Saturday, January 17, 2009

Responses to UK government P2P filesharing consultation

The Department for Business Enterprise & Regulatory Reform has published the responses to their P2P filesharing consultation.
"None of the options highlighted in the consultation won widespread support. Rather there was a marked polarisation of views between the rights holder community and consumers and the ISPs over what action should be taken.

A number of key issues were identified by respondents including copyright protection, protections afforded under eCommerce legislation and the impact on the wider economy. Consumers (individuals and consumer organisations) in particular highlighted concerns over data protection and privacy. The role of technology was addressed by most respondents, however there were conflicting views as to whether it could offer all or part of any solution. For almost all the options, questions were raised as to their legality under the existing legal frameworks and again, views varied.

There was a degree of consensus that any solution must involve the provision of new legal sources of attractive content and the need for education on the importance of copyright in the wider economy.

A number of replies suggested alternative models to those options proposed. Copies of all non-confidential responses received have been placed on the BERR website."
It looks like someone at the FT has been talking to a government spokesperson of some sort about the kind of regulation they might be considering in the wake of the consultation too. Not quite three strikes but a mandatory system of automated warning letters (the problems with which Lilian has long since clinically illustrated) and mass release of personal details of suspected file sharers to rights holders.

The officials at the BERR I met last year clearly recognised the problems with this kind of approach and its bigger brother the 3-strikes approach in regulation but that doesn't mean the Andy Burnham minster types of this world haven't been mesmerised by their heroes in the music industry into doing something stupid. So as usual with IP it's a case of wait and see how bad it will eventually turn out to be while in the meantime continually pointing out the rationalities (or lack of them) in the smoke and mirrors that constitutes the public debate in the area.

Friday, January 16, 2009

Data sharing and government

I'm finally turning Tony into a policy geek.
"I made a couple of soft resolutions to myself at the start of this year, one of which was to try to take more interest in policy matters, particular in areas that impact upon the web and “information”. But I suspect that getting my head round the implications of proposed new legislation is going to be non-trivial.

For example, the MySpace generation believes that sharing personal information in public is the thing you do, right? But what about when government agencies can freely share your personal data between themselves.

For example, a couple of days ago, the Coroners and Justice Bill was introduced to Parliament containing a proposed amendment to the Data Protection Act:

152 Information sharing
After section 50 of the Data Protection Act 1998 (c.29) insert—
“PART 5A INFORMATION SHARING
50A Power to enable information sharing
(1) Subject to the following provisions of this Part, a designated authority may by order (an “information-sharing order”) enable any person to share information which consists of or includes personal data.

(3) For the purposes of this Part a person shares information if the
person—
(a) discloses the information by transmission, dissemination or otherwise making it available, or
(b) consults or uses the information for a purpose other than the purpose for which the information was obtained.”

I’m not sure what this might mean in practice...

It seems, though, that there are “Explanatory notes” that explain the intention behind some of the proposals: Explanatory notes (Clause 152: Information Sharing):

691. Section 50A(1) creates an order-making power to enable a person to share information that consists of, or includes, personal data...

Here’s a bit more from the introduced Bill itself:

50B Information-sharing orders: supplementary provision
(1) An information-sharing order may—
(a) confer powers on the person in respect of whom it is made;
(b) remove or modify any prohibition or restriction imposed (whether by virtue of an enactment or otherwise) on the sharing of the information by that person or on further or onward disclosure of the information;
(c) confer powers on any person to enable further or onward disclosure of the information;
(d) prohibit or restrict further or onward disclosure of the information;
(e) impose conditions on the sharing of information;
(f) provide for a person to exercise a discretion in dealing with any matter;
(g) enable information to be shared by, or disclosed to, the designated authority;
(h) modify any enactment.

Now I’m not a lawyer, and I don’t speak Legislation, but what do paragraphs b and c mean exactly? In “real terms”? And how do they operate differently to g? Read them again… go on… read them…"

Oh and in answer to your questions Tony - is data sharing good and is HM Govt. evil - yes and no to the former and cock-up not conspiracy to the latter.

ORG cartoon on copyright extension

Excellent:

Wednesday, January 14, 2009

Mac clone maker claims it bought OS X from Apple

From ComputerWorld:
"The Mac clone maker being sued by Apple Inc. because it installs Mac OS X on generic Intel-based systems said it bought copies of the operating system from Apple itself, court documents show."
A little web surfing and we can find Psystar's formal motion submitted to the Northern District Court of California last week:
"Psystar’s present motion is rooted in Apple’s misuse of copyrights. Psystar therefore seeks declaratory relief finding Apple’s asserted copyrights to be unenforceable. A declaratory judgment as to Apple’s misuse of copyrights would inure to any party presently relegated to the sidelines by Apple’s inequitable and overly litigious conduct. Apple’s attempts to mischaracterize Psystar’s present claims for copyright misuse are, in that regard, understandable. Nevertheless, Psystar’s assertions as to Apple’s copyright misuse are viable. Psystar’s first amended counterclaims evidence a clear case and controversy appropriate for adjudication...

Apple likewise fails to explain how allowing Psystar’s claims would needlessly complicate the present litigation. These unsupported arguments are nothing more
than window dressing for Apple’s true concern—the nuclear fallout from a declaratory judgment as to unenforceability of Apple’s copyrights. Such a judgment would “have the force and effect of a final judgment” not only with respect to Psystar but to other parties attempting to compete alongside Apple...

A copyright holder is not entitled to “leverag[e] their limited monopoly to allow them to control areas outside the [copyright] monopoly.” A&M Records, Inc. v. Napster, Inc., 239 F.3d 1004, 1026-27 (9th Cir. 2001) (emphasis added). Copyright misuse likewise “forbids the use of the copyright to secure an exclusive right or limited monopoly not granted by the Copyright Office.” Practice Mgmt., 121 F.3d at 520...

Psystar distributes computers with legitimately purchased copies of Mac OS loaded thereon; many of those copies directly obtained from Apple. And for every computer that Psystar distributes with the Mac OS installed, Psystar also includes a legitimately purchased copy of the Mac OS. While Psystar complies with Section
117(b) of the Copyright Act, Apple attempts to usurp those limitations by telling Psystar and its customers that Apple—and Apple alone—will say “whether, how or by whom its software is . . .distributed or used.”...

Such declarations likewise run afoul of 17 U.S.C. § 109 and the first sale doctrine. Once a copyright owner consents to the sale of particular copies of a work, the owner may not thereafter exercise distribution rights with respect to those copies. See, e.g., Bobbs-Merrill Co. v. Straus, 210 U.S. 339, 350-51 (1908) (recognizing more than 100 years ago the concept of first sale and the limitations imposed upon a copyright owner in light thereof). Psystar acquired lawful copies of the Mac OS from Apple; those copies were lawfully acquired from authorized distributors including some directly from Apple; Psystar paid good and valuable consideration for those copies; Psystar disposed of those lawfully acquired copies to third-parties...

Apple attempts to disguise interoperability—which is favored by the copyright laws—as circumvention. Apple then proceeds to bring suit under the DMCA to prohibit such interoperability. Customers are thereby required to utilize Apple-Labeled Computer Hardware Systems—hardware system that are wholly outside the scope of any copyright held by Apple...

Psystar does not allege that Apple is controlling the specific use of an Apple-Labeled Computer Hardware System. Psystar does not allege that Apple requires an Apple-
Labeled Computer Hardware system to only be used at particular times, in a particular fashion, orfor a particular ends or purpose.

What Psystar does allege is that Apple is inappropriately extending its copyrights in the Mac OS to the purchase of an Apple-Labeled Computer Hardware System for the purpose of using the Mac OS...

Through Apple’s End User License Agreement (EULA), to load or execute a copy of the Mac OS requires (according to Apple) the purchase and exclusive use of an Apple-Labeled Computer Hardware System with the Mac OS... A copyright is exclusive to creative works; Apple’s copyrights in the Mac OS do not cover hardware...

Not only is such an extension of copyrights in the Mac OS to an independent hardware component anticompetitive (i.e., to the detriment of other hardware
manufacturers), Apple’s EULA violates the public policy of the copyright laws by overextending the limited copyright monopoly... This type of monopoly
extension through tying is the exact behavior prohibited by the copyright misuse doctrine."
It's a clever argument - we bought it from Apple and they're saying we can't play with it unless we buy their hardware to use with it too - but the outcome may just hang on the judge's perspective of the enforceability of Apple's EULA in this context.

Berkman Center Task Force Reports on Child Safety

The Berkman Center's Internet Safety Technical Task Force has released its final report today. From the Executive Summary:
Many youth in the United States have fully integrated the Internet into their daily lives.
For them, the Internet is a positive and powerful space for socializing, learning, and engaging in
public life. Along with the positive aspects of Internet use come risks to safety, including the
dangers of sexual solicitation, online harassment, and bullying, and exposure to problematic and
illegal content. The Multi-State Working Group on Social Networking, comprising 50 state
Attorneys General, asked this Task Force to determine the extent to which today’s technologies
could help to address these online safety risks, with a primary focus on social network sites in the
United States.

Due to the nature of the Task Force, this Report is not a consensus document, and should be read
in conjunction with the separate Statements from Task Force members included in the appendix.
At the outset, the Task Force recognized that we could not determine how technologies
can help promote online safety for minors without first establishing a clear understanding of the
actual risks that minors face, based on an examination of the most rigorously conducted research.
The Task Force asked a Research Advisory Board comprising leading researchers in the field to
conduct a comprehensive review of relevant work in the United States to date. The Literature
Review shows that the risks minors face online are complex and multifaceted and are in most
cases not significantly different than those they face offline, and that as they get older, minors
themselves contribute to some of the problems...

The Task Force asked a Technology Advisory Board (TAB) comprising technology
experts from a range of backgrounds to solicit and review submissions from vendors and others
offering currently available technologies. The TAB received 40 written submissions representing
several categories of technologies, including age verification and identity authentication, filtering
and auditing, text analysis, and biometrics. In sum, the TAB’s review of the submitted
technologies leaves the TAB in a state of cautious optimism, with many submissions showing
substantial promise. The youth online safety industry is evolving. Many of the technologies
reviewed were point solutions rather than broad attempts to address the safety of minors online
as a whole. There is, however, a great deal of innovation in this arena as well as passionate
commitment to finding workable, reasonable solutions from companies both large and small. The
TAB emerged from its review process encouraged by the creativity and productivity apparent in
this field.

The TAB and the Task Force note that almost all technologies submitted present privacy
and security issues that should be weighed against any potential benefits. Additionally, because
some technologies carry an economic cost and some require involvement by parents and
teachers, relying on them may not protect society’s most vulnerable minors.

The Task Force makes specific recommendations in Part VII to
the Internet community and to parents, as well as recommendations regarding the allocation of
resources:
• Members of the Internet community should continue to work with child safety experts,
technologists, public policy advocates, social services, and law enforcement to: develop
and incorporate a range of technologies as part of their strategy to protect minors from
harm online...Careful consideration should
be given to what the data show about the actual risks to minors’ safety online and how best
to address them, to constitutional rights, and to privacy and security concerns.
• To complement the use of technology, greater resources should be allocated: to schools,
libraries, and other community organizations to assist them in adopting risk management
policies and in providing education about online safety issues; to law enforcement for
training and developing technology tools, and to enhance community policing efforts
around youth online safety; and to social services and mental health professionals who
focus on minors and their families, so that they can extend their expertise to online spaces
and work with law enforcement and the Internet community to develop a unified approach
for identifying at-risk youth and intervening before risky behavior results in danger.
Greater resources also should be allocated for ongoing research into the precise nature of
online risks to minors, and how these risks shift over time and are (or are not) mitigated by
interventions...
• Parents and caregivers should: educate themselves about the Internet and the ways in which
their children use it... be engaged and involved in their children’s Internet use;

Tuesday, January 13, 2009

Departments deny memory stick risks

From Kable: Departments deny memory stick risks
"The departments of health and transport have denied a report that they allow staff to use USB devices to transfer unencrypted information

In a report on 12 January 2008, the Financial Times said that information obtained under the Freedom of Information Act and passed to the newspaper shows that the Department of Health and the Department for Transport are still allowing employees to download unencrypted data to UBS memory sticks.

But a spokesperson for the Department for Transport told GC News that this was untrue."
Thanks to Glyn at ORG for the link and check out ORG's wiki page on UK privacy debacles of recent years. It gives a good indication of how widespread poor electronic data management practices are.

ISPs tread risky path with new rules on piracy

From the New Zealand Herald:
"Internet service providers are struggling to deal with a new law requiring them to axe the internet connections of customers who "repeatedly" access pirated material.

Section 92A of the Copyright (New Technologies) Amendment Act, passed last year, takes effect on February 28.

It says ISPs will have to "reasonably implement" a policy to disconnect "in appropriate circumstances" the internet services of users who have repeatedly downloaded or uploaded infringing music, movies, games or other copyright material."

U.S. visitors required to register online

From CNet: U.S. visitors required to register online
"Starting Monday, travelers from the United Kingdom, Germany, Japan, Australia, and a host of other countries will have to register online with the U.S. Department of Homeland Security before they can travel into the United States."

Times interview McKinnon's mother

The Times has an interview today with Gary McKinnon's mother.
"“It doesn’t excuse it, because if you commit a crime, you commit a crime,” she toldThe Times, in her first major interview. “I would say to Gordon Brown and David Cameron, you both have vulnerable young sons. Should we really be extraditing our vulnerable adults and letting them serve 70 years abroad? Seventy years for looking for UFOs?”

Mrs Sharp argues that Asperger’s – a form of autism that causes obsessive or repetitive behaviour and impairs social skills, renders her son dangerously unready for life in an American penitentiary – Also, for all his snooping around cyberspace in search of extraterrestial life, McKinnon has never even left the UK “He won’t survive. He’s absolutely petrified. We’ve already received taunting messages about male rape, stun guns,” she says. “We worry that we won’t be alive to see him free.

[...]

“He’s not a genius. He good, but he’s not the best. They had no passwords, no firewalls, and that’s the problem. Gary embarrassed them. They wanted to make an example of somebody for computer crime, so they thought Gary was a soft touch. I think governments try to frighten people. They like to create villains and threats to justify some of their actions.” "
Update: Also in the Times: Let's face it, soon Big Brother will have no trouble recognising you

ebook drm provider goes dark

Cory is reporting that an ebook drm provider, Overdrive, is going dark. Fictionwise, which sold the drm crippled ebooks has a set of faqs for affected customers. Sample:
"

What is the eReader Replacement File Program?

Fictionwise obtains "feeds" of eBooks from several different content aggregators, and these aggregators use their servers to deliver encrypted files to our customers. One of these aggregators, Overdrive, recently gave Fictionwise notice that they would cease serving files to Fictionwise customers as of January 31, 2009...

How many purchased eBooks were affected by this?

Approximately 300,000 eBook units purchased by Fictionwise customers were delivered via Overdrive...

How can I tell which of my eBook purchases might be from Overdrive?

In your bookshelf, go to the DISPLAY menu and select Overdrive Expiring then click UPDATE. You will see a list of just those eBooks that were purchased via Overdrive. After January 31, 2009 those books will "expire" and will no longer be downloadable. We suggest you download those eBooks one last time to make sure they are up to date for your current devices, and store them in a safe location, making backup copies where possible. Please download them one by one, do not use "Bulk Download" because that does not work for every type of Secure content, and it can have problems if you try to download a very large number of files at once...

What if I prefer a format other than Secure eReader?

It is not contractually possible for us to substitute the original format you purchased; ...

I thought Fictionwise guarantees all eBooks will remain on my bookshelf forever?

Fictionwise strives to maintain backup copies of your purchases available for re-download indefinitely, but our terms of service do not guarantee that they will be available for re-download forever. For all formats other than Mobipocket, a re-download is not necessary to transfer the file to a new device. Forever is a long time. We have control of our MultiFormat files and we have control of the Secure eReader format, so that gives us the ability to ensure we will continue to be able to deliver those formats to you. However, as noted above, other formats are delivered through third party aggregators. We do not have legal control of those third party servers. If those third party servers "go dark" for one reason or another, we have no way to continue delivering those files. It is important to note that other eBook retailers such as Barnes and Noble, Gemstar, and Amazon.com's original eBook store circa 2004 did not make any effort to maintain long term customer access to purchased material when they shut down their eBook operations in the past. They announced a time period for final download then shut down the servers."
I ask again: how can anyone believe that drm is a good idea?

Monday, January 12, 2009

Obama picks RIAA's favorite lawyer for a top DOJ post

President Elect Obama has reportedly picked one of the RIAA's favorite lawyers for a top position at the Justice Department.

This was reasonably predictable given the strong links between the Democratic Party and the entertainment industry.

Tenenbaum argues privacy invasion in P2P pursuit

Charles Nesson of Harvard's Berkman Centre argued at a federal court hearing last week that a "couple whose son is accused of illegally sharing songs online should not be forced to surrender their home computer for inspection because it would violate their right to privacy"

Predictions for 2009

Ed Felten and co at Freedom to Tinker have produced a long list of predictions for 2009.

Well worth a read - as eclectic and simultaneously comprehensive collection of the important tags in US tech policy that you'll find anywhere. Here's a few:
"(1) DRM technology will still fail to prevent widespread infringement. In a related development, pigs will still fail to fly...

(4) The RIAA's "graduated response" initiative will sputter and die because ISPs are unwilling to cut off users based on unrebutted accusations. Lawsuits against individual end-user infringers will quietly continue...

(7) NebuAd and the regional ISPs recently sued for deploying NebuAd's advertising system will settle with the class action plantiffs for an undisclosed sum. At least in part because of the lawsuit and settlement, no U.S. ISP will deploy a new NebuAd/Phorm-like system in 2009. Meanwhile, Phorm will continue to be successful with privacy regulators in the UK and will sign up reluctant ISPs there who are facing competitive pressure. Activists will raise strong objections to no avail.

(8) The federal Court of Appeals for the Ninth Circuit will hear oral argument in the case of U.S. v. Lori Drew, the Megan Meier/MySpace prosecution. By year's end, the Ninth Circuit panel still will not have issued a decision, although after oral argument, the pundits will predict a 3-0 or 2-1 reversal of the conviction...

(11) An academic security researcher will face prosecution under the CFAA, anti wire tapping laws, or other computer intrusion statutes for violations that occurred in the process of research...

(16) One of the major American voting system manufacturers (Diebold/Premier, Sequoia, ES&S, or Hart InterCivic) will go out of business or be absorbed into one of its rivals...

(19) We'll see the first clear-cut evidence of a malicious attack on a voting system fielded in a state or local election. This attack will exploit known flaws in a "toe in the water" test and vendors will say they fixed the flaw years ago and the new version is in the certification pipeline.

(20) U.S. federal government computers will suffer from at least one high-profile compromise by a foreign entity, leaking a substantial amount of classified or highly sensitive information abroad...

(28) Facebook will be sold for $4 billion and Mark Zuckerberg will step down as CEO...

(35) Somebody besides Apple will sell an iPod clone that's a drop-in replacement for a real iPod, complete with support for iTunes DRM, video playback, and so forth. Apple will sue (or threaten to sue), but won't be able to stop distribution of this product."

Can't say I agree with all of these (even the Freedom to Tinkerers don't agree with all of them) especially number 4 on the 3 strikes approach, given the ongoing success of the music industry in pushing this in Europe, but we'll see.

Lessig on the Colbert Report

Larry Lessig was on the Colbert Report on Thursday.



Entertaining. I liked the glint of understanding in Colbert's eyes when Lessig asked him how much did he think the book he was holding would fetch on eBay now he'd doctored it. He also gave Larry an opportunity to get on his side by joining in the joke he was repeatedly pushing that he (Colbert) and he alone should benefit from the funds flowing from copyright. Larry didn't pick up the opening but it's easier said than done. Engaging in instant witty repartee, especially when your protagonist is pursuing in the kind of relentless barrage that Colbert specialises in is not one of my talents either - constructing the perfect response in my own head 10 seconds or 3 hours too late is more my line.

The EFF has also located a re-mix of the interview done by a fan on the night. Larry also has a collection.