Friday, December 22, 2006

French court: privacy more important than copyright

A French court has decided that an individual's right to privacy, as gauranteed by French and European data protection principles, is more important than the entertainment industries' attempts to track down P2P copyright infringers. Current tracing methods drive a coach and horses through privacy regulations and the industries will have to be more refined in the processes used to identify suspects in future. The Society of Music Authors, Composers and Publishers plan to appeal the decision.

Cost analysis of Vista DRM

Peter Gutmann at the University of Auckland has been doing a cost analysis of the digital restrictions being built into Microsoft's new operating system, Vista. It makes fascinating reading, not only because it is informed by Microsoft insiders but because it demonstrates how large complex organisations can put phenomenal efforts into processes created by ridiculous decisions. Thanks to Ian Brown via the ORG list for the link and as Ian says the whole thing is completely insane. Sample:

"Executive Summary
-----------------

Windows Vista includes an extensive reworking of core OS elements in order to provide content protection for so-called "premium content", typically HD data from Blu-Ray and HD-DVD sources. Providing this protection incurs considerable costs in terms of system performance, system stability, technical support overhead, and hardware and software cost. These issues affect not only users of Vista but the entire PC industry, since the effects of the
protection measures extend to cover all hardware and software that will ever come into contact with Vista, even if it's not used directly with Vista (for example hardware in a Macintosh computer or on a Linux server). This document analyses the cost involved in Vista's content protection, and the collateral damage that this incurs throughout the computer industry.

Executive Executive Summary
---------------------------

The Vista Content Protection specification could very well constitute the longest suicide note in history.

Introduction
------------

This document looks purely at the cost of the technical portions of Vista's ncontent protection. The political issues (under the heading of DRM) have been examined in exhaustive detail elsewhere and won't be commented on further, unless it's relevant to the cost analysis. However, one important point that must be kept in mind when reading this document is that in order to work, Vista's content protection must be able to violate the laws of physics,
something that's unlikely to happen no matter how much the content industry wishes it were possible. This conundrum is displayed over and over again in the Windows content-protection specs, with manufacturers being given no hard-and-fast guidelines but instead being instructed that they need to display as much dedication as possible to the party line. The documentation is peppered
with sentences like:

"It is recommended that a graphics manufacturer go beyond the strict letter of the specification and provide additional content-protection features, because this demonstrates their strong intent to protect premium content".

This is an exceedingly strange way to write technical specifications, but is dictated by the fact that what the spec is trying to achieve is fundamentally impossible. Readers should keep this requirement to display appropriate levels of dedication in mind when reading the following analysis"

Wonderful.

Thursday, December 21, 2006

No place like home

Given Brian Tamanaha's revelation that The Wizard of Oz was originally written as a political allegory, I was tickled to come upon this Walt Handelsman animation. (Warning - it takes a while to load). Very much in the Eclectech tradition.

Free copies of Gore's Incnovenient Truth for teachers

The producer of "An Inconvenient Truth", the documentary on Al Gore's roadshow about global warming has decided to make 50 000 DVDs of the film available freely to teachers.

"when Laurie David, the producer of the global warming documentary "An Inconvenient Truth," narrated by former vice president Al Gore, wanted to distribute 50,000 copies to schools across the country, the National Science Teachers Association said it wouldn't help her...

Gerry Wheeler, the executive director of the National Science Teachers Association, said he would put global warming at or near the top of the list of must-teach subjects, along with the science of HIV/AIDS.

In an interview, Wheeler said David had asked for an endorsement of the film, as well as its distribution, and that would have violated the association's rules. David said she asked only for distribution help and would have been happy to have the association include a note explicitly stating that it was not endorsing the movie."

Whatever the cause of the disagreement between David and the teachers association it's good to see the DVDs will still get distributed.

ARCH have moved

The good folks at Action on Rights for Children have moved their blog to http://archrights.wordpress.com/ and draw our attention to a great piece by Ross Anderson in the Guardian today about the government's apparent U-turn to allow opting out of having your medical records put on the national spine database.

"The NHS's ill-starred computer project is in the news again. After polls showed that most doctors and patients oppose a compulsory national database of medical records, health minister Lord Warner produced a report on Monday and promised an opt-out. But don't break out the champagne yet. The report was cleverly spun; hidden in an appendix is confirmation that you can opt out of the Summary Care Record, but not the Detailed Care Record.

The first is merely a synopsis for emergency care. It will have your current prescriptions, and will say, for example, whether you are diabetic. But ministers are not offering an easy opt-out from the second - the database replacing your current GP and hospital records. They plan to "upload" your GP data over the next year or two to a regional hosting centre run by a government contractor. The data will initially remain under your GP's nominal control but, after hospital records have been uploaded too, the chief medical officer will be the custodian of the whole lot.

Your "electronic health record" will be used for many purposes, from cost control through audit to research. So the Home Office plans to use health data to help predict which children are likely to offend (despite a recent report to the information commissioner that collecting large amounts of data on children without their parents' consent will probably break human rights law)."

High Court rule against Home Office gagging order

Did I miss media reports of this case ? The High Court ruled last month that the Information Commissioner was right to pursue a case against the Home Office in relation to a certificate signed by David Blunkett, when he was Home Secretary, blocking disclosure of personal data, in response to a freedom of information request, on national security grounds. The Home Office had asked the High Court for a judicial review of a decision by the Information Tribunal in July 2005 to quash the certificate.

FoI junkies should read the decision in full, the crux of which is contained in paragraphs 36 to 44. Someone made a data subject request to the Home Office and, not satisfied with the response, then complained to the Information Commissioner. The Commissioner's office then engaged in a protracted exchange of letters with the Home Office, extracts of which are provided in the decision. When it became clear to officials that their fencing wasn't disuading the Assistant Commissioner, they got David Blunkett to sign a gagging order. Next step the Information Tribunal where the government argued, as I understand it, that the Information Commissioner had no right to appeal Mr Blunkett's "section 28" gagging order. The Tribunal disagreed and quashed the section 28 certificate.

The government then basically made the same argument to the High Court i.e. that the Information Commissioner had no right to question the Home Secretary's decision to issue a section 28 notice on national security grounds:

"
Exemption from disclosure either is or is not required for the purpose of safeguarding national security. Accordingly, if it is exempt from disclosure the Commissioner has no powers which he can exercise under Part V, and accordingly has no function to perform in relation to those powers which could entitled him to second guess a Ministerial Certificate."

Mr Justice McKay, like the Tribunal, rejected this notion, concluding that section 51 of the Data Protection Act:

"
entitles, if not requires, the Commissioner, if he considers it appropriate, to "check" (to use the language of the Directive) whether an exemption under section 28 has been properly claimed. If it has not, it is a necessary corollary that the data controller has not "observed" the requirements of the Act. He has failed to give the data subject access to material which is not exempt by reason of section 28. As the Tribunal has said, the consequence is that the Commissioner is entitled to seek to satisfy himself that the material is indeed exempt under section 28. The claimant can then decide whether the material can be disclosed to the Commissioner without that disclosure damaging national security."

It's an interesting and potentially worrying result for a government currently engaged in efforts to undermine the transparency facilitated by the Freesom of Information Act. I have no idea whether there were real national security issues at stake in this case or not and that is a question to be determined by further proceedings. But in principle it has to be correct that the Commissioner has the right to check the exercise of arbitrary power, does it not?

Linking to copyright infringement

There has a fair bit of excitable commentary around the bazaars about a rather obscure Australian court case, Cooper v Universal Music Australia. Mr Cooper had a website which, though it did not host infringing MP3 files, did provide easy access to such files - he provided links to the files and facilitated automated upload of these links. The court held him liable for authorising infringment of copyright. The most useful and comprehensive commentary on the case comes from Kim Weatherall. Though she finds the decision troubling, she also cautions us to take a deep breath:

"It's important to appreciate the limitations of this decision. On repeated occasions in recent times, judges of the Australian federal court have emphasised that whether a person is authorising infringement is a highly fact-dependent issue. That is, the judges say that it is a case-by-case analysis, and they really mean it. As I said at the time that the first instance judgment was handed down, just because a judge holds in this context that linking is authorisation of infringement, doesn't mean that linking in another context will be authorisation.

In other words, context is all.

In this Cooper case, you have to remember that Cooper:
  • Set up a website visited by hundreds of thousands of people
  • Set it up with the quite apparent aim of (a) allowing upload of links to MP3s, automatically, and (b) ensuring people could easily search for, and find, mp3 files they wanted
  • Set it up to have lists constituting the Australian, UK, Billboard and other charts
he wasn't hosting the mp3s, but he really wasn't Google, whichever way you look at it. It was a site designed to simplify the process of MP3 downloads. The description by Kenny J which I quoted yesterday was perfectly accurate:
So far as internet users and remote website operators were concerned, the website was in substance an invitation to use the hyperlinks provided and to add new links in order that sound recordings could be downloaded from remote websites, and a principal purpose of the website was to enable infringing copies of the downloaded sound recordings to be made.
That is what was held to be infringement by authorising - not just a blog with a single link to something unauthorised. It's closer to US-style Grokster-style inducement analysis (at least as outlined in the more sophisticated judgment of Kenny J) than a general ban on linking.

So when you see a quote like this:


"We don't make any distinctions between big websites or small websites", [the spokesman for Music Industry Piracy Investigations (MIPI)] said, adding that MIPI would consider individual blogs on a "case-by-case basis as to whether it would be appropriate to take action".

Ms Heindl's message to Australians is clear: "If you are linking to copyrighted material in an unauthorised fashion, then you can be held liable for copyright infringement."

You need to take it with a grain of salt. As I said. Context is all.

That said, I stand by my criticisms of yesterday. "

Wednesday, December 20, 2006

Post Office People

The Post Office has predictably come in for its usual perennial criticism in the wake the announcement that the price of stamps will be going up again.

We should, however, remember that there are still thousands of truly dedicated people working for the organisation and doing a great job in spite of the things that have been visited upon them by government, media and management.

In a classic illustration of how things get done when people care, I recently received an important parcel which had the wrong address and postcode on it. In fact the only things that were correct on the parcel were my name and the number of the house. Yet it still found its way to to its rightful destination, albeit a little late, thanks to my local postman recognising my name and other people in the Post Office chain caring enough to send it to some likely sorting offices along the way. No one in the Post Office gained by putting that extra effort in - if anything their targets on time for delivery were nominally damaged - but they still gave a enough of damn to get the thing through.

Well done and thanks to all concerned, especially my local postman who has always been terrific.

The real meaning of the Wizard of Oz

I share Brian Tamanaha's complete surprise that Frank Baum's story The Wizard of Oz was originally written as a political allegory. (I saw the Judy Garland film before reading the book but loved both as a boy, not that it was something that any red blooded male would have openly admitted in a tough neighbourhood at the time).

There is at least a thick volume's worth of material to be filled with stories like this about children's literature and IP disputes in the genre. Maybe I should suggest that to my publishers as my next writing project? Here's what Tamanaha had to say:

"Every now and then I read something that comes as a complete surprise. You might have the same reaction to the following passage from Jack Weatherford's The History of Money (1997), which comes out of his discussion of the late nineteenth century debate over adding silver to the gold monetary standard:

The most memorable work of literature to come from the debate over gold and silver in the United States was The Wonderful Wizard of Oz, published in 1900, by journalist L. Frank Baum, who greatly distrusted the power of the city financiers and who supported a bimetallic dollar based on both gold and silver. Taking great literary license, he summarized and satirized the monetary debate and history of the era through a charming story about a naive but good Kansas farm girl named Dorothy, who represented the average rural American citizen. Baum seems to have based her character on the Populist orator Leslie Kelsey, nicknamed "the Kansas Tornado."

After the cyclone violently rips Dorothy and her dog out of Kansas and drops them in the East, Dorothy sets out on the gold road to fairyland, which Baum calls Oz, where the wicked witches and wizards of banking operate. Along the way she meets the Scarecrow, who represents the American farmer; the Tin Woodman, who represents the American factory worker; and the Cowardly Lion, who represents William Jennings Bryan. The party's march on Oz is a re-creation of the 1894 march of Coxey's Army, a group of unemployed men led by 'General' Jacob S. Coxey to demand another public issue of $500 million greenbacks and more work for common people...
I'm sure others know about this, and maybe I'm exposing my particular ignorance, but I had no idea that The Wizard of Oz was a political allegory. What makes this discovery especially jolting, for me at least, is that its meaning at the time--when many people would have recognized Baum's allusions--was so radically different from its taken-for-granted meaning today.

I hesitate to sully a discovery that is fascinating for its own sake, but I will use this example to quickly make a serious (albeit tangential) point. The original meaning theory of constitutional interpretation has prominent contemporary advocates--including, famously, Justice Scalia--who point to solid political theory arguments in support. But we must be mindful of the elusiveness and haze that envelops original meanings. Unless we turn constitutional interpretation over to trained historians with ample resources and time (and even then there will be problems), our assumptions about original meaning will be precarious."

To make an even more tangential point in the context of what I call "digital decision making" in my book, policymakers dealing with large scale digital systems and technologies they don't understand, don't even come anywhere close to the competence of trained historians. If we are to be mindful of the elusiveness and haze Tamanaha notes here in relation to expert interpretation of original historical meanings, how much more so do we need to be in the deployment of high and wide impact digital systems of mass surveillance by people who have demonstrated little or no understanding of these systems.

Foolproof

I like this, by Brian Hayes in American Scientist, via Arts and Letters Daily, regarding the proof that the trisection of angles is impossible. (Warning: not recommended for maths-phobes)

"Mathematical proof is foolproof, it seems, only in the absence of fools...

Socrates, drawing figures in the sand, undertakes to coach an untutored slave boy, helping him to prove a special case of the Pythagorean theorem. I paraphrase very loosely:
Socrates: Here is a square with sides of length 2 and area equal to 4. If we double the area, to 8 units, what will the length of a side be?

Boy: Umm, 4?

Socrates: Does 4 x 4 = 8?

Boy: Okay, maybe it's 3.

Socrates: Does 3 x 3 = 8?

Boy: I give up.

Socrates: Observe this line from corner to corner, which the erudite among us call a diagonal. If we erect a new square on the diagonal, note that one-half of the original square makes up one-fourth of the new square, and so the total area of the new square must be double that of the original square. Therefore the length of the diagonal is the length we were seeking, is it not?

Boy: Whatever...


A purported trisection procedure is required to take an angle ? and produce ?/3. Since the procedure has to work with any angle, we can refute it by exhibiting just one angle that cannot be trisected. The standard example is 60 degrees. Suppose the vertex of a 60-degree angle is at the origin, and one side corresponds to the positive x axis. Then to trisect the angle you must draw a line inclined by 20 degrees to the x axis and passing through the origin.

To draw any line, all you need is two points lying on the line. In this case you already have one point, namely the origin. Thus the entire task of trisection reduces to finding one more point lying somewhere along the 20-degree line. Surely that must be easy! After all, there are infinitely many points on the line and you only need one of them. But the proof says it can't be done.

To see the source of the difficulty we can turn to trigonometry. If we knew the sine and cosine of 20 degrees, the problem would be solved; we could simply construct the point x=cos20, y=sin20. (Of course we need the exact values; approximations from a calculator or a trig table won't help.) We do know the sine and cosine of 60 degrees: The values are ?3/2 and 1/2. Both of these numbers can be constructed with ruler and compass. Furthermore, formulas relate the sine and cosine of any angle ? to the corresponding values for ?/3. The formulas yield the following equation (where for brevity the symbol u replaces the expression cos?/3):

cos? = 4u 3 - 3u.

For the 60-degree angle, with cos? = 1/2,the equation becomes 8u 3 - 6u = 1. Note that this is a cubic equation. That's the nub of the problem: No process of adding, subtracting, multiplying, dividing and taking square roots will ever solve the equation for the value of u."

RIAA drop lawsuit v NY mum

The RIAA have decided, according to the Washington Post, to drop "its lawsuit against Patti Santangelo, a mother of five who became the best-known defendant in the industry's battle against music piracy." Though they are continuing with the action against two of her children.

Tuesday, December 19, 2006

What BlackBoard's patent tells you about them

Martin has been giving a keynote address outlining his concerns about BlackBoard's patent at a conference of BlackBoard users.

"I talked about web 2.0 and some of the usual VLE topics I have covered (succession, metaphors, future directions, etc). From a BB audience perspective the key slide was one that focused on the patent where I played the YouTube movie on software patents, gave some of Michael Feldstein’s interpretations of the patent, and linked it back to the succession model. The Blackboard company representatives in the audience looked a little unhappy with this, although slightly battle weary too – I suspect they are getting tired of talking about it. In the questions someone asked me about other patents and I outlined some of their dangers and why I considered them an ‘educational menace’. So, it was a good audience to raise that topic in (in many ways better than preaching to the converted at an open source conference, say). I think it is also another example of why it is such a dumb move on BB’s part. Without the patent I wouldn’t have said anything bad about them, I had a lot of time for them. What the patent does is effectively polarise users, forcing them in to mutually opposing camps. It has made me much more of an advocate of open source for example, and that reaction manifested across many HE institutions will ultimately do a good deal of harm to BB."

How to fix almost anything

Jonathan Rowe suggests that the most effective way to ensure serious problems get addressed is to ensure that wealthy and powerful people suffer the consequences of those problems. That way they have a direct incentive to tackle them.

"To put this another way, when big shots can glide through life in gilded cocoons, it breaks the social feedback loop. Those in a position to do something about a problem do not feel an urgency to do so...

We naturally get worked up about the things that rattle our own cages. Potentially it is a mighty social force; but it goes untapped when the rich and powerful are exempt from the problems that most Americans face. If every CEO in America had to fly economy class, send their children to public school, and deal with computer help lines themselves rather than have gofers do it for them, the quality of life in America would increase measurably. If the very rich had trouble getting medical insurance they would show as much concern for that problem as they do for the diseases they themselves contract. This basically is the thinking behind Rep. Charles Rangel’s proposal to revive the draft. Imagine Dick Cheney speaking at one of those mega-buck Republican fundraisers, to an audience worried that their own offspring might be drafted. The bellicosity and swagger over an Iraq would be quite a bit less. "

Usability in the Movies -- Top 10 Bloopers

I really like this. One of the reasons for the widespread and erroneous belief that computers can automatically and easily solve a multitude of ill-specified problems is their representation in films and on TV.

"The way Hollywood depicts usability could fill many a blooper reel. Here are 10 of the most egregious mistakes made by moviemakers.

1. The Hero Can Immediately Use Any UI

Break into a company -- possibly in a foreign country or on an alien planet -- and step up to the computer. How long does it take you to figure out the UI and use the new applications for the first time? Less than a minute if you're a movie star.

The fact that all user interfaces are walk-up-and-use is probably the single most unrealistic aspect of how movies depict computers. In reality, we know all too well that even the smartest users have plenty of problems using even the best designs, let alone the degraded usability typically found in in-house MIS systems or industrial control rooms.

2. Time Travelers Can Use Current Designs

An even worse flaw is the assumption that time travelers from the past could use today's computer systems. In fact, they'd have no conception of any of modern technology's basic concepts, and so would be dramatically more stumped than the novice users we observe in user testing. Even someone who's never used Excel at least understands the general idea of computers and screens..."

Read the whole thing.

Code Version 2.0

Larry Lessig's terrific but difficult (for ordinary mortals) book Code and other laws of cyberspace has been updated.

> 1Million innocents on DNA database

Spyblog draws attention to the Sunday Times story, "Reid ‘buries’ news that police hold DNA of 1m innocent people" that more than a million "individuals whose details are kept on the database do not have a criminal record or a police caution."

Monday, December 18, 2006

The big opt out

I recently wrote to my GP asking that he not upload my family's medical records to the NHS central database or "spine" as he will be instructed by the government to do so early in the New Year.

Basically the system is very insecure and arguably in breach of data protection and other human rights laws, as beautifully articulated by Ross Anderson in a BBC radio 4 interview this morning. (You need RealPlayer to listen to it).

Ross and others are also leading a campaign to make people aware of the the situation.

Feynman on Schooling

Home educating blogger Carlotta has been reading Richard Feynman's views of formal schooling.

"I sometimes feel that it would be much better not to educate our children in such subjects as mathematics and science. If we left youngsters alone, there would be a better chance that, by accident, the kids would find a good book - or an old textbook - or a television program that would excite them. But when youngsters go to school, they learn that these subjects are dull, horrible and impossible to understand. When I went to school, I didn't learn that math and science were dull because I knew before I got there that they were interesting. All I saw was that they were dull in school. But I knew better".

Friday, December 15, 2006

Effective Counterterrorism and the Limited Role of Predictive Data Mining

Schneier also points to a terrific report by Jeff Jonas and Jim Harper at the Cato Institute pointing out that data mining is not the holy grail solution to countering terrorism that it is widely sold as. The executive summary:

"The terrorist attacks on September 11, 2001,
spurred extraordinary efforts intended to protect
America from the newly highlighted scourge of
international terrorism. Among the efforts was the
consideration and possible use of “data mining” as
a way to discover planning and preparation for terrorism.
Data mining is the process of searching
data for previously unknown patterns and using
those patterns to predict future outcomes.

Information about key members of the 9/11
plot was available to the U.S. government prior
to the attacks, and the 9/11 terrorists were closely
connected to one another in a multitude of
ways. The National Commission on Terrorist
Attacks upon the United States concluded that,
by pursuing the leads available to it at the time,
the government might have derailed the plan.

Though data mining has many valuable uses,
it is not well suited to the terrorist discovery
problem. It would be unfortunate if data mining
for terrorism discovery had currency within
national security, law enforcement, and technology
circles because pursuing this use of data
mining would waste taxpayer dollars, needlessly
infringe on privacy and civil liberties, and misdirect
the valuable time and energy of the men and
women in the national security community.

What the 9/11 story most clearly calls for is a
sharper focus on the part of our national security
agencies—their focus had undoubtedly sharpened
by the end of the day on September 11,
2001—along with the ability to efficiently locate,
access, and aggregate information about specific
suspects."

TSA tip off airport screeners

It seems that TSA employees have been tipping off a private security firm that handles security at San Francico airport about visits of undercover agents sent to check the security.

"For 16 months ending last year, Transportation Security Administration employees tipped off screeners from Covenant Aviation Security that undercover agents were on their way to the airport's checkpoints to test whether the screeners were properly inspecting passengers and their carry-on luggage, the report said.

Despite the charges, the private security firm was rehired two weeks ago with a $314 million, four-year contract at the airport to screen passengers and checked bags."

Thanks to Bruce Schneier for the link.

Greek privacy watchdog fines Vodafone over wiretapping scandal

From AP via Findlaw:

"A Greek privacy watchdog on Thursday fined cell phone operator Vodafone €76 million ($100 million) over a wiretapping scandal that involved the illegal monitoring of Prime Minister Costas Karamanlis."

Vodaphone are going to send the lawyers in to challenge the decision.

A system and method of providing personalized information

Google's new patent database search engine has led me to some more education system patents, which it is hard to believe that someone who actually knew something about computers in education would ever have granted. This System and method for network-based personalized education environment is a case in point. Here's the abstract:

"A system and method of providing personalized information to an individual over a network includes accessing a competency profile of the individual, such profile accessible to a server on a network and comparing the individual's competency profile with an education template and behavioral scenario accessible to the server. The template defines a current desired standard for the individual's competencies, in order to identify target training or learning areas. Information content relevant to the individual's target training or learning areas is provided over the network via user-selectable items of information content that may collectively have a plurality of information product types."

In other words a system to allow someone to tick some boxes on an electronic form so that the system can check through a list of provider courses and suggest a suitable one for that individual. Honestly! For 36 years people have been contacting the Open University to find out if we might have a course or degree programme that would suit them and then signing up for appropriate courses. Is anyone seriously expecting me to believe that now we carry out this process over the Net as well as face to face and via telephone that we might be infringing this ridiculous patent?

IBM and universities open up software research

From the IHT: IBM and U.S. universities work to open up software research

"The initiative, which IBM was expected to announce Thursday, is a break with the usual pattern of corporate- sponsored research at universities that typically involves lengthy negotiations over intellectual property rights.

The projects are also evidence that U.S. companies and universities are searching for ways to work together more easily, less hampered by legal wrangling about who holds the patents to research...

The current problem, research experts say, is that well-intentioned policies meant to encourage universities to make their research available for commercial uses have gone too far. The shift began with the Bayh-Dole Act of 1980, which allowed universities to hold the patents on federally funded research and to license that intellectual property. Since then, universities have often viewed themselves as idea factories and, like many corporations, have sought to cash in on their intellectual property.

But there is a sense at both universities and corporations that the pendulum has swung too far, and that adopting less restrictive intellectual property policies could benefit both sides."

Thursday, December 14, 2006

Blackjack v BlackBerry?

Having been on the wrong end of a more than half a billion dollar settlement in the patent dispute with NTP, RIM have decided to get active with their own IP lawyers in the trademark arena and have reportedly sued Samsung for "false designation of origin, unfair competition and trademark dilution." They believe that Samsung's "BlackJack" phone is too similar to the BlackBerry and the name might confuse some people. That will be a fun case to watch. Whilst I had a lot of sympathy with their plight in the NTP dispute - after all NTP were just a patent holding company and didn't make or deliver any products or services - I can't see that sympathy extending to a case of attempting to gain proprietary control of the word "black". Remember though that various courts found the NTP patent, which could have led to the shutting down of BlackBerry services in the US, to be valid. So the law was on NTP's side in that case. RIM in this case have to do more than prove that the law might be on their side.

I recognise that the case will be a bit more complicated than this initial report would make it appear and the detailed facts will, no doubt, be interesting. In the end though this comes down to controlling or owning the word "black" in a particular context and the onus is on RIM from my perspective to fully justify their stance.

Tuesday, December 12, 2006

The flaw in the government's child mass surveillance project

From icAyrshire:

"A court in Fife has heard that a Home Office expert who helped set up a national database for violent and sexual offenders sent child pornography to another man."

The next time a government minister trots out the usual platitudes about their child 'protection' mass surveillance programme they should be reminded of this case and some basic principles of security. It is not the vast majority of honest people you need to be concerned with but the attackers (insiders like this man or outsiders) who want to compromise your system and the people it holds personal details on. You also have to remember that with information systems it is possible to have scalability, functionality or security and sometimes even two of these simultaneously but not all three.

Thanks to Glyn via the ORG list for the link.

Friday, December 08, 2006

Judges perplexed

Check out para. 14 of this judgement by Lord Justice Rose and Mr Justice Crane and Mr Justice Openshaw:

"So, yet again, the courts are faced with a sample of the deeply confusing provisions of the Criminal Justice Act 2003, and the satellite Statutory Instruments to which it is giving stuttering birth. The most inviting course for this Court to follow, would be for its members, having shaken their heads in despair to hold up their hands and say: "the Holly Grail of rational interpretation is impossible to find". But it is not for us to desert our judicial duty, however lamentably others have legislated. But, we find little comfort or assistance in the historic canons of construction for determining the will of Parliament which were fashioned in a more leisurely age and at a time when elegance and clarity of thought and language were to be found in legislation as a matter of course rather than exception."

Wonderful. It should be enlarged, framed and stuck on the office wall of every minister whose reaction to the latest headlines is another legislative "solution."

Thanks to ARCH for the link.

TRIPS and the International Public Health Controversies

A special issue of the journal "Industrial and Corporate Change", Information, Appropriability and the Generation of Innovative Knowledge: December 2006; Vol. 15, No. 6 has been made available. I recommended two articles in particular: Hal Varian's Copyright term extension and orphan works, Information and intellectual property: the global challenges by Rishab Ghosh and Luc Soete and TRIPS and the international public health controversies: issues and challenges by Benjamin Coriat, Fabienne Orsi and Cristina d’Almeida.

Italian election vote recount scheduled

From today's Independent: "Eight months on, Italy recounts its votes"
Apparently there has been some emerging evidence that Silvio Berlusconi may have tried to rig the last election, so the Italian Senate's election committee have agreed that a large sample of blank and spoiled ballots should be recounted in the new year. With typical chutzpah Berlusconi has hailed the decision as a victory for himself. Even though Romano Prodi's group stand to gain from the recount, if the evidence that has so far come to light against Mr Berlusconi is confirmed, they're not interested in pursuing the investigation.

Update: Ian Brown via the org list points me to Scott Adams on evoting yesterday. Funny.

Thursday, December 07, 2006

EU ID card on the way

Statewatch reports that the EU's Council of Ministers of the interior were proposing to adopt a resolution to introduce an EU biometric ID card, without debate. Their meetings were due to take place earlier this week (Monday and Tuesday) but I have not seen any indication of what was actually decided.

Gowers: It's a Wonderful Life

One of the nicest examples used by Andrew Gowers in his report is to be found on page 70, para 4.95:

"Many works that lie unused could create value. For example, the film It’s a Wonderful Life lost money in its first run and was ignored by its original copyright owners. When the owners failed to renew their copyright in 1970, it was broadcast on the Public Broadcasting Service channel in the USA. It is now a family classic, and worth millions in prime time advertising revenue. The book The Secret Garden, since copyright has expired, has been made into a movie, a musical, a cookbook, a CD-ROM version, and two sequels. For works still in copyright, if users are unable to locate and seek permission from owners, this value cannot be generated. For example, documentary makers often find it impossible to track down the rights owners of old pieces of film, many of which have multiple owners, all of whom are untraceable, and are not able to use older works to create new value."

Gowers Review of Intellectual Property

The final report of the Gowers Review of Intellectual Property was published yesterday. It is a remarkably sound and rational analysis of the IP landscape which I hope the government pay attention to when dealing with hysterical demands from the music industry for copyright term extension. As James Boyle so rightly said recently, the whole idea of retrospective copyright term extension is very stupid:

"But if this is the stupid idea we wish to pursue, then simply increase the income tax proportionately and distribute the benefits to those record companies and musicians whose music is still commercially available after 50 years. Require them to put the money into developing new artists – something the current proposal does not. Let all the other recordings pass into the public domain.

Of course, no government commission would consider such an idea for a moment. Tax the public to give a monopoly windfall to those who already hit the jackpot, because they claim their industry cannot survive without retrospectively changing the terms of its deals? It is laughable."

From the Gowers review press release:

"The Report argues that in the modern world, the UK's economic competitiveness is increasingly driven by knowledge-based industries, innovation and creativity. Intellectual Property (IP) - protecting and promoting innovation - has never been more important.

Whilst the Review concludes that the UK has a fundamentally strong IP system, it sets out important targeted reforms. The reforms aim to:

  • strengthen enforcement of IP rights to protect the UK's creative industries from piracy and counterfeiting;
  • provide additional support for British businesses using IP in the UK and abroad; and
  • strike the right balance to encourage firms and individuals to innovate and invest in new ideas while ensuring that markets remain competitive and that future innovation is not impeded.

Andrew Gowers said:

"In today's global economy, knowledge capital, more than physical capital, will drive the success of the UK economy. Against this backdrop, IP rights, which protect the value of creative ideas, are more vital than ever.

"The ideal IP system creates incentives for innovation, without unduly limiting access for consumers and follow-on innovators. It must strike the right balance in a rapidly changing world so that innovators can see further by standing on the shoulders of giants. And it must take tough action against those who infringe IP rights at a cost to the UK's most creative industries.

"The Review provides sound recommendations on how the IP regime should respond to the challenges that it faces. Getting the balance right is vital to driving innovation, securing investment and stimulating competition."

The Review identified a number of areas where reform is necessary to improve the system for all its users.

With the music industry losing as much as 20 per cent of annual turnover to piracy and counterfeiting, the Review recommends strengthening enforcement of IP rights through:

  • new powers and duties for Trading Standards to take action against infringement of copyright law;
  • IP crime recognised as an area for police action in the National Community Safety Plan;
  • tougher penalties for online copyright infringement - with a maximum 10 years imprisonment;
  • lowering the costs of litigation - by using mediation and consulting on the fast-track limit. The Review acknowledges that prohibitive legal costs affect the ability of many to defend and challenge IP; and
  • consulting on the use of civil damages and ensuring an effective and dissuasive system of damages exists for civil IP infringement.

To provide support for businesses using the IP system the review recommends that:

  • UK Patent Office be restructured as the UK Intellectual Property Office, with recommendations for it to provide greater support and advice for businesses using IP domestically;
  • Business representatives sit on a new independent Strategic Advisory Board on IP Policy, advising the Government; and
  • Government improve support and advice internationally - including in India and China - to enable UK businesses to protect their investment around the world.

To ensure the correct balance in IP rights the review recommends:

  • ensuring the IP system only proscribes genuinely illegitimate activity. The Review recommends introducing a strictly limited 'private copying' exception to enable consumers to format-shift content they purchase for personal use. For example to legally transfer music from CD to their MP3 player;
  • enabling access to content for libraries and education establishments - to ensure that the UK's cultural heritage can be adequately stored for preservation and accessed for learning. The Review recommends clarifying exceptions to copyright to make them fit for the digital age; and
  • recommending that the European Commission does not change the status quo and retains the 50 year term of copyright protection for sound recordings and related performers' rights."
The music industry's response has been predictable - a PR campaign trying to marginalise the report, including an advert in today's FT apparently signed by 4500 artists saying they desparately need a copyright term extension on sound recordings. Sadly such tricks, as I explain in more detail in my book, often have the power to influence policymakers in ways that rational argument based on sound evidence does not. Let's hope that Gordon Brown favours rationality over rhetoric in this instance.

Update: Some of the signatures on the music industry FT advertisement are those of dead artists. So it seems that dead people are keen on copyright extension, which means the rational argument suggesting dead people cannot be encouraged to produce new creative works is now also dead?

Books - Forbes

Forbes Magazine had a special report on books recently and I particularly recommend the articles by Cory Doctorow and David Serchuk on making books available for free download and senseless book burning respectively.

Monday, December 04, 2006

EX NSA Chief lambasts war on terror

Retired general and former head of the NSA when Ronald Reagan was president has been criticising the current administration's war and terror and what he sees as their infringement of civil liberties, on the "Metro Spirit National Security Blog"

"Metro Spirit: What are your feelings on the NSA’s program of warrantless wiretapping of American citizens?

William Odom: It didn’t happen under my watch. And I’m still puzzled why somebody hasn’t tried to impeach the president for doing it. Any conservative in the United States who values his life [ought to be outraged]. In fact, the South seceded in defense of minority rights — why the hell have they forgotten them now? Ben Franklin said, “somebody who values security over liberty deserves neither.”

MS: What do you say to people, and there are plenty here in Augusta, who say that cutting and running from Iraq is traitorous act?

WO: Well, just tell ‘em they’re full of shit. They're traitors. You know what lemmings are? Yeah, they’re lemmings. We went to war for our enemies’ best interests. You ask those people why it makes sense that we went to war to advance the interests of Iran and Al Qaeda."

Letter asking WHO review of the Essential Drugs List (EDL)

Jamie Love has written to the World Health Organisation asking them to review the asking the Essential Drugs List (EDL). OF the 312 medicines on the list, only 14 are protected by patents which would suggest that patents are not blocking access to essential medicines in developing countries. The trouble is that cost is one of the key factors in determining whether a particular drug is "essential." So large numbers of patented drugs don't make the list because they are too expensive. There is a good reason for including cost as a factor because the list is designed to avoid high priced (less cost effective) patented medicines. But an unintended side affect of this is that even drugs which developing countries would have a right to make cheaper generic versions of under compulsory licence, are not making the list because the cost of the patented rather than the generic version is what it taken into consideration in deciding whether it should be on the list. Love says:

"Drug industry representatives have used the WHO EDL to argue that rigid intellectual property protections are not a barrier to essential medicines, because “no” patented medicines are “essential” according to the WHO.[2] Of course this is a distortion; many patented medicines currently not on the EDL would be included were they available at generic prices – for instance the most recent list includes no patented anti-cancer drugs, and the core list includes no anti-cancer drugs whatsoever. The existence of a WHO “Essential Medicines List” which clearly does not contain many truly essential medicines may be confusing for public health officials and others and provide rhetorical fodder to those who oppose intellectual property flexibilities for health...

Patented medicines currently available only at prohibitive prices may nonetheless offer the “potential for cost-effective treatment” as countries have the opportunity to legally produce or import generic versions. More critical to the evaluation of cost effectiveness under the emerging system is the true marginal cost of production, which bears little or no relationship to the market price in developed countries.

We believe that it is more appropriate that the Essential Medicines List reflect the opportunity that many countries have to obtain currently patented drugs at generic prices by assessing cost-effectiveness not only on the basis of current market prices, but also on the basis of potential generic prices if countries were to avail themselves of their right to exercise TRIPS flexibilities, including the granting of compulsory licenses. Developing countries in particular might stand to benefit from a model WHO Essential Medicines List that does not exclude essential patented medicines by ignoring the potential that those drugs could be obtained more cheaply. A welcome side-effect of this change would be an “Essential Medicines List" that more fully reflects the range of truly essential medicines, where essential reflects both the need for treatments and the costs of meeting those needs unburdened by patent rents.

We recognize that the current WHO Essential Medicines List (EDL) is designed to avoid high priced (less cost effective) patented medicines, that some national laws that reference the EDL create obligations for public outlays, and that these outlays may not be justified at the higher prices for patented medicines. The WHO could easily address this problem by creating a category within the EDL for medicines that are essential "if available at generic prices," an option that is clearly relevant for many developing countries."

Essential reading.

Poll: Millions may resist ID cards

This morning's Telegraph has a big story on a YouGov poll which suggests that millions may resist the government's ID cards scheme.

I'm not sure it will run into the millions but suspect it could be tens or possibly hundreds of thousands. Once the reality of the government's specific ID card system disaster starts to dawn on people the protests may then grow.

I had an interesting chat with someone at the weekend about the children's index. She's a parent of primary school children who had no inkling that the government were developing the children's index database nor that there were so many other children's databases in operation. She had recently received a letter from her children's school, however, noting that what she considered to be significant items of personal information were now going to be collected about her children. She was angry that her family's privacy was being invaded with no justifiable reason and that her permission was not sought for the collection of this data.

She asked me about the databases because I had mentioned recently that I had written a book about civil rights and computers. At the time she had noted politely that that sounded interesting but it was clear that the subject was really too remote and abstract for her to take a real interest. The school's letter, however, suddenly turned it into something of immediate concern. We might find that once the ID card system begins to operate it will provide a similar jolt to many others' sensitivities to how the goverment are building massive new insecure information systems in their name.

Friday, December 01, 2006

Australia's new copyright law

IP specialist, Kim Weatherall, has been explaining Australia's new criminal copyright laws: strict liability, 'negligence' and why these laws just haven't been thought through. She also points out that though the worst excesses of the original draft, e.g. criminalising iPod owners, didn't make it through, the law still makes it a criminal offence to sell a second hand iPod with some songs still on it.

Podcast interview with Ross Anderson

Outlaw have a podcast interview with Ross Anderson about the government's approach to child surveillance and the powerful FIPR report for the Information Comissioner on same.

Ross highlights what he considers to be the two main concerns raised in the report. Firstly that by asking social workers to look into the affairs of about a hundred times more children, the overwhelming majority of whom need absolutely no such intervention, the government will take scarce resources away from children at risk, with the result that some of these children at risk will come to harm. Secondly the kind of intervention that is justifiable in cases where children are truly at risk e.g. where parent or guardian suspected of criminal abuse - e.g. removing the child from the family and holding the suspect in custody - is illegal if the intervention is as a result of welfare concerns such as not doing as well as might be expected at school. Child protection justifies overriding privacy and the wishes of a parent suspected of being a serious criminal but this is not the case in child welfare.

He also makes the point that in the case of the databases related to youth justice, the Home Office takes the view that it is immune from data protection and human rights law i.e. if it is using any data for police purposes it can do what it likes regardless of the law. "The government is not obeying the law of the land when it comes to getting consent for data sharing from children and their families."

It's a relatively short interview and worth listening to in full.

Software Freedom Law Center challenge Blackboard Patent

The Software Freedom Law Center set up by Eben Moglen has challenged the Blackboard patent on elearning systems, asking the US Patent Office to re-examine it with a view to invalidating it. Moglen's group are concerned at the potential impact of the patent on open source projects like Moodle, despite the fact that Blackboard have said they have no intention of targetting such initiatives for legal action.

Regular readers will know I believe that the Blackboard patent should never have been granted.

Haloscan censorship

Well I've had no reply from Haloscan to my request for an explanation as to why Spyblog was blocked from posting a comment to this blog last week. I think ten days is a reasonable length of time to allow them to get back to me but I have not even received an acknowledgement. So I will be removing Haloscan commenting from this blog as soon as I can get a spare moment.

I'm disappointed by Haloscan's lack of acknowledgement and by their filtering processes which, whatever the detailed mechanics might be, are interfering with the legitimate exchange of ideas.

Update: Well I've removed the code the template relating to Haloscan but when trying re-publish the template, Blogger helpfully tells me "there were errors" without specifying what they are and does not update the code. I'm not a code jockey and I accept that I've tweaked the html on this blog so often to make it more readable that it is now a bit cumbersome. I have probably therefore missed a stupid simple error in the changes. I just wanted to get rid of Haloscan and have spent the past hour and a half mucking about with the template, unable to get Blogger to accept the changes. If any readers happen to be html specialists I'd appreciate a pointer to the error(/s) so I can rectify them quickly and consign Haloscan to the past, as far as this blog goes. I can't updgrade to the new Blogger yet either, since my blog is too big.

Further update: I've finally erased Haloscan. Blogger still doesn't like my html but I can live with that.

Thursday, November 30, 2006

Tony Blair is not Hitler: official

From The Register:

"An advert showing a close-up picture of Tony Blair with a barcode on his top lip was not offensive, the Advertising Standards Authority has ruled."

Evoting setbacks in Italy and the US

Currently deployed electronic voting has received a couple of setbacks in the US and Italy in recent days. The Italian Prime Minister's office has been reported as saying that evoting trials in Italy have been a failure and evoting will be discontinued there. (Thanks to Glyn via the ORG list for the link)

In the US the National Institute of Standards and Technology (NIST), which is required to assist the Election Assistance Commission with the development of voluntary voting system guidelines, has issued a draft white paper. Amongst other things the white paper concludes that "Software-dependent approaches such as the DRE are not viable for future voting systems." (DREs are 'direct record electronic' machines run by proprietary software). From the body of the report "software independence" is described as follows:

"A voting system is software-independent if a previously undetected change or error in its software cannot cause an undetectable change or error in an election outcome. In other words, it can be positively determined whether the voting system’s (typically, electronic) CVRs are accurate as cast by the voter or in error. In SI voting systems that are readily available today, the determination can be made via the use of independent audits of the electronic counts or CVRs, and independent voter-verified paper records used as the audit trail.

A simple example of this is op scan, in which a voter marks (by hand or using an EBM) the paper ballot. The voter verifies the paper ballot is correct, thus it is voter-verified, and the paper ballot is “outside” or independent of the voting system, i.e., it cannot be changed or modified by the voting system. As a consequence of these two factors, the paper ballot can be considered as independent evidence of what the voter believed he or she was casting. After the paper ballots are scanned, they can subsequently be used to provide an independent audit, or check, on the accuracy of the electronic counts.

If an undetected change or error in the optical scanner’s software were to cause erroneous counts, subsequent audits would show the errors. Even if malicious code was inserted into the scanner’s software, the audits would detect resultant errors in the counts. Therefore, the correctness of the scanner’s counts does not rely on the correctness of the scanner’s software, and thus op scan is software independent: changes or errors in its software will be reliably detected by independent audits of its electronic counts. Thus, the primary ingredients to SI as illustrated in op scan are (1) voter-verified records that are (2) independent of the voting system used in (3) audits of the scanner’s electronic counts."

Well worth a read for evoting geeks.

Monday, November 27, 2006

Italian prosecutors investigate Google over bullying video

Italian prosecutors are, according to News.com, investigating to Google representatives after a video of teenagers bullying an austistic classmate appeared on the Google video site.

"The two are accused of failing to check on the content of the video posted on the Internet search engine's Web site.

The video, which sparked outrage in the country, showed four teenagers beating and poking fun at a 17-year-old disabled boy in a classroom in the northern Italian city of Turin.

Prosecutors have already put the four students and a teacher under investigation. The students have also been suspended until the end of the school year.

A spokeswoman for Google in Europe said the Internet search engine was sorry for the distress caused by the video and had acted swiftly when it was informed of its content."

This is a tough situation. Would the authorities have dealt with the bullying if it had not come to light via Google? Are they dealing with it appropriately even now? How could the situation have been allowed to happen in the first place? Schools are required to have anti-bullying policies but such policies are meaningless if they are left to gather dust on the shelf without meaningful measures tackling real bullying in practice. What about the privacy of the victim, which has been compromised in this case? Michael Geist has been thinking about the challenges ubiquitous video is imposing on society

"While there are some obvious benefits that arise from the transparency and potential accountability that can come from video evidence of controversial events, the emergence of an always-on video society raises some difficult questions about the appropriate privacy-transparency balance, the ethics of posting private moments to a global audience, and the responsibility of websites that facilitate Internet video distribution...

Rather than banning the technology, we must instead begin to grapple with the implications of these changes by considering the boundaries between transparency and privacy. As our expectations of the availability of video changes, so too must our sense of the video rules of the road. "

Time to re-visit David Brin's The Transparent Society.

Universities urged: 'share benefits of health research'

Eva Tallaksen at SciDev.Net has a succinct report on the Philadelphia Consensus Statement which "outlines how universities can improve access to medicines and transfer of knowledge to the developing world by changing their licensing policies and intellectual property (IP) rights." From the Philadelphia Consensus Statement:

"According to the World Health Organization, about ten million people—most of them in developing countries—die needlessly every year because they do not have access to existing medicines and vaccines. Countless others suffer from neglected tropical diseases, such as sleeping sickness, lymphatic filariasis, and blinding trachoma. Because these neglected diseases predominantly affect the poor, they attract very little research and development funding, which leads directly to a paucity of safe and effective treatment options.

We believe that access to medical care and treatment is a basic human right.1 Lack of access to medical treatment in developing countries stems from several factors, including high prices for medicines, underfunded health care systems, and a global biomedical research agenda poorly matched to the health needs of the world’s destitute sick. Comprehensive solutions are thus needed to increase both access to existing medicines and research on neglected diseases.

We believe that universities have an opportunity and a responsibility to take part in those solutions. University scientists are major contributors in the drug development pipeline. At the same time, universities are dedicated to the creation and dissemination of knowledge in the public interest. Global public health is a vital component of the public interest. Therefore, universities best realize their objectives when they promote innovation and access to health-related technologies.

To this end, we, the signatories of this Statement, urge universities to adopt the following recommendations.



As owners of intellectual property, universities have the ability to promote widespread availability of their technologies in the developing world. When university-owned intellectual property is necessary for the development of a health-related end product—including but not limited to drugs, vaccines, diagnostics, monitoring tools, know-how and technical expertise—universities should:

PROMOTE EQUAL ACCESS TO UNIVERSITY RESEARCH

1. Require the inclusion of licensing terms in exclusive technology transfer agreements that ensure low-cost access to health-related innovations in the developing world...

2. Develop a transparent, case-by-case global access strategy to ensure access to health-related technologies where licensing provisions like the EAL will not serve the access objectives defined above...

PROMOTE RESEARCH AND DEVELOPMENT FOR NEGLECTED DISEASES

1. Adopt policies promoting in-house ND research...

2. Engage with nontraditional partners to create new opportunities for ND drug development...

3. Carve out an ND research exemption for any patents held or licenses executed...

Given their avowed commitment to the public good, universities should measure success in technology transfer by impact on global human welfare rather than simply by financial return. The positive social impact from university innovations—particularly in poor countries—would go largely unnoticed if technology transfer were to be measured in dollars alone. In order to develop transparent criteria measuring access to health technologies and innovation in neglected-disease research, universities should:

MEASURE RESEARCH SUCCESS ACCORDING TO IMPACT ON HUMAN WELFARE

1. Collect and make public statistics on university intellectual property practices related to global health access...

2. Collaborate with other universities and consortia to develop more robust technology transfer metrics that better gauge access to public health goods and innovation in neglected-disease research."


Thanks to Thiru Balasubramaniam of the Consumer Project on Technology, via the A2K list, for the pointer.

We need leaders to adhere to the rule of law

Martin Kettle had a nice article in the Guardian on Saturday reporting on Lord Bingham's recent speech at Cambridge on the rule of law.

"In my view, no more important speech has been given in this country this year, for Bingham warns that some of the most sensitive decisions made by government are currently incompatible with his definition of the rule of law...

the law must be accessible and intelligible; disputes must be resolved by application of the law rather than exercise of discretion; the law must apply equally to all; it must protect fundamental human rights; disputes should be resolved without prohibitive cost or inordinate delay; public officials must use power reasonably and not exceed their powers; the system for resolving differences must be fair. Finally, a state must comply with its international law obligations. Now start to tease out what these implications might mean in practice. This is where Bingham's legal principles suddenly lock gears with the real world.

If the law is to be accessible and intelligible, for example, then there must be an end both to judicial prolixity and to what Bingham calls "the legislative hyperactivity which appears to have become a permanent feature of our governance - in 2004, some 3,500 pages of primary legislation; in 2003, nearly 9,000 pages of statutory instruments." This applies particularly in the "torrent of criminal legislation", not all of which is "readily intelligible". To uphold the rule of law, in other words, lawmakers will have to do less of it and be clearer...

No government is perfect. But when the most revered of these guardians suggests that critical decisions by ministers have fallen short of the rule of law on a range of counts, then it follows that Britain needs a better form of government, whose members can succeed where the current ones have failed and who better understand the real meaning of the principles they claim to support."

Update: John points out that an audio recording of Lord Binghamm's speech is also available here.

Sunday, November 26, 2006

Government attempt to smear FIPR report

The UK government have been at it again. Instead of engaging with the constructive criticism of their mass surveillance approach to child safety contained in the FIPR report for the Information Commissioner, Children's Minister, Beverley Hughes, decided to attack the report with vague claims of factual inaccuracies, in a letter to the Telegraph on Friday. The report authors have now replied and I hope they don't mind me quoting them in full:

"Sir – Beverley Hughes, the Minister for Children (Letters, November 24), does a disservice to families by an evasive response to our report to the Information Commissioner on the range of databases being set up to monitor children.

She makes a vague claim that the report contains factual inaccuracies, but she does not mention that the chapters on the different databases were sent to her department for checking before publication.

She also suggests that it is not based on evidence, when there is extensive evidence in the report drawn from government publications and interviews with senior officials and practitioners.

The Minister's response misleads by referring only to the Information Sharing Index. This is just the hub of several more detailed databases that will contain highly personal and often subjective information on children and their parents. Moreover, the index will reveal which children are known to other databases and hence provide sensitive information (such as attendance at a special school) to any viewer.

The Information Commissioner has called for a debate on the challenges this policy is posing to traditional family life. The Minister for Children should not duck this challenge. Trying to smear us is not an adequate response.

Dr Eileen Munro, London School of Economics
Professor Ross Anderson, Cambridge University
Dr Ian Brown, University College London
Dr Richard Clayton, Cambridge University
Terri Dowty, Action on Rights for Children
Professor Douwe Korff, London Metropolitan University"

Ms Hughes, by the way, was the Immigration Minister forced to resign in 2004 for making misleading statements about suspected visa fraud. According to the BBC at the time,

"The Tories had accused the Home Office of approving visa claims from eastern Europe despite warnings they were backed by forged documents.

Ms Hughes had dismissed calls to quit, saying she had not known of the claims.

But No 10 said it was now clear she was warned about it a year ago, by Labour deputy chief whip Bob Ainsworth."

Friday, November 24, 2006

When non-IT people make IT decisions

When non-IT people make IT decisions. Hilarious.

Retired Brigadier arrested for bringing tiny toolkit on train

Tom Foulks, a retired army officer, was arrested, detained and cautioned recently for attempting to bring a credit card sized toolkit on to a train, a toolkit which has travelled all over the world with him.

"After nearly four hours of processing and questioning I cheerfully admitted the “offence” in order to terminate this tedious ordeal, get back to Waterloo and resume my journey to Paris. Having signed the necessary forms, I was released on caution."

Now that he has such a caution for attempting to smuggle an "offensive weapon" contrary to "Section 1 of PCA 1953", he might well find himself flagged for more detailed security checks on his future travels.

South Korea and Ireland

Susan Crawford is encouraged by network developments in South Korea and Ireland.

"South Korea made the decision ten years ago to invest in high-speed (competitive) internet access and subsidize cheap PCs -- as a result, they have just about the highest broadband penetration in the world. Not only has the dream come true, but economic growth comes attached.

Meanwhile, someone sent me a Wall Street Journal Europe article about VCs carving up an Irish telephone company to treat transport like a utility. The big guys can watch the model and then think about selling their own networks to raise some cash."

Is Blair exaggerating the threat of terrorism?

Simon Jenkins has been indulging in his favorite sport of Blair-bashing again.

"The west is ruled by a generation of leaders with no experience of war or its threat. Blair and his team cannot recall the aftermath of the second world war, and in the cold war they rushed to join CND. They were distant from those real global horrors. Yet now in power they seem to crave an enemy of equivalent monstrosity. Modern government has a big hole in its ego, yearning to be filled by something called a "threat to security".

After 1990 many hoped that an age of stable peace might dawn. Rich nations might disarm and combine to help the poor, advancing the cause of global responsibility. Instead two of history's most internationalist states, America and Britain, have returned to the trough of conflict, chasing a chimera of "world terrorism", and at ludicrous expense. They have brought death and destruction to a part of the globe that posed no strategic threat. Now one of them, Tony Blair, stands in a patch of desert to claim that "world security in the 21st century" depends on which warlord controls it. Was anything so demented?"

Dear Father Christmas...

Could I have one of these please?

"It's an MP3 player. It's an FM radio. It's video and photo display device. It's an e-book reader. It's a sound recorder. It's a Linux-based personal computer ready for web, email and office usage. Yes, it's Wizpy, the Swiss Army Knife of handheld gadgets announced by Japan's Turbolinux this week."

Sadly they won't be available in my part of the world until February 2007.

Ndiyo: Sharing PCs to bridge the digital divide

Andrew Donoghue at ZDNet UK ZDNet has been interviewing John Naughton and Quentin Stafford-Fraser about Ndiyo. Recommended.

Former UK Diplomat Critical of UK foreign policy

Carne Ross, a former high flyer at the Foreign & Commonwealth Office, has heavily criticised the government in his Testimony to House of Commons Foreign Affairs Committee: Commentary on FCO White Paper "Active Diplomacy" earlier this month. In his conclusions he says:

"In "Active Diplomacy" and in general, the FCO and government proclaim their knowledge of the world and ability to deal with its challenges: here is the world, they say, and here is how we intend to deal with it. It is an illusion comforting to those in government and the public alike. The evidence however suggests that parliament - and indeed the public - is unwise to accord them this responsibility unquestioned. The last few years have been disastrous for British foreign policy, and no one is held to account[3]. The edifice of human rights law and norms, which took half a century of careful work to construct, has been undermined by those who claim to defend it...

14. We are so inured to the rhetoric of anti-terrorism and macho posturing about building democracy while fostering chaos, that it is hard to imagine an alternate direction for British foreign policy. But it is available, as it always was. This alternative lies in consistency of application of international law and a robust defence (including intervention when necessary, as in Kosovo and Sierra Leone) of those under assault or oppression. It lies in remedy to the "diplomatic deficit" whereby those affected by our - and others' - foreign policy have no capacity to influence it while those in whose name policy is carried out - us, the public - also have scant means to affect it. Together, such changes will produce a more just and therefore more stable world...

...the world needs an international system that gives a legitimate voice to all those affected by others' foreign policy... The Prime Minister himself has claimed that Britain stands by the oppressed, wherever they are. It is not too late for the policy reality to match that rhetoric, but it does require change, perhaps even a revolution."

Inspired compromise?

The Guardian's Free Our Data blog reports that:

"The European parliament and council of ministers have finally agreed a compromise wording to the Inspire directive designed to harmonise spatial information around Europe. The directive had become a cause celebre in the movement to make public sector data freely available. Broadly, the European parliament backed our position, while the council of ministers was opposed."

Article 20 Working Party Conclusions on SWIFT

The EU's Article 29 Working Party (the group of EU privacy commissionsers) has publihsed its opinion on the SWIFT financial data transfers to the US intelligence services. It's pretty damning. Here's some of the highlights:

"In this Opinion the Article 29 Working Party emphasizes that even in the fight against terrorism and crime fundamental rights must remain guaranteed. The Article 29 Working Party insists therefore on the respect of global data protection principles...

Article 29 Working Party comes to the following conclusions:
a) The EU Data Protection Directive 95/46/EC is applicable to the exchange of personal data via the SWIFTNet FIN service;
b) SWIFT and the financial institutions bear joint responsibility in light of the Directive for the processing of personal data via the SWIFTNet FIN service, with SWIFT bearing primary responsibility and financial institutions bearing some responsibility for the processing of their clients’ personal data.
c) SWIFT and the financial institutions in the EU have failed to respect the provisions of the Directive...
d) The Working Party is of the opinion that the lack of transparency and adequate and
effective control mechanisms that surrounds the whole process of transfer of personal
data first to the US, and then to the UST represents a serious breach in the light of the
Directive. In addition, the guarantees for the transfer of data to a third country as
defined by the Directive and the principles of proportionality and necessity are
violated.
As far as the communication of personal data to the UST is concerned, the Working
Party is of the opinion that the hidden, systematic, massive and long-term transfer of
personal data by SWIFT to the UST in a confidential, non-transparent and systematic
manner for years without effective legal grounds and without the possibility of
independent control by public data protection supervisory authorities constitutes a
violation of the fundamental European principles as regards data protection and is not
in accordance with Belgian and European law...
e) The Working Party recalls once again1 the commitment of democratic societies to
ensure respect for the fundamental rights and freedoms of the individual. The
individual’s right to protection of personal data forms part of these fundamental rights
and freedoms...

In view of the above, the Working Party therefore calls for the following immediate
actions to be taken to improve the current situation:
a) Cessation of infringements...
b) Return to lawful data processing: The Article 29 Working Party calls upon SWIFT
and the financial institutions to immediately take measures in order to remedy the
currently illegal state of affairs...
c) Actions as regards to SWIFT: For all its data processing activities, SWIFT as a
controller must take the necessary measures to comply with its obligations under
Belgian data protection law implementing the Directive...
e) Actions as regards to Financial institutions: All financial institutions in the EU
using SWIFTNet Fin service including the Central banks have to make sure according
to Articles 10 and 11 of the EU Directive 95/46/EC that their clients are properly
informed about how their personal data are processed and which rights the data
subjects have. They also have to give information about the fact that US authorities
might have access to such data. Data protection supervisory authorities will enforce
these requirements in order to guarantee that they are met by the all financial
institutions on a European level and they will cooperate on harmonized information
notices...
The Working Party also stresses the following:
f) Preservation of our fundamental values in the fight against crime: The Working
Party recalls that any measures taken in the fight against crime and terrorism should
not and must not reduce standards of protection of fundamental rights which
characterise democratic societies. A key element of the fight against terrorism
involves ensuring the preservation of the fundamental rights which are the basis of
democratic societies and the very values that those advocating the use of violence seek to destroy.
g) Global data protection principles: The Working Party considers it essential that the principles for the protection of personal data, including control by independent
supervisory authorities, are fully respected in any framework of global systems of
exchange of information."

Excuse the dodgy formatting. The original press release is only 5 pages and well worth reading in full. The full opinion runs to 29 pages. If you can't find the time to read the full thing take a look at the executive summary and the "IMMEDIATE ACTIONS TO BE TAKEN TO IMPROVE THE CURRENT SITUATION", particularly item 6.6 on page 29, which repeats item f from the presss release:

"Preservation of our fundamental values in the fight against crime: The Working Party recalls that any measures taken in the fight against crime and terrorism should not and must not reduce standards of protection of
fundamental rights which characterise democratic societies. A key element of the fight against terrorism involves ensuring the preservation of the fundamental rights which are the basis of democratic societies and the very values that those advocating the use of violence seek to destroy."

Quote of the day

"Civilization is the progress toward a society of privacy. The savage's whole existence is public, ruled by the laws of his tribe. Civilization is the process of setting man free." Ayn Rand.

I wonder what Rand would have made of CCTV, RFIDs, biometric ID cards and passports, mass phone tapping, no fly lists, EULAs, electronic voting, children's databases, software filters, NHS type IT programmes, mass warrantless phone tapping, remote mobile and email and web surfing tracking, to name but a few.

Thursday, November 23, 2006

Racial Profiling at U.S. Airways

Talkleft has yet another example of irrational and discriminatory behaviour of an airline triggered by the nervousness generated by the "war on terror."

A passenger concerned about the "6 suspicious Arabic men" - six imams praying before boarding a flight - and they were removed in handcuffs and held in detention for hours.

"U.S. Airways refused to book the imams on another flight to Phoenix. According to the executive director of the Council on American-Islamic Relations, Muslims (both passengers and airline employees) have more complaints about U.S. Airways than other airlines. The incident prompted the Council and the NAACP to ask for Congressional hearings on racial profiling in airports.

Can you imagine the outcry from the religious right if six Christian pastors were removed from a flight because they prayed together at the gate? U.S. Airways would be deservedly out of business in a week."

ARCH on the Children's Index

ARCH have updated their terrific page on the Children’s Information Sharing (IS) Index. Essential reading for parents and anyone else who comes into contact with kids in a professional or social context. The children's index is shaping up to become more database disaster fodder for academics to study for years to come.

Military Documents Hold Tips on Antiwar Activities

From yesterday's NYT: 'Military Documents Hold Tips on Antiwar Activities' A database called Talon, used by the US Department of Defense has entries on antiwar meetings at churches, libraries and university campuses. The head of the counterintelligence unit responsible for Talon says these details should not be on the database and that those recording such details had misinterpreted the remit of the project.

"Mr. Baur said that those operating the database had misinterpreted their mandate and that what was intended as an antiterrorist database became, in some respects, a catch-all for leads on possible disruptions and threats against military installations in the United States, including protests against the military presence in Iraq."

Of course he doesn't want such details, since they amount to more mountains of data hay polluting his already complex task of finding and sorting through useful intelligence in the existing data haystacks he is aware of.

But that is precisely the point about the operation of mass surveillance in practice. It takes on a life of its own. Operators act defensively collecting and recording even useless data because the perceived cost of missing something is so great. In the mass surveillance era, no amount of data, however seemingly insignificant each individual item might be, will be enough. Now the panic will be over recording and retaining data just in case the security services need it.

The people doing the legwork to feed the databases often find they are not properly briefed or have such a range of pressures guiding their day to day activity that even on the rare occasion when the original objective underlying the construction of the database is clear, the actual practice of operating it hopelessly corrupts the ability to fulfil that objective.

As Ross Anderson is fond of saying, you can have scalability, functionality or security and you can even have two of these simultaneously but not three together.

Youtube video "Charles Nesson is insane"

Charles Nesson at Harvard Law School's Berkman Center has long been thinking along similar lines to Martin Weller about integrating the most modern technologies into his courses.

Nesson has been using wikis, blogs, podcasts, webcasts and Second Life in a course on argument he has been running at Harvard. He would like Martin's notion of taking the ten coolest technologies and building a course around them. Find out what these technologies can really do by playing with them.

Wednesday, November 22, 2006

Computer voodoo

Martin has been engaging in some entertaining rituals with his problematic new Toshiba laptop.

"During the whole saga I became aware of two things:

i) The emotional state the rational machine induces in us. I ranged between violent swearing, sobbing, ennui, despair and hysteria as I wrestled over the course of three days with various start-up techniques.

ii) The superstition and irrationality you bring to these problems. At one stage I managed to get it all the way through the start-up process by continually moving the mouse. This became the first of many actions that came to constitute a start-up ritual that any religion would be proud of. Further rites included holding the laptop at an angle (and in one extreme fundamentalist sect even holding over one's head), closing and opening the lid three times and removing the power lead for ten minutes. I can't say these had any objective measure of success, but they had enough promise of success to be worth doing. And computers have become so complex that although I know they were mostly ridiculous, I couldn't be quite sure that they were redundant. They became the IT equivalent of sprinkling the dirt from a grave before midnight over the computer - sure it doesn't work, but hey, it's worth a try."

Hilarious but scary, especially since it brought back haunting memories of my own difficulties with my Toshiba laptop only a few years ago. The magic of the new toy disappeared in the quickly decelerating pace of operations on the machine, the causes of which I never got to the bottom of. In fairness to Toshiba, when the screen blew in the first few months, they quickly replaced it under warranty. If only Martin had videoed some of his more effective voodoo tricks, I might have been able to give them a try.

Vista EULA

Mark Rasch at SecurityFocus is concerned about the end user licence that will come with Microsoft's Vista operating system. Recommended reading.

"The terms of the Vista EULA, like the current EULA related to the “Windows Genuine Advantage,” allows Microsoft to unilaterally decide that you have breached the terms of the agreement, and they can essentially disable the software, and possibly deny you access to critical files on your computer without benefit of proof, hearing, testimony or judicial intervention. In fact, if Microsoft is wrong, and your software is, in fact, properly licensed, you probably will be forced to buy a license to another copy of the operating system from Microsoft just to be able to get access to your files, and then you can sue Microsoft for the original license fee. Even then, you wont be able to get any damages from Microsoft, and may not even be able to get the cost of the first license back...

Now Microsoft will invariably deny that what they are doing is “self-help.” More likely, they will claim that the disabling provisions of the software are mere “features” of the software. They will also argue that the licensee controls whether or not the code disables by either registering, or “getting Genuine.” But what the boys in Redmond are really doing is deciding that you have not followed the terms of a contract (the EULA) and punishing you unless and until you can prove that you have complied.

And what if Microsoft is wrong, and they disable your software erroneously? Well, you can keep buying and activating their software until you are successful. And that means more fees to Redmond. Or, following the movie “Happy Feet,” you can decide to find software with a little penguin on it."