Monday, July 31, 2006

GikII programme

The programme for GikII is now finalised. However if you're interested in attending, a very limited number of places are available for a nominal £25 to cover costs. feel free to pass this on. I'm really looking forward to it :-)

Friday, July 28, 2006

Perceptive Peers Go Pervasive, Persuasively

The House of Lords debates pervasive computing. As IdentityBlog comments. an unelected second House may seem like an anchronism, but the standard of debate is invariably higgher, especially on specialised technical topics, than in the Commons. Note the concern not just for privacy generally, but also for whether the Data Protection Act applies, for patient rights, and for environmental damage.

Thursday, July 27, 2006

MySpace Caves

From Boing Boing

Billy Bragg's highly publicized campaign against MySpace's crummy, grabby terms of service has been successful. MySpace has revised its terms so that musicians who upload to the site retain control of their works, and MySpace/NewsCorp/Fox can't sell those songs without contracting with the musicians.

Bragg now declares:

"Now that the popularity of downloading has made physical manufacturing and distribution no longer necessary, the next generation of artists will not need to surrender all of their rights in order to get their music into the marketplace. It is therefore crucial that they understand, from the moment that they first post music on the internet, the importance of retaining their long term right to exploit the material that they create. This is doubly important on a networking site where many of the songs posted will be by unsigned artists. Ownership of the rights to such material is somewhat ambiguous. Thats why I hope that the groundbreaking decision of MySpace to come down on the side of the artists rights will be followed throughout the industry.
I also welcome the new wording of the terms and conditions in which MySpace clarify exactly why they require specific rights and how they intend to use them. Again, I hope more sites follow the lead of MySpace in ensuring the use of clear and transparent language in contracts. The last thing any of us wants to see is a situation in which everyone posting a song on the site has to have a lawyer sitting next to them. "

Interesting. MySpace is of course very vulnerable to anti-PR stirred up by a well known musician since its USP is that every wannabee band in the world as their home page there. I wonder if YouTube will follow suit? YT's conditions have been criticised for potentially grabbing rights to all amateur videos posted there. (Google Videos' are similarly ambiguous.)

Thursday, July 20, 2006

More Fun with Ted and Alice but not the BPI

Not a great week for ISPs what with the BPI/Tiscali spat and this.

Also from OUT-Law :

"A music industry coalition has proposed that ISPs and others should pay a licence fee to compensate rights-holders for unlawful file-sharing by their customers. One critic called the plans, which would change copyright laws, "ill-conceived and grasping."

The group met in London yesterday. It did not represent the entire UK industry – notably, the BPI was not in attendance. But nearly 1,000 independent record companies and 50,000 songwriters, composers and music publishers were represented.

.. the groups represented yesterday do not want to target the individuals who infringe copyright in this way. Instead, they want to target the intermediaries. According to a joint statement issued after yesterday's meeting, ISPs, mobile companies and device manufacturers "profit extensively and reap wider value from the unauthorised distribution of music whilst being protected from liability by a series of legal immunities and safe harbours." There were no ISPs in attendance at the meeting."

So, the return of the ISPs' "dirty little secret", the idea that ISPs profit indirectly from downloading and therefore condone it (even though most broadband contracts are now flat rate rather than per MB). Somehow I can't see this one catching on with the UK Govt right now though. If ISPs got taxed for profiting from downloading and uploading, why they might stop co-operating with the IWF (and the police) in stopping access to child porn. Which voters like a lot less than they do the odd downloader.

My I'm cynical tonight.

Less obviously, ISPs already do quite often disconnect or at least cap the accounts of conspicuous bandwidth hogs. This doesn't give royalties back to the musicians but it does more quietly contribute to the control of filesharing in the UK, probably to quite a large extent.

I KNow What You Did Last summer

.. well actually your credit card does. And your bank.

OUT-Law report that:

"New powers to allow banks and building societies to remove the credit cards of customers cautioned for or convicted of buying indecent images of children online were agreed in Parliament on Tuesday.

The Data Protection (Processing of sensitive personal data) Order of 2006 amends the Data Protection Act of 1998 to allow card issuers to process sensitive personal data provided to them by law enforcement authorities so that they can withdraw the card used to commit the offence.

The order results from collaboration between the Department for Constitutional Affairs, the Association for Payment Clearing Services (APACS), the Child Exploitation and Online Protection Centre (CEOP), law enforcement agencies, children's charities and the Home Office."

The OUT_LAW team have already objected to this rule, and you can see why. The breach of privacy might be justified if it achieved anything, but withdrawing one credit card? I can sign up for 4 tomorrow using the junk mail and email offers I get everyday - and get more Air MIles while I'm at it :-)

So if you're in a conspiracy mood,what are we being softened up for here? When will we see credit card details of those who pay for other, less heinous things, passed on to the issuers? On line gambling anyone? Or payments to

And when will these factors be taken into acount in credit scoring for getting MORE credit cards?

So there you have it: this is either a very silly law, or a very clever one..


From the Cyberprof mailing list : Microsoft's academic outreach officer has anounced that Microsft are adopting "Windows principles" for the future:

"Microsoft's new, voluntary "Windows principles."

The principles were announced today in a speech in DC by Brad Smith (Microsoft's general counsel). It is worth noting that they will apply to development of Windows Vista, and will continue to apply after major parts of the antitrust consent decree expire in November 2007.

The principles are divided into the following three general categories:

· Choice for Computer Manufacturers and Customers. Microsoft is committed to designing Windows and licensing it on contractual terms so as to make it easy to install non-Microsoft® programs and to configure Windows-based PCs to use non-Microsoft programs instead of or in addition to Windows features.

· Opportunity for Developers. Microsoft is committed to designing and licensing Windows (and all the parts of the Windows platform) on terms that create and preserve opportunities for applications developers and Web site creators to build innovative products on the Windows platform — including products that directly compete with Microsoft's own products

. Interoperability for Users. Microsoft is committed to meeting customer interoperability needs and will do so in ways that enable customers to control their data and exchange information securely and reliably across diverse computer systems and applications.

I encourage you, if you are so inclined, to write about, blog about, or otherwise distribute your thoughts on the speech and the principles. Please feel free to contact me with questions or comments."

Whatever you think of both M$ and the above, (and cynically, the obvious thing to think is that M$ has just been smacked with a wacking great fine by the EU for failing to do some of or all of the above) this is an interesting deveopment.

Ever since Lessig kicked it all off, academics have talked about using some kind of set of principles to govern the creation of code by non-legislative coders. This is the first example I've seen of something more detailed than "Do no evil". Any other suggestions?

Tuesday, July 18, 2006

YouTube Goes Down the Tube (Not?)

As most the blogverse has noted, a certain Mr Tur, owner of Los Angeles News Service, is suing YouTube, the free and very popular video hosting site, for hosting a video he claims infringes his copyright.

While YouTube is perhaps best known for hosting user's own home vids (like the famous cat and Apple Powerbook video) it is also well known to host copyright material that fans or critics choose to upload - eg you can find the concluding segments of both the recent Dr Who and Green Wing series there. You can also find a middle ground of fan/user "mash ups" - songvids and the like - eg a very amusing parody of the end of that self same Dr Who series.

But YouTube is a host, not a P2P intermediary and so, oddly, it has the law on its side. The Digital Millennium Copyright Act provides that hosts who have no knowledge of hosting copyright infringing materail are immune from liability for it, as long as they respond to notices for take-down delivered in the style approved by the DMCA. (Furthermore, and even better, YouTube are protected from an action by a disgruntled user if they do so take down in good faith.) Nor is this just a USA oddity - the EC E Commerce Directive has a very similar regime for hosts in Art 14 of that instrument. (It's that provision that allows eBay in Europe, as previously discussed here, to get away with hosting trademark infringing goods so long as it removes them on notice, and expediently.)

These laws were drafted in the late 90s, before the P2P revolution but after the beginning of the boom, to protect ISPs , so as to encourage ISPs to collaborate with both the music industry and other such industry bodies in taking down pirate material on an NTD basis. Before they were introduced, following the late unlamented Prodigy case, ISPs were scared that if they touched illegal content, even to monitor or it or remove it, they immediately became liable for that content themselves.

But the amusing thing, now, in 2006, is that YouTube in many ways looks way more like (non legal) Napster than AOL or CompuServe. It's used extensively by a very large number of users to download pirate copies (c 100 million videos served per week, according to Technollama, of which a large number must be infringing), It's a free service, which makes its money on ads. And it has that cool , anti-the-man chic about it.

But because YouTube only hosts material provided by third parties, and doesn't put up its own materials (as did), it's protected by the DMCA and ECD safe harbors. (Unless a US or European court can be convinced that it had "constructive" notice of illegality - ie it should have known what was going on or as the DMCA and ECD put it, was "aware of facts or circumstances from which infringing activity is apparent" - which is not altogether impossible but perhaps unlikely.) While the Napsters of this world fell foul of secondary copyright infringement, because their central database pointed at illegal copies hosted by other users. They didn't get the benefit of the DMCA because they weren't seen as a host who could respond to NTD notices and were aware of infringing activity. This seems, in retrospect, mildly curious.

As for a Grokster analysis - as Technollama also points out, it's hard to argue that YouTube "induced" copyright infringement. Their site unlike Grokster's is free of anti-copyright rhetoric and their ToS are impeccable (not that that helped Grokster!) - plus YouTube can calmly say the site was mainly set up to allow users to host their own amateur copyright material, and , I think, prove it.

So this one looks like a no-brainer.

So what if YouTube was serving, not videos, but pithy quips from popular novels, and acute chapters of contemporary academic works? Would the scenario be the same? What, in other words, if it was Google Library slightly differently conceived? Is this a way forward?

EDIT: Chris Marsden helpfully points out that You Tube merely streams video, and does not enable actual download - this of course makes it look far less like Napster/Grokster etc.

Thursday, July 13, 2006

Google regulation in Germany?

One idea that's been discussed and repelled here before is that search engines are important actors in cyberspace and that Google has in some markets a dominant position - does this mean therefore that it should have legal duties to the public eg, not to censor, or to list all sites, or to ue a certain algorithm for listing?

A German search engine conference has some interesting recent comments.(via The Register)

"German experts at a Berlin seminar this week argued that search engines need to be more regulated. They want companies such as Google, Microsoft, and Yahoo! to exercise editorial control over their search results and filter out sites with x-rated content or that glorify aggression.
"Mechanisms have to be developed to deal with illegal content and to protect children online," Marcel Machill, a lecturer in journalism at Germany's Leipzig and Dortmund universities, told the Search Engine Workshop run by the Friedrich Ebert Foundation this week."

Google and other search engines can however argue that they offer a safe search option voluntarily - though of course this can be turned off by the user. And it is well known that Google already do block listings which violate local law in (at least) China, France and Germany. But another speaker argued that a "voluntary obligation" is nothing more than a "weak regulation without any sanctions".

More interestingly perhaps though -

"Machill is also clearly troubled by the strong market position of some of the search engines. Google already accounts for 90 per cent of German web searches. In the classic media sector this kind of concentration would be absurd, he says.
"It is important not to let this power develop unnoticed." Machill hopes that Germany will establish a public corporation to build its own search engine with "editorial responsibility" to compete with Google."

Building a national search engine will be a preferable response to regulation of the private sector for many economists and regulators. But national attempts to build search engines (a French effort was documented here a while back) seem inevitably to lag behind market driven efforts Vive la capitalisme!

Tuesday, July 11, 2006

The ISP Strikes Back

Further to this post, one of the ISPs involved, Tiscali has now refused to comply with what Cory Doctorow has neatly christened notice-and-disconnection.

This is very interesting too. As Cory points out, when the device used by the rightsholder organisations like the BPI was notice-and-takedown, the economics were in favour of going along with it; it is cheaper and easier to take down content, than to get involved in possible legal proceedings. But it costs far far more to connect a paying customer up to the Internet; so the economics work the other way, for holding fast. This happens also to favour what might be seen as the civil society position, ie, that those accused of copyright violation deserve trial by due process before being presumed guilty on the BPI's say-so, and thrown off the Net. But digital rights are probably not the major motivation driving Tiscali's stance.

Nonethless this is a cheering development.

NIcely put summary from Tiscali's letter: "It is not for Tiscali, as an ISP, nor the BPI, as a trade association, to effectively act as a regulator or law enforcement agency and deny individuals theright to defend themselves against the allegations made against them."

Security 101

It really isn't very hard to get people to give up their mother's maiden name..

The New Statesman, on Living in the Silicon Cul de Sac

I love it:the New Statesman on why the UK Digerati are never going to be as sexy as their US counterparts (and look, ma, ORG has Americans in it too! shoot at will! hi , Jordan :-)

"[Cory} Doctorow leaves in his wake a newly formed UK advocacy team, the Open Rights Group. But there is one lingering question: why does Britain need "outreach" from North America when it comes to campaigning for digital rights? After all, it was a British man who invented the worldwide web. Why, when the US gets Silicon Valley with all its alt:latte cool and laptop-toting liberalism, are we stuck with the Silicon Corridor, nestled in the UK's debt heartland, Reading?

.. We British don't like to brag about it, but this country is still a home for some of the world's best open-source coders - Ben Laurie, who coded the security software that deals with most credit card transactions online, and Alan Cox, until recently second lieutenant in coding and maintaining a core part of the open-source operating system Linux, among others. So it seems silly that we should need help from the US to keep the digital future fair.

The truth is, it's the politics that keeps digital-rights campaigning so unsexy on this side of the Atlantic. In America, lawyers such as Lawrence Lessig can swan in and out of the Supreme Court at leisure, filing suits against the state for offences to free speech with the help of the good old US constitution. In Britain, we have to rely on legislation from Brussels. There have been significant victories on digital-rights issues in Europe, most notably the European Parliament's decision to reject the idea of extending patent law to cover software code and business models. But the lack of understanding about Europe's political processes and values makes campaigning on digital rights that much harder. "

Leaving aside the small matter that the European Convention on Human Rights is NOT legislation from Brussels, actually I think the problem is that we Brits just can't make grand statements with a straight face the way the Americans can. We haven't got the evangelical upbringing, the oral rhetoric of US culture. We're far less likely to be found saying things like "Digital rights are essential if we are to avoid being the DRM-ed slaves of the next Microserf generation" and more "That last episode of Dr Who last night was good wasn't it? Now, how about a cuppa, and er, about this ID cards business.."

(via Ben Lauries's blog)

Don't shoot the messenger, use him to send a message back?

Fascianting stuff about the role of ISPs in the fight against file sharing, via ars technica:

"Stepping up its campaign against illicit file-swappers, the British Phonographic Industry (BPI) has moved from targeting individual users to putting pressure on their ISPs. The BPI has just announced that 59 accounts suspected of large-scale piracy have been reported to two ISPs, which are expected to deal with the issue. 17 requests went to Tiscali, while another 42 were sent to Cable & Wireless.

The ISPs offer no guarantee that anything will be done, but the BPI wants to move faster against suspected file-swappers than is possible in the court system. They also want to paint the ISPs as complicit with the swapping through their own inaction. As they put it, "While the BPI retains the right to pursue cases against individual uploaders, the move against ISPs who have so far failed to take effective steps to stop illegal filesharing marks a significant development in the BPI campaign—allowing the record industry to deal with a greater volume of cases more quickly and efficiently." "

Oh how interesting. What's the legal position if the ISP doesn't do anything? or to put it another way, is there more than an arguable ethical duty on the ISP to investigate and taken its own action against the alleged filesharers?

Well, if the ISP gets told often enough that it has filesharers on its network (with dates and filenames and megs uploaded etc etc), and doesn't take steps to remove them, could it have constructive knowledge of illegal activity, and could it thus lose the benefit of the general ISP immunity defnce under the E-Commerce Directive Regulations? This is much the same kind of argument I toyed with making against eBay some while back.

Of course, before an ISP could even be potentially liable in civil damages, if not in criminal law, theer would have to be liablity under copyright law. Could an ISP that gets told off often enough for harbouring fileshareres be "authorising" or "inducing" copyright violation, as was successfully argued against KaZaa and Grokster in Australia and the US?

Far fetched perhaps.. but an interesting thought..

And of course, in the real world, it's a lot easier to scare ISPs with far fetched theories of legal liability than it is to convince a court of it :-)

Friday, July 07, 2006

ORG comes to town

panGloss has been cordially invited to join ORG, the new UK based Open Rights Group. ORG are hoping to host a social event at GikII, to encourage recruitment of, and communication between, members outside the London metropolis. (And so say all of us.)

Support the Open Rights Group

ORG write:

"Recent successes for ORG include:-
  • Submitting written and oral evidence to the All Party ParliamentaryGroup public inquiry into DRM, much of which made it into the finalreport.-
  • Submitting written evidence to the Gowers Review of Intellectual Property-
  • Raising awareness of the problems with DRM in the media, with several articles picking up on ORG's position

In our immediate future will be a campaign on the public domain, which will lobby against the music industry's request for an extension of copyright term on phonographic recording.

Please do spread the word if you can, and help us reach our target of1000 members!"

It's good to see an organisation which realises that even in the transnational world of cyberspace and digital rights, national legal and cultural divisions make local organisation and input vital. The recent Net Neutrality debaters eg have, slightly annoyingly, entirely ignored the fact that in the EU the problem is a non starter. EDRI is a briliant example of an umbrella digital rights organisation which comprehends that different cultures have different responses to the the new information sociaty. Is ORG yet part of EDRI? I must find out!

.. aaand it's g'buy to Google Checkout!

Further to my post on Google Checkout, Boing-Boing usefully reports that :

"A week after it was released, eBay has added Google Checkout to its list of online payment methods not permitted on eBay. A Google spokesperson says: "Google Checkout is not a beta product. Google has a long history in billing and payments for AdWords for premium services, such as Google Video". "

Oh what fun. This is what happens when money goes from being a coin of the realm to a proprietary product of course. What next? Will Google-friendly companies stop taking PayPal? Who will Amazon ally with? What does competition law say about all this, not to mention EU electronic money issuing rules? Do we need "clearing bank" rules for electronic wallet isuers? Don't miss next week's exciting episode!

Thursday, July 06, 2006

Mobile Security :-)

Finally what the world needs - the phone that won't let you drink and dial your exes.

A Korean manufacturer has developed a phone that includes a breathalyser. It can be programmed so when you blood alcohol exceeds a safe level, certain numbers cannnot be phoned.

And the IT law element? Well, a commentator on Bruce Schneier's blog asks if you could combine the measurements taken by the phone with geospatial data to pin an unwilling motorist down for drunken driving. Maybe unlikely in the States - but in London with our comprehensive Congestion Charging surveillance system?? I wonder if the readings are date and time stamped? and if/how they're stored?

Maybe we should all start getting into the habit of removing stored data from our phones... just like people clear their cookies and their history lists!