On Twitter: @JamesFirth and @s_r_o_c (post feed)

Got a tip? tip@sroc.eu

Thursday, 27 January 2011

Right to roam is not good enough - without robust rights of access we need to keep our forests in public ownership

Alice Holt Forest just outside Farnham, Surrey
- could be under threat
I confess I wasn't too bothered when I first heard of plans to sell many of Britain's forests to private owners.

The planning system would prevent any mass bulldoze & build, and our "right to roam" introduced in the Countryside and Rights of Way Act 2000 means that the new private landlords can't prevent walkers enjoying the forest trails as they've done for centuries.

But I've since discovered our rights to roam will not be enough to guarantee continued access for everyone who currently enjoys our forests, if they're sold off.

Firstly the right to roam only applies to walkers - it does not extend to cyclists, horse-riders and other activities that are currently permitted in many of our forests.

Secondly, there's nothing to compel private landowners to maintain the existing car parking, toilets and play areas available at many forests.  Without such facilities, a visit to the forest comes difficult if not impossible for some, especially families with small children and those with disabilities.

And thirdly there's plenty of anecdotal evidence of underhand tactics employed by private land owners to dissuade people exercising their right to roam.  Such tricks are reported to include dumping large volumes of earth to block entrances and erecting bold signs such as PRIVATE LAND implying that access was forbidden, even though the right to roam across the land exists in law.

We need safeguards to protect access and maintain facilities at all forest sites to ensure that local people continue to enjoy the countryside around them.  Without such stringent safeguards I oppose any sell-off of local forests such as Bourne Wood and Alice Holt Forest.


Tuesday, 25 January 2011

*Exclusive* EC raised concerns on UK Digital Economy Act cost split of 25% to ISPs

The European Commission raised several concerns to the UK government when legislation recently laid before parliament that forces ISPs to shoulder 25% of the costs of implementing anti-copyright infringement measures of the Digital Economy Act were sent to the EC for consultation.

[Click document images to enlarge]

Verified documents passed to this blog show that the EC did not have access to sufficient "elements" to allow it to conclude that the costs that ISPs were expected to cover fell entirely into categories of adminstrative costs permitted under European law, namely Article 12 of the Authorisation Directive (2002/20/EC on the authorisation of electronic communications networks and services).

In addition, the EC asked for clarification that the costs would be "objective" as required under the same Article, because "the qualifying Internet Service Providers do not appear to benefit in any way from the planned online copyright measures."

The Commission also raised a further question over how up-front fees paid by the copyright owner to ISPs to cover their share of the costs would be estimated and adjusted over time based on the actual number of notifications made.

I have no idea if or how the UK government responded to the concerns raised by the EC, but on the surface it appears as though what I originally billed as the less-controversial half of the remaining legislation to implement the Digital Economy Act could still open itself up to challenge, in addition to the four points already being considered in the ongoing judicial review.

The current judicial review is due to hold a 3-day hearing starting on the 22nd March and will assess the Digital Economy Act 2010 against four challenges:
  • The EC was not notified of the Act and since parts of the Act constitute a "technical regulation" within the meaning of the Technical Standards Directive (98/34/EC) it should therefore have been notified to the European Commission before enactment.
  • Parts of the Act are not compatible with the E-Commerce Directive (2001/31/EC)
  • Parts of the Act are not compatible with the E-Privacy Directive (2002/58/EC)
  • Parts of the Act will unduly affect the ability of ISPs in other member states to offer services in the UK, leading to possible infringement of Articles 8 and 10 of the European Convention on Human Rights.

Hunt and Cameron's extraordinary decision on Murdoch/BSkyB

Culture Secretary Jeremy Hunt MP
(South West Surrey)
Just 11 days ago I speculated that a judicial review was a near-certainty when the Culture Secretary made his decision on whether to refer Murdoch's News Corporation bid to take full control over broadcaster BSkyB to the competition commission over concerns of media plurality in the UK.

Ofcom's widely-leaked recommendation was confirmed today: the bid should be sent for competition review.  Whether the full Ofcom report will be unveiled is at this stage unclear, and in my guess unlikely.

But the extraordinary part is Jeremy Hunt's decision to grant a stay of execution and allow News Corp extra time to address concerns over media plurality if Murdoch's group controlled news output from Sky, along with a raft of newspapers and news websites it already owned.

This "third way" seems designed to avoid a judicial review, for had Mr Hunt simply followed Ofcom's recommendation it's plausible that News Corp's lawyers would ask for a review; whilst, if the Culture Secretary ignored Ofcom's recommendation, a bizarre allegiance including Guardian Media Group, Telegraph Media Group and British Telecom looked like they might challenge.

Robert Peston broke this story on Radio 4's Today programme (around 7:25am if you're thinking of listening again):
"Jeremy Hunt does appear to be bending over to help News Corp"
 "It's absolutely extraordinary when you get a clear review from Ofcom that that recommendation does not start straight away"
John Humphrys then tossed in concerns surrounding reports of David Cameron's "cosy dinner" with News Corp executives plus the earlier questionable decision to move the review from a minister seen as hostile to the bid (Vince Cable) to one who's previously made "sympathetic" statements about the bid (Jeremy Hunt).

I don't like this decision at all.  It reeks of the kind of cronyism that dogged the Conservative governments of the 90's.  If the industry regulator - Ofcom - has made a recommendation, then why are we even in a position that a Secretary of State can choose to overturn the review?

At the very least it's a waste of public money commissioning a review in the first place if the government of the day has already decided that the outcome must be sympathetic to those bodies under review.

Another remarkable facet of the saga is that it comes in the wake of phone hacking allegations at the News of the World - a News Corp newspaper.  Whilst many Labour politicians are now happy to highlight the seeping evidence seemingly indicating the practice of phone hacking was far more prevalent than previously claimed, when in government many of these same Labour MPs were far more muted in their protestations.

Shares in BSkyB lept 6p to 756p on opening after the announcement this morning, and they're up 3.8% (27.5p) since opening on 22nd Dec on the day after Vince Cable was stripped of the decision.

If Murdoch has a stranglehold over the current government, is it just an extension of an influence he held over the previous?


Friday, 21 January 2011

Digital Economy Act Update

The government seems to be ploughing  on with some aspects of the Digital Economy Act despite the upcoming Judicial Review, which makes some sense considering the Judicial Review may fail to halt the Act's progress.

Whilst the Judicial Review is due to be heard in a 3-day hearing starting March 22 - and a parallel review by the Department of Culture, Media and Sport remains open for public submissions until March 23,  a draft Statutory Instrument was on Wednesday laid before parliament detailing how the cost of operating the anti-copyright-infringement measures of the Act will be split between ISPs and rights holders.

Rights holders will pay 75%, with the remaining 25% borne by ISPs.  This reflects the position announced last spring following an earlier consultation - so no surprises in the draft SI, then.

With no sign of a draft of the main body of the Initial Obligations Code - the legislation which details how the copyright infringement warning scheme will run, appeals will be heard etc - some commentators are surprised that the government should choose now to put this lesser costs order before parliament.

There is some speculation the move is to allow Ofcom to account for costs already spent in this financial year on the Code as reimbursable at some future date, however I haven't seen any credible evidence for this.

This costs order was always going to hit parliament before the meat of the Code, and since it needs to pass both houses (using the "affirmative" process) maybe now is as good a time as any to get this less-controversial instrument passed.

However there are some interesting developments.  Nick Clegg's use of language when answering a question from Julian Huppert MP was interesting:
This Government do not believe that people should be able to share content unlawfully, but we are disappointed that the industry has not made faster progress towards adapting its business models to meet consumer demand. I agree with my hon. Friend that there are legitimate concerns about the workability of some aspects of the Digital Economy Act. The Government are looking actively at those questions now, and we will make an announcement in due course.
Nick Clegg has previously stated he thought the Digital Economy Act should be repealed, although this was before the general election, and we all know what happened on tuition fees...

But his use of language last Tuesday is encouraging, and reinforces what I'm hearing privately from several people closely involved with the development of this legislation.

Firstly I heard that Jeremy Hunt is still pushing for progress from Ofcom on the remainder of the Initial Obligations Code, despite the two separate ongoing reviews.  The original deadline for the draft (as laid out in the primary legislation) was November 2011, although the legislation allowed for the Secretary of State to authorise delays.

I also got wind that some groups involved with the development of the Code remain dissatisfied with proposals.  I'd guess these are groups representing public libraries and other intermediaries (bodies offering internet access but are not ISPs themselves) as the Digital Economy Act could leave them open to liability or disconnection should someone using their network be accused of downloading infringing material.

Whilst I've received a few tip-offs this week, my contracts in these organisations are unwilling to say anything - even privately - instead hinting at an announcement next week.

I did hear from one contact that Ed Vaizey was stuck in the middle; which doesn't surprise me, if his boss is keen to see progress despite legitimate concerns about the workability, to quote the Deputy Prime Minister, two ongoing reviews and some very grumpy librarians!


    Wednesday, 12 January 2011

    Amazing PHP decimal handling/formatting "bug" - sorry, nuance, and explanation

    Apologies, this blog doesn't normally delve into the underpants of software development, but whilst my former blog - software psyche - remains in hiatus awaiting a major revamp I need to put this somewhere...

    I discovered what seems to be a pretty fundamental bug in PHP today.  It's not a vulnerability but a problem that can lead to incorrect rendering of basic decimal values, and that's pretty serious is you're business revolves around building data applications used on high profile projects by valuable business partners.

    UPDATE 14:22: Thanks to @eddm and @thatdavidmiller this is not a bug! But it is something that PHP programmers should be aware of (and, embarrassingly, as an ex-assembler coder myself (Z80 and MC68000) I should have already known the answer.  Explanation below.

    Try executing the following line of code:
    printf( "%d", (0.58*100));
    It's pretty clear you should get the result 58But I get 57!  I tweeted this earlier today and got a couple of my followers reporting the same anomaly.  Thanks to @Jldb and @JimAnning for corroboration here and here.

    The problem appears even if 0.58 is the value of a variable, and the bug can prove highly embarrassing for instance when important values need to be from a database and rendered accurately to screen.

    There are workarounds, like using "%s" or "%f", but "%d" *should* work!


    PHP attempts to hide the binary element of computing from its users, but inevitably values end up being stored as binary.  Non-integer numbers are stored as floating point values.

    Due to the fundamental way CPUs store decimal data, not every value has an exact corresponding floating point value.  This allows a very wide range of values, from tiny to huge, to be represented by a limited number of binary bits.  When an exact value is not available, the nearest floating point value is used.

    So back to the "bug".  0.58 is not an integer, so it must be stored as a floating point value.  The nearest available is actually 0.5799999...

    0.5799999... * 100 is 57.99999...

    When trying to display 57.99999... as decimal, the printf formatter quite correctly strips the decimal point and gives... 57!.

    Lesson:  don't use printf("%d") on anything other than basic integers.

    So far the bug appears in the following OS/Releases:

    PHP 5.2.13 (64-bit) on Fedora 11 (Pentium D CPU)
    PHP 5.1.6 (64-bit) on CentOS 5.5
    PHP 5.2.6 on OS X (32-bit)
    PHP 5.2.11 on OS X (64-bit)


    Friday, 7 January 2011

    At what point does helping police become an invasion of privacy?

    An interesting debate has surfaced following a request made to Google from Derbyshire Police to help trace the owner of a vehicle in relation to the theft of a caravan.

    Google has reportedly refused to cooperate with police - at least not without a court order.

    For me this case sits right at the boundary between what society considers as public and private.  It raises some important points, such as:
    • How do we treat photographs and video taken in a public place?
    • Where should private individuals and corporations draw the line between informally helping police with a legitimate enquiry and protecting potentially sensitive personal information?
    • Has the state gone too far in bypassing or side-lining the courts when requesting or seizing personal information?
    On one hand the raw footage requested by police (footage that Google might not even have) should not be considered personal or private.  It was taken in a public place.  Daily, outside broadcasts by news organisations incidentally capture car number plates or faces of passers by, yet are broadcast without obfuscation on national TV.

    Owners of CCTV cameras across the country routinely co-operate with police, helping solve crimes; although there is understandable concern over attempts to force publicans and license holders to allow police unfettered access to CCTV systems as a condition of holding an license to serve alcohol as this shifts the relationship from consensual cooperation into police control.

    I doubt there is any part of the Data Protection Act 1998 that prevents Google cooperating with police in this case.

    But on the other hand I'm concerned by many other scenarios where judicial oversight on access to personal information has been sidelined by successive laws, and Google taking a stand highlights some important related issues.

    A few examples: only last year at the end of the Labour government, a clause (S57) was added to the budget (Finance Act 2010) to allow postal packets to be opened without a court order or in the presence of the addressee.  This was billed as an "essential" measure to cut down on trafficking and tax evasion. Fair enough, but why sideline the courts and allow this to happen without the safeguard of a court order?

    The Regulation of Investigatory Powers Act 2000 is a classic example of how the courts are losing their oversight over police and other authorities whenever they access personal information.  Okay, this is a slightly contentious point, as when the act was introduced it did force many authorities to oversee, via in-house processes, some surveillance practices that were previously unregulated.

    But one issue of concern is how the UK's main surveillance law divides personal electronic records such as email logs and telephone calls into 2 categories: "traffic data" and "content".  You might assume the identity of people you email or telephone should be personal and private to you, but since the "who called whom and when" is classed as traffic data, police - and even your local authority - can request this information from telecommunication service providers without a court order.

    Another issue of concern is the seemingly routine seizure of computer equipment and mobile phones from many people arrested on suspicion of any of a long list of crimes (often referred to as trigger offences and trigger powers) under Section 18 of the Police and Criminal Evidence Act 1984.

    MP Damian Green had computer equipment seized when his home and parliamentary office was searched following his arrest on suspicion of conspiring to commit misconduct in a public office.  Much has been written about how these charges were arrived at, and how subsequent police raids and seizures were carried out.

    In theory police must have reasonable grounds for suspecting the items seized may hold evidence in relation to the offence a suspect was arrested for, but there is no judicial oversight as a warrant is not required once an arrest has been made for an indictable offence, and the internet is awash with anecdotal evidence of people claiming they were arrested on questionable evidence before having electronic equipment seized.

    Electronic equipment seizures seems particularly prevalent for public order offences in relation to protests such as the climate change protests over the last few years; and, more recently, student protests.  It seems particularly unfair that police are able to access such a wealth of extremely personal information just because someone is suspected of demonstrating - or in at least one case the pre-emptive thought crime of planning to demonstrate - without a court order.

    So in summary, yes, I believe Google should hand over the images (if they exist) without a court order, as the images are taken in a public place and are clearly no more sensitive than many TV news reports.

    However, there are many other cases where I feel judicial oversight should be restored or introduced in order to protect legitimate rights of privacy, particularly in relation to electronic devices that hold a vast amount of sensitive personal information, and Google taking a stand as reported might help to raise awareness of these issues.