Keith Aoki of the University of Oregon, and James Boyle and Jennifer Jenkins of Duke University have co-written a copyright comic, "Bound by Law?"
What a great idea.
Pages
▼
Friday, February 03, 2006
iPods for Senators Campaign
Just in case you missed it in the comments from earlier in the week, IPAction have launched an iPod for Senators campaign. Thanks to Ren Bucholz for the alert.
Director of British Library concerned about drm
A director of the British Library, Dr Clive Field, has expressed concerns about the deployment of digital rights management(drm) technologies. In a written submission to the All Party Internet Group enquiry into drm, he says drm must not "exert excessive control on access to information.
This will fundamentally threaten the longstanding and accepted concepts of fair dealing and library privilege and undermine, or even prevent, legitimate public good access."
He told the BBC: "We have genuinely tried to maintain that balance between the public interest and respecting rights holders
We are genuinely concerned that technology inadvertently may be disturbing that balance, and that would be unhelpful ultimately to the national interest."
I've been thinking about this in the context of the second law of thermodynamics, which, as described in minute detail by Nicholas Georgescu-Roegen, basically underpins the entire economic process (though most people don't realise this and sometimes I think we've made a unique artform out of scientific ignorance). Materials and energy transformations always generate some waste (or, for the scientifically literate, increase entropy). This has fundamental implications for the enonomic process in a world of limited resources. Now intellectual property does not suffer from the same problem as material resources in that it is technically non rivalrous, so it theoretically won't run out. However, there are a number of issues/problems/opportunites raised in this context:
Firstly digital information fundamentally depends on energy, which is a limited resource.
Secondly intellectual property, it has been argued, is also getting locked up and controlled to an unprecedented degree through laws and drm technologies. This raises fundamental questions about the future of the knowledge society.
Digital information is also getting locked up in technological formats that fairly rapidly become obsolete and inaccessible to later generations, which is what Mr Field is rightly concerned about.
There must theoretically be an optimum cost associated with implementing the laws and technologies that folk like Larry Lessig worry about, that limits the process. Even though theoretically once it is done the supply well of a particular piece of intellectual property would be infinitely deep; and though dipping into that well to sustain a supply chain could be done at vitually no cost to the owner, the cost of the process of locking up the information (through laws and technologies as Larry argues) could form a significant economic constraint, particularly given the finite nature of the atoms (material resources) that are required to generate the energy to keep the information bits flowing.
I probably need to work out the idea in an academic paper when I get the time but this seems like an area worth exploring.
This will fundamentally threaten the longstanding and accepted concepts of fair dealing and library privilege and undermine, or even prevent, legitimate public good access."
He told the BBC: "We have genuinely tried to maintain that balance between the public interest and respecting rights holders
We are genuinely concerned that technology inadvertently may be disturbing that balance, and that would be unhelpful ultimately to the national interest."
I've been thinking about this in the context of the second law of thermodynamics, which, as described in minute detail by Nicholas Georgescu-Roegen, basically underpins the entire economic process (though most people don't realise this and sometimes I think we've made a unique artform out of scientific ignorance). Materials and energy transformations always generate some waste (or, for the scientifically literate, increase entropy). This has fundamental implications for the enonomic process in a world of limited resources. Now intellectual property does not suffer from the same problem as material resources in that it is technically non rivalrous, so it theoretically won't run out. However, there are a number of issues/problems/opportunites raised in this context:
Firstly digital information fundamentally depends on energy, which is a limited resource.
Secondly intellectual property, it has been argued, is also getting locked up and controlled to an unprecedented degree through laws and drm technologies. This raises fundamental questions about the future of the knowledge society.
Digital information is also getting locked up in technological formats that fairly rapidly become obsolete and inaccessible to later generations, which is what Mr Field is rightly concerned about.
There must theoretically be an optimum cost associated with implementing the laws and technologies that folk like Larry Lessig worry about, that limits the process. Even though theoretically once it is done the supply well of a particular piece of intellectual property would be infinitely deep; and though dipping into that well to sustain a supply chain could be done at vitually no cost to the owner, the cost of the process of locking up the information (through laws and technologies as Larry argues) could form a significant economic constraint, particularly given the finite nature of the atoms (material resources) that are required to generate the energy to keep the information bits flowing.
I probably need to work out the idea in an academic paper when I get the time but this seems like an area worth exploring.
LSE boss writes to prime minister on ID cards
The Director of the London School of Economics has written to Tony Blair about the latter's claim that the LSE identity project report was written by a lone academic with a long term history of opposing ID cards.
He points out that he has made it clear to government ministers making this claim in the past that it is false and that he is disappointed they have not passed on that information to the Prime Minister's office.
Update: Simon Davies who has been disgracefully and repeatedly maligned by the government over the LSE ID card report, has threatened to sue ministers attempting to undermine the LSE report through damaging his reputation. "Mr Davies has written to the prime minister, warning that if the claims are repeated by him or any of his ministers he will proceed with legal action on the basis of statements made outside parliament.
He told the FT that he had taken legal advice after seeing that ministers were continuing to question the validity of the report in a way that sought to damage his reputation, despite Sir Howard writing to Mr Blair 10 days ago urging him to correct a "quite wrong" statement made to MPs."
He points out that he has made it clear to government ministers making this claim in the past that it is false and that he is disappointed they have not passed on that information to the Prime Minister's office.
Update: Simon Davies who has been disgracefully and repeatedly maligned by the government over the LSE ID card report, has threatened to sue ministers attempting to undermine the LSE report through damaging his reputation. "Mr Davies has written to the prime minister, warning that if the claims are repeated by him or any of his ministers he will proceed with legal action on the basis of statements made outside parliament.
He told the FT that he had taken legal advice after seeing that ministers were continuing to question the validity of the report in a way that sought to damage his reputation, despite Sir Howard writing to Mr Blair 10 days ago urging him to correct a "quite wrong" statement made to MPs."
EDRI-gram
The latest EDRI-gram has been published. Contents:
Commission refuses to do an impact assessment on the data retention
OECD Conference on the Future Digital Economy
German Wikipedia back on the Internet
A CD should work on any device, says French court
Debates on draft directive on Television without Frontiers Directive
EU Visa Database under scrutiny of the European Data Protection
French anti-terrorism law not anti-constitutional
Combating Racism on Internet
Irish ISPs to give File-sharers details
Slovenian Intelligence Agency performed illegal eavesdropping
Big Brother Award for Dutch immigration minister
UK Passenger Travel Data in Advance
Recommended reading: Security Policies in Europe
Agenda
Microsoft accuse EU of withholding documents
Microsoft have accused the European Union of holding back documents important enough to contribute to their anttitrust defence.
Broadcasters lock up of spectrum thwarts wi-fi
David Bollier's Broadcasters' Lockup of "White Space" Spectrum Thwarts WiFi is recommended reading.
Thursday, February 02, 2006
Minister's claim of £1.7billion identity fraud questioned
Spy Blog is skeptical about Home Office minister Any Burnham's claim that identify fraud has cost the UK economy £1.7 billion.
RIM wins two rounds
RIM has won a couple of small victories in its ongoing patent disputes over the Blackberry handheld device. Having prevailed against InPro in Germany recently, they've just had a similar ruling from the UK High Court. Meanwhile, across the pond where they have been taking a beating in the courts, the US Patent Office have just issued a preliminary ruling invalidating the NTP patents at the centre of the dispute.
Open courts or open season on privacy
Thoughtful piece by Carole Lucock on whether publishing court decisions on the Internet has personal privacy implications we should be thinking more about.
Wednesday, February 01, 2006
Kazaa Australia
It seems Kim Weatherall was wondering what happened at the Kazaa hearing earlier in the week too. And she's managed to find out.
"David tells me that the question of contempt has been reserved for the Full Court hearing in the case: an order has been made (available in the ESearch facility of the Federal Court's database, CaseTrack), to this effect:
'Pursuant to s 25(6) of the Federal Court of Australia Act (Cth) 1976, reserves, for the consideration of the Full Court constituted to hear pending appeals in this matter, the question whether, having regard to the nature and terms of order 4 made on 5 September 2005, a determination of contempt of court may be made in respect of the contraventions of that order alleged in the statement of charge.'
So this adds to the long list of things that Branson, Lindgren, and Finkelstein JJ will be pondering in the week commencing 20 February 2006 (soon!)"
"David tells me that the question of contempt has been reserved for the Full Court hearing in the case: an order has been made (available in the ESearch facility of the Federal Court's database, CaseTrack), to this effect:
'Pursuant to s 25(6) of the Federal Court of Australia Act (Cth) 1976, reserves, for the consideration of the Full Court constituted to hear pending appeals in this matter, the question whether, having regard to the nature and terms of order 4 made on 5 September 2005, a determination of contempt of court may be made in respect of the contraventions of that order alleged in the statement of charge.'
So this adds to the long list of things that Branson, Lindgren, and Finkelstein JJ will be pondering in the week commencing 20 February 2006 (soon!)"
Oppose drm and get fired
Inga Chernyak, a legal clerk with a New York law firm, as well as president of the New York chapter of the Free Culture movement, has apparently been fired for expressing her distaste for drm.
"On January 10th 2006, the Village Voice ran an article called Code Warriors, detailing the efforts of the Free Culture movement, and those of the NYU chapter in particular. The reporter, Carla Blumenkranz, quoted FC co-founder Fred Benenson explaining that our efforts are about “harm reduction”; she noted, quite aptly, that our mission is to aid in “minimizing penalties and maximizing opportunities, for artists and audiences alike.” But what about the muckrakers? The conscientious objectors? The free culture activists? What protection from penalty do we have? What opportunity?
On Thursday, January 26th, I was fired from my job as a legal clerk at a medium sized IP law firm in midtown, NYC. When I inquired as to the reason, I was shown the Code Warriors article and told that my views about what the firm does were incompatible with…what the firm does. In so many words, I was told that the firm could no longer employ me due to my aberrant views on copyright law—although I was feverishly reassured of my right to hold those views. This assurance had relatively little value, however, as I was still fired for expressing the views in question. "
"On January 10th 2006, the Village Voice ran an article called Code Warriors, detailing the efforts of the Free Culture movement, and those of the NYU chapter in particular. The reporter, Carla Blumenkranz, quoted FC co-founder Fred Benenson explaining that our efforts are about “harm reduction”; she noted, quite aptly, that our mission is to aid in “minimizing penalties and maximizing opportunities, for artists and audiences alike.” But what about the muckrakers? The conscientious objectors? The free culture activists? What protection from penalty do we have? What opportunity?
On Thursday, January 26th, I was fired from my job as a legal clerk at a medium sized IP law firm in midtown, NYC. When I inquired as to the reason, I was shown the Code Warriors article and told that my views about what the firm does were incompatible with…what the firm does. In so many words, I was told that the firm could no longer employ me due to my aberrant views on copyright law—although I was feverishly reassured of my right to hold those views. This assurance had relatively little value, however, as I was still fired for expressing the views in question. "
How he stalked his girlfriend
More from Ben Goldacre in the Guardian today about how mobile phones can so easily be used as tracking devices.
Auditor shocked by Home Office's accounts
Important story in the Times:
"THE Home Office has lost control of its finances and its accounts are in a mess, according to a report published by the public spending watchdog.
The National Audit Office is so alarmed at what it has uncovered that it has refused to give its approval to the department’s flawed financial records.
The Permanent Secretary at the time the trouble developed was Sir John Gieve. He left the Home Office in December to join the Bank of England as Deputy Governor in charge of financial stability.
It is the first time in modern history that the nation’s Auditor General has delivered such an indictment on the financial records of a key government department. "
The auditor notes that part of the problem was the introduction of a new computer system to make finances more efficient. Yes the same Home Office wants to design and implement the most complex information system ever created - the ID card system - and they can't manage their own system to count their own money. Would that give anyone cause for concern by any chance?
"THE Home Office has lost control of its finances and its accounts are in a mess, according to a report published by the public spending watchdog.
The National Audit Office is so alarmed at what it has uncovered that it has refused to give its approval to the department’s flawed financial records.
The Permanent Secretary at the time the trouble developed was Sir John Gieve. He left the Home Office in December to join the Bank of England as Deputy Governor in charge of financial stability.
It is the first time in modern history that the nation’s Auditor General has delivered such an indictment on the financial records of a key government department. "
The auditor notes that part of the problem was the introduction of a new computer system to make finances more efficient. Yes the same Home Office wants to design and implement the most complex information system ever created - the ID card system - and they can't manage their own system to count their own money. Would that give anyone cause for concern by any chance?
Tuesday, January 31, 2006
DVD Jon considers suing Sony
Jon Johansen has been talking to a lawyer about the possibility of suing Sony BMG over their CD drm rootkit, which also infringed his copyright in some software he wrote for the VLC media player.
Kazaa Australia
Can anyone tell me what happened at the Kazaa hearing in Sydney yesterday? Or even if it went ahead? If you remember the music industry were pushing for them to be held in contempt of court for not enforcing the filters as the industry believes they should have done.
Researchers crack Dutch biometric passport security
John Lettice writes that a security company, Riscure BV, have cracked the security of the Dutch biometric passport and say the "attack can be executed only within a distance of 10 meters of a passport in use."
Meanwhile Lettice has also been making fun of ID card minister Andy Burnham again. He suggests 'RFID tag' are rude words which the minister refuses to say, since he has a better alternative, 'contactless, proximity chip vendors.'
"For over six months now Burnham, pursued doggedly by MP and ID card opponent Lynne Jones, has been peddling the bizarre conceit that RFID and 'contactless' or 'proximity' chips are entirely different beasts. So, in July, he confirmed that for the UK ID card to be used as a travel document in Europe, "the card will need to meet standards established by the International Civil Aviation Organisation (ICAO), which require the card to be contactless".* Presuming the information will not be moving across the air gap between the card and the reader using, say, smell, it's pretty obvious how that works, isn't it?
The contactless chips that will be used in ID cards and passports are amazingly like RFID tags. Place an RFID tag in the vicinity of a reader, and the reader can read data from it. Place an ID card or a passport in the vicinity of a reader and... you get the idea. Proponents and vendors of biometric ID however have noted that the general public seems to have some kind of privacy issue with the term "RFID", for some reason fearing that RFID ID documents involve them becoming tagged and monitored crates in the homeland security industry's supply chain. So, as Wired explained last year, the strangely RFID-like chips in biometric ID are instead to be called contactless or proximity chips."
Meanwhile Lettice has also been making fun of ID card minister Andy Burnham again. He suggests 'RFID tag' are rude words which the minister refuses to say, since he has a better alternative, 'contactless, proximity chip vendors.'
"For over six months now Burnham, pursued doggedly by MP and ID card opponent Lynne Jones, has been peddling the bizarre conceit that RFID and 'contactless' or 'proximity' chips are entirely different beasts. So, in July, he confirmed that for the UK ID card to be used as a travel document in Europe, "the card will need to meet standards established by the International Civil Aviation Organisation (ICAO), which require the card to be contactless".* Presuming the information will not be moving across the air gap between the card and the reader using, say, smell, it's pretty obvious how that works, isn't it?
The contactless chips that will be used in ID cards and passports are amazingly like RFID tags. Place an RFID tag in the vicinity of a reader, and the reader can read data from it. Place an ID card or a passport in the vicinity of a reader and... you get the idea. Proponents and vendors of biometric ID however have noted that the general public seems to have some kind of privacy issue with the term "RFID", for some reason fearing that RFID ID documents involve them becoming tagged and monitored crates in the homeland security industry's supply chain. So, as Wired explained last year, the strangely RFID-like chips in biometric ID are instead to be called contactless or proximity chips."
wibbi we understood privacy can reinforce security
William Heath has been asking Stefan Brands about egovernment.
"What does Stefan Brands have to say about Transformational Government? The same as what he has said for years: government needs multi-party security that preserves privacy. And it can be done.
I should point out that we have cast his pearls of wisdom in front of the UK Government several times before. And that it's not his problem if we screw things up in the UK - after all, he's a Dutchman living in Canada. But if we had to name three people whose views should be heard if we are to create in the UK the foundation of trust we need in e-government, he's one.
Stefan did set out his position pretty clearly here on Ideal Government in October 2004 and not much has changed. And he points me to a good and concise exposition of his thoughts called On E-Government Authentication and Privacy which appeared on the Anonymity Blog, in Nov last year. "
It is becoming critical for policymakers to understand that privacy and security are not opposing and mutually exclusive forces. As Brand says:
"Governments around the world are working to implement digital identity and access management infrastructures for access to government services by citizens and businesses. E-government has the potential of bringing major cost, convenience, and security benefits to citizens, businesses, and government alike. There are major architecture challenges, however, which cannot be solved by simply adopting modern enterprise architectures for identity management. Namely, these architectures involve a central server that houses the capability to electronically trace, profile, impersonate, and falsely deny access to any user. In the context of an e-government infrastructure, the privacy and security implications for citizens of such a panoptical identity architecture would be unprecedented...
On the legal side, the compatibility of modern enterprise identity architectures with data protection legislation and program statutes is highly questionable. Also, the adoption of enterprise identity architectures in the context of e-government would directly interfere with Article 8 rights under the European Convention on Human Rights. Specifically, any interference with privacy rights under Article 8 must do so to the minimum degree necessary. Enterprise identity architectures violate this requirement: far less intrusive means exist for achieving the objectives of e-government.
Specifically, over the course of the past two decades, the cryptographic research community has developed an array of privacy-preserving technologies that can be used as building blocks for e-government in a manner that simultaneously meets the security needs of government and the legitimate privacy and security needs of individuals and service providers. Relevant privacy-preserving technologies include digital credentials, secret sharing, private information retrieval, and privacy-preserving data mining.
By properly using privacy-preserving technologies, individuals can be represented in their interactions with service providers by local electronic identifiers. Service providers can electronically link their legacy account data on individuals to these local electronic identifiers, which by themselves are untraceable and unlinkable. As a result, any pre-existing segmentation of activity domains is fully preserved. At the same time, verifier-trusted authorities can securely embed into all of an individual’s local identifiers a unique “master identifier” (such as a random number). These embedded identifiers remain unconditionally hidden when individuals identify themselves on the basis of their local electronic identifiers, but their hidden presence can be leveraged by service providers for all kinds of security and data sharing purposes without introducing privacy problems. The privacy guarantees do not require users to rely on third parties - the power to link and trace the activities of a user across his or her activity domains resides solely in the hands of that user.
In the context of e-government, security and privacy are not opposites but mutually reinforcing, assuming proper privacy-preserving technologies are deployed. In order to move forward with e-government, it is important for government to adopt technological alternatives that hold the promise of multi-party security while preserving privacy."
"What does Stefan Brands have to say about Transformational Government? The same as what he has said for years: government needs multi-party security that preserves privacy. And it can be done.
I should point out that we have cast his pearls of wisdom in front of the UK Government several times before. And that it's not his problem if we screw things up in the UK - after all, he's a Dutchman living in Canada. But if we had to name three people whose views should be heard if we are to create in the UK the foundation of trust we need in e-government, he's one.
Stefan did set out his position pretty clearly here on Ideal Government in October 2004 and not much has changed. And he points me to a good and concise exposition of his thoughts called On E-Government Authentication and Privacy which appeared on the Anonymity Blog, in Nov last year. "
It is becoming critical for policymakers to understand that privacy and security are not opposing and mutually exclusive forces. As Brand says:
"Governments around the world are working to implement digital identity and access management infrastructures for access to government services by citizens and businesses. E-government has the potential of bringing major cost, convenience, and security benefits to citizens, businesses, and government alike. There are major architecture challenges, however, which cannot be solved by simply adopting modern enterprise architectures for identity management. Namely, these architectures involve a central server that houses the capability to electronically trace, profile, impersonate, and falsely deny access to any user. In the context of an e-government infrastructure, the privacy and security implications for citizens of such a panoptical identity architecture would be unprecedented...
On the legal side, the compatibility of modern enterprise identity architectures with data protection legislation and program statutes is highly questionable. Also, the adoption of enterprise identity architectures in the context of e-government would directly interfere with Article 8 rights under the European Convention on Human Rights. Specifically, any interference with privacy rights under Article 8 must do so to the minimum degree necessary. Enterprise identity architectures violate this requirement: far less intrusive means exist for achieving the objectives of e-government.
Specifically, over the course of the past two decades, the cryptographic research community has developed an array of privacy-preserving technologies that can be used as building blocks for e-government in a manner that simultaneously meets the security needs of government and the legitimate privacy and security needs of individuals and service providers. Relevant privacy-preserving technologies include digital credentials, secret sharing, private information retrieval, and privacy-preserving data mining.
By properly using privacy-preserving technologies, individuals can be represented in their interactions with service providers by local electronic identifiers. Service providers can electronically link their legacy account data on individuals to these local electronic identifiers, which by themselves are untraceable and unlinkable. As a result, any pre-existing segmentation of activity domains is fully preserved. At the same time, verifier-trusted authorities can securely embed into all of an individual’s local identifiers a unique “master identifier” (such as a random number). These embedded identifiers remain unconditionally hidden when individuals identify themselves on the basis of their local electronic identifiers, but their hidden presence can be leveraged by service providers for all kinds of security and data sharing purposes without introducing privacy problems. The privacy guarantees do not require users to rely on third parties - the power to link and trace the activities of a user across his or her activity domains resides solely in the hands of that user.
In the context of e-government, security and privacy are not opposites but mutually reinforcing, assuming proper privacy-preserving technologies are deployed. In order to move forward with e-government, it is important for government to adopt technological alternatives that hold the promise of multi-party security while preserving privacy."
More defeats for ID cards in the House of Lords
The House of Lords inflicted further defeats on the government's ID cards scheme yesterday.
Oxford students contract to attend lectures
This is idiotic.
"Students starting degrees at the University of Oxford this year could be asked to sign a legally binding contract requiring them to attend lectures."
Being responsible on an annual basis for anything between 1600 and 3000 technology undergraduates over the past eleven years, I've seen my fair share of students presenting the University with difficult issues which might have required legal process intervention [but didn't,fortunately, in the end]. Some of these cases were genuine failures on the University's part, which I hope we were able to put right; some were baseless. These cases relate to an absolutely tiny minority of the students I've been privileged to support and the type of contract Oxford are proposing would not have stopped the litigious ones being difficult. It merely serves notice on the vast majority of decent honest students that they will not be trusted.
Like drm, this approach is about keeping honest people honest and will be similarly received.
"Students starting degrees at the University of Oxford this year could be asked to sign a legally binding contract requiring them to attend lectures."
Being responsible on an annual basis for anything between 1600 and 3000 technology undergraduates over the past eleven years, I've seen my fair share of students presenting the University with difficult issues which might have required legal process intervention [but didn't,fortunately, in the end]. Some of these cases were genuine failures on the University's part, which I hope we were able to put right; some were baseless. These cases relate to an absolutely tiny minority of the students I've been privileged to support and the type of contract Oxford are proposing would not have stopped the litigious ones being difficult. It merely serves notice on the vast majority of decent honest students that they will not be trusted.
Like drm, this approach is about keeping honest people honest and will be similarly received.
Adobe phones home
From DocBug,
"Here's a tricky little privacy hole: Adobe PDF Reader 6.0 and later will automatically (and silently) execute Javascript that's been embedded in a PDF file, and LWN reports that a company called Remote Approach uses this "feature" to tag a PDF so it'll phone home to their servers whenever it's opened. Their customers can then go to a special webpage to track when the PDF was opened and at what IP address.
I'm sure you can think of your own scenarios where this would be a Bad Thing™, but the case that brought it to my attention was from a supposedly-anonymous reviewer of an academic paper who discovered Remote's website in his firewall logs.
The simple moral of the story is that content formats should not be able to run arbitrary code, but the more general point is one of setting limits and expectations. End-users need to be able to limit what's run on their own computers, and when the actual limits are broader than what a naive user might expect (such as when their supposedly-static PDF document can actually access the network) it's extra important for the system to alert the user what's happening and get permission first.
To their credit, Adobe seems to have heeded the moral: the current version of Acrobat Reader (at least on the Mac) gives a pop-up warning saying the PDF is trying to access a remote URL, and allows you to save your security settings on a site-by-site basis. I don't know when they added this alert or whether it was in response to problems like those I mentioned, but regardless it's nice to see the feature."
"Here's a tricky little privacy hole: Adobe PDF Reader 6.0 and later will automatically (and silently) execute Javascript that's been embedded in a PDF file, and LWN reports that a company called Remote Approach uses this "feature" to tag a PDF so it'll phone home to their servers whenever it's opened. Their customers can then go to a special webpage to track when the PDF was opened and at what IP address.
I'm sure you can think of your own scenarios where this would be a Bad Thing™, but the case that brought it to my attention was from a supposedly-anonymous reviewer of an academic paper who discovered Remote's website in his firewall logs.
The simple moral of the story is that content formats should not be able to run arbitrary code, but the more general point is one of setting limits and expectations. End-users need to be able to limit what's run on their own computers, and when the actual limits are broader than what a naive user might expect (such as when their supposedly-static PDF document can actually access the network) it's extra important for the system to alert the user what's happening and get permission first.
To their credit, Adobe seems to have heeded the moral: the current version of Acrobat Reader (at least on the Mac) gives a pop-up warning saying the PDF is trying to access a remote URL, and allows you to save your security settings on a site-by-site basis. I don't know when they added this alert or whether it was in response to problems like those I mentioned, but regardless it's nice to see the feature."
DRM company threaten to due Cory Doctorow
A company that supplies anti copying technology has threatened to sue Cory Doctorow for criticising their product.
"A company that was criticized on Boing Boing has threatened to sue me, and claims to have sworn out a complaint against me with the FBI.
Yesterday, I posted about StarForce, a harmful technology used by game companies to restrict their customers' freedom. StarForce attempts to stop game customers from copying their property, but it has the side-effects of destabilizing and crashing the computers on which it is installed.
Someone identifying himself as "Dennis Zhidkov, PR-manager, StarForce Inc." contacted me this morning and threatened to sue me, and told me that he had contacted the FBI to complain about my "harassment."
If you're looking for reasons to boycott StarForce-crippled games (besides the obvious ones), you might add their use of bullying legal threats to your list.
From: "Dennis Zhidkov"
Date: January 31, 2006 9:55:40 AM BST
To: "doctorow@craphound.com"
Subject: StarForce Response to Cory Doctorow
StarForce Inc. response to Mr. Cory Doctorow
Dear Sir, calling StarForce "Anti-copying malware" is a good enough cause to press charges and that is what our corporate lawyer is busy doing right now. I urge you to remove your post from http://www.boingboing.net/2006/01/30/anticopying_malware_.html because it is full of insults, lies, false accusations and rumors. Your article violates approximately 11 international laws. Our USlawyer will contact you shortly. I have also contacted the FBI , because what you are doing is harassment.
Sincerely,
Dennis Zhidkov
PR-manager
StarForce Inc.
www.star-force.com
Here's my reply: "Thank you for your response. I have appended it to my original post and have forwarded it to the Chilling Effects project to be part of the permanent record of abusive attempts by companies to silence their critics." "
I doubt Cory will be hearing any more from them.
Update: Siva Vaidhyanathan has also written to Mr Zhidkov.
"Dear Mr. Zhidkov:
Threatening Cory Doctorow with baseless legal action is a prime example of harassment. Criticizing bad software on a Web site devoted to digital issues is what we in this country call free speech.
Before proceeding or threatening people who know the law and technology better than yourself, I suggest you hire better engineers and better lawyers. You are clearly overmatched here.
Sincerely,
Siva"
"A company that was criticized on Boing Boing has threatened to sue me, and claims to have sworn out a complaint against me with the FBI.
Yesterday, I posted about StarForce, a harmful technology used by game companies to restrict their customers' freedom. StarForce attempts to stop game customers from copying their property, but it has the side-effects of destabilizing and crashing the computers on which it is installed.
Someone identifying himself as "Dennis Zhidkov, PR-manager, StarForce Inc." contacted me this morning and threatened to sue me, and told me that he had contacted the FBI to complain about my "harassment."
If you're looking for reasons to boycott StarForce-crippled games (besides the obvious ones), you might add their use of bullying legal threats to your list.
From: "Dennis Zhidkov"
Date: January 31, 2006 9:55:40 AM BST
To: "doctorow@craphound.com"
Subject: StarForce Response to Cory Doctorow
StarForce Inc. response to Mr. Cory Doctorow
Dear Sir, calling StarForce "Anti-copying malware" is a good enough cause to press charges and that is what our corporate lawyer is busy doing right now. I urge you to remove your post from http://www.boingboing.net/2006/01/30/anticopying_malware_.html because it is full of insults, lies, false accusations and rumors. Your article violates approximately 11 international laws. Our USlawyer will contact you shortly. I have also contacted the FBI , because what you are doing is harassment.
Sincerely,
Dennis Zhidkov
PR-manager
StarForce Inc.
www.star-force.com
Here's my reply: "Thank you for your response. I have appended it to my original post and have forwarded it to the Chilling Effects project to be part of the permanent record of abusive attempts by companies to silence their critics." "
I doubt Cory will be hearing any more from them.
Update: Siva Vaidhyanathan has also written to Mr Zhidkov.
"Dear Mr. Zhidkov:
Threatening Cory Doctorow with baseless legal action is a prime example of harassment. Criticizing bad software on a Web site devoted to digital issues is what we in this country call free speech.
Before proceeding or threatening people who know the law and technology better than yourself, I suggest you hire better engineers and better lawyers. You are clearly overmatched here.
Sincerely,
Siva"
Legal FAQs on NSA Wiretaps
Peter Swire Legal FAQs on NSA Wiretaps
"This document is the introduction and executive summary for Legal FAQs (Frequently Asked Questions) about the National Security Agency wiretap program. This document is current as of January 30, but may be updated.
Read the full set of FAQs here
Summary of Legal Issues:
Based on the facts available to date, the wiretap program appears to be clearly illegal.
1. Wiretaps by federal officials are generally prohibited, unless there is a particular legal basis such as a court order. The “exclusive basis” for wiretaps is either Title III for criminal investigations or the Foreign Intelligence Surveillance Act (FISA) for foreign intelligence investigations. It is a crime to conduct wiretaps unless there is a “statutory basis” for doing so.
2. The Administration has given two, and only two, reasons why it says the criminal law does not apply to the program.
3. The first is the Authorization of Use of Military Force (AUMF), passed on September 13, 2001. For multiple reasons, the AUMF does not provide a legal basis for the NSA wiretap program.
4. The second is that the President has inherent authority that does not derive from statutes. The President indeed has important inherent authority as leader of the Executive Branch and Commander-in-Chief, but the current Administration has taken that position to unprecedented lengths. We have a system of checks and balances. As the Supreme Court has made clear, the President’s power is at its “lowest ebb” when his actions directly contradict a lawful statute, as they do here.
5. In addition, as we learn more facts about the program, there may well be a clear case that government actions have violated the Fourth Amendment rules against unreasonable searches and seizures.
6. In short, it is a crime to conduct wiretaps in the United States, of U.S. citizens, unless there is a statutory basis for doing so. There was no statutory basis here."
"This document is the introduction and executive summary for Legal FAQs (Frequently Asked Questions) about the National Security Agency wiretap program. This document is current as of January 30, but may be updated.
Read the full set of FAQs here
Summary of Legal Issues:
Based on the facts available to date, the wiretap program appears to be clearly illegal.
1. Wiretaps by federal officials are generally prohibited, unless there is a particular legal basis such as a court order. The “exclusive basis” for wiretaps is either Title III for criminal investigations or the Foreign Intelligence Surveillance Act (FISA) for foreign intelligence investigations. It is a crime to conduct wiretaps unless there is a “statutory basis” for doing so.
2. The Administration has given two, and only two, reasons why it says the criminal law does not apply to the program.
3. The first is the Authorization of Use of Military Force (AUMF), passed on September 13, 2001. For multiple reasons, the AUMF does not provide a legal basis for the NSA wiretap program.
4. The second is that the President has inherent authority that does not derive from statutes. The President indeed has important inherent authority as leader of the Executive Branch and Commander-in-Chief, but the current Administration has taken that position to unprecedented lengths. We have a system of checks and balances. As the Supreme Court has made clear, the President’s power is at its “lowest ebb” when his actions directly contradict a lawful statute, as they do here.
5. In addition, as we learn more facts about the program, there may well be a clear case that government actions have violated the Fourth Amendment rules against unreasonable searches and seizures.
6. In short, it is a crime to conduct wiretaps in the United States, of U.S. citizens, unless there is a statutory basis for doing so. There was no statutory basis here."
Congressional staff alter Wikipedia entries
Not that this should surprise anyone but congressional staff have been found to be altering entries relating to members of Congress in Wikipedia.
"This RFC is being opened in order to further a centralized discussion concerning actions to be taken against US Congressional staffers and possibly other federal employees who have engaged in unethical and possibly libelous behavior in violation of Wikipedia policies (WP:NPOV, WP:CIV). The editors from these IP ranges have been rude, abrasive, immature, and show disregard for Wikipedia policy. The editors have frequently tried to censor the history of elected officials, often replacing community articles with censored biographies despite other users' attempts to dispute these violations. They also violate Wikipedia:Verifiability, by deleting verified reports, while adding flattering things about members of Congress that are unverified.
The offending editors have been blocked. This RFC is needed to gather community comments. It is proposed that a one week block is not enough."
A system which promotes image over all other values will inevitably lead to incentives to engage in this kind of dishonesty. This is entirely rational, predictable behaviour on the part of the staffers and the people who employ them even though it really stinks.
"This RFC is being opened in order to further a centralized discussion concerning actions to be taken against US Congressional staffers and possibly other federal employees who have engaged in unethical and possibly libelous behavior in violation of Wikipedia policies (WP:NPOV, WP:CIV). The editors from these IP ranges have been rude, abrasive, immature, and show disregard for Wikipedia policy. The editors have frequently tried to censor the history of elected officials, often replacing community articles with censored biographies despite other users' attempts to dispute these violations. They also violate Wikipedia:Verifiability, by deleting verified reports, while adding flattering things about members of Congress that are unverified.
The offending editors have been blocked. This RFC is needed to gather community comments. It is proposed that a one week block is not enough."
A system which promotes image over all other values will inevitably lead to incentives to engage in this kind of dishonesty. This is entirely rational, predictable behaviour on the part of the staffers and the people who employ them even though it really stinks.
Monday, January 30, 2006
MSN search privacy and the government subpoena
Microsoft and Yahoo! have been much criticised in the wake of Google's refusal to hand over search data to the US government. They quietly handed over the data that was the subject of the subpoenas served on them over the summer last year. Microsoft's Ken Moss (General Manager – MSN Web Search) has explained a little more about their cooperation with the government at MSN Search's Weblog.
"Some facts have been reported, but mostly I’ve seen a ton of speculation reported as facts. I wanted to use this blog post to clarify some facts and to share with you what we are thinking here at MSN Search.
Let me start with this core principle statement: privacy of our customers is non-negotiable and something worth fighting to protect.
Now, on to the specifics.
Over the summer we were subpoenaed by the DOJ regarding a lawsuit. The subpoena requested that we produce data from our search service. We worked hard to scope the request to something that would be consistent with this principle. The applicable parties to the case received this data, and the parties agreed that the information specific to this case would remain confidential. Specifically, we produced a random sample of pages from our index and some aggregated query logs that listed queries and how often they occurred. Absolutely no personal data was involved.
With this data you:
CAN see how frequently some query terms occurred.
CANNOT look up an IP and see what they queried
CANNOT look for users who queried for both “TERM A” and “TERM B”.
At MSN Search, we have strict guidelines in place to protect the privacy of our customers data, and I think you’ll agree that privacy was fully protected. We tried to strike the right balance in a very sensitive matter.
Now that you have more information, you can be the judge."
If those commenting on the blog post are typical, the overwhelming judgement appears to be negative. Of course the readership of the blog will be fairly self selecting and not mecessarily representative but I'd have expected a clear dividing line to emerge between the anti-Microsoft and pro-Microsoft contingents. Unscientific I know but on the sample I skimmed 15 were anti and 3 pro.
"Some facts have been reported, but mostly I’ve seen a ton of speculation reported as facts. I wanted to use this blog post to clarify some facts and to share with you what we are thinking here at MSN Search.
Let me start with this core principle statement: privacy of our customers is non-negotiable and something worth fighting to protect.
Now, on to the specifics.
Over the summer we were subpoenaed by the DOJ regarding a lawsuit. The subpoena requested that we produce data from our search service. We worked hard to scope the request to something that would be consistent with this principle. The applicable parties to the case received this data, and the parties agreed that the information specific to this case would remain confidential. Specifically, we produced a random sample of pages from our index and some aggregated query logs that listed queries and how often they occurred. Absolutely no personal data was involved.
With this data you:
CAN see how frequently some query terms occurred.
CANNOT look up an IP and see what they queried
CANNOT look for users who queried for both “TERM A” and “TERM B”.
At MSN Search, we have strict guidelines in place to protect the privacy of our customers data, and I think you’ll agree that privacy was fully protected. We tried to strike the right balance in a very sensitive matter.
Now that you have more information, you can be the judge."
If those commenting on the blog post are typical, the overwhelming judgement appears to be negative. Of course the readership of the blog will be fairly self selecting and not mecessarily representative but I'd have expected a clear dividing line to emerge between the anti-Microsoft and pro-Microsoft contingents. Unscientific I know but on the sample I skimmed 15 were anti and 3 pro.
The Senator's iPod and the audio flag
Continuing with the drm theme, the EFF have a lovely story about the Senate hearing last week on the RIAA's proposed audio broadcast flag.
"The agenda seemed set. In the face of it, those who objected to the Broadcast Flag--technologists, librarians, and civil libertarians--were forced to spend much of their Congressional time requesting narrow exceptions that might lessen its damage.
Then two things happened...
The first was the appearance of Senator John Sununu, the Republican Junior Senator for New Hampshire. Sununu, an MIT grad, interrupted to ask the question so far unconsidered by his colleagues: Do we need this mandate at all...
The second revelation, dropped into the later discussion of the RIAA's audio flag, was that Senator Stevens' daughter bought him an iPod.
This is unhappy news for the RIAA. Once again, their representative was forced to burst into praises of MP3 players (a technology his organization attempted to sue out of existence in 1998).
And when Stevens asked whether with the audio flag in place he would be able to record from the radio and put the shows onto his iPod: that's when the RIAA's Mitch Bainwol really began to sweat.
With that simple question, the octogenarian Senator encapsulated arguments about place-shifting, interoperability, and fair use that would have taken whole federal dockets to explain a few years ago.
Even more damning was Senator Sununu's follow-up question, in which he asked if, post-flag, the Senator might record three songs from the radio today, and listen to only one of them again tomorrow. Of course, under the RIAA's proposed controls, you may not: this is "disaggregation" in their language. This flag, which was sold to Congress to impede piracy, appeared to be designed primarily to control and inconvenience law-abiding, ripping, mixing, modern-day Senators. "
"The agenda seemed set. In the face of it, those who objected to the Broadcast Flag--technologists, librarians, and civil libertarians--were forced to spend much of their Congressional time requesting narrow exceptions that might lessen its damage.
Then two things happened...
The first was the appearance of Senator John Sununu, the Republican Junior Senator for New Hampshire. Sununu, an MIT grad, interrupted to ask the question so far unconsidered by his colleagues: Do we need this mandate at all...
The second revelation, dropped into the later discussion of the RIAA's audio flag, was that Senator Stevens' daughter bought him an iPod.
This is unhappy news for the RIAA. Once again, their representative was forced to burst into praises of MP3 players (a technology his organization attempted to sue out of existence in 1998).
And when Stevens asked whether with the audio flag in place he would be able to record from the radio and put the shows onto his iPod: that's when the RIAA's Mitch Bainwol really began to sweat.
With that simple question, the octogenarian Senator encapsulated arguments about place-shifting, interoperability, and fair use that would have taken whole federal dockets to explain a few years ago.
Even more damning was Senator Sununu's follow-up question, in which he asked if, post-flag, the Senator might record three songs from the radio today, and listen to only one of them again tomorrow. Of course, under the RIAA's proposed controls, you may not: this is "disaggregation" in their language. This flag, which was sold to Congress to impede piracy, appeared to be designed primarily to control and inconvenience law-abiding, ripping, mixing, modern-day Senators. "
Will iPod video drive dmca reform?
Declan McCullagh wonders if the iPod video will lead to drm protection laws like the DMCA getting reformed. He quotes Fred von Lohmann as saying "Our best hope for getting amendments to the DMCA is for more regular consumers to feel the pinch of the DMCA." This has been my basic argument for some time now as to why drm and associated laws will eventually be driven to the edge of extinction. As more people get exposed to the need to get more than one device just to play music or films from more than one supplier, more people will get sufficiently exasperated to complain, with their wallets.
That doesn't mean that drm, the DMCA, the EUCD etc won't have periodic revivals, just that controlling information, to the degree that these laws and technologies allow, is fundamentally at odds with people's natural desire to access that information.
That doesn't mean that drm, the DMCA, the EUCD etc won't have periodic revivals, just that controlling information, to the degree that these laws and technologies allow, is fundamentally at odds with people's natural desire to access that information.
Music lovers caught in DRM battle
Dan Simmons on drm, Music lovers caught in DRM battle
"The technologies used to stop you copying as you wish are called digital rights management - or DRM.
Most DRM formats now count the number of copies you make and stop you burning when you reach that limit. iTunes is perhaps the least restrictive for this.
The number of times you can copy music to other computers, laptops or portable players is capped in much the same way.
The trouble is that if you upgrade your hardware too many times you may have to buy your music collection all over again.
Copy protection software on some newer CDs makes copying, or "ripping", them to a computer difficult too.
Some send data to your ripping software designed to confuse it. Others simply will not allow you to access the copy command. "
"The technologies used to stop you copying as you wish are called digital rights management - or DRM.
Most DRM formats now count the number of copies you make and stop you burning when you reach that limit. iTunes is perhaps the least restrictive for this.
The number of times you can copy music to other computers, laptops or portable players is capped in much the same way.
The trouble is that if you upgrade your hardware too many times you may have to buy your music collection all over again.
Copy protection software on some newer CDs makes copying, or "ripping", them to a computer difficult too.
Some send data to your ripping software designed to confuse it. Others simply will not allow you to access the copy command. "
Clive James and the Web
Clive James has been talking to the New York Sun about his website, CliveJames.com
"Mr. James has mixed feelings about the shift from page to screen, especially about the concomitant decline in literacy. Earlier this year he published a comically subliterate ode to his Microsoft computer program (“Windows is shutting down, and grammar are / On their last leg,” it began) that reads like a gloss on the text-message babble featured in Mr.Amis’s last novel,“Yellow Dog.” But as I hear him, talking a mile a minute down the telephone line from his home in London, the effervescent 66-year-old sounds upbeat.
While he insists that “nothing quite beats the book as an item of technology” and expresses the ardent wish that at least some of his volumes will always be in print, he notes that the Australian National Library, with a nose to the future, has already asked to archive his Web site. “I’ll effectively be immortalizing everything I’ve done,” he said.
Unlike with books, “there’s no warehouse that’s eventually going to fill up with unsold copies and cause its section of the earth to sink — the thing is weightless. Eventually I hope that bright young people will come into the site and never come out, just wander around forever. I do know that when people hit on the site they tend to stay a long time.Whether it’s because they fall asleep or just die there, I’m not sure...
The part of the “toy” that most excites Mr. James is the “video” section, which currently houses 18 separate interviews with everyone from the American film director Terry Gilliam to the dissident Chinese novelist Jung Chang.The only snag is that, like most such Web endeavors, it’s a money-loser.To have two technicians armed with digi-cams film a half-hour conversation with, say, Cate Blanchett sitting on Mr. James’s living room sofa, costs very little. What costs money, he says, is “to stream the stuff.” Until recently he was paying one thousand pounds a month out of his own pocket merely to send the signal...
Perhaps the most touching aspect of the site is Mr. James’s sincere desire to make it genuinely educational — to bring high culture to the masses, though without a trace of snobbery."
"Mr. James has mixed feelings about the shift from page to screen, especially about the concomitant decline in literacy. Earlier this year he published a comically subliterate ode to his Microsoft computer program (“Windows is shutting down, and grammar are / On their last leg,” it began) that reads like a gloss on the text-message babble featured in Mr.Amis’s last novel,“Yellow Dog.” But as I hear him, talking a mile a minute down the telephone line from his home in London, the effervescent 66-year-old sounds upbeat.
While he insists that “nothing quite beats the book as an item of technology” and expresses the ardent wish that at least some of his volumes will always be in print, he notes that the Australian National Library, with a nose to the future, has already asked to archive his Web site. “I’ll effectively be immortalizing everything I’ve done,” he said.
Unlike with books, “there’s no warehouse that’s eventually going to fill up with unsold copies and cause its section of the earth to sink — the thing is weightless. Eventually I hope that bright young people will come into the site and never come out, just wander around forever. I do know that when people hit on the site they tend to stay a long time.Whether it’s because they fall asleep or just die there, I’m not sure...
The part of the “toy” that most excites Mr. James is the “video” section, which currently houses 18 separate interviews with everyone from the American film director Terry Gilliam to the dissident Chinese novelist Jung Chang.The only snag is that, like most such Web endeavors, it’s a money-loser.To have two technicians armed with digi-cams film a half-hour conversation with, say, Cate Blanchett sitting on Mr. James’s living room sofa, costs very little. What costs money, he says, is “to stream the stuff.” Until recently he was paying one thousand pounds a month out of his own pocket merely to send the signal...
Perhaps the most touching aspect of the site is Mr. James’s sincere desire to make it genuinely educational — to bring high culture to the masses, though without a trace of snobbery."
Google, jokes and China
Declan reports that Google has been sufficiently embarrassed at the negative publicity they have received over censorship in China to lift the blocks on jokes.
Meanwhile on the same theme, John reminds us that when it comes to a choice between making money and behaving ethically, commerce will always opt for the money. Businesses are amoral. They exist for one reason and one reason only - to make money for their shareholders. When ethical practices support that objective they will be pursued. When they don't they will be avoided.
"Google's capitulation to the Chinese regime prompts some sobering thoughts. One is that while one may occasionally be justified in trusting an individual, one can never, ever place the same kind of trust in a company. That's why all the current concern about 'corporate social responsibility' is ultimately just eyewash. In the end, if there is a conflict between doing what is ethically right and what is commercially important, shareholder-driven enterprises will always choose the latter...
In the longer term, though, the commercial logic that led Google to capitulate may turn out to be counterproductive. The reason is that - in contrast to companies like, say, Halliburton - Google's ultimate fate depends on trust. Its corporate mission - to 'organise the world's information' - means that it aspires to become the custodian of immense quantities of private data...
Imagine standing up at a CBI conference and declaring that one is not going to do business in China until it makes serious moves towards becoming an open society! By joining the Gadarene rush into the Chinese market, Google may have gained short-term advantage. But it has also forfeited its right to our trust. "
Meanwhile on the same theme, John reminds us that when it comes to a choice between making money and behaving ethically, commerce will always opt for the money. Businesses are amoral. They exist for one reason and one reason only - to make money for their shareholders. When ethical practices support that objective they will be pursued. When they don't they will be avoided.
"Google's capitulation to the Chinese regime prompts some sobering thoughts. One is that while one may occasionally be justified in trusting an individual, one can never, ever place the same kind of trust in a company. That's why all the current concern about 'corporate social responsibility' is ultimately just eyewash. In the end, if there is a conflict between doing what is ethically right and what is commercially important, shareholder-driven enterprises will always choose the latter...
In the longer term, though, the commercial logic that led Google to capitulate may turn out to be counterproductive. The reason is that - in contrast to companies like, say, Halliburton - Google's ultimate fate depends on trust. Its corporate mission - to 'organise the world's information' - means that it aspires to become the custodian of immense quantities of private data...
Imagine standing up at a CBI conference and declaring that one is not going to do business in China until it makes serious moves towards becoming an open society! By joining the Gadarene rush into the Chinese market, Google may have gained short-term advantage. But it has also forfeited its right to our trust. "
Risks and rewards of data retention
Michael Geist thinks the Department of Justice attempts to get Google to hand over vast quatities of search data should begin to alert us to the risks and rewards of data retention.
"One of the biggest risks associated with data retention comes not from requests that proceed through the legal system, but from security vulnerabilities that puts sensitive data into the hands of hackers. Last year, more than 50 million people in North America received notifications that their personal information had been placed at risk due to a security breach.
Policy makers worldwide have scarcely begun to reconcile the risks and rewards of data retention. In the immediate aftermath of the Google issue, at least one U.S. politician has called for new legislation to set limits on data retention and establishes a positive obligation to destroy data under certain circumstances. In Europe, the debate has centered on mandating data retention to assist law enforcement.
While Canadian privacy law establishes general obligations on data retention and destruction, there are few clear legal obligations to either retain or destroy information. In light of recent events, it is time to search for some solutions. "
"One of the biggest risks associated with data retention comes not from requests that proceed through the legal system, but from security vulnerabilities that puts sensitive data into the hands of hackers. Last year, more than 50 million people in North America received notifications that their personal information had been placed at risk due to a security breach.
Policy makers worldwide have scarcely begun to reconcile the risks and rewards of data retention. In the immediate aftermath of the Google issue, at least one U.S. politician has called for new legislation to set limits on data retention and establishes a positive obligation to destroy data under certain circumstances. In Europe, the debate has centered on mandating data retention to assist law enforcement.
While Canadian privacy law establishes general obligations on data retention and destruction, there are few clear legal obligations to either retain or destroy information. In light of recent events, it is time to search for some solutions. "
Mobile phone stalking made easy
Ben Goldacre is very concerned about how easy it has become to track people via their mobile phones without their knowledge.
"Here’s a scary story. You can track anybody’s movements through their mobile phone, all you need is five minutes access to their phone. You receive two text messages, and send one in reply, then delete the evidence, and bob’s your uncle, your target would never know. On Radio 4 today I pointed this out to one of the companies that offer this service. Their response is, essentially, that this had not occurred to them as being a problem.
http://www.bbc.co.uk/radio4/youandyours/items/02/2006_04_fri.shtml
I don’t get angry easily, but to my mind, this is a sinister story, and the phone companies are failing to protect your privacy, by giving away your location to anybody on the flimsiest of “consent”: one text message."
The 12 minute radio extract that he refers to gives a clear airing of the issue.
Update: Ben had an article in the Guardian on Saturday which went into a little more detail about his concerns.
"Here’s a scary story. You can track anybody’s movements through their mobile phone, all you need is five minutes access to their phone. You receive two text messages, and send one in reply, then delete the evidence, and bob’s your uncle, your target would never know. On Radio 4 today I pointed this out to one of the companies that offer this service. Their response is, essentially, that this had not occurred to them as being a problem.
http://www.bbc.co.uk/radio4/youandyours/items/02/2006_04_fri.shtml
I don’t get angry easily, but to my mind, this is a sinister story, and the phone companies are failing to protect your privacy, by giving away your location to anybody on the flimsiest of “consent”: one text message."
The 12 minute radio extract that he refers to gives a clear airing of the issue.
Update: Ben had an article in the Guardian on Saturday which went into a little more detail about his concerns.