Thursday, January 28, 2010

GikII 5!!!

Heads up GikII people; GikII 5 *will* be in Edinburgh June 28-29 2010. We have FINALLY managed to book a room!! More details soon. Already one paper offered on Gallifreyan legal procedure :-)

Google and China: Interesting Times?

So what do we think about the Google China affair then? For anyone who has been hiding under a rock on Pluto lately, Google announced on January 13th that it "may end its operations in China following a "sophisticated and targeted" cyber attack originating from the country." aimed apparently at gathering intelligence from Gmail accounts etc on human rights activits, dissidents and the like in China, and adding that in response they would no longer self censor their search database as they had since starting up in China in 2006. China, unsurprisingly, insisted that hacking was illegal in China and Google would have to toe the line and enforce local laws like other companies. Then perhaps slightly more surprisingly, the US government itself got involved in the form of a swinging speech by Hilary Clinton demanding that Beijing that should investigate the hack attacks on Google, and les directly, implying that China had a duty, like also-mentioned Tunisia, Uzbekistan, Vietnam and Egypt to stop restricting freedom of expression on the Internet. One commentator has compared this to Reagan demanding the pulling down of the Berlin Wall - only this time it was the Chinese Great Firewall. For China to back down wouldbe almost unprecedented; so at least China insider has said that in six months he expects there to be no Meanwhile information filters out that similar espionage hacks seem to have been mounted by Chinese hackers on other US companies in recent months , seeking economic espionage intelligence; two of the companies were major US oil companies.

The main response to this has been huzzah! In a world apparently dominated by bankers taking as many undeserved bonuses as they can sweep up, one can sense the eagernness of the world to believe that a big company can still want to do the right thing. Certainly even if Google's "Do no evil" motto has tarnished a little lately they do stand out as appearing in the world of corporate politics to give a damn about human rights. A Grauniad columnist wrote perhaps a little over excitedly yesterday:
we can now again unreservedly identify, politically as well as aesthetically, with Google. This is the spirit of liberal universalism. It says that there are some universal rights it is not the prerogative of any state or "civilisation" to curb; and that, as the Universal Declaration of Human Rights states, the right to information freedom is among them."
But is anything in life really this simple? As many have pointed out, China is a market where Google is not dominant, having only around 30% of the market. But pulling out of the world's largest emergent economy is still rather a bold step. Unless perhaps you consider the rather less publicised fact that Google only makes money by click through on ads; and reportedly, the Chinese don't yet bother to click through (Google don't reveal the turnover of their Chinese business as they do their US profits). Still it seems like either a very brave or a very foolhardy endeavour. (Bill Thompson comments that "Threatening to pull out of China is like threatening to spit on a whale".) (Unless you think it's all merely a very successful PR stunt.)

A braver woman than Pangloss might even sail into the world of conspiracy theories, and consider the Google response and the Clinton speech as part of a combined PR drive. China expert Orville Schell in this video recorded at Davos, notes that
"Google has become more like a nation than a company. By this he means that not only is Google closely connected to the Obama administration, but the company has a high resonance in the western world. Only a company like Google could take such a stance against China".
Why would the US want Google out of China, or at least, a very public fuss about the hack attacks on Gmail accounts by China? Well cybersecurity experts have long privately admitted that although rather more fuss has been publicly made about "cyberwar" denial of service attacks on critical infrastructure (as , famously, against Estonian and Georgian banks and media sites, etc), the foremost worry is actually about cyber espionage. Chinese keylogger code has been found before now on military computers; it is known that it is almost impossible to 100% protect against this. Google store invaluable information not just about Chinese dissidents but US citizens - and companies. If you were a Chinese espionage officer would you target the unprotected Gmail user or the more protected Google servers, or the very well protected servers carrying confidential military or corporate secrets?

For a cyber lawyer, the interest here is whether we are approaching the point where cyber espionage might begin to be characterised as "cyberwar". Just as with DDOS attacks, the current law is badly equippd, perhaps quite properly, to make this conceptual leap. I spoke on this in Estonia last summer, at the NATO backed CyberSecurity Centre. International treaties demand an "armed attack" by a "state" before rights of self defence or international humanitarian law can begin to apply. Is use of code to find out information an "armed attack"? Difficult to see (although there was some discussion of this back in the good ol' days of Star Wars defence.)

More significant still is the pained matter of attribution. No one can prove that attacks by Chinese hackers came from and with the authority of the Beijing government - and circumstantial evidence simply cannot be regarded as decisive here given the easy obfuscation of Internet traffic and addresses, and the flourishing private enterprise cyber black market. Much of the cybercrime in the world originates from networks of zombie machines run (apparently:-) by Russians with the machines scattered through every country from the UK to Brazil; this does not mean (necessarily) that Russia, the UK or Brazil is responsible as a state aggressor. The question of attribution will have to be far better discussed before we can go any further down this line. In the meantime however, it is interesting to note that there are reported American stirrings of interest in a cyberwar treaty to reduce cyber-attacks, as with munitions or poison gas weapons: such a treaty has long been resisted by the US, but now that position seems to be shifting - why?*

And meanwhile today brave little Twitter, hero of the Iran dissidents, announces they are sub contracting research to avoid being blocked by China. All in all very interesting times - in the Chinese sense?

*Well perhaps because as I discover the minute I finish writing this, 37% of US critical infrastructure firms think cyber attacks are growing and 2/5 expct a majot cyber security incient within the year - say McAfee at Davos.

Life, etc

Via my very lovely colleague Judith Rauhofer;

Quote of the week by Lord Clement-Jones:

" When a man is tired of the Digital Economy Bill, he is tired of life. I am sure this show will run for a long time."

And indeed, now the debates in HL Committee over the "three strikes" parts of the DEB have ended, watch this space for some thoughts on how the debates have gone, shortly. For now, interesting to note that legal process needs tweaking too: see the latest Which? report on the deluge of complaints against P2P ambulance chasing bully firm , ACS Law (creditably, much mentioned in the Lords debate.)

ACS:Law has sent thousands of letters to people claiming they have illegally downloaded material and offers them a chance to settle by paying around £500. 

Which? says it has been approached by some - including a 78 year-old accused of downloading pornography - who have no knowledge of the alleged offence.

ACS:Law said its methods were accurate.

The London-based firm said that it would send more letters soon."

In other news, I'd also like to comment on Google and China (interesting response here from the reliably interesting Bill Thompson, one of the few voices to be more realistic than triumphant here), connected cyberwar developments and public open data in the UK - to be continued!! (Oh and I'd really like to talk about whether full body airport scanning really constitutes distribution of child porn (eh?) as oposed to invading privacy (for sure). But chance would be a fine thing!

Also, the first review of Law and the Internet 3rd edn!! Thanks to Andrew Katz for preparing me, er, letting me know!!

Wednesday, January 20, 2010

ORG : Fight the Digital Economy Bill unconferences

Via ORG: a series of meet ups in Manchester, London, Edinburgh and Sheffield to learn more about how to effectively lobby your MP on digital rights matters, with current especial reference of course to the DEB, graduated response, disonnection etc.

This is a great and timely initiative and if you have any interest in learning how to actually participate in democracy and make your voice count, come along!! It's free!

I will be attending the Edinburgh one, and am happy to talk to people about what I've seen of the Lords debates on the amendments thus far - I'll also, time willing, be blogging in detail on this this week or next as we approach the end of the committee Lords stage. Hugh Hancock of Strange Co machinima fame will also be there and of course Jim Killock, director of ORG. (Will we have a Technollama, Andres??)

Details and sign up form here.

"The Open Rights Group wants to help you get your voice heard: by helping you to talk to your MP. Booking an appointment with your MP and saying what you think is easier than you might think.

At this event you will:

  • Gain the confidence to talk and write to your MP
  • Rehearse talking to your MP one on one
  • Find out what MPs will ask you
  • Learn how to write to your MP and get a response
  • Meet other people campaigning against disconnection without trial in the Digital Economy Bill

Talking to your MP is the most effective way to make sure Parliament knows how unpopular and bad disconnection without trial really would be.

In these short sessions, you can try out talking to your ‘MP’ or watch someone else having a go, and learn how to get your points across in a way that an MP will understand."

Friday, January 15, 2010

Quote of the debate so far

Lord Lucas, Jan 12th, Committee Stage day 2

"Lord Lucas: I agree with what the noble Lord, Lord Mitchell, has just said. We have to be careful about setting out to criminalise, as he says, a large proportion of our population, particularly when it involves putting them not in the hands of the criminal law with all the safeguards, care and rationality that involves, but in the hands of firms of solicitors who are out to make a

12 Jan 2010 : Column 423

buck from the process. None of these people are nice to deal with. Even where the majors have been involved in prosecutions-there are not many cases of that-they are relentless. It is not at all nice to be on the receiving end of one of their prosecutions. They can take a long time, cost a great deal of money and go on, with unspecified consequences, for a period of years. It is not like a parking fine or some simple, reasonable but reasonably painful financial consequence of wrong-doing. This is putting people into the civil justice system with civil levels of proof. We should be careful about doing that and the circumstances in which we do it."

The DEB amendments; 1 in a series..

You might wonder where I've been this time. Well, Pangloss is currently signed off work with a prolapsed disc. Yes it's Ok, it wsn't fun, but I'm getting better now, thanks. Anyway, one thing I plan to do for **fun** this week now I have time on my hands is sit down and have a look at the hundreds of DEB amendments. Yes I know; I'm that sad.

As a starter, it's important to remember not all the DEB is about disconnection of filesharers and neither are all the amendments.

One amendment Pangloss might draw attention to in particular has had quite a warm reception in parts of the press, odd perhaps given recent Google/Murdoch fracas (or not so odd?:). The Telegraph note

Lord Lucas, a Conservative peer, has tabled several amendments to the Digital Economy Bill

that would settle a number of copyright and electronic publishing arguments once and for all.

The one that’s been catching the headlines is immunity for search engines from prosecution under copyright laws as they go about their normal business of searching the web. Every provider of a publicly-accessible website shall be presumed to give a standing and non-exclusive licence to search engines to copy their content for the purposes of searching. A machine-readable file (robots.txt, for example) can be used to demonstrate that such a licence is not granted, should the owners of the website prefer not to be indexed.

Brilliant. Immediately all of the rows and back-and-forth between ill-advised newspapers and publishers is given a clear legal footing. It would be legal to be a search engine, and you can tell them to keep out if you wish. A few sentences saves millions of pounds of court costs and clears the headaches of everyone involved."

while the Guardian adds

" it would, for example, give Google legal immunity with which to index News Corp content, settling that thorny topic once and for all. But all would not be lost for publishers who want to retain control. Lucas's amendment does make provision…

The presumption (of having an automatic license) may be rebutted by explicit evidence that such a licence was not granted. Such explicit evidence shall be found only in the form of statements in a machine-readable file to be placed on the website and accessible to providers of search engine services.

In other words, Google would be free to copy everything - but a publisher blocking search spiders with a robots.txt file would be taken as withholding that right. An explicit "fair use" provision, which Google often cites against copyright-abuse claims, does not exist in UK law."

Interesting stuff?

NOTE: fun summary of this week's first debate at the Register

Oink site owner cleared of conspiracy to defraud

Well I guess we didn't see that coming.

"A man who ran a music-sharing website with almost 200,000 members has been found not guilty of conspiracy to defraud at Teesside Crown Court.

Alan Ellis, 26, was the first person in the UK to be prosecuted for illegal file-sharing...

Oink facilitated the download of 21 million music files...During the trial, which lasted seven days, Teesside Crown Court heard that users were required to make a donation to be able to invite friends to join the site.e jury was also told that Mr Ellis received $18,000 (£11,000) a month in donations from people using his website."

Well this is interesting. Is this the UK's own homegrown Pirate Bay case only coming out in reverse, or is it merely a blip from a perverse jury probably stuffed full of students and ne'er do wells? We may not find out for some time..

Some very strange elements here. Users had to make "donations" - yet they, who were looking for free music, donated £11,000 a month? How good was this site? An earlier Beeb story tells us "The court heard that membership to Oink was free, but by invitation only, and anyone wishing to propose a friend had to make a five dollar payment." Er that's an entry fee NOT a donation..

Te money was alleged to be used to buy a new server. You can buy a decent server for about £1000 or less these days..not £11K per month. The site was designed not to "defraud" but to allow the owner to practice his skills to bcome employable, he claimed. Yet "the website was developed from a free template, which had a torrent file-sharing facility included in it". In other words, it came as a kit. Not terribly skill enhancing? And this unemployed worker wannabe had $300,000 in his bank account when the police raided. All this rather points to the perverse jury theory.

Why did the CPS go for conspiracy to defraud anyway? Why not as in Sweden, a criminal copyright offence, since given the "donations" and profits, surely there is as much evidence of commercial trading in copyright infringement as with any normal geezer selling CDs off the back of a van? Did they decide not to take that approach because it was a torrent site not a hosting site? That would be my guess (although of course the Pirate Bay was a torrent site too) - it would be great if someone out there knows more.

Not a good week for the music industry altogether, as BIS back peddles on clause 17 of the DEB as well! Perhaps the most interesting sociological point here is to wonder why the jury came in with such a strange verdict. Has the music industry dug their own grave by making their enforcement tactics so alienating that juries will turn their back on overwhelming evidence of guilt? Hubris, ate??

Tuesday, January 05, 2010

The Google Toilet

This is getting a lot of pass-round in ye olde blogosphere. As with some of the vids I post here about filesharing, it makes some good points evocatively but I do not endorse the overall conclusion for one simple (or maybe not so simple) reason; even if you effectively feel you have to use Google (and there are rivals, especially in the non search categories of services) you can delete your Google cookies. But - another fun one to show students!

Monday, January 04, 2010

Tell it to the Marines: 2010, same news at 10

And so as it ended, it begins.. (obvious reference to Dr Who's regeneration deleted , sadly..)

The Beeb reports a pre emptive attempt by Bono to get headlines when as we all know this the time of year with No News.

""The immutable laws of bandwidth tell us we're just a few years away from being able to download an entire season of '24' in 24 seconds," he wrote.

"A decade's worth of music file-sharing and swiping has made clear that the people it hurts are the creators...the people this reverse Robin Hooding benefits are rich service providers, whose swollen profits perfectly mirror the lost receipts of the music business."

Um yeh. Would that be the same rich ISPs who are going to have to pay an estimated £500m to prop up the failure to innovate of an entirely other industry?

As to:
In a move that drew significant criticism, Bono went on to suggest that the feasibility of tracking down file-sharers had already been proven.

"We know from America's noble effort to stop child pornography, not to mention China's ignoble effort to suppress online dissent, that it's perfectly possible to track content," he said."

...I really feel any comment is redundant.

Oh and happy new year!!