Saturday, December 08, 2007

Free speech QED

Ruthie at Ruthie's Law has been giving her very own paint by numbers lesson on the value of free speech.

"It is clear that free speech is a requirement in any society which aspires to democracy - a system described by Winnie as the worst form of government, except for all the others. Thus, free speech must be defended. If that means anything at all, it means that free speech must be granted to those whose views are despicable, disgraceful and disgusting (dear Diary, Tucker says that alliteration is admirable).

But what is this free speech? I suggest that it is a right to speak. It is not a right to be heard. It is not a right to speak anywhere one likes. It is a right not to be locked up or persecuted by the State for expressing an unpopular (as opposed to a criminal) point of view. But it is not a right to be given an audience. For some reason it is a matter of principle for some that David “Auschwitz is a lie an exaggeration” Irvine should be able to peddle his turd-speak wherever he likes, on the basis that he describes himself as an historian: so that’s alright then.

If Irwhinge wanted to say that black people were intrinsically inferior to white people it is difficult to see the same approach being adopted. Thus, I conclude that this debate is not really about free speech at all. It is about what people are comfortable hearing. Part of the reason that this country is comfortable about holocaust denial or minimisation is that (unlike Germany) it still congratulates itself for not being on the wrong side. Dear Diary, it is entitled to such congratulation. Yet, alas, it has learned the wrong lesson. The lesson is not that traditional British tolerance will ensure that it does not happen here - even though that may be true. The lesson is that people like Irwhinge and Grithick mean what they say. We tend to find that thought so incomprehensible that we shy away from it, and thus fail to learn the lesson of history.

Once one grants that the people who speak freely mean what they say, the debate sharpens up considerably. If we entirely prevent them speaking then, apart from driving their views underground (a tactical debate which I do not address here), we must trust the state to get it absolutely right when determining who can and cannot speak out. Most of us do not have that level of trust in the state and, in a democracy, most politicians do not have that level of trust in themselves. Good...

As dear old Voltaire should have said: “I do not agree with what you say, but I will defend to the death your right to mumble it to the other addle-pates whilst not being prosecuted for doing it. However, the minute you begin not to mumble you are liable to arrest if your words result in actions against those about whom you speak, of which there is a clear risk to an objective observer.” That dear Diary, is the issue of criminalising hate-based conduct. Whether we have the balance right is another question. That there is a balance should be plain. Ultimately we all have a choice about what we hear. How we exercise that choice is something that impacts on everyone and is thus a moral decision. Our fear of that decision must not prevent us denying the essential reality that we are responsible for what we do and that millions of individual decisions matter. If one feels too insignificant to make a difference that is sad. But it is not an excuse for denying the obvious in a self-indulgent attempt to stay in the nursery."

Read it in full and the comments. Great stuff.

Here we go again...

Data of 60,000 on stolen computer

"A laptop computer containing personal details of up to 60,000 people has been stolen from the Citizens Advice Bureau in Belfast."

Friday, December 07, 2007

Wikipedia in the Nazi speech firing line

From Politician files charge over Nazi symbols on Wikipedia

"A left-wing German politician has filed charges against online encyclopedia Wikipedia for promoting the use of banned Nazi symbols in Germany.

Katina Schubert, a deputy leader of the Left party, said she had filed the charge with Berlin police on the grounds that Wikipedia's German language site contained too much Nazi symbolism, particularly an article on the Hitler Youth movement."

ContactPoint Early Day Motion

Via Terri Dowty:

" You might want to ask your MP to sign up to this Early Day Motion


Brooke, Annette

That this House notes the announcement by the Parliamentary Under-Secretary of State for Children, Schools and Families of the deferral of the implementation of ContactPoint to allow for an independent assessment of its security procedures by Deloitte and to address the changes to ContactPoint that potential system users have suggested, but regrets that this review will not extend to the design and content of ContactPoint; expresses concern over the safety implications of such a vast database containing potentially sensitive information in the light of security breaches at HM Revenue and Customs; further expresses concerns about the projected costs of ContactPoint; notes the conclusion of the House of Lords Select Committee on Merits of Statutory Instruments that the Government has not conclusively demonstrated that a universal database is a proportionate response to the problem being addressed; and therefore calls upon the Government to reconsider its decision to proceed."

Good for her. Meanwhile some people have been writing to the Guardian on the same subject.

"The planned database containing the details of all 11 million children in England should be suspended because it is insecure and will put children's safety at risk, an alliance of independent school heads and privacy campaigners warns today.

In a letter to the Guardian, influential groups representing private schools, together with the human rights campaign Liberty, say it is "ludicrous" that the government intends to push on with the controversial ContactPoint database project while awaiting the outcome of a new security analysis of the system."

Demos report: the new politics of personal information

I heard on the BBC radio news this morning that Demos has published a new report today: We no longer control what others know about us, but we don’t yet understand the consequences... The new politics of personal information compiled by Peter Bradwell and Niamh Gallagher.

"Aims of the study

This report has three aims:

1 to connect the value people gain from an information rich society with the challenges that arise from giving away personal information

2 to raise awareness of the consequences of the increasing reliance on personal information by institutions in the public and private sector

3 to provide a framework within which policy-makers, businesses and individuals can address these challenges in the long term.

This report is intended to push the debate on personal information
beyond the legal and technical language associated with data
protection and identity management. The debate must move towards
something that people – through day-to-day experiences in their own
lives – have a stake in. New trends of communication, customer
services, personalisation, and issues of social inclusion and privacy
are helping to create a new framework for the discussion of personal

Our argument

Personal information has become central to how we live – from
banking online and supermarket shopping, to travelling, social
networking and accessing public services. The visible result of this is a
trend towards personal, tailored services, and with this comes a
society dominated by different forms of information gathering. This
is not just something people are subjected to. They are more and
more willing to give away information in exchange for the
conveniences and benefits they get in return, and are often keen for
the recognition and sense of self it affords.

But there is a tension here. By sharing personal information we
surrender control in the longer term by leaving ourselves open to
judgement by different groups in different ways. The drive to
personalise or tailor services, which is shaped by those judgements,
can lead to differences between what people experience and have
access to. This can mean a narrowing of experience, can lead to social
exclusion, and has significant implications for how we live together as
a society. We argue that these problems can only be resolved by a
more open understanding of and better democratic debate about the
boundaries, rights and responsibilities that regulate the use of
personal information. That debate should focus on developing the
collective rules that determine individuals’ ability to negotiate how
personal information is used...


People themselves must be put at the centre of information flows.
Our findings suggested a number of measures that government, the
private sector and individuals could follow to improve the relationship
between people, personal information and the institutions that
use that information.

For individuals, we recommend:

 The first step is for individuals to take measures to protect
their personal information – for example, by securing
wireless networks. Second, they must recognise the
connections between the benefits of sharing information,
and the often less tangible costs and dangers that can
result. A better understanding of this relationship is the
necessary step towards bottom-up policy driven by
collectively negotiated norms and rules, rather than policy
driven by the narrower needs and interests of government
or business. However, this does need considerable support
from government and the private sector to start the

For government, we recommend:

 The government should develop a more coherent strategy
around personal information use. This strategy should
clarify the links between how government will use
personal information, in specific contexts, and what the
potential benefits or costs might be for individuals. Each
government department using personal information must
say how they are accessing personal information, for what
purpose, and how it affects people. They should also
employ ‘cash-handling’ disciplines for dealing with
people’s personal information.

 The government should begin long-term research and
thinking into increasing levels of information about
individuals, coupled with personalising services and
experiences. Segmentation and increasing knowledge of
individuals will create markets that exclude in ways that
current uses of information do not. That will have a
significant impact on what is meant by equality. For
example, will a new frontier of the welfare state be
providing life insurance for certain types of people who
are deemed bad investments by private insurance
 The Information Commissioner’s Office (ICO) needs
greater capacity to cope with the range of demands of an
information society, which continue to extend away from
just security of data towards data use and the nature of
information sharing. For example, that could include the
ability for the ICO to audit organisations’ use of personal
information without needing their consent.
 ‘Privacy impact assessments’ should be used for major
projects across public and private sectors to assess the use
of personal information early in development, led by the

 There needs to be a serious, renewed debate about the
identity card scheme, with the kind of engagement that
should have happened at the start of the process.
Otherwise, the scheme should be dropped. There needs to
be more open consideration of what kind of information
the cards would hold, why, and in what circumstances
they will be used.Meaningful engagement with the
public about how the technology should work must be
foremost in shaping what the cards do, if they are to go

For business and the private sector, we recommend:

 The rights of access individuals have to information held
about them in the private sector should be extended,
including the right to know what groups people have been
‘segmented’ into, and allow greater ability for individuals
to challenge and change existing information about themselves
that they believe to be invalid, incorrect or unfair.

 Information holders should engage in an open debate
about where responsibility for personal information lies,
with a view to clarifying the rights and responsibilities of
businesses and individuals.

 There should be a common sense test for privacy
statements and personal information policy. The private
sector must provide simple, accessible explanations of
why personal information is gathered. It is too easy
currently to adapt and rely on established legalistic
policies. A move away from jargon is needed. This means,
for example, requiring businesses to follow the legal
concept of the ‘reasonable person’ when drawing up
policy statements on personal information.
 Banks should consider a ‘no claims bonus’ for customers
who successfully protect their personal information.
 Technical distinctions used by business – between
authenticators and identifiers, for example – should be
binned. As for government, private sector involvement in
digital identity should be grounded in the ways that
people use and value their digital identities. That should
imply a move away from using information people are
likely to divulge – such as family maiden names, dates of
birth – as ‘authenticators’ instead.

 As a bridge between people, policy-makers and
technologists, a body such as the ICO should be given the
remit and resources to lead open discussions and debate
to help build more secure, effective and appropriate
technology for personal information."

Whose secret diary was Facebook so keen for you not to read?

Also from the Indie on Tuesday: Whose secret diary was Facebook so keen for you not to read?

"In the Facebook era, where everyone is spilling their secret thoughts for all to read on a social networking site, it is as if nothing is private any more.

So it might seem highly ironic that Facebook's founder Mark Zuckerberg has been pleading with a Boston court to censure a Harvard magazine that has ferreted out and published a personal journal from his university days and his 2001 application to study at the illustrious college. The judge, Douglas Woodlock, turned him down and ruled that the documents will stay in the public domain."

David Holtzman will no doubt have had a wry grin over the proceedings.

ELQ funding consulatation

Just a reminder to all OU and other part time students that the government "consultation" on their decision to cut a massive chunk out of the funding for part time students ends today. Yvonne Cook had an excellent article in Tuesday's Independent (4 Dec.) this week on the issue, 'The threat to lifelong learning'.

Good old Arsenal

With the Usmanov affair, the recent loss in the Champions league, draw to Newcastle and various injuries to key players like Fabregas, there are some concerns around the Emirates Stadium at the moment. But it's nice to hear that the Arsenal players, directors and many other staff are donating a day's pay to Treehouse, the national charity for autism education.

"Be a Gooner. Be a Giver

This season, TreeHouse is over the moon to be working with Arsenal to raise £250,000 to build the sports facilities in our new National Centre for Autism Education in Noth London.

We have launched "Be a Gooner. Be a Giver" to encourage everyone in the Arsenal family to give whatever they can afford to help us reach our target. We are delighted that Arsenal's amazing players and directors have already generously donated a day's wages - please join them in supporting us, so that we can help many more children with autism through our new National Centre. You really will be making a difference.

If you would like to find out more about TreeHouse and Arsenal, and for a chance to win tickets to the Chelsea game on 16th December, download the free TreeHouse epac at

Thank you from the bottoms of our hearts....and go Arsenal!

From the Children, Staff and Parents of TreeHouse"

Thursday, December 06, 2007

Congratulations Fernando

The highly entertaining Fernando Barrio, who I met at Gikii 2 earlier this year has been nominated and shortlisted for the law teacher of the year award. Congratulations to him.

There is no tech bubble

Thanks to Ian Yorston, Head of Digital Strategy at Radley College, and aka the Unreasonable Man for alerting me to this:

Facebook not too hot on privacy

David Holtzman, author of the excellent Privacy Lost, is fairly fuming over Facebook's most recent privacy invading shenanigans.

"I was actually hoping this would blow over, but sigh. Another arrogant, young, venture-funded social networking company has done something counter-consumer, caused a furor and backed down, apologizing with a hearty "my bad." Yes, it's Facebook and their notorious Beacon program, which monitors things that members buy on 3rd party affiliated sites and broadcasts these purchases to the member's network, regardless of whether he/she wants them to or not. Originally Beacon was a compulsory "feature"--now it is kinda opt-out. It should have been opt-in all along, but I guess Facebook doesn't see it that way.

Facebook's CEO, Mark Zuckerberg (who is by the way, younger than most of my dental work), has apologized to the user community. In an interview, he said: "I'm not proud of the way we've handled this situation and I know we can do better." I believe Mr. Zuckerberg has completely missed the point--it's not a problem of how he reacted, it's the fact that they rolled out an evil f**king system to begin with.

Even now, the opt-out is transactional, you have to say no each time. The fact these bastards are tracking people at all on 3rd party sites is highly creepy and invasive anyway.

However as most of the critics have said, you don't have to use Facebook.

Good idea. Let's not."

Ian did a forensic examination of Facebook's privacy settings for Gikii 2 this year and came to the conclusion that they didn't measure up too well. He was slightly more polite about their failings.

Canadia Songwriters want to tap commercial potentional of P2P

Via Michael Holloway on the ORG list, the Songwriters Association of Canada are proposing to put in place a system to enable them to be compensated for the distribution of their works on peer to peer networks.

"We propose an amendment to the Copyright Act which would establish a new right: The Right to Equitable Remuneration for Music File Sharing.

4. We define Music File Sharing as the sharing of a copy of a copyrighted musical work without motive of financial gain.

Since the new right is limited to activities that take place without motive of financial gain, parties who receive compensation for file sharing would not be covered by this right. Therefore, this new right is distinct from rights licensed by legal music sites like iTunes and PureTracks.

5. The new right would make it legal to share music between two or more parties, whether over Peer to Peer networks, wireless networks, email, CD, DVD, hard drives etc. Distinct from private copying, this new right would authorize the sharing of music with other individuals.

6. In exchange for this sharing of their work, Creators and rights holders would be entitled to receive a monthly license fee from each internet and wireless account in Canada.

7. We propose a licence fee of $5.00 per internet subscription, per month. Payment of this fee would remove the stigma of illegality from file sharing. In addition, it would represent excellent value to the consumer, since this fee would grant access to the majority of the world’s repertoire of music. Existing download subscription services generally charge considerably more than $5.00 per month, while offering a mere fraction of the file-sharing repertoire."

Interestingly they go on to say that although they are not opposed to TPM/DRM and laws against circumvention (Canada are just about to pass their very own version of the the DMCA and EUCD), they believe their proposal makes DRM obsolete. In addition

"Given the consumer aversion to TPM’s, we believe their use will inhibit the success of recordings in which they are embedded, and they will simply fall out of use."

Nice to see them thinking about using rather than banning p2ps but the sticking point might well be the $5 per month on every account. All the usual economic arguments about levies supporting special commercial interests come into play but it is progress. As with the webcasting levies the devil would be in the detail, though the proposal is probably too late to have any effect on the Canadian government's deployment of their very own DMCA.

EDRI-gram newsletter - Number 5.23

EDRI-gram - Number 5.23, 5 December 2007 has just been issued and as usual is essential reading for digital rights folks. Contents:

Wednesday, December 05, 2007

Microsoft disables remote disabling

It seems that the good guys in Microsoft (and there are a quite a few of them btw) have got the message through that it is not a good idea to remotely disable customers's computers if it suspects piracy.

"Microsoft Corp. is pulling back from a system that disables programs on users' computers if it suspects the software is pirated, opting instead for a gentler approach based on nagging alerts.

Microsoft said late Monday it will roll out the new version of Windows Genuine Advantage with the first "service pack" for Windows Vista, due in the first quarter of 2008.

When computer users activate a copy of Windows Vista or try to download certain software from Microsoft's Web site, the Windows Genuine Advantage system scans their PCs for signs of pirated software. Today, if the tool finds an unauthorized copy of Vista, the glassy Vista user experience disappears and other features are suspended."

I suspect the nagging alerts are going to create major problems as innocents get targetted (identifying copyright infringement is an inexact science not best turned over to software) but it is a little better than having your brand new machine disabled.

German court says iPhone network tie-in ok

From German court upholds T-Mobile's exclusive iPhone contract

"T-Mobile can sell Apple's sought-after iPhone exclusively locked to its own service, a German court ruled Tuesday, reversing an injunction last month requiring the company to sell an unlocked version in Europe's biggest economy.

The Hamburg District Court said Tuesday that T-Mobile, part of Deutsche Telekom AG, could indeed sell the phone, coupled with a two-year contract, that could not be used on networks provided by rival wireless companies.

The arrangement is similar to those Apple Inc. has with other carriers around the world. In the United States, AT&T Inc. is Apple's exclusive partner."

Tuesday, December 04, 2007

Judge Dismisses LimeWire Antitrust Suit

Also via Michael: Judge Dismisses LimeWire Antitrust Suit

"A federal judge on Monday threw out an antitrust lawsuit that the operator of the LimeWire online file-sharing service filed against a coalition of major record labels.

U.S. District Judge Gerard E. Lynch in New York ruled that Lime Group LLC failed to make its case that it has been harmed by the recording companies' business practices, and he granted the companies' motion to dismiss the claims.

Lynch also dismissed several claims brought under state laws "without prejudice," which gives New York-based Lime Group the option to pursue the claims in state court."

Passport applicant finds massive privacy breach

Via Michael Geist: Passport applicant finds massive privacy breach

"A security flaw in Passport Canada's website has allowed easy access to the personal information - including social insurance numbers, dates of birth and driver's licence numbers - of people applying for new passports.

The breach was discovered last week by an Ontario man completing his own passport application. He found he could easily view the applications of others by altering one character in the Internet address displayed by his Web browser."

Monday, December 03, 2007

Websites sell secret bank data and PINs

On the front page of this morning's Times: Websites sell secret bank data and PINs.

Nothing particularly new here but the Times have reported the specific sites to Richard Thomas, the Information Commissioner, and he has agreed to investigate.

"Mr Thomas will address the Commons Justice Committee tomorrow on the addional powers that he says are needed to prevent breaches of data protection. He believes that reckless failure to protect information should result in prosecution and that his staff should have powers to raid government and business premises.

Hacking sites act as online bazaars for stolen personal information. They are well run, hierarchical groups structured like businesses. Some even have review sections where buyers can recommend a particular fraudster...

Senior police officers are concerned that current methods of dealing with large-scale data protection breaches are unworkable. Detective Chief Inspector Charlie McMurdie, of the Metropolitan Police e-crime unit, said: “At the moment people report internet crimes to a local police station but no one locally has the resources to investigate properly.”

Since April customers have been told to report card crimes to their banks rather than to the police. Mr McMurdie, backed by the main banks, has asked the Home Office for £1.3 million to fund a central e-crime unit."

All I would say is that the government has already rejected overtures to get serious about technology-complemented crime and I suspect Chief Inspector McMurdie is asking for a small sum in the expectation of not getting much. But £1.3 million is nowhere near enough to fund the technically literate police force we need to deal with these kinds of crimes not to mention the technical infrastructure required.