmark
6. Launch of Digital Rights Ireland
7. Illegal video surveillance on Slovenian motorways
8. Post-WSIS civil society letter to Kofi Annan
9. NL supreme court ruling on internet anonymity
10. Results e-society conference in Macedonia
11. Advocate General European Court rejects PNR deal
12. Cryptography almost banned in the Czech Republic
13. Agenda
14. About

Ireland to challenge data retention deal

Irish justice minister, Michael McDowell, suggested in the wake of the agreement amongst most EU justice ministers about data retention, that Ireland would challenge the directive in the European Court of Justice, if it gets passed by the EU parliament next week.

Wikipedia integrity

I had the priviledge of meeting the founder of Wikipedia, Jimmy Wales, last week, at the inaugural gathering of the Open Rights Group. Wikipedia is a fantastic online encyclopedia, which, given the fact that anyone can alter an entry, is mostly remarkably reliable. Occasionally things go wrong, however, as this story in the New York Times illustrates. A Mr. Seigenthaler was shocked to find an entry on himself in Wikipedia, suggesting he might have been involved in serious crimes. The entry has since been corrected but the poster has not been identified. Mr. Seigenthaler has decided not to pursue the issue, though it would be possible for him to get a court order to ask the poster's ISP to identify the culprit and then pursue a defamation case. Sensibly he forgoes the opportunity to invest large sums in lawyers and the associated stresses of lawsuits, though he says he's learned a clear lesson:

"We live in a universe of new media with phenomenal opportunities for worldwide communications and research, but populated by volunteer vandals with poison-pen intellects."

The article also describes Jimmy Wales reaction

"Mr. Wales said in an interview that he was troubled by the Seigenthaler episode, and noted that Wikipedia was essentially in the same boat. "We have constant problems where we have people who are trying to repeatedly abuse our sites," he said.

Still, he said, he was trying to make Wikipedia less vulnerable to tampering. He said he was starting a review mechanism by which readers and experts could rate the value of various articles. The reviews, which he said he expected to start in January, would show the site's strengths and weaknesses and perhaps reveal patterns to help them address the problems.

In addition, he said, Wikipedia may start blocking unregistered users from creating new pages, though they would still be able to edit them.

The real problem, he said, was the volume of new material coming in; it is so overwhelming that screeners cannot keep up with it."

Monday, December 05, 2005

Court upholds random NY subway searches

Professor Dan Solove is annoyed at a recent court decision upholding the right to the police to engage in random searches on the New York subway.

"After making its general incantation of deference (which means that the government will automatically win), Judge Berman goes on to articulate the "persuasive" arguments of the government:
The Court is also persuaded by Commissioner Sheehan's opinion that the Program "reinforces the awareness of police officers, transit workers and the public of the need to be alert."
This is a silly argument. Essentially, the court says that providing the police with greater abilities to engage in searches without constitutional protections will make the police more "alert." Well, that's nice -- we should all be happy to sacrifice liberties so that the police become more alert. And the court notes that it will teach the public to be more alert too. So the argument is that we can make the people more alert by intruding upon their privacy. Let's try strip searches -- these will certainly make the cops more alert, and it will have great effects on public alertness too, and the cops can have a lot of fun at the same time.

The court also reasons:
[T]he Court is persuaded that the randomness of the searches rather than the actual number of searches conducted is (primarily) what makes the Container Inspection Proogram effective.
In other words, the court is saying that any small increase in terrorists believing they might get caught makes such a policy an effective. But if "effectiveness" is to have any meaning, the benefits of a policy that requires a sacrifice in liberty should be more than just trivial or speculative. There is no evidence that this policy will have any deterrent effect...

It is bad enough that so much money and resources must be wasted on a largely symbolic exercise to make public officials look like they're doing something to protect us when they're not. This cosmetic program for public officials which drains money from other more serious threats. It is even worse that people must sacrifice liberty and convenience too."

You have to admit he has a point.

Felten: DMCA should not protect spyware

Ed Felten thinks the DMCA should not protect spyware and he's submitted a request for an exemption along these lines to the US copyright office.

Exams

Open University exam results will be available soon. To those who don't do as well as you'd hoped, just remember that it's not the end of the world. Even the best of students can and sometimes do find things going wrong.

Getting through the process of distance learning whilst holding down a job and looking after a family and all the other real life committments that OU students typically have, is a major success in itself. So give yourself a pat on the back even before the results arrive - you deserve it.

Open letter on data retention

A whole plethora of digital rights groups have written an Open Letter to the European Parliament on Data Retention.

58000 people from all over Europe have signed a petition against data retention.

Will it make a difference to the European Parliament vote on the issue on 13 December? Only time will tell but it looks like the version of the proposal to go before the parliament will require two years data retention.

This process of repeatedly sending back lousy legislative proposals through the EU system, until opposition is chipped away though the lack of energy to be bothered with it again, seriously undermines the EU. But then representative democracy, which is what the parliament is supposed to be based on, only works if a sufficient number of dedicated people (albeit that sufficent number can range from 1 upwards) take an active interest. Nearly 60000 people have shown an interest here but in this case I'm not sure it's going to be enough.

Parliamentary drm enquiry

From the All Party Internet Group website: "(APIG)The All Party Parliamentary Internet Group (APIG) is to hold a public inquiry into the issues surrounding Digital Rights Management (DRM)...

The inquiry seeks written evidence particularly focusing upon the following:

Whether DRM distorts traditional tradeoffs in copyright law;
Whether new types of content sharing license (such as Creative Commons or Copyleft) need legislation changes to be effective;
How copyright deposit libraries should deal with DRM issues;
How consumers should be protected when DRM systems are discontinued;
To what extent DRM systems should be forced to make exceptions for the partially sighted and people with other disabilities;
What legal protections DRM systems should have from those who wish to circumvent them;
Whether DRM systems can have unintended consequences on computer functionality;
The role of the UK Parliament in influencing the global agenda for this type of technical issue.

APIG calls upon interested parties to present written evidence to the inquiry before 21st December 2005.

Written evidence should be submitted to admin@apig.org.uk. APIG may, at its discretion, ask for oral evidence from witnesses in January 2006 at the Houses of Parliament."

Transformational government

William Heath has posted his comments on the UK CIO Council IT strategy in four pieces. He thinks the main issues are:
- the fundamental premise that services should be personalised and directed at people, when I'd rather see simple, open and navigable government (which is less ambitious, cheaper and less intrusive)
- making identity government-controlled and tying it to the compulsory biometric scheme with audit trail
- grudging lip-service to privacy when human dignity is paramount
- whether or not the executive focus and energy is there to deliver changes like shared services.

Sunday, December 04, 2005

Diebold certified in spite of court order

It seems that the North Carolina Board of Elections has certified Diebold Election Systems to sell electronic voting equipment in the state, in spite of a federal judge's order that Diebold hand over their source code and list of programmers. Does this mean they have secretly handed over the required details (even though they claimed that they would rather withdraw from tendering) or that the Board officials were unaware of the judge's decision when they approved Diebold as an electronic voting machine vendor?