Friday, January 27, 2006

The Google Search Subpoena in Perspective

Seth Finkelstein has been putting the Google search supoena into prespective.

"During Supreme Court oral argument about the COPA law, the Solicitor General made the following claim:
MR. OLSON: .... But the problem with respect to the children is the material that is so widely available on the Internet that doesn’t reach the definition of – that is not as bad as obscenity. It is a wide amount of information. The legislative history described 28,000 pornographic sites in a – this is also outside the record, but if an individual goes to their Internet and – and uses an Internet search engine and – and types in the word, free porn, I did this this weekend, the – your – your computer will say that there are 6,230,000 sites available. Now that’s available now.
This was a ludicrous abuse of statistics. He had searched Google for all items which contained the word “free”, and the word “porn”, somewhere on the page (not even strictly the phrase “free porn”). And then offered the meaningless number returned as if it were somehow relevant. Indeed, this very article will now increase that number, merely by quoting him. It was (or at least, should have been) an embarrassing display of ignorance.

With such poor quality of evidence being proffered to justices of the Supreme Court, it’s easy to see why the government wanted to be better prepared in future trials. Indeed, the eventual decision about the COPA law required more investigation, particularly of censorware:

Second, there are substantial factual disputes remaining in the case. As mentioned above, there is a serious gap in the evidence as to the effectiveness of filtering software. See supra, at 9. For us to assume, without proof, that filters are less effective than COPA would usurp the District Court’s factfinding role. By allowing the preliminary injunction to stand and remanding for trial, we require the Government to shoulder its full constitutional burden of proof respecting the less restrictive alternative argument, rather than excuse it from doing so.

So for this evidence, a statistics professor working with the Department of Justice decided to try to use search engine queries as a basis for various estimates:

Reviewing URLs available through search engines will help us understand what sites users can find using search engines, to estimate the prevalence of harmful-to-minors (HTM) materials among such sites, to characterize those sites, and to measure the effectiveness of content filters in screening HTM materials from those sites.
Reviewing user queries to search engines will help us understand the search behavior of current web users, to estimate how often web users encounter HTM materials through searches, and to measure the effectiveness of filters in screening those materials
Many problems have been pointed out with these ideas, to put it gently. It’s important, however, to keep in mind that the previous state-of-the-art in research evidence here was typing in the words “free” and “porn”. It’s hard to imagine a better case for never attributing to malice what can be explained by stupidity.

But when the keywords “Google”, “government”, “pornography”, “privacy”, all mixed together, it produced an explosive reaction due to the volatility of the components. Many news reports gave a false impression that the government intended to go on a fishing expedition of sifting through personal search records in order to track down seekers of child pornography. The recent NSA wiretapping scandal provided yet another framework for suspicion.

Pragmatically, if the government was going to data-mine search engines as a source for investigation of terrorism, or even child pornographers, those actions would be surrounded by secrecy. And the public would only find out about it through leaks, not open court action. For example, an ACLU lawsuit over the PATRIOT Act was subject to extensive gag orders. And if there was a fishing expedition, since other search engines had complied with the government data requests, the net had already been spread far and wide. So from a very narrow perspective, any privacy damage had already mostly been done.

However, the relatively minor goal of statistical studies has ended up raising public awareness of the overall issues with personal data stored by search engines, and the fears it could be misused for criminal investigations. Search engines are almost an outsourced surveillance system. And completely unaccountable since they’re private companies. Perhaps the overall lesson of the story is that information collected for business purposes could easily be abused. We should start thinking about mandating privacy protection before the abuses imagined in this case become reality in the future."

The whole piece is well worth a read.

Dragon Slayers or Tax Evaders?

Julian Dibbell has an amusing essay on Dragon Slayers or Tax Evaders? in Legal Affairs.

"IF YOU HAVEN'T MISSPENT HOURS battling an Arctic Ogre Lord near an Ice Dungeon or been equally profligate spending time reading the published works of the Internal Revenue Service, you probably haven't wondered whether the United States government will someday tax your virtual winnings from games played over the Internet. The real question is, Why hasn't it happened already...

Because he wasn't in a position to offer a final word, however, Knight gave me a number for the IRS's Business and Specialty Tax Line. "Specialty" sounded about right, so I called and told my story to a telereceptionist, who routed me to a small-business specialist, who passed me along to a barter-income specialist, who identified herself as "Mrs. Clardy, badge number 7500416," and listened in silence to my query about virtual economics—and then put me on hold.

When Mrs. Clardy returned, she was a bureaucrat transformed. "We just had this little discussion," she said, almost giggling. "And it sounds to us like [the online trades you've described] would be—yes—Internet barter." Here she paused, whether to catch her breath or to let the conclusion sink in, I couldn't tell. "However," she went on, "there are no regs, there is no code, there are no rulings, to rely upon. This is our opinion."

Mrs. Clardy suggested I seek a more authoritative judgment. A "private letter ruling," she assured me, was the IRS's definitive opinion, in writing, on a particular taxpayer's situation. And a letter ruling in my case, she believed, would probably be the closest the IRS had ever come to an opinion on the status of virtual income.

"The ramifications are enormous," Mrs. Clardy exhorted. "Break new ground!"

WHY NOT? WELL, BECAUSE MRS. CLARDY had neglected to mention the $650 fee stipulated in the letter-ruling request instructions, or the tax lawyer I would have to hire to write the request with any effectiveness, or the six months I would have to wait for a final response. Even if none of these obstacles had stood in the way, I finally had to ask myself: Was this really the kind of ground I wanted to break?

Considering what the IRS had done with barter clubs, it seemed prudent not to be the game player who officially invited the agency to visit the world of MMOs and gave the feds the opening to tax virtual income. That decision might force game companies, as John Knight had put it, "to start sending out 1099s every time somebody gets a gold coin or a bag of grapes or a shiny emerald" in a game's virtual world.

It would certainly transform the thrill of the online quest into distress for the legions of players who couldn't afford to pay their new taxes, and would likely doom my fellow Frogloks, Vah Shir, and other characters to appalling fates."

Wireless Networking in the Developing World

These folks should talk to the Ndiyo folks. A group of real hands-on experts have produced a book Wireless Networking in the Developing World which offers a complete guide to assembling and maintaining wireless networks in areas lacking communications infrastructures. It is being released under a fairly loose creative commons licence so anyone can copy and distribute it.

Cory's been waxing lyrical:

"A new free book delivers a complete HOWTO for assembling and maintaining wireless networks in rural towns in developing countries. "Wireless Networking in the Developing World" was co-written by some of the world's leading community wireless experts, including Rob Flickenger, who wrote O'Reilly's seminal Building Community Wireless Networks and Wireless Hacks, wire.less.dk's Tomas Krag, and numerous wireless hackers of great skill and repute. Many of the contributors have built and deployed networks in the developing world, and they have released the whole text under a very liberal Creative Commons license that encourages others to build on their work and profit from it.

In almost every village, town, or city in the developing world, there are people who can build just about anything. With the right know-how, this can include wireless networks that connect their community to the Internet. The book addresses what Rob Flickenger, the book's editor and lead author, calls a chicken-and-egg problem: "While much information about building wireless networks can be found on-line, that presents a problem for people in areas with little or no connectivity", said Flickenger from his workshop in Seattle. The book covers topics from basic radio physics and network design to equipment and troubleshooting. It is intended to be a comprehensive resource for technologists in the developing world, providing the critical information that they need to build networks. This includes specific examples, diagrams and calculations, which are intended to help building wireless networks without requiring access to the Internet.

In the developing world, one book can often be a library, and to a techie this book may well be a bible. Access to books is difficult where there are few libraries or book stores, and there is often little money to pay for them. "Our book will be released under a Creative Commons license, so everybody can copy and distribute it free of charge. That doesn't mean it is a 'cheap' book. I think it is a great book," stated Corinna 'Elektra' Aichele, one of the books co-authors who was recently installing wireless networks in Bangladesh."

James Surowiecki on Open Content

James Surowiecki, author of The Wisdom of Crowds, has been talking at the Intelligent Television conference about the value of open content. Mary Hodder made notes

"1. Openness bridges all of these mechanisms: open source, p2p, shared work.
2. Intelligence is distributed rather than centralized: the knowledge is spread out in many locations
3. Bottom up works better than command and control mechanisms
-- people are better at understanding their own needs than the top
4. We are better off casting wide rather than narrow
-- don't know where the info is much of the time
5. Open access to creativity, knowledge -- benefits are greater the more people are involved
-- when people learn more, we learn more.. it's anti-rivalrous
6. Be very hesitant to filter who belongs to community
-- don't keep people out
7. People act better the more info they have

8. The internet allows us to become technically able to do so much more
-- distributed info and aggregation are so much more powerful
-- possibilities are immense

9. Different ways to tap into open systems
--obviously people using open systems to make money
-- Innocentive.. people go to register as a 'solver' where 10. You then get access to a problem set
----- if you solve a problem, you get a prize, but he company owns your solution

11. Systems that allow people to give ideas and innovation a piece at a time are interesting, because lots of people contribute. Prediction markets and prices work this way.

12. Can profit from an open content system.. leave everything open and free and then make money from talking about this stuff..

13. People find pleasure from the value of competition
-- from contributing to the growth of the pool of knowledge

14. Many of these systems are inefficient, because in a strict sense, they are redundant..
but the point is that even though this is the case, if we expand our ideas of efficiency, it's tremendously efficient.

15. What are the challenges to these systems?

Internal
-- problem with model in that a network or self organized model, it's difficult for individuals to contribute due to echo chamber effects...army ants .. work in ways where they do just what the ant is doing ahead of them.. if they start walking in a circle.. they actually die.. worry that if humans imitate others.. we will degrade because nothing new happens.. group loses collective intelligence.. drawing knowledge from just a few
-- challenge is to keep the ties in the networks loose.. and open and flowing

External
-- profound counter to our most deep seated ideas around authority, knowledge and expertise -- people have a fundamental desire to pick "the expert"
-- traditional need to develop a product, and then show it after it's out.. instead of working with people all along..
-- traditional needs to develop IP are challenged

16. Arthur Miller in the Harvard Law Review just wrote an article saying that what we need now is 'common law' for ideas.

17. Tom Bergeron -- host of dancing with the stars on why people like this.. because it is about
"wholeheartedly uniting our skills is the basis for all human interaction"

18. Collective systems may work better when there is an answer people think they can find, verses when a lead user or expert may be better at finding the right thing.

19.. Our imagining of the 'genius' is the failure to see that works of art are actually based on others ideas ... works of art always borrow from other works of art."

Canadian label back family sued by RIAA

This is a bit of a turn up for the books: "Canada's biggest record label, publisher and management company is helping out a family sued by the Recording Industry Ass. Of America for copyright infringement."

Irish judge orders ISPs to identify 49

An Irish High Court judge has ordered 3 ISPs, Eircom, BT and Irish Broadband, to disclose the personal details of 49 people suspected of engaging in P2P copyright infringement.

Police Bill includes amendments to CMA

The Police Bill currently making its way through parliament includes long awaited changes to the Computer Misuse Act.

Lilian Edwards is not convinced the amendments will be effective since the bill fails to define what "unauthorised" is in the context of "an unauthorised act in relation to a computer." She's also concerned that section 3A of the bill could have a detrimental effect on security research.

"Less ballyhooed but also of interest is the new section 3A added by the 2006 Bill which is extracted below:

“3A Making, supplying or obtaining articles for use in offence under
section 1 or 3(1) A person is guilty of an offence if he makes, adapts, supplies or offers to supply any article—
(a) knowing that it is designed or adapted for use in the course of
or in connection with an offence under section 1 or 3; or
(b) intending it to be used to commit, or to assist in the commission
of, an offence under section 1 or 3."

This probably criminalises the making and selling of virus and DDOS toolkits, something I have wondered about in the past. What if you write a virus-making toolkit to learn about viruses and virus-spreaders so you can be a better security expert? (a) may still catch you. I would have felt happier if the new offense was restricted to the (b) branch, or if the "or" was an "and"."

Thursday, January 26, 2006

Q & A: Our Omnipotent President

Q & A: Our Omnipotent President is funny.

"Q. Can the president spy on Americans without a warrant?
A. The president has to spy on Americans without a warrant! We're at war, and the president's gotta defend America, and he's not gonna wait for a permission slip from a judge or a senator or America to do it!
Q. That's just the kinda tough, no-nonsense thinking I like in a de facto dictator! Now some crazy people say the president broke some silly old laws like FISA and the National Security Act and the Fourth Amendment. Are these crazy people crazy?
A. They sure are! Maybe those laws worked back in 1978 back when Leonid Brezhnev was snortin coke with Ayatollah Khomeini and groovin to the hits of the Bee Gees, but in today's dark and dangerous times they just aren't enough.
Q. Things sure have changed since the innocent days of mutually assured destruction! But is it legal for the president to ignore the law?
A. Maybe not according to plain ol stupid ol regular law, but we're at war! You don't go to war with regular laws, which are made outta red tape and bureaucracy and Neville Chamberlain. You go to war with great big strapping War Laws made outta tanks and cold hard steel and the American Fightin Man and WAR, KABOOOOOOM!
Q. How does a War Bill become a War Law?
A. It all begins with the president, who submits a bill to the president. If a majority of both the president and the president approve the bill, then it passes on to the president, who may veto it or sign it into law. And even then the president can override himself with a two-thirds vote.
Q. See it's the checks and balances that make all the difference in our democratic system.
A. It's true.
Q. Can the president spy on me without a warrant?
A. The president would never, ever spy on you, unless you're talking to a terrorist.
Q. That sounds reasonable!
A. Or an associate of a terrorist or a suspected associate of a terrorist or a possible suspected relative of a member of an affiliate of a terrorist or someone with a name that's spelled like a terrorist's or someone who's been mistakenly identified as a terrorist by an NSA algorithm."

Challenger

MSNBC have a special report on the 20th anniverary of the Challenger space shuttle disaster.

My enduring memory of the event is not the fireball or the trails of the boosters taking off in different directions but the shock on the faces of the friends and relatives gathered to watch the launch.

Do governments take evidence seriously?

William Heath is encouraged to learn that "the Parliamentary council on science and technology (CST) has kicked off a most excellent enquiry about government use of scientific evidence"
NEW INQUIRY

SCIENTIFIC ADVICE, RISK AND EVIDENCE: HOW GOVERNMENT HANDLES THEM


The Science and Technology Committee agreed, at its meeting today, that it would hold an inquiry to examine the way in which the Government obtains and uses scientific advice in the development of policy.

The inquiry will focus upon the mechanisms in place for the use of scientific advice (including the social sciences) and the way in which the guidelines governing the use of such advice is being applied in practice across Government. It will test the extent to which policies are “evidence-based”.

The Committee will carry out this inquiry by addressing the questions below in a series of case studies.

The first three case studies to be addressed are:

1. The technologies supporting the Government’s proposals for identity cards
2. The classification of illegal drugs
3. The use of MRI equipment: the EU Physical Agents (Electromagnetic Fields) Directive
May their elbows be invested with plenty of power.

Un Report on Understanding Knowledge societies

The United Nations Department of Economic and Social Affairs have produced a very interesting report on Understanding Knowledge Societies, which asks the general question, "How can society adjust to the challenge of mass-produced knowledge?"

Right up front in the foreword it challenges the widely held belief that the obvious thing for every organisation to do is to become an 'e-organisation.' The need to question this technological determinism about computers and the Net has been a hobby horse of mine for so long now, that it was a surprise to find similar concerns raised in a UN report. Computers and networks are not magic. They are tools. They will not automatically make our organisations more efficient or solve all our problems just because we think they will, especially when we design and deploy them in ways that demonstrate we've really no idea what we want them to do. I'll cut the rant at that point and quote from the report:

"...will converting every organization to an e-organization result in the transition of a society to a Knowledge (k-society) Society? That would be tantamount to assuming that at a certain level, the quantative accumulation of "e-"s would switch into a "k-," a qualitative leap that, on reflection, is rather difficult to take.

Yet we see many a government, international organization or expert in the world today de facto making such an assumption. This is troubling, as such an assumption - if incorrect - points the discussion about the transition to the Knowledge Society in the wrong direction. What is worse, it may even prevent us from an early enough understanding of the profound character of the adjustment that societies will need to make in order to manage the encounter with modern technology (and especially ICT) for the benefit of all their members.

This study submits that the accumulation of "e-"s will never result in a "k-." Rather it puts forth the idea that if societies desire to follow the path of knowledge-based growth and development, a very thorough reconstruction of their institutions must occur. It suggests to political leaders, public administrations and the public at large that a broad, well-informed debate about this institutional shift should be undertaken. The magnitude of such a shift would require the cooperation of all segments of society and their sharing not only of the risk and cost of change, bu first and foremost, of commons goals and values."

Well said. Of course the accumulation of "e-"s will never result in a "k-." I would add that there is really no such thing as an "e-" anything, merely organisations which use ICTs, sometimes to improve the activities they are engaged in but all too often to hinder them.

The whole report runs to 179 pages and is a hard read at times and sometimes disappointing - eg though it mentions the extremes of intellectual property as being a problem it doesn't deal with this in any detail - but if it's core message, that blindly "e-ing" everything is not particularly bright, gets widely dispensed it will served a useful purpose.

Wednesday, January 25, 2006

Religion and copyright

David Bollier on the row over the Vatican's new found interest in copyright:

"You would think that the Word of God, by definition, is something that belongs to all of humankind – or at least that the proponents of His Word would want to give it to all of God’s children, as a gift, so that they could follow the right path in life.

Wrong.

In my informal survey of the field, I now count three distinct instances in which the guardians of one or another religion have claimed copyright protection for their particular scriptures. The latest religion to claim private ownership in God’s Word is the Catholic Church...

While these episodes can be played for cheap ridicule, but I think they point to a larger, more troubling point -- that even many sincere believers in God’s Word are now trying to lock it up as private property. The essence of private property is the right to exclude -- yet God’s Word (at least as I have always understood it) is about absolute love and inclusion. I guess that’s precisely what is being contested."

Alito Senate debate

I've been watching the Senate debate on whether Samuel Alito should be confirmed to become the next justice on the US Supreme Court. Looks to me like the Republicans are wiping the floor with the Demcocrats.

Basically the Democrats are saying they don't like him because he's a conservative and he's made some worrying decisions as a judge, citing specific cases of where he ruled against the little guy. The GOP are saying you can't judge a legal case based on your sympathy for one side or another and Alito basically has a record of applying rather than interpreting the law to suit himself. They're way ahead on rhetoric too - accusing the Demcocrats of wanting to undermine property, business and the American Way.

Euro junk food cos to stop advertising to children

Cory is skeptical of the motives behind junk food companies decision to stop advertising to children.

"European junk-food companies like Cadbury and Coke will stop directing their advertising at young children, introduce low-calorie and sugar-free versions of their products, and downsize their serving-sizes...

The companies claim that this is because their customers are demanding healthy alternatives, but I think it's because they're running scared of the regulators of Europe's free-health-care social democracies: as the public cost of obesity soars, how long until Europe's governments try to recoup a little of that expense from the calorie-pushers?"

I doubt there would be much mileage in such a case, though Cory's probably right that someone will try it.

Spyware as an ecosystem problem

Wendy Seltzer has been thinking about spyware as an ecosystem problem and so, it seems, have the good folks at the Berkman Center.
StopBadware.org is a "Neighborhood Watch" campaign aimed at fighting badware. We will seek to provide reliable, objective information about downloadable applications in order to help consumers to make better choices about what they download on to their computers. We aim to become a central clearinghouse for research on badware and the bad actors who spread it, and to become a focal point for developing collaborative, community-minded approaches to stopping badware.
Ms Seltzer says:

"The Internet has always been a playground of externalities. It's useful to me because of what others contribute, so what makes it easier for others to participate increases Internet value. Consider blogging software. Technically, it's trivial, a few lines of code to post updates to a web page and a few more to 'trackback' other sites you've referenced. Yet the "blogosphere" (the web) was far poorer when its only writers were those techie enough to write their own sites from the webserver up.

So by converse, when malware or its threat drives some people away from the Internet, it decreases the Net value for us all. We lose travel guides when those who introduce us to new sites stop exploring because they fear "infection." Our social networks crumble when connectors stop opening email from unknown senders. And when our ISPs or lawmakers step in to "help," they can make things worse, blocking legitimate applications that users have opted for.

The Berkman Center's project, subtitled "Regaining control of our computers," targets the weeds without razing the garden. It focuses squarely on the user, inviting people to contribute their experiences to a database, against which others will be able to compare new applications they encounter. Let's hope it can help us to defend the Internet against both "badware" and its over-zealous opponents."

Update: I should have added that the widespread infestation of malware is why we created a ten-week online course at the Open University, Vandalism in Cyberspace: understanding and combatting malicious software, to help people deal with it.

Candian copyright reformist MP loses her seat

Sam Bulte, the Canadian MP who threatened to sue Michael Geist has lost her seat in the Canadian parliament. I guess she'll be looking for a new job.

Fired by Ford and the Daily Show

Wendy Seltzer provides Reason 318 to like MythTV.


"Just one more reason to like MythTV: When I saw an image I wanted to save for a trademark discussion, I could simply pause, grab a thumbnail image or screenshot, and return to the program. Let's see your VCR do that.

The question I'm saving for a trademark class: is this image from the Daily Show fair use or trademark dilution?"

Information as property devalues information

Susan Crawford has been reminding us that bits are not the same as atoms and that thinking about information as property devalues information.

"We can talk about "property" in a very reductive way. We can model it economically and make up mappings for it (literally). Property (atoms) can be reduced and understood as a series of computable relationships. I own that piece of land; you own the next lot over; we may have certain disputes or agreements, but the whole relationship can be understood as an algorithm or equation. We can be "scientific" about this relationship, in reductive terms.

Now, because information isn't conserved, because it can amplify and combine in unexpected ways and produce things that are greater than the sum of its parts, applying "property" analogies to it turns out to be extremely difficult. We can't (reliably) apply reductive understandings to it. We really aren't very good at understanding why information (like genetic coding, or money issues, or technological interoperability) does what it does when it does.

The new kinds of human activities that may be made possible by truly high-speed internet access are "informational" in nature. They'll be surprising and amplifying, and they'll evolve unpredictably.

But the network owners are trying to define everything in terms of property (a very atomic concept), as in "these are our pipes, we should control them." This just doesn't fit the situation.

The great risk of acceding to the property way of thinking is that we'll lose the informational opportunities (call it innovation, but it's more than that) that would otherwise be possible. And we won't even know what we're missing. "

The tracks you leave when searching

Danny Sullivan has done a Flowchart To Tracks You Leave Behind when using a search engine. He conlcudes:

"As you can see, ensuring your search privacy is tricky. The information you send is leaving traces in multiple places. The solution to ensuring privacy isn't going to be as easy as passing a law that targets Google, Yahoo and the others. Ideally, the entire lifecycle of a search beyond the computer desktop needs to be considered from ISP through to tracking services. Searchers themselves also need to consider what they do on their own computer desktops.

There's also an issue of what should be private. I wrote earlier today that most people probably think the conversations they have with search engines as being private. But to date, we don't have any protected searcher-search engine relationship as we do with attorney-client privilege or between clergy and worshipper. Perhaps that needs to be enshrined in some way. But then again, others may feel that going out on to the public web and using publicly accessible search engines entitles no one to an expectation of privacy, or perhaps a more limited one.

Certainly, we need to have a good debate and discussion. That's probably the good that's coming out of the Department Of Justice action. After years of worrying about privacy issues, the DOJ action is turning that worry into action about better protections that may need to be put into place.

Let me add that while I hate the sloppy manner in how the DOJ has acted in this particular case, I have no more interest in criminals using the internet for bad purposes than most people would. In specific circumstances, with the right legal oversight, I hope search or internet browsing data might be evidence that helps catch a criminal, just as I hope they'd be caught through legally approved wiretapping or other types of law enforcement monitoring.

What I don't want is a Big Brother state to be mining everything with the assumption we're all criminals, any more than I want all telephone calls to be monitored. Moreover, it's very, very easy to mistakenly assume from a search request that something wrong is happening, when it is not. Jon Swift takes a light-hearted look at this in his post today, but it's true. A search for "bombing the white house" doesn't mean someone's planning to do that. It may simply be that you're trying to find out about someone who may have attempted this.

Aside from the government issue, there's the concern that the search companies themselves might misuse data. That needs to be considered and improved guidelines or laws developed. Even better would be to see such moves as part of improved protection of consumer information of all types. The amount of data about what people personally are interested in and do seems easier to obtain from consumer research organizations right now than what search engines possibly might provide in the future. How about considering these both together, rather than separately, an idea that came up in a Newsfactor article on Google and consumer data in general last year."

Read the original to pick up on a load of interesting links.

How to keep Google data out of government hands

Tim Wu has A simple prescription for keeping Google's records out of government hands.

"the big news for most Americans shouldn't be that the administration wants yet more confidential records. It should be the revelation that every single search you've ever conducted—ever—is stored on a database, somewhere. Forget e-mail and wiretaps—for many of us, there's probably nothing more embarrassing than the searches we've made over the last decade. Google's campus LCD sounds like it's just fun and games, but when a search can be linked to you (through the IP address recorded by Google), that's a lot less fun. And when, as we're seeing, it can all be demanded by the government, that's no fun at all.

Google is being commended by many for standing up to the Bush administration. But however brave Google's current stance may be, the legal debate over Google's compliance misses the deeper and more urgent point: By keeping every search ever made on file, the search-engine companies are helping create the problem in the first place. In the wake of what we're seeing with this subpoena controversy, the industry must change the way it preserves and records our search results and must publicly pledge not to keep any identifying information unless required by court order. This has nothing to do with our mistrust of Google and everything to do with mistrust of the range of government actors—domestic and foreign—that Google must ultimately obey...

Google and other search engines argue—with some justification—that preserving search records is important to making their product the best it can be. By looking at trillions of search-result pages, Google, for example, can do things like offer a good guess when you've spelled something wrong – "Did you mean: Condoleezza Rice?" And Google's "Zeitgeist" feature is able to tell you what the top searches are every week and year—a neat way of tracking other people's passing obsessions. But even though keeping such logs may make their product better, or more fun on the margin, the justifications for keeping so many secrets in such a vulnerable place are just too weak.

Imagine we were to find out one day that Starbucks had been recording everyone's conversations for the purpose of figuring out whether cappuccino is more popular than macchiato. Sure, the result, on the margin, might be a better coffee product. And, yes, we all know, or should, that our conversations at Starbucks aren't truly private. But we'd prefer a coffee shop that wasn't listening—and especially one that won't later be able to identify the macchiato lovers by name. We need to start to think about search engines the same way and demand the same freedoms.

It all goes back to this basic point: How free you are corresponds exactly to how free you think you are. And Americans today feel great freedom to tell their deepest secrets; secrets they won't share with their spouses or priests, to their computers. The Luddites were right—our closest confidants today are robots."

Deputy Prime Minister written answer on mobiles

Spy Blog has spotted a serious, if amusing, mistake in the written answer of the Deputy Prime Minister's department to a question on mobile phone location data. The question and answer were as follows:

"Bob Spink (Castle Point, Con): To ask the Deputy Prime Minister how many instances have been recorded of the fire service using mobile phone location data to effect a rescue operation. [43784]

Jim Fitzpatrick (Parliamentary Under-Secretary (London), Office of the Deputy Prime Minister) The information requested is not held centrally. The fire and rescue service is not responsible for tracking criminals"

Now Mr Prescott's office is responsible for the planning policies that influence the siting of mobile phone masts, so it is more than a little disconcerting to see this kind of response in a written answer. Spyblog is a bit more blunt:

"It is the physical locations of these masts, which are used by third party companies to offer Mobile Phone Location Based Services to consumers (which have their own potential privacy and security problems) and which can also be used to provide the approximate locations of 999 / 112 mobile phone calls to the Emergency services.

If the primary use of Location Based Services, so far as the ODPM is concerned, is for for the electronic tagging of criminals or the tracking of criminals via their mobile phones, what chance is there that they will not see the forthcoming eCall the pan-European in-vehicle emergency call system which is due to be fitted to all new vehicles in the European Union from 2009, as just another way of keeping the UK public under control?"

Tuesday, January 24, 2006

The Register on the Lords latest defeat of ID cards

John Lettice somewhat gleefully reports on the latests setback to the ID cards scheme in the House of Lords.

"The Government suffered further defeats on ID Cards last night, as the House of Lords voted to make the scheme genuinely voluntary, and to require a further Act of Parliament before ID cards can be made compulsory. The Government has already stated that it intends to reverse the Lords' amendments in the Commons, but as it now has to deal with several substantial changes, and the Dear Leader has several other controversial pieces of legislation on his plate prior to his retirement, it may have a difficult time of it.

Last night Lord Bassam of Brighton and Baroness Scotland cut lonely figures arguing - and losing - the Government's case, but along the way they produced some interesting information on the content of the ID card which the Government seems, unaccountably, to have been unable to share with us previously. Baroness Scotland said that there were no plans to place any information that the holder was unaware of on the card's chip, and that it would "simply contain the information on the face of the card, technical information regarding the functioning of the card itself, a facial image and two fingerprints." The Register greets this last blurt with particular satisfaction, as we calculated that the card would be likely to house only two fingerprints last October."

PK statement on broadcast flag

Public Knowledge have issued a statement to be submitted for the record of the Senate Commerce Committee hearing on the broadcast flag. They have been campaigning against it for some time and the 13 page statement outlines why in some detail.

Sample:

"he market for delivering content digitally over new technologies is working. Consumers can watch and listen to the content they purchase anytime and anywhere they want. Some of that content will be protected, and consumers can decide whether that protection is flexible enough. All of these great developments happened without government intervention.

The public appetite for buying individual TV shows and songs online is growing by leaps and bounds. There are more ways than ever to watch TV and movies and listen to the radio. Sales of HDTV sets are skyrocketing.

Yet even as innovators in the content industry promote these alternative distribution technologies, the very same content industry wants Congress to step in and give it protection from the vague threat of massive copyright infringement the industry says these new technologies could facilitate. Let us be clear. The content industry has not shown that any infringement has resulted from these technologies. And they certainly have not shown that government technology mandates will work to stop actual copyright pirates rather than prevent ordinary consumers from engaging in lawful activities.

The content industry is asking Congress to impose three technology mandates: the broadcast flag, radio content protection and an end to the analog hole. Each mandate 1) injects government into technological design; 2) places limits on lawful consumer activities; and 3) increases consumer costs by making obsolete millions of digital devices. Once consumers start to purchase devices that are compliant with these technology mandates, the costs will be enormous. For example:

A consumer would not be able to record over-the-air local news on her broadcast-flag compliant digital video recorder in her living room and play it back on a non-compliant player in her bedroom (broadcast flag).

A member of Congress could not email a clip of his appearance on the national news to his home office (broadcast flag).

A consumer would not be able to record analog home movies using a digital camcorder and transfer them to a computer in order to make a DVD (analog hole).

A student would be prohibited from recording excerpts from a DVD for a college Powerpoint presentation (analog hole).

A consumer would be unable to record individual songs off digital broadcast and satellite radio (radio content protection).

Current versions of TiVos (and other digital video recorders), iPods (and other MP3 players), cellphones and play station portables would not work with analog hole closing compliant devices, rendering them virtually obsolete (analog hole).

A university could not use digital TV video clips for distance learning classes (broadcast flag).

I urge the Committee to think very long and hard about trying to fix what is not broken. Ask yourselves, in light of recent marketplace developments, is it good policy to turn the Federal Communications Commission into the Federal Computer Commission or the Federal Copyright Commission? Is it good policy to impose limits on a new technology like HD Radio (that unlike digital television, consumers need not adopt) that may well kill it? Is it good policy to impose a technological mandate (like the broadcast flag and closing the analog hole) that would result in consumers having to replace most of the new devices that they just purchased?

There are better alternatives for protecting digital content than heavy-handed technology mandates. Those alternatives are a multi-pronged approach of consumer education, enforcement of copyright laws, new business models for content distribution and the use of technological tools developed in the marketplace, not mandated by government. The recent Grokster decision and the passage of the Family Entertainment and Copyright Act are just two of several new tools that the content industry has at its disposal to protect its content."

Nothing to fear

Marcel Berlins has been waxing lyrical on the nothing to hide nothing to fear maxim (I use that word loosely and mathematicians and scientists would rightly berate me for doing so) so beloved of government ministers and tabloid journalists.

"There are two excusatory phrases in the criminal justice lexicon which provoke in me immediate suspicion, especially when used by government ministers or the police. One is "there are safeguards", the other "innocent people have nothing to fear"...

"If you've done nothing wrong, why should you object to your DNA and fingerprints, or CCTV film on which you appear being kept, or your phone being bugged?" This is a dangerous misunderstanding of privacy in a democracy. It is not for the government or police to tell us that we don't really need to exercise our right because we're innocent."

Google v DOJ alert to data mining

David Rowan in the Times is thankful for Google's resistance to handing over information to the US government, not because he thinks they are taking an ethical stand on the issue but because he hopes it will alert the masses to the dangers of electronic data mining.

"If the Justice Department subpoena prompts a wider debate about digital privacy, it will come at a valuable moment for British citizens too. As the Government rushes to track us on databases covering ID cards, medical records, children’s development, even real-time movements of our cars by numberplate recognition, we need to question the data security of their systems, their propensity to propagate inaccurate and often damaging personal histories, and the pernicious tendency for information collected for one purpose to be quietly extended to others completely unrelated. Most of all, we have to consider how prepared we are to tolerate the malicious uses to which our private information will inevitably be put. Whether it is 40 million credit card accounts hacked last summer, or the Merseyside council CCTV operators caught training their camera on a woman’s bathroom, the bad guys will inevitably get through.

So no, I shall no longer apologise for refusing a lifestyle-revealing Tesco loyalty card, for registering my radio-tagged Oyster smartcard under a false name and address, and for juggling half a dozen internet search engines to confound their attempts to profile me.

Dismiss me as an eccentric if you must. Though when you do e-mail to trash me, I’d appreciate your not using your Googlemail account."

SCOTUS refuse to hear Blackberry patent case

The US Supreme Court have refused to get involved in the patent dispute between NTL and RIM over the Blackberry. IPKat even includes a nice picture of a Blackberry in commenting on the decision.

Update: Apologies for the earlier typos in the title of this post. I'm sure at least a few would have been wondering why on the SCOUTS were suddenly interested in an obscure US patent case.

Infallible papal decrees to be copyrighted

The copyright zealots are going to love this. The Vatican has issued an edict saying that "all papal documents, including encyclicals, will be governed by copyright invested in the official Vatican publishing house, the Libreria Editrice Vaticana." according to the Times.

I've cut the section from chapter 1 of my book that was going to deal with the Pope and the Net but I'm almost tempted to put it back in.

"The edict covers Pope Benedict XVI’s first encyclical, which is to be issued this week amid huge international interest. The edict is retroactive, covering not only the writings of the present pontiff — as Pope and as cardinal — but also those of his predecessors over the past 50 years. It therefore includes anything written by John Paul II, John Paul I, Paul VI and John XXIII.

The decision was denounced yesterday for treating the Pope’s words as “saleable merchandise” and endangering the Church’s mission to “spread the Christian message”.

A Milanese publishing house that had issued an anthology containing 30 lines from Pope Benedict’s speech to the conclave that elected him and an extract from his enthronement speech is reported to have been sent a bill for €15,000 (£10,000). This was made up of 15 per cent of the cover price of each copy sold plus “legal expenses” of €3,500."

That's about €620 or £420 per line. I wonder if I could negotiate that kind of royalty rate? With 220 page textbook that would amount to a little over £3million. But then he is the Pope. It would be a fascinating area to investigate empirically - the effect of this edict. Any cyberlaw types out there with good Vatican connections should think seriously about it. :-)

Update: Doc Searls has a great one-liner on this story, "Is the Pope cluetholic?"

CD drm threat models and business models

Ed Felton and Alex Halderman have been working on an academic paper on drm. Their first thoughts are up at Freedom to Tinker.

FUD in UK tech press?

I haven't seen the insert Pamela Jones is quite animated about here

"And so it comes to pass in 2006 that we find Microsoft distributing a flyer in the UK tech press entitled "Indemnification - Weighing the Risk," which uses the SCO case to ask if using open source can leave a company open to legal liability. Three Groklaw readers in the UK tell me that when they received their latest copy of IT Week or Computing.co.uk, it had the insert from Microsoft. Why only in the UK? Maybe Microsoft knows that in the US people would laugh out loud at such FUD, whereas in the UK it hasn't been as widely covered in the press. The insert's all about indemnification and why Microsoft's indemnification is allegedly better than what you can get for Linux. It does that by misrepresenting in an incomplete chart what indemnity and other legal help you can get for Linux. In fact, I think you could say the insert is an historic stroll through the fields of FUD in which SCO prominently starred. The only trouble is, the history comes to a full stop with a loud screech in March of 2004...

It purports to describe the SCO legal saga, but it gets quite a few facts wrong, aside from being incomplete, not mentioning any SCO negatives. As just one example, it says SCO sued IBM in March of 2003 for misappropriation of trade secrets, unfair competition and contractual claims. It never mentions that it dropped the trade secrets claims completely. Instead it says that in June of 2003, SCO "expanded the size of its claims". They seem to mean they asked for more in damages, but as SCO has been finding out, asking for damages and getting them are two different things. You can throw in any figure you please in a complaint, but then you have to prove your claims, and that appears to be the sticking point for SCO."

Well worth a read, especially if you've been following the SCO legal saga.

Massachusetts former CIO interview

Pamela Jones has an informative interview with the former chief information officer of Massachusetts, Peter Quinn, who resigned recently after completely unfounded smears in the press. Quinn had been overseeing the state's move to an open document format IT infrastructure

"PJ: What was the last straw that made you quit?

Quinn: The word that the IT Bond Bill would not be reported out as part of the total bond package (so Highway and Building Construction funds would be available but not IT funding). And the word was it was all about me.

Now the folks that have say here do not know me from a hole in the wall and the funds were for projects that were totally unrelated to ITD. I clearly had set the priorities for the Bond but this funding is for projects like a new Taxpayers System, new Registry of Motor Vehicles system, etc., all projects desperately needed by the citizens of the Commonwealth. Eric Kriss and I always had a goal of making IT "a"political and now it was rapidily becoming a political football of the highest magnitude.

I took this job in the hopes of making meaningful and institutionalized IT reform. All the previous efforts were about to be for naught as political payback. IT would and will grind to a halt if IT longterm funding is not released and if the Legislation that guts the Office of the CIO is passed. This was not a prospect that I wanted to facilitate by my presence.

If I am gone, I am sure much of the gamesmanship will subside. There are many very good people doing very good work that would be marginalized (my opinion) by my continued tenure. And to be brutally frank, the instigators of much of this legislation are represented by the true bottom feeders in the Legislature, in my view. To have to bow and genuflect to their likes is not something I could ever do. I do hope rationale voices will prevail (and I believe that will be the case).

PJ: Do you know who inspired the Globe to do the investigation? Was it Pacheco?

Quinn: Almost to a person, to anybody involved or who knows about the ODF issue, they attributed the story to Microsoft, right, wrong or otherwise. Senator Pacheco may be a bully but I do not believe he is disingenuous and would stoop to such a tactic. Senator Pacheco and Secretary Galvin's office remain very heavily influenced by the Microsoft money and its lobbyist machine, as witnessed by their playbook and words, in my opinion...

PJ: What, in your opinion, will happen to ODF? We see the public statements, but since Romney is not running for reelection, what happens then? Does Microsoft have another shot at killing it?

Quinn: I believe that the ODF decision will stand. I believe MS will continue to do anything and everything it can to stop it. And I know my seat wasn't even empty and they (MS) took another shot at the title, to no avail. This horse is out of the barn and I see no way for it to go back in. Remember, all we are asking for was and is for Microsoft to commit to open and the standards process; so everyone looks really bad if the plug gets pulled at this juncture.

PJ: What is the latest on the attempt to alter who chooses software for the Commonwealth?

Quinn: The Legislation is still in play as far as I know. I do believe that any one with any common sense is lobbying against it. And I do not think it will be passed in its present form. I sincerely hope that saner heads prevail and policy making and standards remain within the Office of the CIO. Anything less will yield disaster as you can easily see from other states that do not have policy and operations in the same office."

Compulsory ID cards defeated in the Lords

The House of Lords have voted to make the ID card system voluntary and to require a separate act of parliament before they could be made compulsory.

Project semaphore to get force of law

Project Semaphore, The UK's equivalent of the US 'Secure Flight' passenger profiling system, is to get enshrined in UK law. Semaphore, strangely enough, has received nothing like the level of negative publicity targeted at Secure Flight. It's actually had very little publicity at all but has been running as a limited pilot project for over a year now. Alan Travis at the Guardian says:

"The police and security services are to be given access to advanced travel details on more than 40 million passengers a year who travel on domestic flights and ferries within Britain under legislation to be announced tomorrow.

The new power in the police and justice bill will give the authorities the ability to screen and track the movements of suspected terrorists and serious criminals within Britain for the first time...

The new system will enable them to check names against watchlists for terror suspects and wanted criminals and to develop a "profiling system" of those worthy of further scrutiny. It is hoped that the system will help the security services develop a picture of terror and crime suspects' travel patterns and networks...

The monitoring of domestic travellers builds on the experience of a three-year pilot scheme under which the details of 10 million passengers on selected international flights have been monitored since last January.

Known as Project Semaphore this pilot scheme receives data on passengers leaving Britain only after their flights have left, yet the Home Office claims that eight terror suspects have been detained in the UK or overseas as a result. One person has also been arrested for indecency and a child porn suspect identified. The police say that access to advance information would have enabled them to stop the terror suspects boarding their flights."

Here we go again with the false assumption that mass surveillance will somehow automatically, with the aid of magical computing technology, point out the bad guys. Moreover this magic technology will obviate the need for difficult police and intelligence work by many law enforcement and intelligence personnel engaged in gathering intelligence, developing sources, targetting and monitoring suspects, real human suspect surveillance, prevention, rapid response to criminal acts, arresting and detaining suspects, gathering evidence, advising on and supporting physical security, following money trails, community policing and all that other real life hard stuff.

Even if the technology is effective 99% of the time (and it's nowhere near that yet) there are millions of people travelling through UK airports every year and the number s of false positives will be huge. As Bruce Schneier says,

"Security systems fail in two different ways. The first is the obvious one: they fail to detect, stop, catch, or whatever, the bad guys. The second is more common, and often more important: they wrongly detect, stop, catch, or whatever, an innocent person. This story is from the New Zealand Herald:

A New Zealand resident who sent $5000 to his ill uncle in India had the money frozen for nearly a month because his name matched that of several men on a terrorist watch list.

Because there are far more innocent people than guilty ones, this second type of error is far more common than the first type. Security is always a trade-off, and when you're trading off positives and negatives, you have to look at these sorts of things.

Well 9 suspected criminals have allegedly been detained because of Semaphore, which sounds great until you look at the statistics, which suggest that at least eight of them are probably innocent, assuming, of course that Semaphore pointers were the only reason these folks were detained. It's hard to know until the details of the specific cases come out but I suspect there was some real police and intelligence work involved in these cases too.

Monday, January 23, 2006

Why ID cards should be compulsory

Toby Stevens has had the strange experience finding himself agreeing with the Lord Chancellor:

"This is surprising enough, since in my opinion he has overseen the dismantling of some of the pillars of democracy in the UK. What worries me more, is that his statement about the National Identity scheme sounded reasonable. The BBC quotes him as follows:

"The question is should you require - and I think ultimately, unless there is compulsion, you won't get the benefits of an ID card system - is it right to compel those that don't have a passport also to get an ID card...

Now, if we go back to basic principles, I think he's right. I've long worried that any National ID scheme is essentially useless unless it is compulsory; otherwise what's the point? After all, without compulsion we have a scenario of the state interacting with the citizen as follows:

---

[Scene One: a pea-souper in Old London Town. A British Bobby proceeds out of the mist to encounter a swarthy looking character in a stripy top and mask, with a bag marked 'Swag' on his shoulder]

[Bobby] "'Ello, 'ello, 'ello, what's all this then? You look like a wrong 'un sir, and no mistake. Would you care to show me your ID card please?"

[Wrong 'un] "Leave it aht officer, I ain't got none."

[Bobby] "Oh, very well sir. Just you make sure you drop in at your local station some time in the next week with your card, there's a good gentleman. On your way, and goood day to you."

Not a very compelling argument for claiming that a National ID Card would support national security, unless we make it compulsory. But is that compulsion within the government's powers?

The big hole in Lord Falconer's argument is that without some pretty intensive policy laundering in Brussels, the government will (quite rightly) never achieve compulsion: EU visitors may enter the UK on a passport for up to 3 months, and the government has no powers to force a citizen to accept a particular document...

[The scene: a high street bank. Happy customers stand in an orderly queue awaiting the attention of the single cashier on duty. A customer arrives at the front of the queue]

[Customer] "Excuse me, miss."

[Cashier] "Eh?"

[Customer] "I'm sorry, I have a cold. I wish to open a bank account."

[Cashier] "Of course you may, sir. Please could I see a form of identification?"

[Customer] "I 'ave 'ere a National Identification Card."

[Cashier] "Ah, I'm sorry sir, but we'll require some additional form of identification. Do you have a gas bill or credit card statement...

If the government were to guarantee the card up to, say, £2,500, then retailers and banks would know to what extent they could trust it. That same guarantee has to be offered to citizens in case (dare I say it?) their identities are stolen. After all, the Home Secretary has promised 100% security from the scheme, so what's the problem with putting a cash value to that security, when the government will never have to pay out? (Answers on a postcard please)"

Wonderful.

BBC music panel on drm

A couple of weeks ago the BBC set up a digital music: ask the industry panel to answer the general public's questions about how the industry are dealing with digital technologies.

Nice to see lots of sensible if sometimes rather blunt questions about drm.

"DRM is used, we are told, to protect artists from copyright theft. Yet so far, no existing DRM scheme has been successful in keeping music from being pirated on P2P networks. Given this failure, why do record companies continue to push DRM schemes that do nothing to protect artists, and do everything to discourage consumers from buying their works?"

"This was the first year I specifically asked family & friends not to buy me any CDs for Christmas. Why? Because of the increase in CD DRM making it difficult to rip legally purchased music to my MP3 player. Hence I can safely say that I would not ever buy DRM protected music online, as it is too intangible/inflexible to be worth the money.

Why does the music industry not understand that it is alienating its customers by treating us like criminals?"

"Why do adverts for music download services such as Napster usually fail to explain what MP3 players they will work with? I have tried to use a couple of services only to find out at the end that they do not work with the iPod. A bit of honesty would be a step forward. Selling music in MP3 format so it works everywhere would be a giant leap for mankind."

"I have an iPod so must either use iTunes or rip from CD. But that's not going to be the case forever. My next player may be a different make. But if I buy from iTunes I can't transfer the music to a non AAC player, and I can't buy WMA as it won't play on my machine.

Are you trying to turn me into a criminal to get music? Or just rip me off blind to get it?"

The panel's responses are due tomorrow. Expect the usual rhetoric.

Hong Kong recruits school children as copyright spies

Schoolchildren recruited as copyright 'spies' in Hong Kong

Analog hole bill implements secret law

Ed Felton has been worrying about the secret laws to be implemented via technical architecture, specifically a proprietary copy protection technology called VEIL.

"If you'?ve been reading here lately, you know that I'?m no fan of the Sensenbrenner/Conyers analog hole bill. The bill would require almost all analog video devices to implement two technologies called CGMS-A and VEIL. CGMS-A is reasonably well known, but the VEIL content protection technology is relatively new. I wanted to learn more about it.

So I emailed the company that sells VEIL and asked for a copy of the specification. I figured I would be able to get it. After all, the bill would make compliance with the VEIL spec mandatory -? the spec would in effect be part of the law. Surely, I thought, they're not proposing passing a secret law. Surely they'?re not going to say that the citizenry isn'?t allowed to know whatÂ?s in the law that Congress is considering. We're talking about television here, not national security.

After some discussion, the company helpfully explained that I could get the spec, if I first signed their license agreement. The agreement requires me (a) to pay them $10,000, and (b) to promise not to talk to anybody about what is in the spec. In other words, I can know the contents of the bill Congress is debating, but only if I pay $10k to a private party, and only if I promise not to tell anybody what is in the bill or engage in public debate about it.

Worse yet, this license covers only half of the technology: the VEIL decoder, which detects VEIL signals. There is no way you or I can find out about the encoder technology that puts VEIL signals into video.

The details of this technology are important for evaluating this bill. How much would the proposed law increase the cost of televisions? How much would it limit the future development of TV technology? How likely is the technology to mistakenly block authorized copying? How adaptable is the technology to the future? All of these questions are important in debating the bill. And none of them can be answered if the technology part of the bill is secret.

Which brings us to the most interesting question of all: Are the members of Congress themselves, and their staffers, allowed to see the spec and talk about it openly? Are they allowed to consult experts for advice? Or are the full contents of this bill secret even from the lawmakers who are considering it?"

It would be comical if it wasn't so serious. Congress want to mandate a secret technology the details of which will only be made known to only those US citizens who will pay $10k to a private party, and only if they promise not to tell anybody what is in the technology or engage in public debate about it. You could call it hardlaw as opposed to hardware I suppose.

Mass spying means more errors

Jennifer Granick has been reinforcing the message of real security experts that mass surveillance leads to massive numbers of errors.

"If there aren't enough agents or translators to review all the false positives that random surveillance produces now, even before adding mass surveillance of U.S.-based communications to the mix, there's no reason to believe Judge Richard A. Posner's recent assertion that data mining from the innocent will enable detection of a terrorist plot collected from scattered, tiny bits of information.

Mass surveillance isn't just illegal, it's probably a bad idea. We need to ferret out real terrorists, not create a smoke screen of expensive and distracting false positives that they can hide behind. More information doesn't make us smarter. We need smarter information."

Yahoo and France

Michael Geist writes about the recent US court of appeal decision in the case Yahoo pursued against French anti racism groups.

"The initial French case concluded several years ago when a judge sided with the anti-racism groups and ordered Yahoo! to do what it reasonably could to ensure that French users could not access content that was unlawful in France. The judge was persuaded at that time that Yahoo! was capable of identifying when French users accessed its site (it provided targeted ads to such users) and that his order would be limited to Yahoo!' s activities in France.

To support his opinion, the judge commissioned a three-member expert panel, which included Vint Cerf, one of the Internet' s founders, to advise him on the technological capability of identifying the geographic location of Internet users. The panel responded that the technology at the time allowed for geographic identification at a 70 – 90 percent accuracy rate.

Yahoo!, supported by several U.S. civil liberties groups, was highly critical of the decision, arguing that complying with the order would force it to remove content that was protected under the First Amendment and was therefore lawful. Rather than appealing the French decision, however, the company chose to let the decision stand and to launch a lawsuit of its own in the U.S. courts instead, seeking an order that the French decision could not be enforced on its home turf...

9th Circuit Court of Appeals, a U.S. appellate court, issued a 99-page split decision that asserted jurisdiction over the dispute but declined to provide Yahoo! with its much-desired order...

The Yahoo! France case resulted in nearly six years of litigation, numerous legal briefs, and much hand wringing from the Internet community. Despite its notoriety, it would appear that the courts remains as conflicted as ever as they seek to reconcile the challenges of law, borders and the Internet."

EU Commission Consultation on Patents

The EU Commission have launched a public consultation on patent policy. It runs until the 31st of March this year and on the basis of the feedback they get the Commission will be organising a meeting in Brussels on the issue in the early summer.

The consultation says that

"The idea behind the patent system is that is should be used by business and research organisations to support innovation, growth and quality of life for the benefit of all in society."

And that it should have the following features:

"- clear substantive rules on what can and cannot be covered by patents, balancing the interests of right hodlers with the overall objectives of the patent system

- transparent, cost effective and accessible processes for obtaining a patent

- predictable, rapid and inexpensive resolution of disputes between right holders and other parties

- due regard for other public policy interests such as competition (anti-trust), ethics, environment, healthcare, access to information, so as to be effective and credible within society"

It goes on to ask if these are the key features or if there should be others included and how can the EU take into account the broader public interest in developing patent policy.

I can think of one question immediately: why should the system only be used by business and research organisations to support innovation etc.? What about individuals and civil society?

Sunday, January 22, 2006

He shoots he scores

David Runciman has a terrific essay in the London Review of Books on Patrick Barclay's biography of Jose Mourinho.

"Mourinho has no intention of being a typical manager of a typical middle-ranking club. When he arrived at Chelsea, they were a team of underachieving superstars bankrolled by the world’s most affluent thirtysomething. Mourinho insisted they could do better and, after he had spent quite a lot more of Roman Abramovich’s money, do better they did. But Barclay has mistaken cause and effect. Chelsea didn’t do better because Mourinho said they would; rather, he said they would because he knew that as an underperforming team they were very likely to improve. Mourinho, who is an intelligent as well as a ruthless man, knows that the most important thing for a football manager’s reputation is being in the right place at the right time. It’s not that he does what it says on the tin so much as that he waits until he has a pretty shrewd idea of what is in the tin, then puts his own label on it...

As Barclay points out, the thing that most obviously sets him apart from many of his peers is that he is not himself a former professional player (he tried, but failed, not even managing to be picked for the Portuguese club side his father was managing). Rather than playing the game, Mourinho studied it, first at university, and then in various coaching and other capacities at a series of clubs in Portugal and Spain, including finally as Bobby Robson’s assistant at Barcelona...

he tends to rely less on his own experiences than on a series of carefully compiled technical dossiers that break the game down into a series of controllable variables, which he then does his best to control...

In truth, it seems likely that what Mourinho learned from his years of work experience was not what to do, but what not to do. The advantage the non-player has over the ex-player is that they can trust in the hard evidence of percentage football, without the memories and fantasies of their playing days getting in the way...

Even Barclay notices that Mourinho’s special gift is the remorseless attention he pays to detail, though he treats this as though it were some kind of magic trick in itself. For example, when UEFA introduced the idiotic ‘silver goal’ rule into European club competitions – which meant that if a team was leading at the end of the first period of extra-time, the second period would be abandoned and the match end – Mourinho instructed his Porto players to adapt their tactics to this new 15-minute format. What Barclay, quoting Marcello Lippi, considers remarkable is that Mourinho didn’t express a view about whether the silver goal was a good or a bad rule, he just got on with the business of trying to extract some advantage out of it. What, you wonder, does it say about the other coaches that this value-neutral approach is taken as a sign of inspiration...

Last summer he visited Israel, and gave an address to a joint conference of Israeli and Palestinian coaches in Tel Aviv. He told his audience: ‘When I have retired, when, in 13 more years I have finished with football, I can see myself 100 per cent involved in human actions. I have always thought about problems in the Middle East and Africa, not just about football.’ Barclay suggests a role perhaps at the United Nations, since Mourinho ‘has, after all, proved he can unite dressing-rooms’.

It is all so horribly familiar. I recently heard one of Tony Blair’s closest confidants tell an audience of students about the prime minister’s plans following his retirement: he wants to make a real contribution on the international stage, to bring his talents to bear on the big humanitarian issues, ‘like Bill Clinton, only more so’. Oh the fantasies these people have about the difference they can make."

Jimmy Wales clarifies press errors

Jimmy Wales, founder of Wikipedia, has said the press reports about Wikipedia Germany being shut down by a German court are false and that the Wikimedia Foundation has had no contact with any Berlin courts.

The German version of Wikipedia is at http://de.wikipedia.org/

The http://www.wikipedia.de/ domain belongs to the German club of Wikipedia users.

The German Wikipedia club was briefly ordered by the court not to point people to the main German wikipedia site, the http://de.wikipedia.org/ but the main site was not affected.

Update: Andrés has further details at his blog, Technollama. As has Wikipedia itself.

Cheney defends domestic spying

Dick Cheney has been defending the domestic spying, the legality of which has been widely debated, saying it is essential in the war on terror. Yet members of the FBI are on record with the New York Times this week as saying that the data generated has led to them chasing a mass of false leads and interfering with their ability to do their real job.