Friday, January 13, 2006

Encouraging blawgers

The Law Gazette has some advice from experienced blawgers for lawyers logging onto blogging. A sample

Geeklawyer: "Blogs are a great way of getting initial exposure to potential clients, much more so than conventional directories. The value proposition is in the content of the blog – if it is well done you can build a sort of virtual relationship that yields results, particularly where the client respects your competence and your personality."

Ernie the Attorney: "Read lots of different types of lawyer blogs and figure out what appeals to you, and what kind of blog you would like to have. Be clear who your intended readership is, and don’t be afraid to express an opinion – something which lawyers often try to avoid."

Lilian Edwards: "If it’s going to be a flagship for the firm, put real resources behind it. If it’s going to be about your passion for patent law, then fine. But if you’re starting it cynically as a marketing tool, I’d pay someone to do it – a bright trainee even – because you just won’t find the time."

The Law of Defamation and the Internet

Oxford University Press have published a second edition of Matthew Collins' The Law of Defamation and the Internet. Not cheap at £125, which is the reason I won't be buying my own copy, but the cases are fascinating and the book is well written (and this is not an easy or well settled area of law to get your head around), so I'll be recommending it.

Give everyone an iPod not an ID card to fight fraud

From ZDNet "A senior manager at a British government agency has come up with an alternative to the U.K.'s identity card scheme: Give everyone a free iPod installed with a digital certificate."

What were those ID cost estimates again?

William Heath is frustrated that various government ministers are singing from the same hymn sheet when asked about the detailed costing of the ID cards scheme. The message is we can't tell you that because the information is commercially sensitive and putting it in the public domain "may prejudice the procurement process" and interfere with the government's ability to get value for money.

William has his own interpretation of these responses:

"This information is politically sensitive and to release it would be prejudicial to the acceptability of the ID card system. It's already criticised as unfeasible by IT experts at IEEE, LSE, and global identity specialists in suppliers such as Qinetiq, Sun, IBM and Microsoft. The fact is it will cost the department a lot of money - enough for me to play these games on the pretext of commercial sensitivity - but I don't want to give our estimate of how much. Because if you took our estimate and added it to other departments' estimates plus the core £6bn cost already admitted by the Home Office, well, you'd be talking serious money and people might start to realise this isn't such a smart policy"

I like it.

US Appeal court punts on Yahoo v France speech

A US Appeals court has avoided the opportunity to declare that the imposition of a large fine by a French court on Yahoo!, over the company's displaying of nazi memorabilia, would amount to an infringement of their first amendment rights.

"In a 99-page decision, the court left open the central question of whether U.S.-based Internet service providers are liable for damages in foreign courts for displaying content that is unlawful overseas but protected in the United States.

The court said it was unlikely the French would ever enforce the judgment and doubted Yahoo’s free speech rights under U.S. law were violated."

Blears Ideal Government further comments

There have been some further interesting comments on Home Office minister Hazel Blears defence of data retention at the Ideal Government blog. Ms Blears used an example of the rescue of a kidnap and torture victim as a good reason for needing the regulations.

Comment 21 provides a counter example of where things can go wrong, with an innocent Duch woman getting wrongly arrested for allegedly sending threatening messages to a celebrity.

"For every example of law enforcement, intelligence or others using traffic data “for good” there are examples of its use going terribly wrong. These simply haven’t been heard in the limited debate.
I like to point to the example (dutch: of a Dutch woman who was arrested early in the morning by six police officers at her home. A threatening E-mail was supposedly send to a celebrity from a phone for which her name was apparently in the billing records. During the interview that follows after many hours in a police cell she keeps her cool. After a long talk the investigating officer finally confronts her with the “evidence”. A piece of paper with her name, a phone number and the address where she lived ten years ago (but wasn’t picked up early in the morning). She quickly points out that she never had a phone with that number or from that provider. She manages to figure out that here personal detail might have been used by someone who stole her car and papers a couple of years back.

The investigating police officer lets her wait while he “checks her story”. Later he lets her go “based on her background, appearance and education”.. which begs the question? what would have happened if she had another skin color, was just laid of and/or went to a different school? It turned out the police had mistaken the pre-paid phone for one for which a contract was signed with a billing address. Even then the bills wouldn’t have been paid at a decade old address, which isn`t where they picked her up…

But that just an unlucky example from which no conclusion can be drawn right? No one in the debate took the time to realise why this is an important example regardless of which side you are on..

What if the sender of the threat had really hurt the target of the threatening e-mail?

Would the perpetrator have framed an innocent person, or would a defence attorney successfully explain the police the difference between a phone number and a social security number thus cutting the legs from underneath any future attempts to use traffic data (collected at billion Euro costs Europe wide) as evidence in a court of law? What about organisations that don’t haul people in for questioning but just start spying on a person?

But you can ask whether one would want legislation passed based on a few examples that supposedly demonstrate usefulness anyway. In my opinion its a shame that legislation that initially demanded colossal changes to the huge multi-billion Euro communication infrastructure was allowed to pass without any research into the usefulness, cost or or impact of the legislation. (Asking the people that came up with this plan to try and prove who send them an offer for products that can “enhance” various body parts should adequately demonstrate that E-mail protocols aren’t designed for this.)

Would the EU ever pass environmental legislation without at least considering a serious impact study?"

Hard cases make bad law and there is way too much reactive legislating going on, off the back of a few high media profile shocking events. In the wake of terrible tragedies there is always an emotional clamour to 'do something' to 'ensure it never happens again' and the thing that governments can do most visibly, in order that they can be seen to be acting, is to change the law in some way. There is an intense focus on the terrible event and an almost complete lack of awareness of the real probability of its occurrence.

3000 people die on UK roads every year but there would be complete outrage if the government introduced a blanket speed limit of 10 miles per hour. By comparison the chances of getting caught up in a terrorist atrocity are negligible. The consequences of getting caught in road accidents or terrorist events are roughly equivalent - death or serious injury. Yet we focus far more fear, media and legislative attention on the hugely less likely scenario. I sincerely hope it never comes anywhere close to reality in this country but if terrorist atrocities were as common as road traffic accidents, as sadly they are in some parts of the world, I suspect we'd pay them about as much attention.

Thursday, January 12, 2006

Xerox join the Open Content Alliance

The Xerox Corporation has joined the Open Content Alliance.

New York to monitor diabetics

From the Washington Post: "New York City is starting to monitor the blood sugar levels of its diabetic residents, marking the first time any government in the United States has begun tracking people with a chronic disease.

Under the program, the city is requiring laboratories to report the results of blood sugar tests directly to the health department, which will use the data to study the disease and to prod doctors and patients when levels run too high.

The unprecedented step is being hailed by many health experts as a bold attempt to improve care for diabetes, one of the nation's biggest medical problems, which is burgeoning into a crisis because of the aging population and the obesity epidemic.

Some public health experts, ethicists and privacy advocates, however, say that the initiative raises serious concerns about confidentiality and is an alarming government intrusion into people's medical care."

Concerns about RFIDs

Toby Stevens (he credited by Kim Cameron as suggesting data rejection is the highest form of data management) was disappointed at a recent conference by one speaker's response to his question about some people's concerns about RFID tags.

"I asked the speaker what could be done to accelerate consumer acceptance of RFID. His somewhat worrying response was to refer to those of us who worry about civil liberties as 'luddites'. He went on to say that consumers who are concerned about RFID are likely to have to shop at 'special' stores for untagged products, and to pay a premium for the privilege. Apparently, they will eventually see the error of their ways because of resulting social exclusion.

This thought reminded me of Orwell's Winston Smith using a black market store to purchase a diary without it coming to Big Brother's attention. I doubt this was quite what the speaker intended. However, it got me thinking about some of the attitudes that people have when they encounter individuals who care about the social implications of technology.

The Luddites were not specifically opposed to the new mass-production technologies of their day, but were deeply upset about the impact of technology on their livelihoods. The state responded with armed repression, hangings and deportations.

Over the next few years we will pass a 'tipping point' for RFID where it rapidly escalates in use and moves towards becoming a ubiquitous technology (I believe this is known in some circles as the "oh sh*t!" point). But we're not there yet. Earlier this year I was involved in an informal survey of patient awareness of RFID. Only a few per cent of the participants had any workable understanding of what RFID is, and even fewer had considered the implications.

Until RFID tagging is commonplace, and everyone understands and accepts its use (in the same way as we now accept mobile phones or the Internet), it befalls those of us who are aware of the risks to try to find an acceptable, balanced middle way.

Moreover, it is utterly wrong to condemn anyone who questions the social implications of a new technology as a Luddite, ne'er do well, or loony. Someone has to stand up and force the debate on whether a technology such as RFID is ready for consumer use. And if a Luddite is someone who objects to the imposition of a new technology on their life without proper consideration - and democratic debate - of its social impact, then I'm proud to be a follower of Ned Ludd."

Howard Knoff

Canadian lawyer, Howard Knoff, has started a blog, Excess Copyright.

"Copyright is good. Excess in copyright is not. There are many parties in the copyright construct. All of them must avoid excess in order for copyright to be sustainable. This blog will explore when success is excess."

One of his early posts is about prominent Canadian historian, Jack Granatstein's foray into copyright activism. He includes a copy of an email from Prof Granatstein outlining his dislike for the copyright bill proposed in the Canadian parliament

" I wear 2 hats: creator and researcher/teacher. As a creator, I want to be paid for my work. As a researcher/teacher, I want free access to archival materials and as much free access as I (and all teachers and students) can get to published or www material. The bill did not achieve a balance that met my concerns, and thus I opposed it."

Medical wiki goes live

I learn from Dr Adrian Midgley that the medical wiki, Ganfyd, has gone live with the message:

"Welcome to - The free medical knowledge base that anyone can read and any registered medical practitioner may edit. Ganfyd is a collaborative, creative commons licenced medical reference by medical professionals and invited non-medical experts. The site is based around the wiki format, enabling true sharing of knowledge. GANFYD was initiated by a group of doctors who use (AKA to contribute their knowledge and experience to the commonwealth. Ganfyd is an old medical mutterance whose meaning is known only to the initiated."

Btw ganfyd means "get a note from your doctor" and I think is GP-speak for basically healthy folks looking for sicknotes.

Felten on the analog hole bill

Ed Felten, as usual when he turns his attention to these things, has some critically important things to say about the proposed analog hole bill in the US.

"The Analog Hole Bill would mandate that any devices that can translate certain types of video signals from analog to digital form must comply with a Byzantine set of design restrictions that talk about things like “certified digital content rights protection output technologies”. Let’s put aside for now the details of the technology design being mandated; I’ll critique them in a later post. I want to write today about the bill’s exemption for “professional devices”:

PROFESSIONAL DEVICE.—(A) The term‘‘professional device’’ means a device that is designed, manufactured, marketed, and intended for use by a person who regularly employs such a device for lawful business or industrial purposes, such as making, performing, displaying, distributing, or transmitting copies of audiovisual works on a commercial scale at the request of, or with the explicit permission of, the copyright owner.

(B) If a device is marketed to or is commonly purchased by persons other than those described in subparagraph (A), then such device shall not be considered to be a ‘‘professional device’’...

The really interesting thing about the professional device hole is that it makes one provision of the bill utterly impossible to put into practice. For those reading along at home, I’m referring to the robustness rulemaking of section 202(1), which requires the Patent and Trademark Office (PTO) to establish technical requirements that (among other things) “can only with difficulty be defeated or circumvented by use of professional tools or equipment”. But there’s a small problem: professional tools are exempt from the technical requirements.

The robustness requirements, in other words, have to stop professional tools from copying content — and they have to do that, somehow, without regulating what professional tools can do. That, as they say, is a tall order."


Wiretapping, president Bush and the NSA

Mark Rasch has been thinking about the domestic spying controversy in the US.

"Let's start with a little reality check here. Much of what the NSA and the intelligence community does is in violation of some law somewhere. Indeed, much of what the military does is as well. When the NSA intercepts a communication from France to Afghanistan, it probably violates the privacy and electronic surveillance laws in both countries. When it installs alligator clips on a phone in Turkmenistan, it probably violates some local burglary or trespass law. Espionage - the staple of the CIA - is a felony in almost every nation, and a capitol offense in the US. In fact, it is part of the intelligence community's job to try to get people to commit treason. So we are hardly shocked or offended that our government or any government is violating the law. What the so-called NSA domestic spying scandal addresses is whether the process violates US law...

Now it is difficult for me to imagine a circumstance where someone could be part of a terrorist organization, planning or discussing terrorist activities and not be suspected of a crime. Terrorism is a crime. Murder is a crime. Destruction of property is a crime. Conspiracy is a crime. Money laundering, fraud, immigration fraud, false statements, counterfeiting - all of these are crimes. In the recent Spielberg movie Munich, Mossad agents assigned to assassinate those responsible for planning the abduction and murder of Israeli Olympic athletes agonize over the legality of their actions, but ultimately focus on its necessity. Niceties of the law are rarely debated on the battlefield, and according to the current administration, the battlefield is everywhere and forever...

Thirty-three years ago, the US Government tried to rely on pure Presidential power to engage in domestic surveillance of domestic subversive groups without a warrant. US Supreme Court rejected the government's contention ( that the courts were not prepared to deal with the sensitive classified information, could not make informed decisions about the threats to national security, and that the President had independent authority to order these wiretaps without the Courts. Even if the wiretaps were "reasonable" the Supreme court opined, they violated the Fourth Amendment...

It was this precedent - establishing that a government official's immunity for ordering such illegal wiretaps is only limited - that Supreme Court nominee Samuel Alito sought to reverse when he was advising the Reagan Administration's Justice Department...

Now anyone who has worked in a bureaucracy knows how hard it is to get anything done. Indeed, to get a FISA tap, the NSA agent monitoring traffic in the field (whether that is in Afghanistan, at an ISP, or in Fort Meade, Maryland) would likely have to get the approval of several levels of supervisors, and then lawyers for the NSA would get involved. Then the NSA would have to involve the Department of Justice's Office of Intelligence Policy and Review, and the Office of the Attorney General to review and analyze the FISA order, establish appropriate minimization procedures, and present the case for review by the FISA court. Finally, the FISA court would be convened and review, modify or approve the request for a wiretap. The wheels of justice grind exceedingly slow...

I can't imagine, however, that the non-FISA "presidential authority" wiretaps would be much faster. NSA agents and supervisors, NSA counsel and the Department of Justice would all have to be involved in approving the wiretaps, and they would then have to be reviewed by the White House, and ultimately approved by the President himself. This may turn out to be a case where the need for "speed" is really a euphemism for the need to assert Presidential authority over the courts."

Thoughtful piece (runs to 5 pages), well worth reading in full.

Google Print and Copyright

Jonathan Band has written a very helpful 16 page guide to the copyright debate in relation to the Google library project. It was also Jonathan who produced one of the clearest early analyses of the project when there was so much confusion in the media even over the basic facts (partly because the protagonists in the case talk past each other in rhetorical soundbites rather than engaging directly on the complex issues).

As a one stop shop on getting to the bottom of the Google Print issues you won't get much better.

ARCast - The Laws of Identity

If you ever wanted a gentle introduction to Kim Cameron's "7 Laws of Identity" you could do a lot worse than listen to this radio programme where he gets interviewed by Ron Jacobs.

There are some real gems from Cameron in this.

"Privacy concerns ultimately end up being security concerns."

So an approriately designed identity layer of the Internet would be equivalent to a privacy enhancing layer.

He talks about Toby Stevens notion of data rejection being the highest form of data management.

He mentions his signature is in thousands of scanned databases, so what now is the value of his signature?

And when it comes to building an identity layer for the Net notes that as architects and technologists we have to assume our system will be breached, so that we're ready to react appropriately when they are. If a decent identity layer is not built into the Net then people will rapidly get fed up with the negative consequences to the extent that all trust in the infrastructure will be lost. We also have to build the system in such a way as to avoid locking out the possibility of innovative developments in identity architecture in the future. We're just at the begining of what identity systems can be technologically and there are some amazing developments in universities, so we have to be able to build these into the system when they are developed.

Geist abused by Canadian MP

Michael Geist has been verbally abused by a Canadian member of parliament, Sam Bulte, who has pushed for copyright reform following heavy campaign contributions by the entertainment industries. She says she won't let "Michael Geist and his pro-user zealots, and Electronic Frontier Foundation members" intimidate her.

How exactly did professor Geist intimidate her? Well he has been critical about proposals for Canadian copyright reform but it seems his intimidation comes in the form of a pledge which he has asked party leaders to take during the election campaign:

"No Member of Parliament who has accepted financial contributions or other benefits from (i) a copyright lobby group, (ii) its corporate members, or (iii) senior executives as well as (iv) a copyright collective shall serve as Minister of Canadian Heritage or as Parliamentary Secretary to the Minister of Canadian Heritage, nor sit on any legislative committee (parliamentary or standing committees) conducting hearings or deliberations on copyright matters."

Mmm. So he's suggesting that an MP should not be allowed to take a job in parliament that would temp her into doing favours for the people who supported her election though significant funding or other benefits. Er... no... I'm looking hard but I can't see the intimidation factor here. What am I missing?

James Love on WIPO broadcasting treaty

I don't think I got round to pointing to a terrific article by James Love in the Huufington Post in November?

Essential reading for anyone concerned about developments in the intellectual property landscape.

"A UN Agency is debating a sweeping new form of regulation for the Internet. The call for this new regulation is being led by the United States government and the European Commission, pushed by highly paid lobbyists for a trade association that includes Yahoo, Microsoft, AOL, Real Networks and a handful of other companies...

The US negotiators are not trying to impose US law on the rest of the world. They are instead seeking a new global law that is completely outside of US legal traditions, and according to legal experts, of dubious constitutional legality in the United States...

The European Commission is also not trying to impose current European legal traditions on the rest of the world. Both the US and the EC negotiators are trying to create a brand new and untested regime of Internet regulation that they have never even attempted to adopt in their own Congress or parliaments.

The fora for this international law-making exercise is the World Intellectual Property Organization, known in English speaking countries as WIPO. What is proposed has nothing to do with copyrights or patents, but rather something new, that no country has yet tried, and which is granted to protect “investments” in the distribution of works, rather than to reward creative activity...

What is proposed is as follows. Any web page operator who makes any combination or representations of “images or sounds . . . accessible to the public . . . at substantially the same time,” would be granted a new right, to authorize or prohibit anyone from copying the data, or republishing or re-using the information in any form.

This may sound like copyright, but it’s not. This new “webcaster” right is something that would apply to public domain material, and it would apply to works that are copyrighted, even if the webcaster is not the copyright owner, and does not even have a license to use or to restrict access to the copyrighted work.

What this means is this. If you download a file from the Internet, you would have to get the permission of the web page operator before you could republish the data elsewhere. This permission would be in addition to any permissions you would need from the actual copyright owner, and it would even be required if you are seeking to publish something that was either in the public domain under copyright law, or that had been licensed for distribution under something like a creative commons license.

This new “webcaster right” would be automatic, and come also with a whole set of new requirements to enforce technological protection measures (TPM) and digital rights management (DRM) schemes on Internet transmissions. The webcaster would have an ownership right in the information for 50 years, and the 50 year term would start new with every transmission of information...

The actual proposals for new treaty provisions on this “webcaster” right were written by lobbyists for a trade association called DiMA, that includes some 25 firms, including such heavy hitters as America Online, Apple, Microsoft, RealNetworks and Yahoo!...

what the broadcasters and the webcasters really want has nothing to do with protecting copyrighted works. They want to "own" the content of what they transmit, even when they are not the creative party, and even if they can't acquire such rights from the copyright owner (if any).

In the words of the treaty critics, the treaty proponents are guilty of piracy of the knowledge commons. They are seeking to claim ownership rights in works they did not create, and which today they do not own. They want something different from copyright, and different from the legal regime that exists in any country. They want to own what they simply transmit. And this will be quite harmful to the Internet."

There in a nutshell you have many of the fundamental problems with the decision making process regarding the development of intellectual property policy in the digital age.

These laws or anything like them do not exist in the EU or the US.

There is absolutely no empirical evidence to support their introduction. Though there would be the possibility of engaging in substantive research to compare and contrast the EU and US broadcasting arenas, due to the existence of the different broadcasting legal regimes, nobody wants to do that.

Some powerful commercial interests would like these regulations to exist.

The actual wording of the proposed treaty is drafted by lobbyists working for these commercial interests.

A small number of highly placed unelected officials from the EU and US quietly drive the proposals through an unelected World Intellectual Property Organisation. Quietly is the key adverb here because the more people find out about the details, the more they think these proposals are a bad idea.

We then have an international treaty.

Everyone returns home.

At home the message is "It's terrible. You can't trust the UN or the US(/EU depending on which side of the pond you hail from). We'd never have done anything like that here but we have an international treaty obligation now to implement these laws in our country. There's nothing we can do about it."

Rational decision making goes something like this:

1. Survey the situation.
2. Specify the problem.
3. Identify a series of alternative options to tackle the problem.
4. Assess the alternatives e.g. through cost benefit analysis and other modeling and empirical testing/research.
5. Choose one of the options and implement it.
6. Monitor the outcome and adjust action in accordance the relevant feedback.

By contrast IP policy development looks like:

1. We have an idea for a money making scheme.
2. Call in the lobbyists
3. We need an appropriately tailored, trade-protectionist, international treaty.
4. Don't worry we'll draft it and call in our buddies in the US and EU government services to push it through WIPO. Assess the alternatives? Haa Ha.
5. WIPO cleansweep (and I'm not talking about a Harry Potter broomstick).
6. Monitor the income and complain it's not enough. The treaty needs to be strengthened to save us losing hundreds of billions to pirates. Go back to step 1.

Weinberger on Wikipedia

David Weinberger has a very sensible assessment of the media reaction to the Wikipedia controversy, towards the end of last year relating to the fictitious and defamatory entry about respected journalist, John Seigenthaler.

"When the mainstream media addressed the John Seigenthaler Sr. affair — he's the respected journalist who wrote an op-ed in USAToday complaining that slanderously wrong information about him was in Wikipedia for four months — the subtext couldn't be clearer: The media were implicitly contrasting Wikipedia's credibility to their own. Ironically, the some of the media got the story fundamentally wrong, in tone and sometimes in substance...

Wikipedia has been a continuous state of self-criticism that newspapers would do well to emulate. It has discussion pages for every article. It has handled inaccuracies not defensively but with the humble understanding that of course Wikipedia articles will have mistakes, so let's get on with the unending task of improving them. Wikipedia's ambitions are immodest, but Wikipedia is not...

Jimmy thinks the the mainstream media misunderstood this story because they have a cognitive problem when it comes to anonymity and accountability:
The thing that people always latch onto is that it has to do with anonymity. But it doesn't have to do with knowing who you are [in the real world] . We care about pseudo-identity, not identity. The fact that a certain user has a persistent pseudo-identity over time allows us to gauge the quality of that user without having any idea of who it really is...
Jimmy has been all over the news telling people that Wikipedia is not yet as reliable as the Britannica, that students shouldn't cite it, that you should take every article with a grain of salt. (One Wikipedian suggested to me that such a disclaimer ought to be on every page; I agree.) The media are acting as if this is a humbling confession when in fact it's been what Jimmy and Wikipedians have been saying from the first day of this remarkable, and remarkably successful experiment in building an inclusive encyclopedia together.

The media literally can't hear that humility, which reflects accurately the fluid and uneven quality of Wikipedia. The media — amplifying our general cultural assumptions — have come to expect knowledge to be coupled with arrogance...

With Wikipedia, the balance of knowing shifts from the individual to the social process. The solution to a failure of knowledge (as the Seigenthaler entry clearly was) is to fix the social process, while acknowledging that it will never work perfectly. There are still individuals involved, of course, but Wikipedia reputations are made and advanced by being consistent and persistent contributors to the social process. Yes, persistent violators of the social trust can be banished from Wikipedia, but the threat of banishment is not what keeps good contributors contributing well."

Wednesday, January 11, 2006

Will Blears respond to Ideal Government critique

John Lettice is skeptical about whether Hazel Blears will respond to the questions generated in response to her posting on the Ideal Government blog.

"Pretend for a moment that the Home Office understands what it's doing, then consider the implications. Government policy is currently communicated, argued and implemented in a largely non-interactive, adversarial way. Government determines what it intends to do, puts forward its arguments and goes ahead. Its intentions and arguments will be questioned in Parliament, in consultations and in the press, but (as the experience of the past few years makes clear), it will usually respond to these by carrying on going ahead and repeating the same arguments as it does so.

Don't knock it too hard though - irritating as it is to to see the same faulty logic and discredited arguments trucked out over and over again, it's a viable mode of Government, up to a point. It gets stuff done, and any personal dislikes you may have of the stuff that's getting done only become material when enough other people hate it enough for stuff to be modified, or not to get done...

If Ministers don't answer questions, address points and develop arguments openly and honestly in Parliament, they can't rationally do so in blog discussions, and they'd get fired if they tried. "

Scholars write to Congress on NSA domestic spying

14 constitutional scholars and former government official have written to Congress outlineing their belief that President Bush's authorisation of the NSA domestic spying practices was illegal. It's fairly dense with legal analysis, as you might expect but worth reading at least the introduction and conclusion:

"Dear Members of Congress:

We are scholars of constitutional law and former government officials. We write in our individual capacities as citizens concerned by the Bush Administration's National Security Agency domestic spying program, as reported in the New York Times, and in particular to respond to the Justice Department's December 22, 2005 letter to the majority and minority leaders of the House and Senate Intelligence Committees setting forth the administration's defense of the program. Although the program's secrecy prevents us from being privy to all of its details, the Justice Department's defense of what it concedes was secret and warrantless electronic surveillance of persons within the United States fails to identify any plausible legal authority for such surveillance. Accordingly the program appears on its face to violate existing law...

In conclusion, the DOJ letter fails to offer a plausible legal defense of the NSA domestic spying program. If the Administration felt that FISA was insufficient, the proper course was to seek legislative amendment, as it did with other aspects of FISA in the Patriot Act, and as Congress expressly contemplated when it enacted the wartime wiretap provision in FISA. One of the crucial features of a constitutional democracy is that it is always open to the President--or anyone else--to seek to change the law. But it is also beyond dispute that, in such a democracy, the President cannot simply violate criminal laws behind closed doors because he deems them obsolete or impracticable.

We hope you find these views helpful to your consideration of the legality of the NSA domestic spying program.


Curtis A. Bradley
Richard and Marcy Horvitz Professor of Law, Duke University*
Former Counselor on International Law in the State Department Legal Adviser's Office, 2004

David Cole
Professor of Law, Georgetown University Law Center

Walter Dellinger
Douglas Blount Maggs Professor of Law, Duke University
Former Assistant Attorney General, Office of Legal Counsel,1993-1996
Former Acting Solicitor General of the United States, 1996-97

Ronald Dworkin
Frank Henry Sommer Professor, New York University Law School

Richard Epstein
James Parker Hall Distinguished Service Professor, University of Chicago Law School
Peter and Kirsten Bedford Senior Fellow, Hoover Institution

Harold Hongju Koh
Dean and Gerard C. and Bernice Latrobe Smith Professor of International Law, Yale Law School
Former Assistant Secretary of State for Democracy, Human Rights and Labor 1998-2001
Former Attorney-Adviser, Office of Legal Counsel, DOJ, 1983-85

Philip B. Heymann
James Barr Ames Professor, Harvard Law School
Former Deputy Attorney General, 1993-94

Martin S. Lederman
Visiting Professor, Georgetown University Law Center
Former Attorney Advisor, Department of Justice Office of Legal Counsel, 1994-2002

Beth Nolan
Former Counsel to the President, 1999-2001; Deputy Assistant Attorney General, Office of Legal Counsel, 1996-1999; Associate Counsel to the President, 1993-1995; Attorney Advisor, Office of Legal Counsel, 1981-1985

William S. Sessions
Former Director, FBI
Former Chief United States District Judge, Western District of Texas

Geoffrey R. Stone
Harry Kalven, Jr. Distinguished Service Professor of Law, University of Chicago
Former Dean of the University of Chicago Law School and Provost of the University of Chicago

Kathleen M. Sullivan
Stanley Morrison Professor, Stanford Law School
Former Dean, Stanford Law School

Laurence H. Tribe
Carl M. Loeb University Professor and Professor of Constitutional Law
Harvard Law School

William W. Van Alstyne
Lee Professor, William and Mary Law School
Former Attorney, Department of Justice, 1958"

Heathrow express see through clothes scanner trial

I heard this on the radio this morning.

"The Independent reports some details about the 4 week trial of the "see through your clothes" passive millimetre wave imaging scanner which has been installed at London's Paddington mainline railway station on the Heathrow Express platform."

Spy Blog has some legitimate concerns:

"80 seconds per scan, minimum !!

Since the Heathrow Express service leaves Paddington every 15 minutes, that means that passengers (who will certainly be struggling with suitcases on their way to the airport) will miss the next train on which they have booked their tickets / reserved their seats, if there are as few as 10 or so people in the queue ahead them to be scanned...

if the "randomly selected" passengers are Children. The operators will be guilty of "creating or distributing" Child Pornography, a term which includes synthetic digital images. If children are automatically excluded, then the whole system is useless against smugglers or terrorists...

what aspect of the "technology" is being tested on the public ?

What does this prove that a group of paid experimental test subjects could not ?

The ability to see people naked throough various types of clothing ? The ability to detect various deliberately concealed items ?

How can this be a scientific test, if the data is really destroyed after each scan ?

Where is the proof that this system is safe for, say, pregnant women ?

Will people who refuse to be scanned be treated as "terrirst suspects" and stopped and searched under the Terrorism Act 2000 section 44 anyway ?"

UK MPs demand WiFi

UK members of parliament are apparently demanding wifi is installed in the Houses of Parliament.

China bans Wikipedia

From the Globe and Mail, "Chinese students and intellectuals are expressing outrage at Beijing's decision to prohibit access to Wikipedia, the fast-growing on-line encyclopedia that has become a basic resource for many in China."

Blears at Ideal Government

Home Office minister has sent a short piece on the EU data retention measures to William Heath's Ideal Government blog. It's generated a fair amount of traffic in the comments. She provides an example of where access to telecoms data led to the rescue of a kidnap victim.

"Where it has been available, such information has already proven critical. When a Ghanaian individual was recently abducted in the Netherlands having travelled through the UK, Dutch, Belgian and British police were able to close in on his kidnappers because of historic phone data they analysed. The man was freed from his captors, having suffered severe torture, and arrests were made as a direct result of information from phone records that might otherwise have been deleted. Such data was also critical in the conviction of a terrorist gang who set off bombs in London and Birmingham in 2003, injuring several people and causing millions of pounds worth of damage.

The deal that was reached between all three EU institutions balances the need for action with the need to agree legislation that is necessary and proportionate and which does not impose an unnecessary burden on industry. The data retained will only be disclosed in specific cases and will be subject to strict data protection rules. Any abuse of the data will be subject to sanctions.

I believe this agreement is an important step in delivering the right to citizens across the EU to live in peace and free from the negative impact of terrorism and serious crime."

I don't know the details of the kidnap case but it would be useful to know how long the crucial data leading to the rescue had been retained for in advance of its use by the police. Also how much effort was involved on the part of the police and the relevant phone company in getting at the appropriate information? From the victim's perspective, what matters is speed and efficacy.

Tracking web surfing, of course, is not the same and phone communications traffic data. The web surfing can reveal a lot more about an individual. So wouldn't there be more of a case for targeting the tracking of the web surfing of suspect individuals rather than blanket tracking of everyone. Without powerful, intelligent aggregating tools, law enforcement don't have the capacity to find out a huge amount about everybody but they will have the capacity to dig deeply into the surfing habits of a limited number of people.

When the Open University introduced an online communications environment as part of our teaching over ten years ago, there was genuine concern about the privacy in individual conference areas and the potential for big brother monitoring of tutoring duties, which up until that point had been in the traditional classroom and correspondence context. During the busiest period of the past ten years I have been responsible for about 155 associate lecturers, who in turn looked after about 3000 students. There were thousands of conference areas and millions of messages. I could not possibly monitor it all.

On that subject, though the technology did fundamentally change the nature of the distance education paradigm and my role as a facilitator of the process, my abiding memory of the toughest times is the reinforcement of the knowedge that what the technology really complimented was the process of putting people in touch with people that makes the high quality brand of distance education supplied by the OU possible; and the hundred-plus hours a week I'd spend in front of my computer screen, attempting to support the amazing folks trying to get to grips with integrating these tools into their teaching and learning. By and large most OU students and staff are fantastic people and the place works because we're good at getting those people together to help each other out.

Getting back to Ms Blears posting, William has some very sensible questions:

"- can they use comms data to investigate relatively rare instances of serious crime without mass systematic data retention?
- if so with what safeguards?
- how can we discuss and debate these issues before bouncing everyone into EU legislation?
- where do we go from here on this policy, which does strike me as an balance sinister and likely to further erode trust in on-line society."

iTunes is watching you

Cory is annoyed that a "new version of Apple's iTunes for Mac appears to communicate information about every song you play to Apple, and it's not clear if there's any way to turn this off, nor what Apple's privacy policy is on this information...

I wouldn't buy a stereo that phoned home to Panasonic and told it what I was listening to; I wouldn't buy a shower radio that delivered my tuning preferences to Blaupunkt. I certainly am not comfortable with Apple shoulder-surfing me while I listen to digital music, particularly if they're doing so without my meaningful, informed consent and without disclosing what they intend on doing with that data.

At very least, Apple must deliver information about whether iTunes gathers and transmits your data when the Mini-Store is switched off, and about what it does with the data the Mini-Store transmits when it's loaded."

Junk phone calls counter script

This is excellent:

"Telemarketers make use of a telescript - a guideline for a telephone conversation. This script creates an imbalance in the conversation between the marketer and the consumer. It is this imbalance, most of all, that makes telemarketing successful. The EGBG Counterscript attempts to redress that balance."

I have a lot of sympathy for many of the folks who work in telemarketing call centres. I still get bothered and irritated by these kinds of calls even though my number is supposed to be on the do-not-call list but my approach is to politely say I'm not interested and hang up. With the persistent types, if I'm feeling patient, I'll say that I know they're just doing a job but they're probably on commission and their time will genuinely be better invested talking to someone else. With the persistent, pushy obnoxious types I don't tend to waste time with them at all and hang up but this script would be a nice response if you have two minutes and your dinner has been interrupted anyway.

P2P users set up new political party in Sweden

Ian Brown reports that P2P users are setting up a new political party in Sweden to tackle what they consider to be draconian intellectual property laws.

ID cards an IEEE Loser

The IEEE have branded the UK government's ID card scheme a "loser" in their "winners & Losers 2006" awards for the best and worst technology projects.

Kim Cameron's astonishment

Kim Cameron was more than a bit surprised, following an interview with John Fontana of Network World, to read the subsequent article describing him as an identity god and credited with being one of teh 50 most powerful people in networking.

"I’ve really appreciated the interest and support of our writer colleagues - people who know how to find the story in our reality, and then, to tell it. When John Fontana called me about doing a profile, I thought it would be a way to move our identity project forward. In fact, it’s a long time since I’d done anything quite so personal - but knowing what a straight-shooter John is, I went with the flow.

Even so, I hope people can imagine my complete astonishment when, the day after Christmas, I read the following:
Kim Cameron: Identity’s god

Chief architect of access at Microsoft has galvanized an industry behind his ‘Seven Laws of Identity.’...
Well, the cat’s out of the bag. Now everyone knows I’m not 39.

But let me reassure everyone I that I don’t really think of myself as an identity god. If I were, we’d have an identity layer for the internet by now...

Still, this identity thing is hard, and has taken a long time. Nor is it over yet. There are still a lot of things that can go wrong. It can’t be done by any one person, or any one vendor, or any one government or country. But I really think that with all our Identity 2.0 friends we can get to our destination.

Finally, thanks to John Fontana and his editors for this wonderful honor.

Update: Kim got the Networked MVP award from Dave Kearns just before Christmas too.

IPRSOnline is an excellent internet portal on Intellectual Property Rights (IPRs) and Sustainable Development, which points to all kinds of interesting projects and resources like Dr. Johanna Gibson's project at the Queen Mary Intellectual Property Institute, Patenting Lives and many more.

Tuesday, January 10, 2006

Doctors don't trust govt. flagship NHS IT system

John Carvel, social affairs editor at The Guardian, reports that doctors have littels faith the the UK government's flagship NHS IT project.

"Health ministers face a crisis of confidence among GPs and hospital consultants over the £6.2bn programme to build the most sophisticated medical IT system in the world, a Guardian poll of more than 1,300 doctors has revealed.

It shows most doctors think the Connnecting for Health programme is a waste of money and only 1% feel it is making good progress. Doctors are concerned that patient confidentiality will be compromised when records are transferred to an electronic system open to clinical staff.

Only a minority of GPs expect to be using the Choose and Book system for making hospital appointments by the end of the year, despite government assurances that it will be available by then in every family doctor's surgery in England.

The survey by the medical pollsters Medix suggests the government has not made sufficient effort to win doctors' support for a scheme that it billed as the biggest civil IT programme in the world."

As a friend of mine used to say, "aye, until the next one", which in this case will be the ID card scheme.

Verizon music comes with a catch

People buying into Verizon's new music service for mobile phones will find they will no longer be able to play MP3 files on those phones.

"The company's new song download service, announced at the Consumer Electronics Show (CES) in Las Vegas, is being built around Microsoft's digital-media technology. As part of that service, Verizon decided to eliminate the phones' previous ability to play MP3 files, hoping to keep the phones' music features simple, a company spokesman said...

"We don't view this as restricting functionality," said Jesse Money, Verizon's director of consumer multimedia services. "We wanted one music player on the phone with a simple and consistent look and feel throughout the player. If we were to leave (the MP3 support intact), then there would be two players with different experiences.""

Out goes the old, open MP3, in comes the new, proprietary, locked-up Microsoft format.

Monday, January 09, 2006

Cornelia Kutterer, senior legal advisor at BEUC, the European consumer organisation, has been explaining why they have launched a campaign focussing on the dangers of developments in intellectual property policy at EU level. She says that the blurring of the boundaries between commercial and non commercial intellectual property infringement by EU policy makers is a fundamental problem.

"Today, it appears that the Commission no longer distinguishes these two different types of infringement. But blurring these boundaries leads to excessive reactions that may have deep, irreversible and adverse effects on our society, technological development and the private sphere.

In a highly controversial and often hostile debate about the scope of IP protection, recent developments in the political debate tend to be excessive, disproportional, lop-sided and do not take into account the existence of many discussions on how to improve creativity, access to knowledge and the legal use of technology. Instead, the law of unintended consequences is being provoked. Some examples:

Criminalization of consumers
In a recent proposal adopted by the Commission in July 2005, the Commission aims at introducing and aligning national criminal law provisions against infringements of IPRs. Under the proposal, infringements of any intellectual property rights are treated as criminal offences if undertaken intentionally and on a commercial scale. Similarly, attempting, aiding and inciting such infringements are considered criminal acts.

The problem is that the definition of "commercial scale" is not set out, and does not explicitly require financial benefits, profit or a commercial motive for activities to be identified as taking place on a "commercial scale"..."

She goes on to talk about the EU data retention proposals and drm standards that routinely incorporate user tracking and concludes:

"These recent developments and initiatives show that the balance between the rights of the right holders and the rights of consumers is neither achieved nor maintained but instead ever more threatened. Consumers’ organizations have to be very vigilant in the near future. The European Commission has announced a review of a set of directives related to copyright, in particular the reform of copyright levies applied to equipment and media used for private copying and a review of copyright term, above all, term for sound recordings are included in the review. Consumers’ organizations will also need to look at the contractual side and pay high attention to abusive terms in services. An initiative report on consumer protection in the digital environment by the European Parliament could certainly help to address this issue.

A good sign came recently from The German Federal Supreme Court. It stated that "the necessary balance between the constitutionally protected rights of the right holders to exercise their rights and the constitutionally protected interest in competition, i.e. to be able to evolve freely outside that protected scope, would not be guaranteed anymore if the right holder could claim protection to an extent to which he is not entitled…" (BGH 2005). The court adds that this objective distinction between the scope of IP protection and the freedom of competition must also be balanced in regard to the means of enforcement. We believe that the statement is fundamental and should be reflected in all initiatives at hand."

Sunday, January 08, 2006

£2500 fine planned for ID card evasion

The Sunday Telegraph is reporting that that proposed fine for not having an ID card will be £2500. A Conservative party constitutional affairs spokesman said

"There is growing concern among the public about Labour's use of invasive 'Big Brother' computer databases - without transparency or clear backing from the public - such as for the forthcoming council tax revaluation.

I believe local residents will be alarmed at the further prospect of town hall bureaucrats being told to investigate people's homes for ID cards, backed up with the threat of thousand-pound fines."

Local electoral registration officers will be required to police the scheme.

The down side of opening up innovation

John's been thinking about the down side of the Internet's end to end architecture in the new Berliner style Observer.

"The downside was that this freedom to innovate applied also to unsavoury geniuses. For every Tim Berners-Lee there were a thousand virus-writers or spammers enjoying the same intoxicating freedom to release their products on to the net. And because of the design principles built into the architecture, there was no way of stopping them.

There still isn't, which is why the problems will get worse. Security cannot be retro-fitted to the current design, so we need a new architecture. We can't go on patching the internet as if it were just a global version of Windows XP. The $64 trillion question is whether in reinventing the internet we can avoid throwing out the end-to-end baby with the virus-infested bathwater."

Jonathan Zittrain has some excellent ideas on how we should be tackling this and doing it now before it's too late. The essay is based on a book due to be published soon, The Future of the Internet—And How to Stop It.