Wikileaks drips on: some responses

Again like every self respecting blogger on the planet, I have written a short comment for the Grauniad on Wikileaks.

The main thrust of the point I was making is that settling a dispute of major public consequence by covert and non-legitimate bully boy tactics - covert pressure on hosts, payment services and DNS servers, plus DDOS attacks on Wikileaks hosts from the US-sympathising side - and anonymous DDOS attacks on sites like Amazon, Mastercard and Assange's alleged rape victims' lawyer's site from the Wikileaks-sympathising side - are BOTH the wrong thing to do. The point of a civilised society is suposed to be that disputes are settled by transparent legitimate and democratic, judicial or political processes. This has not been a particularly popular point with almost anybody, but it seems to me that it may indeed be naive (as some commenters have accused), but it is also, I stil think, both correct and needing saying, in the current frenzy around the First Great Infowar etc (it's 1996 all over again, yet again..).

One commenter asks not entirely unreasonably why it is justified for Amazon to take down content without going to court but "Vigilanteism" if the forces of Anonymous take down content extra judicially by DDOS attacks. The confusion here is in the word "justified". Amazon are justified, I argue, because since they host the content, they could be held legally liable for it (on a variety of grounds) if they do not take down having been given notice. That could lead to damages against them, injunctions blocking their site to customers (at their busiest time of the year) or even a prison sentence for their CEO . As a (liberal-sympathisng) friend in industry said to me, that last does tend to focus the mind. To state the bleeding obvious, Anonymous by contrast are not liable for the content they bring down.

But that meant I was saying Amazon were justified in a risk-management sense, and a legal sense, not an ethical sense. Was it Amazon's highest ethical duty to defend freedom of speech or to be responsible to their shareholders and their employees? That's a harder question. Many used to feel companies had no ethical duties at all, though that is gone in an era of corporate social responsibility (though this is still rarely if ever a legal obligation). Amazon's role is perhaps confused because they are best known as a consumer site selling books ie complicit with freedom of expression. Would we feel as aggrieved if Wikileaks had gone to a cloud host known only for B2B hosting? Perhaps, but what reason would there then be for expecting a host to behave like a newspaper?

What this leads us to as many, many commentators have pointed out is a renewed understanding that freedom of speech online is worryingly dependent on the good intentions of intermediaries whose core values and business model is not based on journalistic ethics, as was true for traditional news outlets in the offine age. This is hardly news: it has been making headines since at least 1996 when a Bavarian court convicted the CEO of Compuserve for distributing Usenet newsgroups to Europe, some of which happened to contain pornographic files. That incident among many others, lead to rules restricting the liability of hosts and intermediaries, in both the EU and US, which did quite well till round the early 2000s but are now struggling (not least because of pressure from both the copyright and the chld safety lobbies for less, not more, immunity). Not uncoincidentally, these rules are now being actively reviewed by among others, the EU, the OECD and WIPO. The really interesting question now will be what effect Wikileaks as a case study has on those debates.

Veni Vidi Wikileaks

Since every other blogger in the universe has discussed how the US is going to stop Wikileaks, perhaps it's time for Pangloss to enter the fray, with the not terribly unexpected news that Amazon (in its cloud hosting services capacity) have indeed decided to stop acting as new temporary host to Wikileaks which moved there following the devastating DDOS attacks on its own server (thanks to Simon Bradshaw for pointing me at this news).

This is interesting in all kinds of ways.

First, the initial move to Amazon was a clever one. In the old days, a concerted and continuing DDOS attack on a small site might have seen them off - nowadays there are plenty of commercial reasonably priced or free cloud hosts. So cloud computing can be seen as a bulwark for freedom of speech - vive les nuages!

Second, though of course, what strokes your back can also bite it, and here we have Amazon suddenly coming over shy. This appears to be entirely the sensible legal thing for them to do and anyone accusing them of bad behaviour should be accused right back of utter naivete. Amazon are now on notice from the government of hosting material which breached US national security and so would according to the US Espionage Act as quoted in the Guardian piece, fairly clearly have been at risk of guilt as a person who "knowingly receives and transmits protected national security information" if they had not taken down. (Though see a contrary view here.)

While Assange as an Australian not a US citizen, and a journalist (of sorts) might have had defences against the charges quoted also ( as canvassed in the Grauniad piece) Amazon, interestingly, would, it seems, not. They are American and by definition for other useful purposes (eg CDA s 230 (c) - see below and ye ancient Prodigy case) , not the sort of publisher who gets First Amendment protections. And Amazon has its CEO and its major assets in the US, also unlike Assange. I think that makes take down for Amazon a no-brainer. (And also interestingly, CDA s 230(c) which normally gives hosts complete immunity in matters of liability which might affect press freedom (such as defamation by parties hosted) does not apply to federal criminal liability.)

But as Simon B also pointed out, there are lots of other cloud suppliers , lots in Europe even. What if Wikileaks packs and moves again? Would any non US`host be committing a crime? That would depend on the local laws: but certainly it would be hard to see if the US Espionage Act could apply, or at any rate what effective sanctions could be taken against them if a US court ruled a foreign host service was guilty of a US crime.

Which leaves anyone wanting to stop access to Wikileaks, as Technollama already canvassed, the options of, basically, blocking and (illegal)DDOS (seperating the existence of the Wikileaks site from any action against Assange as an individual). Let's concentrate, as lawyers, on the former.

Could or would the UK block Wikileaks if the US`asked?

Well there is an infrastructure in place for exactly such. It is the IWF blacklist of URLs which almost all UK ISPs are instructed to block, without need for court order or warrant - and which is encrypted as it goes out, so no one in public (or in Parliament?) would need to know. This is one of the reasons I get so worked up about the current IWF when people are asking me if I won't think of the children.

There is also the possibility, as we saw just last week, of pressure being exerted not on ISPs but on the people who run domain name servers and the registrars that keep domain names valid. Andres G suggests that the US might exert pressure on ICANN to take down wikileaks.org for example. Wikileaks doesn't need a UK domain name to make itself known to the world, but interestingly only last week we also saw a suggestion from SOCA (not very well reported) that they should have powers effectively to force Nominet, the UK registry, to close down UK domain names being used for criminal purposes. Note though if you follow the link that that power could only be used if the doman was breaking a UK criminal law.

But there is a really simply non controversial way to allow UK courts the power to block Wikileaks. Or there may be soon.

Section 18 of the Digital Economy Act 2010 - remember that? - allows for regulations to be made for "the granting by a court of a blocking injunction in respect of a location on the internet which the court is satisfied has been, is being or is likely to be used for or in connection with an activity that infringes copyright."

Section 18, at present, needs a review and regulations to be made before it can come into force. This may in the new political climate perhaps never happen - who knows. But what if that had been seen to?

Wikileaks documents are almost all copyright of someone , like the US government, and are being used ie copied (bien sur) without permission. Hence almost certainly, a s18 fully realised could be used to block the Wikileaks site.Of course there is some possibility from the case of Ashcroft v Telegraph Group [2001] EWCA Civ 1142`that a public interest/freedom of expression defense to copyright infringement might be plead - but this is far less developed than it is in libel and even there it is not something people much want to rely on.

So there you go : copyright, the answer to everything, even Julian Assange :-)

Oh and PS - oddly enough the US legislature is currently considering a bill, COICA, which would also allow them to block the domain name of sites accused of encouraging copyright infringement. Handy, eh? (Though on this one point, the UK DEA s 18 is even less restrictive than COICA, which requires the site to be blocked to be "offering goods and services" in violation of copyright law - which is not even to a lawyer a description that sounds very much like Wikileaks.)

EDIT: Commenters have pointed out that official government documents in the US, unlike in the UK do not attract copyright. Howver the principle stands firm: embarrassing UK docs leaked by Wikileaks certainly would be prone to attack on copyright grounds, including DEA s 18, and it is quite possible some of the current Wikileaks documents could quote extensively from material copyright to individuals (and Wikileaks prior to the current batch of cables almost certainly contain copyright material).

Interestingly Amazon did in fact, subsequent to this piece, claim they removed Wikileaks from their service, not because of US pressure, but on grounds of breach of terms of service : see the Guardian 3 December 2010

"for example, our terms of service state that 'you represent and warrant that you own or otherwise control all of the rights to the content… that use of the content you supply does not violate this policy and will not cause injury to any person or entity.' It's clear that WikiLeaks doesn't own or otherwise control all the rights to this classified content. Further, it is not credible that the extraordinary volume of 250,000 classified documents that WikiLeaks is publishing could have been carefully redacted in such a way as to ensure that they weren't putting innocent people in jeopardy. Human rights organisations have in fact written to WikiLeaks asking them to exercise caution and not release the names or identities of human rights defenders who might be persecuted by their governments."

The copyright defense is alive and well :-)

Job opportunity

In all the excitement, I almost forgot what I came here to post..!

As advisory board meber of ORG, I was asked to help spread the word about a new job opportunity with the Open Rights Group, where for the first time we're looking to hire someone with some kind of legal background. If you’re a London-based law student, trainee in waiting, or other legal type with an interest in IT and/or IP law, then you may want to check the following new job at ORG:

Copyright Campaigner

The Open Rights Group, a fast-growing digital rights campaigning organisation, are looking for a Copyright Campaigner to take our campaigning on this fast moving area to a new level.

You will work as a full time campaigner to reform copyright and protect individuals from inappropriate enforcement laws like ‘three strikes’. We’re after someone with a passion for this area who has a proven ability to organise and deliver effective campaigns.

We are looking for someone with excellent communication skills, good organisational and planning skills, who works well in a team environment and is able to prioritise their own work without depending on line management. You will be able to demonstrate commitment to our digital rights.

The jobs is full time for one year, with the possibility of extension to a second year. Salary: £30,000.

Welcome back to me

Yes, it's been a very long time since I blogged here. I'm not exactly Technollama am I? *hangs head in shame*. I could list the usual litany of less-fun-than-blogging things I've been doing (work for the OECD and WIPO, teaching, moving jobs, being snowed in, ORG, etc etc) but really it seems that blawging is a habit it's easy to lose if you're not careful, but also (I hope) easy to resume. (Also, let's face it, Twitter. Wonderful fun, dangerously seductive and Bad for Blawgs.)

So to kick off, a reprise of my annual not-very-serious predictions for next year, from the SCL journal site (where many more such can be found.)

"1. France will pass a law forbidding French companies from using cloud computing companies based anywhere other than France. Germany will ban cloud computing as unfair competition with German companies. Ireland will consider putting its banking in the cloud, but realise there's no point as they have no money left.

2. A Google off-shore water-cooled server farm will be kidnapped by Somali pirates, towed to international waters, repurposed as encrypted BitTorrent client and take over 95% of the world's traffic in infringing file-sharing (with substantial advertising revenue, of course) (thanks to Chris Millard for this one). (Meanwhile the Irish will attempt to nationalise all the Google servers they still host on shore to pay for bailing out the banks.)

3. TalkTalk will lose their judicial review case against the Digital Economy Act, but the coalition will find some very good reason to delay bringing in the Initial Obligations code, and the technical measures stage will quietly wither on the vine, as rights-holders realise it will cost them more to pay for it than they will gain in royalties.

4. 120% of people of the world including unborn children, all except my mother, will join Facebook. Mark Zuckerberg will buy Ireland and turn it into a Farmville theme park, with extra potatoes.

5. 4chan allied with Anonymous will hack Prince William's e-mail inbox on the eve of the Royal Wedding, revealing he is secretly in love with an older, plainer and less marriageable woman than Kate Middleton (possibly Irish), and also illicitly downloads Lady Gaga songs. In retaliation, the coalition passes emergency legislation imposing life imprisonment as the maximum penalty for DDOS attacks, and repeals the Digital Economy Act."

Lawrence Eastham kindly says that he can see at least 2 of these coming true.I imagine one of those is no 3, but which do you think the other was, dear readers?

As a final amuse-bouche beforeI return to Proper Things, have a picture of someone skiiing to the local shops this morning. yes. Not Seefeld. Sheffield. Merry Xmas!

OK I lied: this is the last robot post..

I was trying to remember for the last five days, the saddest most anthromoporphic [NOTE: canomorphic??] piece of robot culture I'd ever seen...

Why We Shouldn'T Date Robots

OK I'll stop about the robots after this, promise, but I can't resist this one someone's sent me.

Futurama - Don't date robots from John Pope on Vimeo.

Edwards' Three Laws for Roboticists

A while back I blogged about how delighted I was to have been invited by the EPSRC to a retreat to discuss robot ethics, along with a dozen and half or so other experts drawn not just from robotics and AI itself but also from industry, the arts, media and cultural studies, performance, journalism, ethics, philosophy, psychology - and er, law (ie , moi.)

The retreat was this week, and two and a half days later, Pangloss is reeling with exhaustion, information overload, cognitive frenzy and sugar rush :-) It is clear this is an immensely fertile field of endeavour, with huge amounts to offer society. But it is also clear that society (not everywhere - cf Japan - but in the UK and US at least - and not everyone - some kids adore robots) has an inherited cultural fear of the runaway killer robot (Skynet, Terminator, Frankenstein yadda yadda), and needs a lot of reassurance about the worth and safety of robots in real life, if we are to avoid the kind of moral panics and backlashes we have seen around everything from GM crops to MMR vaccinations to stem cell surgery. (Note I have NOT here used a picture of either Arnie or Maria from Metropolis, those twin peaks of fear and deception.)

Why do we need robots at all if we're that scared of them, then? Well, robots are already being used to perform difficult dirty and dangerous tasks that humans do not want to do, don't do well or could not do because it would cause them damage, eg in polluted or lethal environments such as space or undersea. (What if the Chilean miners had been robots?? They wouldn't now be asking for cigarettes and alcohol down a tube..) )

Robots are also being developed to give basic care in home and care environments, such as providing limited companionship and doing menial tasks for the sick or the housebound or the mentally fragile. We may say (as Pangloss did initially) that we would rather these tasks be performed by human beings as part of a decent welfare society : but with most the developed world facing lower birth rates and a predominantly aging population, combined with a crippling economic recession, robots may be the best way to assure our vulnerable a bearable quality of life. They may also give the vulnerable more autonomy than having to depend on another human being.

And of course the final extension of the care giving robot is the famous sexbot , which might provide a training experience for the scared or blessed contact for the disabled or unsightly - or might introduce a worrying objectification/commodification of sex, and sex partners, and an acceptance of the unaceptable like sexual rape and torture, into our society.

Finally and most controversially robots are to a very large extent being funded at the cutting edge by military money. This is good ,because robots in the frontline don't come back in body bags - one reason the US is investing extensively. But it is also bad, because if humans on the frontline don't die on one side, we may not stop and think twice before launching wars, which in the end will have collateral damge for out own people as well as risk imposing devastating casualties on human opposition from less developed countries. We have to be careful in some ways to avoid robots making war too "easy" (for the developed world side, not the developing of course - robots so far at least are damn expensive.)

Three key messages came over:

- Robots are not science fiction. They already exist in their millions and are ubiquitous in the developed world eg robot hoovers, industrial robots in car factories, care robots are being rolled out even in UK hospitals eg Birmingham. However we are at a tipping point because until now robots of any sophistication have mostly been segregated from humans eg in industrial zones. The movement of robots into home and domestic and care environments, sometimes interacting with the vulnerable, children and the elderly especially, brings with it a whole new layer of ethical issues.

- Robots are mostly not humanoid. Again science fiction brings with it a baggage of human like robots like Terminators, or even more controversially, sex robots or fembots as celebrated in Japanese popular culture and Buffy. In fact there is little reason why robots should be entirely humanoid , as it is damn difficult to do - although it may be very useful for them to mimic say a human arm, or eye, or to have mobility. One development we talked a lot about were military applications of "swarm" robots. These resemble a large number of insects far more than they do a human being. Other robots may simply not even resemble anything organic.

-But robots are still something different from ordinary "machines" or tools or software. First, they have a degree of mobility and/or autonomy. This implies a degree of sometimes threatening out of control-ness. Second, they mostly have capacity to learn and adapt. This has really interesting consequences for legal liability: is a manufacturer liable in negligence if it could not "reasonably foresee" what its robots might eventually do after a few months in the wild?

Third, and perhaps most interestingly, robots increasingly have the capacity to deceive the unwary (eg dementia patients) into believing they are truely alive, which may be unfortunate (would you give an infertile woman a robot baby which will never grow up? would you give a pedophile a sex robot that looked like a child to divert his anti social urges?). Connectedly, they may manipulate the emotions and alter behaviour in new ways: we are used to kids insisting on buying an entire new wardrobe for Barbie, but what about when they pay more attention to their robot dog (which needs nothing except plugged in occasionally) than their real one, so it starves to death?

All this brought us to a familiar place, of wondering if it might be a good start to consider rewriting Asimov's famous Three Laws of Robotics. But of course Asimov's laws are - surprise!! - science fiction. Robots cannot and in foreseeable future will not, be able to understand, act on, be forced to obey, and most importantly reason with, commands phrased in natural language. But - and this came to me lit up like a conceptual lightbulb dipped in Aristotle' imaginary bathtub - those who design robots - and indeed buy them and use them and operate them and modify them - DO understand law and natural language, and social ethics. Robots are not subjects of the law nor are they responsible agents in ethics ; but the people who make them and use them are. So it is laws for roboticists we need - not for robots. (My thanks to the wonderful Alan Winfield of UWE for that last bit.)

So here are my Three Laws for Roboticists, as scribbled frantically on the back of an envelope. To give context, we then worked on these rules as a group, particularly a small sub group including Alan Winfield, as mentioned above , and Joanna Bryson of University of Bath, who added two further rules relating to transparency and attribution (I could write about them but already too long!).

It seems possible that the EPSRC may promote a version of these rules, both in my more precise "legalese" form, and in a simpler, more public-communicative style, with commentary : not, obviously, as "laws" but simply as a vehicle to start discussion about robotics ethics , both in the science community and with the general public. It is an exciting thing for a technology lawyer to be involved in, to put it mildly :)

But all that is to come: for now I merely want to stress this is my preliminary version and all faults, solecisms and complete misunderstandings of the cultural discourse are mine, and not to be blamed on the EPSRC or any of the other fabulously erudite attendees. Comments welcome though :)

Edwards' Three Laws for Roboticists

1.Robots are multi-use tools. Robots should not be designed solely or primarily to kill, except in the interests of national security.

2 Humans are responsible for the actions of robots. Robots should be designed & operated as far as is practicable to comply with existing laws & fundamental rights and freedoms, including privacy.

3) Robots are products. As such they should be designed using processes which assure their safety and security (which does not exclude their having a reasonable capacity to safeguard their integrity).


My thanks again to all the participants for their knowledge and insight (and putting up with me talking so much), and in particular to Stephen Kemp of the EPSRC for organising and Vivienne Parry for facilitating the event.


Phew. Time for t'weekend, Pangloss signing off!

Location, Location, Geolocation..

Pangloss is collecting material on this fascinating topic. In the meantime have a look at this rather wonderful presentation from Kevin Anderson: (via Matthias Klang on Twitter)

The web of where: How location is being woven into the web

View more presentations from Kevin Anderson.

Google's Transparency Tool: some thoughts

Google has released a tool , to much media and legal interest, which allows the public to see what requests are made by governments for information about users and, in particular, what requests were made to "take down" or censor content altogether. We have therefore one of the first reliable indices of the extent of global government censorship of online content as laundered through private online intermediaries.

This for eg is the data currently disclosed, for the last 6 months, for the UK:

1343 data requests

48 removal requests, for a total of 232 items

62.5% of removal requests fully or partially complied with

• Blogger
• 1 court orders to remove content
• 1 items requested to be removed
• Video
• 3 court orders to remove content
• 32 items requested to be removed
• Groups
• 1 court orders to remove content
• 1 items requested to be removed
• Web Search
• 8 court orders to remove content
• 144 items requested to be removed
• YouTube
• 6 court orders to remove content
• 29 non-court order requests to remove content
• 54 items requested to be removed

and by comparison here is the data for Germany

668 data requests

124 removal requests, for a total of 1407 items

94.3% of removal requests fully or partially complied with

• Blogger
• 8 court orders to remove content
• 11 items requested to be removed
• Video
• 1 court orders to remove content
• 2 items requested to be removed
• Google Suggest
• 2 court orders to remove content
• 3 items requested to be removed
• Web Search
• 47 court orders to remove content
• 1 non-court order requests to remove content
• 1094 items requested to be removed
• Book Search
• 2 court orders to remove content
• 2 items requested to be removed
• YouTube
• 17 court orders to remove content
• 46 non-court order requests to remove content
• 295 items requested to be removed

and for the US

4287 data requests

128 removal requests, for a total of 678 items

82.8% of removal requests fully or partially complied with

• AdWords
• 1 court orders to remove content
• 1 items requested to be removed
• Blogger
• 8 court orders to remove content
• 45 items requested to be removed
• Geo (except Street View)
• 2 court orders to remove content
• 2 items requested to be removed
• Video
• 1 court orders to remove content
• 1 items requested to be removed
• Groups
• 7 court orders to remove content
• 394 items requested to be removed
• Web Search
• 30 court orders to remove content
• 2 non-court order requests to remove content
• 66 items requested to be removed
• YouTube
• 31 court orders to remove content
• 46 non-court order requests to remove content
• 169 items requested to be removed

There is an enormous wealth of data here to take in. I was asked to comment on it to the BBC at a time when I had not yet had a chance to examine it in any depth, so this is an attempt to give a slightly more reflective response. Not that I'm in any way reneguing on my first gut response: this is a tremendous step and a courageous one for Google to take and deserves applause. It should be a model for the field and as Danah Boyd and others have already said on Twitter, it raises serious questions of corporate social responsibility if Facebook, the various large ISPs, and other platforms do not now follow suit and provide some form of similar disclosure. If Google can do it, why not the rest?

Pangloss has some appreciation of the difficulty of this step for a service provider. Some years back I attempted to do a small scale survey of notice and take down practices in the UK only, asking data from a variety of hosts and ISPs, including large and small, household names and niche enterprises, major industry players and non profit organisations. It was, it became quickly clear, an impossible task to conduct on any methodologically sound research level. Though many managers, IT folk and sysadmins we spoke to were sympathetic to the need for public research onto private non transparent censorship, nearly all were constrained not to disclose details by "business imperatives", or had no such details to hand in any reliable or useful format, which often came to the same thing. (Keeping such data takes time and labour: why bother when there is only trouble arising from doing so? See below..)

The fact is the prevalent industry view is that there are only negative consequences for ISPs and hosts to be transparent in this area. If they do reveal that they do remove content (or block it) or give data about users, they are vilified by both users and press as censors or tools of the police state. They worry also about publicly taking on responsibility for those acts disclosed- editorial responsibility of a kind, which could involve all kinds of legal risk including tipping off, breach of contract and libel of the authors of content removed or blocked. It is a no win game. This is especially true around two areas : child pornography, where any attempt after notice to investigate a take down or block request may involve the host in presumptive liability for possession or distribution itself; and intercept and record requests in the UK under the Regulation of Investigatory Powers Act 2000 where (inter alia) s 19 may make it a criminal offence to even disclose that the government has asked for certain kinds of interceptions of communications.

Now imagine these legal risks and uncertainties, coupled with the possibility of a PR disaster - coupled with potential heavy handed government pressure - multiplied by every legal jurisdiction for which Google has disclosed data. This gives you some idea of the act of faith being undertaken here.

Google of course have their own agendas here: they are not exactly saints. Good global PR this may accrue among the chattering (or twittering) classes will help them in their various current wars against inter alia the DP authorities of Europe over Google Street View, the Italian state over Google Video and the US content industry over YouTube. But it still remains true as they say that "greater transparency will give citizens insight into these kinds of actions taken by their governments".

Criticisms

The legal risks I talk about above also partly explain some of the failings of the tool so far, some of which have been cogently pointed out already by Chris Soghoian. Notably, it is not yet granular enough, something Google themselves have acknowledged. We have numbers for data requests made (ie information about Google users) , for takedown requests, and which services were affected (Blogger, YouTube etc). We have some idea that Google sometimes received a court order before disclosing or blocking, and sometimes didn't, but we do not know how often they gave in specifically to the latter - only that it is claimed such requests were granted only where Google's own abuse policies were breached eg on Blogger.

Crucially we do not know, for the UK say, if these requests were made under RIPA or the Communications Act s 127 or more generic policing & investigation powers or what. Or how many related to terror material or pro islamic websites, and how many to scam or spam sites or illegal pharma shops or adult porn sites, say. Or even to defamation (this is apparently responsible for a high number of the requests in Germany, according to the FAQ.) Defamation is an odd one here because it is a private law not a criminal matter in the UK at least (some states do have criminal defamation, but it is fairly rarely tried); but it leads to court orders to remove content and disclose IDs, and Google, slightly confusingly, say they count these court orders in with the "governmental" stats. (They don't however include court orders for take down of copyright material, since these almost all come from private parties - and pragmatically, would probably overwhelm the figures.)

(Another important point buried in the FAQ is that these figures don't include removals for child pornography since Google's systems don't distinguish here, they say, between requests received from government, and from private parties - so eg all the take downs and blockings ordered by the IWF in the UK are presumably not included. This also means that those already high figures for Brazilian government requests for take down on Orkut are actually in reality probably a lot higher (?) since Orkut is renowned as a haven for hosting child porn.)

Splitting up requests and takedowns by type of content is critical to understanding the validity of state action, and the more data we get in future on this will be good. Once requests and removals are divided up by type (and legitimate authority), we can also find out what percentage of take down requests in which category were acceded to, still without Google needing to disclose at the possibly dodgy level of individual requests. And also where acceded to with or without court order.

Global comparisons and free speech

Looking at the data on a global comparison basis will be a daunting but fascinating task for commentators for the future, especially as the data grows across time. It is noticeable even from just the 3 countries quoted above that it is really, really complicated to make simplistic comparisons. (This is why few if any commentators yesterday were being dragged into easy condemnations and quicky league table comparisons. )

For example, the UK government made a lot of user data requests (a helluva lot if correlated to population actually - the US has six times the population of the UK but made much less than 4 times as many requests; Germany is a quarter bigger than the UK by population and made c 50% less requests) . By that figure, the UK is the most interrogatory government in Europe.

But Germany by contrast made more requests for take down of content than the UK - and got 94% of its requests accepted, compared to 62% of the UK's such requests). What does this say about the claim to validity of the UK requests overall? Are our LEAs more willing to try it on than Germany's, or was their paperwork just more flawed?? Do we try to get more take down without court orders and Google thus tells us to bog off more? Do we actually censor less content than Germany, or just fail to ask for removal of lots of stuff via one efficient takedown message rather than in a trickle of little ones? Needs further citation, as they say.

Google do interestingly say in the useful FAQ that the number of global requests for removal of speech on "pure" political grounds was "small" . Of course one country's politics is another's law. So approximately 11% of the German removal requests related to pro-Nazi content or content advocating denial of the Holocaust, both of which are illegal under German law - but which would be seen as covered by free speech in say the US.

Non governmental disclosure and take down requests

Finally of course these figures say nothing about requests for removal of content or disclosure of identities made by private bodies (except in the odd case of defamation court orders, noted above) - notably perhaps requests made for take down on grounds of coopyright infringement. There will be a lot of these and it would really help to know more about that. As recent stories have shown, copyright can also be used to suppress free speech too, and not just by governments.

Finally finally..quis custodiet ipse Google?

...a reader on Twitter said to me, yes, it's great but why should we believe Google's figures? He has a point. Independent audit of these figures would help. But it is difficult to know without technical info from an insider (hello Trev!) how far this is technically possible given the need for this kind of information capture on such a huge scale to be automated. (At least if we had the categories of requests broken down by legal justification, we could conceivably check them against any official g9vernmental stats - so, eg, in the UK checking RIPA requests against the official figures?? - though I doubt those currently disclose enough detail and certainly not who the requests were made against? (A. Nope! surprise - see 2009 Interception of Communications Commizssioner's report, eg para 3.8.))

My IGF presentation

I spoke yesterday at the OECD sponsored workshop on whethere we need guidelines for global policy in liability for online intermediaries, to which my answer is, categorically yes. There were some lively perspecxtives from the US Dept of Commerce, Google and the EFF, inter alia. Again more later, but here are the slides.

Igf oecd

View more presentations from lilianedwards.

New Job!

Hello from the Internet Governance Forum in Vilnius!

More of that when it kicks off properly tomorrow, but for now Pangloss is delighted to announce that from 1 January 2011, she will be taking up a new post as Chair of E-Governance at Strathclyde University in Glasgow.

Although she is sad to say goodbye to Sheffield, this is not only a homecoming to Scotland but also something of a dream job: a "research leadership" John Anderson Chair where for the first three years at least, the job is dedicated to forging cross-university and external interdisciplinary links to build IT-related research at Strathclyde.

I will also be taking over, with existing colleagues, charge of Strathclyde's already world-leading LLM and distance learning programmes in IT and Telecoms law: watch this space as we plan to expand, rebrand and add new modules to these already well-known enterprises.

I will also be actively seeking to build a community of PhDs and postdocs in IT law-related areas and looking for interesting new collaborators to build up funded and sponsored research . If you are interested in any of this, do let me know! Themes especially relevant to Strathclyde are likely to include Human Rights and the Internet, Internet Governance, Cyber Crime and Cyber Security, and The Mobile and Next Generation Internet (eg the Semantic Web and Robotics).

See culture - see IT - see Strathclyde! where the future's miles better :-)