Friday, January 26, 2007

ID card for immigrants to make employers border police

John Lettice takes no satisfaction from having one of his many predictions about ID cards coming to pass.


Immigration minister Liam Byrne has taken the wraps off the long-predicted (in these parts, at least) plan to hit immigrants in the first wave of ID cards, and to force employers to police the system. David Blunkett first trailed this scheme in November 2004, ( while an IPPR report last year ( recommended hitting immigrants with ID cards by 2008.

Notice the organisation Blunkett was speaking to? There's a coincidence. Liam "Charlie" Byrne (the Home Office's very own round-headed kid), trailing the proposed Borders Bill on Radio 4's Today programme, essentially followed the script of Blunkett's 2004 IPPR speech. There have for some years now been legal provisions for heavy penalties for companies hiring illegal immigrants, and it is the employer's responsibility to ensure that employees have the right to work in the UK. These provisions have however been virtually unenforceable, because of the number of different documents which can be used to 'prove' right to work, and the relative ease with which these can be forged. Byrne this morning told us that there were currently over 60 documents which could be used, and that biometric ID cards for immigrants would provide employers with "a fail-safe, easy method to check whether someone is here legally."

EU 'e-health'

Via Glyn on the ORG list, ZDNet reports:

"The European Commission is about to call for proposals on how patients' medical details would be shared between its member states, with the UK almost certain to be included in the scheme.

Within the next few days, an initiative called the Competitiveness and Innovation Framework Programme (CIP) will be adopted as part of Framework 7, a massive drive by the EU to fund research and development, with e-health being a major beneficiary.

One requirement of the CIP will be to establish interoperability between member states' healthcare IT systems, such as the NHS' so-called "Spine", which is the new UK database of patient care records.

This aim was outlined in a document published in September last year, entitled Connected Health: Quality and Safety for European Citizens. In this document, the Commission's ICT for Health unit called for interoperability between nations' healthcare systems, arguing that "health, social care and other providers must no longer work in isolation, but need to collaborate as a team, if necessary beyond their national and linguistic borders".

I'm glad to see Ross Anderson is in fighting spirit over the idea. When ZDnet asked him for his thoughts he said:

"If you're somebody with information that should be known, at present you will carry either a bracelet or a card in your wallet to say so. It is foolish to move to a computer for the simple reason that, if you have the information either on an online database or sitting on a smartcard, then the computer could be down. Human-readable information which you can carry is the most appropriate technology... I sincerely hope it's another round of something that's never going to happen. If it comes to the point that every one of the five million people working in healthcare in Europe, plus the CIA and hackers, can access the information, then I'll stop using the health service"

Thursday, January 25, 2007

Norwegian Ombudsman: iTunes illegal

This story has been doing the rounds for the past week or so, so it is interesting the FT should pick it up now.

"Apple was dealt a blow in Europe on Wednesday when Norway’s powerful consumer ombudsman ruled that its iTunes online music store was illegal because it did not allow downloaded songs to be played on rival technology companies’ devices.

The decision is the first time any jurisdiction has concluded iTunes breaks its consumer protection laws and could prompt other European countries to review the situation."

Text is free, we make our money on volume(s)

James Boyle is on the money yet again in the FT.

" The internet makes copying cheap. Businesses that see their livelihood
as dependent on the restriction of copying – concentrated in the
recording, film, publishing and software industries – are understandably
upset. Their goal is to have the same ability to control their content
as they had in an analog world but to keep all the benefits of
pervasiveness, cost saving, and viral marketing that a global digital
network brings. To that end, they have moved aggressively to change laws
worldwide, to introduce stiffer penalties, expand rights, mandate
technological locks, forbid reverse engineering, and increase
enforcement. It is not so much a case of wanting to have their cake and
eat it, as to have their cake and make your cake illegal.

Yet there are hints in each of these industries of a different business
model, one that aims to encourage, rather than to forbid copying. At the
moment, the hints are only that – a scattering of anecdotes suggesting
alternative ways of supporting creativity. It is not clear if they will
thrive or even survive, still less whether they can “scale” to a broader
audience. Still, if the alternative plan is to make the internet illegal
or sue grandmothers for downloading, it might be worth taking a look at

James has recently published a new book called The Shakespeare Chronicles, a novel he has apparently been working on sporadically for 20 years. He's also, naturally given his stance on intellectual property, making it available freely via the Net.

AAP hire PR 'pit bull' to discredit open access

With pressure of other things I've been failing badly to keep up with Peter Suber's fantastic Open Access News. I'm glad I looked this morning, though, since Peter has pointed to a report in Nature suggesting the American Association of Publishers have decided to hire a prominent public relations firm to spread untruths about the idea of open access.

"The consultant advised them to focus on simple messages, such as "Public access equals government censorship". He hinted... also recommended joining forces with groups that may be ideologically opposed to government-mandated projects such as PubMed Central, including organizations that have angered scientists. One suggestion was the Competitive Enterprise Institute, a conservative think-tank based in Washington DC, which has used oil-industry money to promote sceptical views on climate change."

Peter himself has a remarkably measured response:
  1. I've read this several times and still find it incredible. Why would the AAP pay $300-500k for advice on how to misrepresent the issue? The next time you see an AAP press release on OA, ask yourself this question.
  2. Does the AAP even need the advice? It has been falsely identifying government archiving with government censorship, and falsely identifying threats to publisher revenue with threats to peer review, at least since the debate over the NIH policy in 2004. For a more recent example, see its May 2006 public statement opposing FRPAA. (Also see my rebuttal.)
  3. I hope that publisher-members of the AAP will disavow these tactics and that journalists and policy-makers will understand the difference between intellectual debate and media massage.
  4. Kudos to Nature for uncovering and reporting this story."
I looked in particular at that PR 'message' they're going to work with, "
Public access equals government censorship", and thought how on earth could anyone believe that open public access is censorship?! But then I thought again and depressingly realised that much political and commercial power is sustained these days by carefully massaged 'messages' describing black as white or vice versa. This is a tale that will require careful monitoring.

CIA Facebook recruits

Wired News reports that the CIA have been recruiting via

"Since December 2006, the Central Intelligence Agency has been using, the popular social networking site, to recruit potential employees into its National Clandestine Service. It marks the first time the CIA has ventured into social networking to hire new personnel.

The CIA's Facebook page (login required) provides an overview of what the NCS is looking for in a recruit, along with a 30-second promotional YouTube video aimed at potential college-aged applicants. U.S. citizens with a GPA above 3.0 can apply."

Wednesday, January 24, 2007

Limiting the risks of government data sharing

There are some smart people in the civil service, like Owen Barder, the Director for Global Development Effectiveness at DfID, the UK Department for International Development, the department charged with fighting global poverty, who makes some succinct points about government data sharing on his blog:

"The UK Government is going to consult more widely on its proposals for data sharing within government.

A national identity register that allows data sharing across government could be the technological underpinning of a huge improvement in the provision of government services. (It is important that the technology will not transform the services: it is a platform on which government processes can change).

Those of us who understand the technology and care about our civil liberties should not adopt a luddite stance of opposition: we should send a clear, consistent and simple message about the safeguards we need so that we get the benefits of joined up services without the risks to our freedoms.

I propose the following five, readily understandable safeguards. The government should commit itself to each of these, or offer an extremely good reason why not:

  • government data should be stored in decentralized databases that can communicate with each other on a need to know basis, not in shared data warehouses;
  • citizens should have access to all data held about them by government
  • citizens should be able to see a complete log of every access to their personal data by all public servants
  • an independent information security ombudsman should police the systems
  • there should be no identity cards and no collection of biometric data"

Survey: 25% support torture

The Guardian reports on the British Social Attitudes survey (3,000 inrterviews by the National Centre for Social Research). Apparently a third of those questioned think banning peaceful protests and 25% think torture is a price worth paying to fight terrorism.

William Heath reckons that means "a quarter of us are evil and a third deeply misguided." I think too many people have been watching the US drama 24, where the hero Jack Bauer at some point in his busy days always ends up torturing somebody to get the crucial information save the world.

"About 80% said electronic tagging of terrorist suspects was "a price worth paying" to combat terrorism. The same proportion backed home curfews, travel restrictions and detention without charge for more than a week. Less than a quarter of the population said torturing terror suspects would be "a price worth paying" and only 35% would accept a ban on peaceful protests and demonstrations. But the nation is almost equally divided on whether people charged with terrorism-related crime should be denied a jury trial - with 50% finding that acceptable and 45% unacceptable.

Conor Gearty, professor of human rights law at the London School of Economics and joint author of the report's civil rights chapter, said: "The very mention of something being a counter-terrorism measure makes people more willing to contemplate the giving up of their freedoms. It is as though society is in the process of forgetting why past generations thought these freedoms to be so very important." "

Conor's right and I'm reminded of Martin Niemoeller's poem...

First they came for the communists but I wasn't a communist so I didn't do anything
Then they came for the social democrats but I wasn't a social democrat so I didn't do anything
Then they came for the trade unionists but I wasn't a trade unionist so I didn't do anything
Then they came for the Jews but I wasn't a Jew so I didn't do anything
Then they came for the Catholics but I was a protestant so I didn't do anything
Then they came for me and there was no one left to defend me.

HughesDirect drm mini saga concluded

It looks like my drm mini saga has come to a satisfactory conclusion. I've had an email today saying HughesDirect have refunded the money I paid out for the faulty DVD player, returned via City-Link on Monday. Well done and thank you to the folks at HughesDirect for being so helpful and professional in dealing with the problem.

Police struggle with 'cybercrime'

The Independent is reporting this morning that a new report from the Metropolitan Police says the police are struggling to cope with the rise of cybercrime (which they also call e-crime). Firstly let me get my usual irritation about e-things out of the way. There is no such thing as 'e-crime'. It is just that criminals now have access to these not-so-newfangled-anymore tools called computers. The police, however, have nothing like the resources or personnel with the experience or skills required to tackle the numbers of crimes that now incorporate a computing element.

That constitutes a failure of police management and of government. If police management were not so blindly focussed on artificial simplistic targets, then maybe, as the Met report concludes, "The ability of law enforcement to investigate all types of e-crime locally and globally" would "be 'mainstreamed' as an integral part of every investigation, whether it be specialist, or murder, robbery, extortion demands, identity theft or fraud." Maybe too, when the local vandals engage in another round of boredom, drugs or alcohol induced criminal damage, we could get a real police officer to investigate and catch the perpetrators, rather than having to phone a supposedly local number, which diverts to a call centre where the operator doesn't even know the location of your town and is only empowered to provide you with a crime number and no more. (Interestingly enough when the then Mayor's wall was damaged some time ago the police were round doing door to door inquiries asking if we had seen anything).

If the government weren't so intent on headline-reflex legislating and pouring billions of pounds into ill thought out information systems to 'solve' everything from NHS waiting lists to immigration and terrorism, then maybe a fraction of those wasted resources could be diverted to support the difficult jobs that the police and intelligence services have to do, with, of course, the appropriate checks and balances. The real work of policing and intelligence, though, is difficult and complex, often tedious, time consuming and dangerous. Sadly for the people involved in such jobs this process has the rather serious political drawback of not being constantly, spectacularly and superficially newsworthy. So whilst the politicians chase headlines and police management chase targets, those who have to do the real work just do their best.

Tuesday, January 23, 2007

Kahle v Gonzales: Court upholds copyright in orphan works

Via Michael Geist:

"A U.S. appeals court has rejected a bid by Internet activists to roll back federal laws that extended copyright protection over orphan works, or books and other media that are no longer in print. The U.S. Court of Appeals for the Ninth Circuit affirmed a lower court decision to dismiss Kahle v. Gonzales, which argued that legal changes made in the 1990s had vastly extended copyright protections at the expense of free speech rights."

The decision is available at

Larry Lessig argued the case before the court in November and there are further details on the case at the Stanford website.

"In this case, two archives ask the U.S. District Court for the Northern District of California to hold that statutes that extended copyright terms unconditionally — the Copyright Renewal Act and the Copyright Term Extension Act (CTEA)— are unconstitutional under the Free Speech Clause of the First Amendment, and that the Copyright Renewal Act and CTEA together create an “effectively perpetual” term with respect to works first published after January 1, 1964 and before January 1, 1978, in violation of the Constitution’s Limited Times and Promote...Progress Clauses. The Complaint asks the Court for a declaratory judgment that copyright restrictions on orphaned works — works whose copyright has not expired but which are no longer available — violate the constitution."

Well the court rejected the argument. I guess there will be plenty of commentary from the usual suspects in due course.

Speaking of ignoring evidence...

Not only have government been ignoring evidence pointing out the nature of the problems with their NHS IT systems but it seems they have been actively trying to hide at least some of these problems according to John Young:

"The UK government's Department of Health has removed the following three embarrassing documents from its website. Two of them describe the 'sealed envelope' mechanism proposed to protect the privacy of medical records in their proposed national medical records database, while the third is a consultancy report saying that sensitive information would be better held in local systems."

nhs-sealed-pr.doc (Connecting for Health's own Risk Analysis: Confidentiality problems will cause risk to Health)

nhs-sealedenvs2.doc (Sealed Envelopes - Guiding Principles Document)

nhs-sealedenvs1.doc (Sealed Envelopes briefing paper)

Thanks to HJ Affleck at FIPR for the pointer.

Disproportionate and special interest lawmaking

With government spokespeople complaining all over the place about the police investigating cash for honours, it seems fairly clear that when they were introducing over 3000 new crimes during the past ten years, these crimes weren't meant to apply to themselves, the good guys. Don't the police realise that these laws were supposed to help them tackle the bad guys and if some innocent people get caught up in the process then that was the price of public safety, as long as none of the elite are amongst those caught in the net, of course.

In any case, the 'trust me because I'm a good guy who sincerely believes he is doing the right thing' approach to government is completely unsustainable when it involves unquestioning faith in a ruling elite engaged in perennially and systematically ignoring mass quantities of evidence contrary to their worldview. Clifford's essay, 'The Ethics of Belief' comes back to mind here.

I don't know whether the New Labour insiders who have been arrested in the cash for honours investigation or whether the New Labour friends about be prosecuted in the BAe-Saudi arms affair, before the government terminated the case, have engaged in criminal behaviour. I do believe that a government that sails to power on the promise of being "tough on crime and tough on the causes of crime", introduces new sweeping criminal justice legislation on average every two months for ten years and then implies that they themselves are outside of the reach of such laws, blast a huge hole in their own ship way below the credibility line. The rather unfortunate fall out for those like Lord Levy who have been subject to investigation is that if they are not subsequently prosecuted due to lack of evidence or incontrovertable evidence of innocence, it will be too easy to believe that some other member of the elite protected them - the no smoke without fire syndrome - and Levy and others might not get a chance to clear their names.

An approach to criminal justice legislation which involves a constant legislating reflex response to the latest headlines, based on a belief about what the police or security services want and only what they want, is also unsustainable. It is indicative of governing through laws written by and for powerful special interest groups, both within and outwith government. (The police and security services should have all the resources and tools they need to do the difficult job they have to do but with the appropriate checks and balances in place to ensure we don't creep down the road of a police state. (You only have to look at today's headlines about the complicity of the RUC in loyalist murders to see how it can so easily get out of control). Even the head of MI6 said last week that the government had gone too far in implying the BAe-Saudi case had been shut down at his request.)

Larry Lessig makes pretty much the same point in the closing chapter of the second edition of Code, in the context of copyright legislation:

"In the last ten years Congress has passed exactly one bill to deal with the problem of spam - the CAN-SPAM Act of 2003. OVer the same period, Congress has passed 24 laws affecting copyright...

This pattern is not an accident. In a political world that is dominated as ours is, lawmaking happens when special interests benefit. It doesn't happen when special interests oppose. And in these two instances, the lack of regulation and the plethora of regulation is explained by this point precisely. There have been 24 bills about copyright because rock stars lobby for them. There has been one bill about spam because the direct mailers (and many large companies) testified against them."

Monday, January 22, 2007

Identity Crisis

Kim Cameron has been reading Jim Harper's book Identity Crisis.

"Jim Harper really understands identification. And he is better than anyone at explaining what identification systems won’t do for us - or our institutions. He carefully explains why many of the proposed uses of identification are irrational - delivering results that are quite unrelated to what they are purported to do. In my view, getting this message out is just as important as explaining what identity will do...

I have only one criticism of the book. I would like to see us separate the notion of identity, on the one hand, and individual identification (or identifiers) on the other. We need return to the original meaning of identity: the fact of being who or what a person or thing is.

As a simple example, suppose I’m a service provider building a chat room for children, and want to limit participation to children who are between 12 and 15. Let me contrast two ways of doing this.

In the first, all the children are given an identifier. To get into the room, they present their identifier and prove they are the person to whom that identifier was given. Then the chatroom system does a lookup in some public system linking identifier and age to make the access control decision.

In the second, the children are given a “digital claim” that they are of some age, and a way to prove they are the person to whom that ”claim” was given. The chatroom system just queries the claim to see if it meets its criteria. There is no reference to any public or even private identifier.

My point is that the first mechanism involves use of an identifier. The second still involves identity - in the sense of being what a person is - but the identification, so rightly put into question by Jim’s book, has been put into the trashcan where it belongs.

The use of an identifier in our first example breaks the second Law of Identity (Data Minimization - release no more data than necessary). It breaks the third Law too (Fewest Parties - since it discloses use of information to a central database unnecessary to the transaction). Finally, it breaks the Fourth Law (using an omnidirectional identifier when none is required)."

The case against secrecy in voting system testing

Joseph Lorenzo and Aaron Burstein have written a persuasive opinion piece in Roll Call explaining the damage that secrecy in electronic system oversight does to the election process.

"The Election Assistance Commission has some explaining to do. The secrecy that pervades the EAC, which oversees testing and certification of voting systems, holds dire consequences for our electoral system. Both chambers of Congress need to work to dispel this culture of secrecy.

A recent case illustrates why secrecy is a fundamental problem at the EAC. Last summer the EAC prohibited a lab run by Ciber Inc. from testing new voting systems due to inadequate test plans and documentation. Nonetheless, the voting systems that Ciber previously has tested remained certified and were used in elections in November. The EAC has not disclosed which voting systems Ciber tested using faulty procedures, but according to our calculations, nearly 70 percent of registered voters in the 2006 general elections voted on equipment qualified by Ciber...

consider that the public and voting officials learned of the Ciber de-accreditation not from the EAC last summer, but from The New York Times two weeks ago...

Secrecy is pervasive in voting system development and testing. As one test lab representative testified before the EAC in October, their procedures must be kept secret because their clients — voting system vendors — require confidentiality and “own” the test results. Though this secrecy might protect some proprietary information, or prevent embarrassing information from coming to light, it is inimical to proper oversight of the election system.

Last month, when the EAC adopted its new testing and certification policy, it left the major elements of voting system testing secrecy in place. For example, the EAC’s new policy will continue to allow voting system manufacturers to select, pay and communicate confidentially with test labs, thus diminishing the labs’ independence. Under its new rules, the EAC will not receive manufacturers’ technical data packages, which are documents crucial to understanding a voting system...

In addition, the EAC failed to ensure that election officials, as well as the public, can assess the sufficiency of the test labs’ work. Under its new policy, the EAC will publish test labs’ reports about systems that gain certification. The EAC, however, will not publish the details about what a lab did to test a system, the so-called test plan. Keeping the test plan secret will make it difficult for anyone other than the EAC, the labs and the vendors to judge the conclusions presented in the report. As the experience with Ciber shows, knowing how a test lab evaluates a voting system is just as important as knowing what conclusions the lab reaches.

This secrecy works against voting integrity. Test labs, after all, are charged with determining whether voting systems satisfy standards, all of which are public. Test plans simply put the rubber to the road, and the system benefits by having a common understanding of what kinds of tests are sufficiently rigorous. Keeping this information secret only protects labs with lax procedures. Greater transparency, on the other hand, would encourage all test labs to develop more rigorous procedures."

Gutmann Vista and DRM: Microsoft Response

Microsoft have posted a response to Peter Gutmann's cost analysis of the insane digital restrictions being built into Microsoft's new operating system, Vista. The response pened by Dave Marsh, a Lead Program Manager for video, basically confirms Gutmann's concerns, as the intro. demonstrates:

"Windows Vista includes content protection infrastructure specifically designed to help ensure that protected commercial audiovisual content, such as newly released HD-DVD or Blu-Ray discs, can be enjoyed on Windows Vista PCs. In many cases this content has policies associated with its use that must be enforced by playback devices. The policies associated with such content are applicable to all types of devices including Windows Vista PCs, computers running non-Windows operating systems, and standalone consumer electronics devices such as DVD players. If the policies required protections that Windows Vista couldn't support, then the content would not be able to play at all on Windows Vista PCs. Clearly that isn't a good scenario for consumers who are looking to enjoy great next generation content experiences on their PCs...

It's important to emphasize that while Windows Vista has the necessary infrastructure to support commercial content scenarios, this infrastructure is designed to minimize impact on other types of content and other activities on the same PC. For example, if a user were viewing medical imagery concurrently with playback of video which required image constraint, only the commercial video would be constrained -- not the medical image or other things on the user's desktop. Similarly, if someone was listening to commercial audio content while viewing medical imagery, none of the video protection mechanisms would be activated and the displayed images would again be unaffected...

The paper implies that Microsoft decides which protections should be active at any given time. This is not the case. The content protection infrastructure in Windows Vista provides a range of à la carte options that allows applications playing back protected content to properly enable the protections required by the policies established for such content by the content owner or service provider. In this way, the PC functions the same as any other consumer electronics device."

Another demonstration of the insanity of complex organisations and the restraints they place on the largely rational people who work for them. I'm sure Dave Marsh would much rather be focussing on delivering and loudly proclaiming fantastic new video functionality, than having to find explanations via carefully constructed language about third party contraints the company has accepted they need to build into the technology. I don't envy him that job in the slightest.

Update: Some of the comments at the end are really worth reading (though some are the usual Microsoft bashing for the sake of Microsoft bashing), like this one from a doctor pointing out the impact of lack of interoperability on patient care:

"Since when did you think that DRM would not apply to medical imaging. Speaking as a physician, we ALREADY have this problem. The medical image DICOM format has been split into various flavors by competing software vendors who do their best to make sure that you have to have THEIR viewer in order to see files saved in their version of the format.

Further competing hospitals are choosing not to install viewers that would allow MD's to look at films that were taken at their competition ( or perhaps their IT staff can't be bothered to install them -- either way the result is the same). This proprietary behavior is already hindering patient care."

Technically this isn't necessarily drm the doc is complaining about but lack of interoperability, (which drm will also impede).

Rob Glaser calls for end to DRM

I learn from Derek Slater that RealNetworks' Rob Glaser has called for an end to DRM encumbered music downloads.

"Glaser reportedly stated that he is "seeing some signs the industry is open to ... giving consumers a way to purchase music with the flexibility that you can only get if you take the DRM off.... For purchases, move away from DRM" (emphasis added). What common sense - when you buy music, you own it and should be able to make personal use of it however you want."

Btw, my own drm mini saga is still partly ongoing. The replacement DVD player got delivered and seems to work ok - it reads and plays my DVDs, or at least the three I've so far tried on it. But when City-Link delivered the new machine the van driver refused to collect the faulty one. It wasn't his job apparently. Coming up to 5pm on Friday I was getting kinda anxious that there were no further City-Link vans on the horizon - my refund on the faulty machine does not come through until Hughes-Direct get it back.

So I phoned City-Link. They had no notification of a collection from my address.

So I phoned Hughes-Direct. They assured me they had arranged for the collection and gave me a collection tracking number.

So I phoned City-Link with the number and was informed that Hughes-Direct had asked for the faulty machine to be picked up next Friday, 26th January between 10am and 5pm.

So I phoned Hughes-Direct and pointed out what I assumed to be the error. They told me they would arrange for the machine to be picked up today between 10am and 5pm Well so far no sign of the City-Link van and since my refund is dependent on the efficient expedition of the logistics between them I'm hoping I'm not going to be playing phone tag between the two firms again this evening.

Update: Well City-Link collected the faulty machine about 3.30pm and now I have to trust/make sure that the appropriate refund will be expeditiously forthcoming in the next few days.

Sunday, January 21, 2007

Judge allows music industry suit v XM radio to go ahead

A US District Judge has decided that the music industry's lawsuit against XM satellite radio for allowing listeners to record/store songs should be allowed to go ahead.

"A lawsuit in which record companies allege XM Satellite Radio Holdings Inc. is cheating them by letting consumers store songs can proceed toward trial, a judge ruled Friday after finding merit to the companies' claims.

U.S. District Judge Deborah A. Batts made the finding in a case brought by Atlantic Recording Corp., BMG Music, Capitol Records Inc. and other music distribution companies against the licensed satellite radio broadcaster.

In a lawsuit last year, the companies said XM directly infringes on their exclusive distribution rights by letting consumers record songs onto special receivers marketed as "XM + MP3" players."

Gonzales quized about domestic spying

US Attorney General has been questioned by the Senate Judiciary Committee about the warrantless domestic spying programme that the Bush administration has apparently agreed to subject to FISA oversight.