On Twitter: @JamesFirth and @s_r_o_c (post feed)

Got a tip? tip@sroc.eu







Wednesday, 27 April 2011

Stored-up bad will and storing passwords in plain text - Sony Playstation privacy woes

UPDATE 2-May: Sony have released a press statement effectively claiming now that passwords were indeed hashed and therefore your password might not have been lost to hackers.

When talking about data leaks there's a couple of important points to remember. (1) people who live and work in the glass house of data management really shouldn't throw stones (so I hope this doesn't come back to haunt me) and (2) one can never condone criminal actions of alleged hackers...

That said, it really couldn't have happened to a nicer company.  Firstly there's Sony's relentless legal pursuit of George Hotz (GeoHotz) - an enthusiast who worked out how to bypass the digital locks that prevent Playstation owners running their homebrew software on their own Playstation (note: not illegally-copied games, but useful stuff, like Linux).

And secondly there's an experience of a good friend of mine who last summer found some questionable credit card transactions linked to their Playstation account.  Sony's response was incredible.  No, he couldn't have a refund.  Yes, he could pursue a complaint with his card provider under the Consumer Credit Act 1974 or Distance Selling Regulations however...

... If he filed a complaint he was informed he would lose all access to his existing Playstation account, including gamer ID and all purchased titles! Simply incredible.  If anyone from Sony wants to comment I've reserved a space right here:
Space intentionally left blank
And on the reported attack itself, there's no excuse for storing user passwords unencrypted.  It's well established that people will use the same password for various purposes.  The public know this is a bad idea but keep on doing it.

The solution is not to shake one's head and say "dear me the public keep on doing this bad thing..."  The solution is readily available in the form of either asymmetric or one-way encryption.

The encryption technology has been freely available for years.  The database stores an encrypted representation of the user's password.

When the user enters their password, the software on the web server knows how to turn the plain text password into the encrypted form and check against the database.  Because the algorithm used is asymmetric (eg like PGP), having the cipher key and algorithm to encrypt the password does not help in any way decrypting the encrypted password.  It may sound complex but I assure you it's all pretty standard stuff.

1/10 Sony - and the 1 point is for coughing to the leak.

@JamesFirth

Question (via twitter):
"have sony actually confirmed passwords where stored in plaintext? I'd assumed as much but i'm finding it hard to believe."
Answer: Yes, in their own press release Sony state: "PlayStation Network/Qriocity passwords and login" are amongst the details obtained by an "unathorized person".

UPDATE 2-May: Sony have released a press statement effectively claiming now that passwords were indeed hashed and therefore your password might not have been lost to hackers. 

Paid-for search could be inevitable



@glynmoody sent out this post by Wired executive editor Kevin Kelly: Would You Pay For Search?

I'm guessing many people's instinctive answer would be a defiant no.

But this happens to be something I've been thinking about for a while, and I'm more confident there'll be quality free newspapers available in ten years' time than I am quality free search engines.

My reasoning is as follows.  Firstly it's far easier to protect the proprietary back-end algorithms of search than it is to protect the digital copyright in journalism.  Forget the arguments over the rights and wrongs of this, it's just a plain fact of digital life. Build a search engine that works really well and they will come...

Secondly, the advertising model works for journalism.  It might not pay well at the moment, but the model fundamentally works well, and has been proven in newsprint for centuries.  Sure, there has been a cover price, but consider the cost of printing, distribution and news-agents' cut compared to digital hosting.

However the advertising model for search is partly broken, in that advertisers want their products to rank highly in both organic search and paid-for "sponsored" links, yet consumers want the search engine to return the best possible results. And quickly.

Kevin Kelly relays in his post the essence of search is that it gets the answers we need, and the quicker it does so the more time, and hence money, it saves us, the consumer.

Herein lies the conflict of interests.  Websites making money through traffic from search engines (SEO-reliant businesses) are fundamentally focussed on getting their products up the search order.  Consumers want the most relevant and useful results at the top.

It's easy to see where the money is coming to drive poor search results!

I see practical issues faced by search engines in courting advertisers as reasonably analogous to those faced by consumer review magazines such as Which?  Would we trust a review for washing machines if the page opposite was a full-page ad for Zanussi or Hoover?

It's not just an issue of consumer trust.  How would a brand feel about advertising in a magazine that had spent the last 2 issues laying out how shonky the company was?

Essentially the search engine is an instant consumer guide of the links available for any given search term.

Thirdly; or, partly related to my second point; I'm looking at the question of what will drive better search.  Search engines at the moment get paid for each ad they display.  Even if there was fierce competition in the English-language search market there are still the guaranteed traffic drivers for search engines through Audience Monopoly.

Search engines team up browser manufacturers, OS manufacturers, anti-virus manufacturers, with Facebook or the next big thing.   There'll always be the traffic from the average punter wanting average answers.

But I opened my post with a prediction about quality search engines.  What will drive quality in search results?  Not advertising, but your subscription fees.

@JamesFirth

Monday, 25 April 2011

Pre-emptive arrests

London has seen too many protests;
to forestall trouble: pre-emptive arrests!
But arrest the Prince, that can’t be right?
The order’s correct, take him on sight!
Said deputy commander Mandy Sander,
As I met with the chief, in the back of her panda.
There can't be no trouble if the wedding's off,
echoed ops director Charlie McGoff.

We have a firm plan to prevent disorder,
We'll lock up them both if we need to avoid a,
Repeat of the disaster; the previous marriage,
Where sad lady Di met her end when her carriage;
Hit a brick wall at tremendous speed,
When perused by the paps in pursuit of greed..."

It was then that I realised that this was obscene,
A plan that would anger Her Highness the Queen;
And all loyal subjects awaiting the day,
When drunk under bunting they shout "hip hooray!".

A loyal patriot I made my way quick,
To broadcasting house - I knew a trick!
I was due live on air - just after ten,
A news report followed the sound of Big Ben!
I steadied my nerves as the big bell did chime,
And told of the anarchy unfolding in rhyme;
Behind the disruption, I told the nation...
- The Met Police Poet Association

BB

The above is a guest contribution from our digital poet Billy Bytesworth

Wednesday, 20 April 2011

Digital Economy Act judicial review judge: ISPs could in theory be left with higher cost burden

This post is mainly crowd-sourced as details emerged. Check back later for updates.

The ruling in now online here

Background and summary

All four initial grounds brought by ISPs Talk Talk and BT were dismissed by MR Justice Kenneth Parker, however the review was partially successful on a fifth ground that was added to the scope of the review last month - a draft parliamentary order that requiring ISPs to pay 25% of the costs of running the scheme.
  
The initial four grounds covered compatibility with EU law and basic human rights such as proportionality in law, respect of privacy and were brought in relation to the main Digital Economy Act (known as primary legislation):
  1. The EC was not notified of the Act and since parts of the Act constitute a "technical regulation" within the meaning of the Technical Standards Directive (98/34/EC) it should therefore have been notified to the European Commission before enactment.
  2. Parts of the Act are not compatible with the E-Commerce Directive (2001/31/EC)
  3. Parts of the Act are not compatible with the E-Privacy Directive (2002/58/EC)
  4. Parts of the Act will unduly affect the ability of ISPs in other member states to offer services in the UK, leading to possible infringement of Articles 8 and 10 of the European Convention on Human Rights.
The additional fifth ground relating to a draft parliamentary order, the Costs Order, was added last month. The order is highly contentious as the government's own estimate revealed it could lead to an increase in broadband prices and force up to 40,000 mostly poorer families off the net.

I was the first person to reveal publicly that The EC raised official concerns about the Costs Order; and, more recently, that the EC remained unsatisfied with the UK's response to the order.

The best ruling campaigners could hope for

Perhaps not:
Jason Clifford said...
"I think you are wrong on the costs aspect. Although the Judgement does hold that it is unlawful to require ISPs to pay for OFCOMs costs in setting up and running the Code it also holds that ISPs can lawfully be required to pay 25% of the costs of the actual implementation - ie processing the notices and of the appeals processed.

That is the substantive part of the costs matter and it is a total loss for the ISPs. Essentially the copyright holders and their agents can now pass 25% of the costs of policing their copyrights onto ISPs who in turn will pass it into consumers."
If the tweets I'm seeing are accurate, campaigners against the Digital Economy Act should not be disheartened. UPDATE: yes they should.

Thanks to Jason's comment it's clear from pp 193 and 194 of the ruling that the judge believes only the portion of costs paid by the ISPs to cover the government's costs in running the scheme (ie Ofcom's costs) are covered by the EC Authorisation Directive.

Essentially the judge describes the costs shouldered by ISPs as falling into 3 categories:
  • Qualifying costs, which should be seen as Administrative Charges and therefore not allowed under the EC Authorisation Directive [pp 195]
  • Relevant costs, the "internal" charges that ISPs incur to satisfy the provisions of the act, which the judge ruled are ok [pp 193]
  • Case fees - the cost of handling appeals under the act, again are allowed [pp 194]
Furthermore Mr Justice Parker opens up the possibility that ISPs could be asked to bear the full costs of tracing and notifying customers if this was an obligation under law:
193. ... ... The DEA could have left ISPs to bear such costs entirely and have provided no mechanism for recovering any part of such costs. However, Parliament provided that in fairness copyright owners should reimburse ISPs for a substantial part of the costs incurred by ISPs in discharging their obligations under the DEA.
To add insult to this injury, the judge ruled that ISPs could be asked to bear a proportion of appeals costs:
194. Similarly, it does not seem to me that "case fees" can be regarded as "administrative charges" under Article 12 AD. The fees arise because a subscriber has brought a specific appeal, involving a relevant ISP and a relevant copyright owner. The fees are intended to do no more than ensure that the judicial vehicle for resolving disputes under the DEA is adequately funded.

Your privacy and freedom of expression is only on a par with the rights of Big Music!

@Copyrightgirl points out pp 166 of the ruling.

In a further blow to campaigners, the ruling draws an analogy between copyrights and ordinary property rights, citing relevant case law to conclude:
166. ... ... However, the Court's ruling, at [53] cited above, goes beyond protection in the context of civil proceedings and includes "the protection of the right to property" within the scope of the "protection of the rights and freedoms of others" under Article 15(1). It is indisputable that the contested provisions are intended to promote the protection of the right to property, namely, copyright, and therefore, fall within Article 15(1) as interpreted by the Court.
(My bold)
I find this astounding, since I feel strongly that it is not possible to draw any analogy between the completely arbitrary scarcity of resource where intellectual property is concerned, and the corresponding "paper loss" suffered when copyright is infringed; and the very real physical loss suffered when ordinary property is stolen by way of theft.

UPDATE: check comments below from Will Tovey on this and data protection issues

Reasons to take heart

To win the case on the first four grounds was always going to be a challenge.  The court had to be satisfied that UK law was in clear breach of EU law before overruling the will of the elected parliament.

I've yet to see the judgement, but the first ground (1, above) was already argued as the bill passed parliament - that the primary legislation itself did not need to be notified under the Technical Standards Directive, only the two orders that define how the measures would run  need to be notified - the Costs Order and the Initial Obligations Code.

Again any compatibility issues with EU law on privacy or free trade grounds would mainly be determined on how the anti-file sharing measures would operate; again defined in the Costs Order and the Initial Obligations Code.

In addition sections 114-116 of the ruling draw a clear line between the current proposals - a mechanism to allow copyright holders to trace and punish alleged perpetrators of infringement - and any obligation on an ISP to conduct surveillance of traffic on their network in order to detect and tackle copyright infringement.   This is significant, and appears to re-enforce so-called "mere conduit" status of ISPs - they are just pipes carrying data, and cannot be expected to be liable for that data.

Likely consquences

Despite the very limited scope on which the review succeeded, the costs order needs to go back to the drawing board.  The updated legislation will presumably need to go back to Europe for comment (3 months), and so is unlikely to be passed into law until late into the year.

Assuming ISPs no longer  have to share any of the costs, this already is a win for campaigners Just because Mr Justice Parker believes that ISPs shouldering some categories of costs is compatible with EU law doesn't make it right or moral.  Campaigners argue that money would be diverted from investment in next-gen broadband and disproportionately affect poorer families. This point should be stressed to MPs and Lords when they finally get chance to vote on the Cost Order and Initial Obligations Code.

Additionally, the Initial Obligations Code still needs to be finalised, released to the EC for comment under the Technical Standards Directive (a 3-month period) then laid before parliament, and passed by parliament.  All this will happen under immense public scrutiny and could be open to further judicial challenge.

This legislative process must also happen in the shadow of a ruling by the European Court of Justice Advocate General Cruz Villalón (pdf) that an order on a Belgium ISP to monitor content on its network and block potentially copyright-infringing content is not compatible with EC law on privacy grounds, as it constitutes a general obligation to monitor contrary to Article 15 of the directive on electronic commerce (Directive 2000/31/EC) and also infringing on data protection and privacy guaranteed under the European Charter of Fundamental Rights.

Depending on what is contained in the initial obligations code, the above general monitoring obligation is unlikely to affect the Digital Economy Act as no monitoring obligation is likely to be placed on ISPs, however as second aspect of AG Villalón's ruling is interesting as it discusses the legal problems associated with determining whether copyright has actually been infringed (not an easy case in law, and needs to be handled on a case-by-case basis as needs also to deal with people who are licensed users of copyrighted works).

The AG's ruling also discusses other complexities in EU law such as predictability, and notes that law must be open to challenge and have adequate safeguards.

Summary

An appeal may follow.  Computer Active reports ISPs complaining the ruling lacked the "clarity" they hoped for.  TalkTalk is reportedly considering its options:
"Though we may have lost this particular battle, we will continue fighting to defend our customers' rights against this ill-judged legislation" 
Despite the review judgement, Ofcom and the Department for Media, Culture and Sport still have a mountain to climb before the measures of the Digital Economy Act take hold.

The ISPs who brought this judicial review may instead of appealing wait until the Initial Obligations Code is published as in my view this will offer a better chance to challenge on much of the same grounds.

@JamesFirth

Tuesday, 19 April 2011

Net neutrality - it might be like socialism: great in principle

Me in Havana, Cuba. I like Cuba.
I'm 100% behind the principles of network neutrality but I have a fear; that it may be a form of socialism: great - in principle..

Just like network neutrality, the principles of socialism are sound.   UK has a national "income" well over a trillion pounds per year; which, divided equally amongst the population, would solve a great number of social ills.

But I think it's widely acknowledged that, in the real world, our GDP - not to mention some of our basic freedoms - would be at risk if we opted for socialism. 

Like socialism, ensuring our networks remain free may perversely require rules.  Legislation to ensure all traffic remains equal.  Or at least some groups like La Quadrature Du Net seem to be arguing the European Commission should intervene now.

Four bits good, two bits better? [ref]

Will this work, or will market forces ensure that, whatever the rules say, some traffic will always find a way of becoming more equal than others?

My fear is that burdening ISPs with regulation to ensure all bandwidth remains equal may have the unintended consequence of stifling innovation, and have an overall effect of stunting growth in capacity.

Before you open fire at me - can I add that the other end of the spectrum, unbridled capitalism or right-libertarianism clearly brings its own problems.

Clearly there needs to be some safety net.  ISPs must offer a good social offering to all connected parties so that innovation can continue with little or no barriers to entry.  And there must also be a regulatory framework to prevent monopolistic anti-competitive practices.

But I'm starting to believe that direct regulation to ensure network neutrality may be the worst option.  As I wrote last month, the lesser evil may be not to regulate.

I see growing monopolies over the internet audience as the biggest threat to online innovation, once one considers all the costs involved in starting a new internet venture.

Cost of starting a new internet business

Connectivity is of course a cost consideration, and could become more so if businesses have to start paying ISPs for preferential traffic treatment. I find the thought of such payments thoroughly distasteful, but in the grand scheme of a business start up I don't see it as a major hurdle to innovation.

Already I see small innovative businesses spending tens of thousands per year on advertising and promotion.  And these are businesses with great products!  The biggest hurdle most businesses face is the classical marketing snag of letting people know - in great numbers - that they have a great product; getting the audience.

Stick a website up on the internet today and, even with reasonably good search engine optimisation you don't have anywhere near a sustainable business.  You have a shop in a desert backwater with passing traffic at 3-5 human visitors per day.

Competition in the ISP market and ease of switching providers

Granted, a lot of what I'm writing is little more than thinking aloud.  I can't predict the future, and legislation may prove necessary if for example the social offering is not good enough for self publishers, local businesses and start-ups to test the water.

But in the UK at least we have competition in the ISP market.  Hundreds of ISPs exist (225 according to this list on ISPReview) and although most use the BT infrastructure BT Wholesale to connect people to the internet, each ISP can implement their own traffic management policies. If the basic offering is not good enough, ISPs should lose customers*

*Yes, I know it needs to be quicker and easier to switch broadband provider, and long contract lock-ins need to be examined.

My points: don't be fooled into thinking non-neutral networks will be the first, or the largest barrier to entry for innovation; micro-regulation at the ISP level may stunt capacity growth, especially since the internet is relatively young and we don't know enough about how technology or market forces will evolve; and macro frameworks to promote fair competition is in my view preferable to regulation of ISPs.

@JamesFirth

Thursday, 7 April 2011

Citizens can be responsible journalists

An issue I covered in February regarding Communities Under-secretary Bob Neil's advice to all local authorities that tweeting, recording and blogging should be allowed at all public sessions of councils has a noteworthy follow-up from a couple of stories first tweeted about during a council meeting where tweeting was meant to be banned.

Events threatened to come to a head at a meeting of Barnet Council on March 1st, as several citizen journalists and activists attended the council's budget meeting, intent on doing just what the Communities Under-secretary encouraged: filming, tweeting and blogging!

The Twitter coverage included several expressions of discontent at the council's use of a private security firm to control the public during this meeting, with allegations that members of the public were denied access to the public gallery during the session despite space being available, and an astonishing observation that some members of the private security firm appeared to be carrying a CS-style spray.

Coverage was very interesting to watch remotely via Twitter; but how accurate was the tweeting in general, and in particular this bewildering report?

A couple of follow-ups by professional journalists seem to support the view that residents of Barnet had legitimate grievances about the handling of the public during the meeting.

The London Evening Standard and the Barnet & Potters Bar Times both reported this week that the council was to carry out an internal audit into its use of security firm MetPro, which has since gone bust, after further revelations that the firm used secret recording equipment to film protesters.

But what of the allegation that security guards appeared to be carrying CS spray; which would, if true, be a prohibited weapon under S5(1)(b) of the Firearms Act 1968.

One of the tweeters covering the event was @EbenMarks, an activist who took the trouble to find out whether there was any truth in the report.

Today Eben received an email from Superintendent and Deputy Borough Commander of Barnet Borough Police explaining that the police had followed-up on reports that private security guards appeared to be carrying the sprays. Action was taken "very shortly after the budget meeting", which "immediately caused an officer to visit the company and to check the sprays."

It transpired the sprays contained nothing but water, meaning the police were unable to take action on the limited evidence they had:
"A water spray is not in itself illegal in the way that a water pistol is not illegal, it would be the manner and circumstances in which they were used which could create criminal offences"
Interesting in the events surrounding the meeting at Barnet is the exemplary service that citizen bloggers and tweeters performed on this occasion.

I saw no evidence of hysterical reporting or trouble making amongst the tweets and blogs I read.

Furthermore, the police seemed to have acted promptly, taking seriously the reports of potentially illegal weapons being carried.  They also followed-up by informing tweeter @EbenMarks, who was then able to set the record straight via twitter about the contents of the sprays.

It's probably a fair criticism that there was a bit of a delay in reporting the information back to Mr Marks, however I'm focussing on the positives.  I put in a press enquiry to Surrey Police on 22nd February and have yet to receive a response.  The simple fact is that police and public bodies do have a reasonable volume of correspondence to deal with.

Though frustrating for a writer, a delay of 5 weeks is nowhere near as bad as many formal requests for information made under freedom of information legislation. I hope that transparency provided by citizen journalists will help raise awareness of local issues thereby encourage residents to take an interest in local polictics.  That can't be a bad thing!

Update 8/4:  I noted yesterday in a quick phone call with Superintendent Seabridge, Deputy Borough Commander of Barnet Borough Police, that coverage I'd seen on twitter and blogs of the meeting on 1st March had been largely complimentary of his officers, and whether he would like to comment on the role of community bloggers and citizen journalists.  He sent me this:
"I am very aware of the strong blogging community in Barnet. Barnet police have an open approach to engaging with and being responsive to the whole community and we do our best to incorporate this principle with bloggers."
Spt Seabridge added that delays in responding were outside his direct control, and that he'd written to Mr Marks on the same day he'd received information back from the Home Office.

@JamesFirth

Wednesday, 6 April 2011

UK gov threatened with EU court action over ISPs bearing cost of copyright clampdown

EXCLUSIVE: The government tried to justify its attempt to force ISPs to shoulder 25% of the cost of running the UK's digital copyright clampdown in a letter to the European Commission dated 18th January.

But the European Commission responded three weeks later largely rejecting the justification of the charge, described as a "stealth tax" today by Dominique Lazanski, technology analyst for the Tax Payer's Alliance.

Documents slightlyrightofcentre.com obtained yesterday under European public access rules outline the EC position in a letter dated 8th February.  The correspondence gives the UK government a second chance to respond, but also takes the opportunity to remind our authorities:
"Where appropriate, these exchanges can be followed by infringement proceedings."
The UK government is also reminded of its obligations under a pilot system to streamline the handling of EC complaints and queries, to which the UK is a signatory:
"... a response is required within ten weeks."
The emergence of the document throws doubt on whether this major hurdle really was cleared by 21st March, when Telegraph.co.uk reported a spokesman from Department of Culture, Media and Sport as saying "EU" approval had been obtained:
"He said the Government had not realised it needed EU approval for the Act’s cost-sharing arrangements, which will put 75 per cent of the burden on copyright holders and 25 per cent on broadband providers. It has now obtained that approval, however."
(my bold)
The EC position seems pretty rugged.  I obtained a document outlining the EC's initial objections earlier this year. Essentially, in order to foster cross-border competition in the telecoms sector, the administrative charges that national governments can impose on ISPs are strictly limited under the Authorisation Directive.

From these documents we now know the UK government in January attempted to draw a distinction between the cost to ISPs under the Digital Economy Act and other strictly-defined administrative charges allowable under the Authorisation Directive:
"The UK authorities basically argue in their reply that the charge imposed by the Order on the ISPs relates to activities in the area of copyright, which are distinct from the activities covered by Article 12 of the Authorisation Directive.

Consequently, since these activities pursue a general interest objective and are, therefore, not subject to the regulatory framework under the terms of Article 1(3) of the Framework Directive then also the charge proposed in the Order is not considered to be subject to Article 12 of the Authorisation Directive"
The EC disagrees with this distinction, arguing:
"As it is imposed on the ISPs in their capacity as authorised providers of electronic communications services and networks under the general authorisation scheme, the charge provided under the “Online Infringement of Copyright (Initial Obligation) (Sharing of Costs) Order 2011” is likely to be subject to the provisions of the Authorisation Directive. It is not clear to us how it could be justified by any general interest objective in the meaning of Article 1(3) of the Framework Directive. "
(my bold)
The last portion of this statement is strongly-worded.  I asked a spokesperson yesterday at the Department for Culture, Media and Sport for comment on whether further exchanges with the EC had taken place since 8th Feb but at the time of writing they had not got back to me.  I'll update this post if anything significant comes in.

UPDATE 7/4: The DCMS returned my call yesterday afternoon and explained:
"The comments raised by the European Commission in their letter dated 8th February was a request for clarification.

"The request for clarification is separate from the process whereby legislation is lodged with the EU for a period of three months in order to satisfy the requirements of the Technical Standards Directive

"The three-month period passed without formal objections being raised, therefore it was correct to say on the 21st March that clearance from the EU had been obtained"
I pressed the spokesperson on why the Costs Order was laid before parliament on 17th January (see below under "Complete Shambles"), and got no response.  The spokesperson revealed that the DCMS had already responded to the request for clarification.

I asked if the DCMS would be releasing a copy of the response, and I was invited to submit a Freedom of Information Request. I explained to the spokesperson that I'd like to see the correspondence sooner rather than later, and that government departments had a knack of delaying FOI requests, to which the spokesperson responded:
"We deal with all Freedom of Information Requests in full accordance with all relevant legislation."
Let's see then.  I submitted a request 7th April via whatdotheyknow.com - can be viewed here.

Stealth Tax

The question over whether ISPs should pay a share of the costs in enforcing copyright protection measures is in many respects a separate and distinct battle to general worries over the Digital Economy Act.

Many, including the Tax Payer's Alliance, see the charge as nothing more than a "stealth tax".  Their technology analyst Dominique Lazanski spoke to me earlier:
"It's a stealth tax on ISPs for implementing government policy and government regulations.

Additionally, it detracts from ISP investment, as they have to spend money on implementing this as opposed to investing in next generation technology."
Expanding on Dominique's last point around investment, it's also worth noting that the government's own analysis up to 40,000 poorer families may be priced off the net if ISPs pass-on the cost of these measures to consumers.

"Complete Shambles" of parliamentary process

Several sources close to parliament have described the process of the Costs Order using exactly the same phrase: "a complete shambles".  This consensus emerged as several people privately questioned me on why the order had been laid before parliament on the 17th January, the day before the UK first responded to the EC's concerns, and 3 weeks prior to receiving the Commission's response.

I'm aware that the progress of the Costs Order through parliament has been delayed.  This is a new development, in addition to the delays reported yesterday by Josh Halliday at the Guardian on a separate piece of DE Act legislation known as the Initial Obligations Code.

I hope to get a more technical analysis of the legal issues in due course.  Barrister Francis Davey already has an excellent summary on his blog,   If you need a copy of the document for reporting or non-commercial purposes drop me an email to editorial@slightlyrightofcentre.com - link-backs to this blog always appreciated!

@JamesFirth

Monday, 4 April 2011

Trust filters and viral messaging antibodies in social networks: part one - vapour shields, and a brief history of comms

Are social networks just a return to the communications norm pre 1450?

I'm fascinated by the concept of viral messaging, and not just since the advent of social networks. Chain letters intrigue me, as does the relationship between messaging and group behaviours.

Although such concepts now have value due to the interest of marketeers, my interest is as a lay sociologist. I can't help but ponder how the step change in how we communicate arising out of the digital revolution will affect society.

But is the social web just a restoration of a natural order that's taken 550 years to achieve?

Before the advent of printing, human-to-human messaging relied on basic social structures.  Important messages, and I mean "we might all die if we don't take certain action" important, not "save 25% on all electricals" important, were passed-down from leaders (emperors, councilmen, elders, preachers, etc) to congregations.

Messages came down through governance and social hierarchies, and spread out from person to person.  Important messages spread through either self-interest, or a subconscious* recognition that the message should be passed-on.  Trivial messages floundered, whereas tips on e.g. raising a child or dealing with medical ailments are still passed down through family and social ties today.

(* I place great faith in subconscious behaviours as  important drivers in social development.  Pretty much as ants self-organise to conquer seemingly impossible challenges - see Google image results for Ant Bridge)

The advent of first printing and later electronic broadcast media served as a short cut to the human network previously required to deliver a message to a wide audience.  Each participant in the delivery mechanism didn't have to be persuaded to pass-on a message.  They could be coerced.  Coerced into delivering pamphlets.  Coerced into broadcasting their advertising message. (Nb. coercion can be through monetary reward, not necessarily threats!)

New social structures formed around these powerful new technologies.  Government controls of printing presses through censors and copyright controlled what messages were broadcast, and to whom.

Electronic broadcast media shortened the delivery chain further.  Now, a direct link was possible between state and a mass audience of subjects.

Until the advent of cheap home printing, print publication was easily controlled by governments as they relied on physical media and centralised printing presses.  Electronic broadcast media was equally controllable; first due to cost and scarcity of broadcast equipment and later due to regulation of radio spectrum.

In summary, the press and broadcast media provided a short cut between source and destination.  Several autocratic governments have attempted to harness these technologies to their advantage.  Most, eventually, have fallen, whereas countries advocating freedom of press and free speech are today looking relatively stable.

In countries where press freedom prevailed, a multitude of governmental and non-governmental interests now attempt to control the agenda in a relatively free market.  Bombarded by messages from advertisers to political parties, consumers have developed what Scott Seaborne from Ogilvy described as a vapour shield when he talked at Digital Surrey last year.

Our lives today are characterised by a single layer of filtering: ourselves.  It's up to each of us to develop our own vapour shield to block-out irrelevant messages delivered at an alarming rate via mass-market print and broadcast media.

If we let too much vapour through, we risk buying stuff we don't need. We also risk having our political views swayed by people with money to invest in influencing us.  Conversely, if we blank out too much we risk becoming overly cynical, and missing out on important opportunities.

I'm starting to realise that online social networks offer a sanctuary, since we choose who we listen to.  They bring the best of both worlds: the immediacy of broadcast media and the human filtering of traditional word-of-mouth.

It's easy to block mass-messaging, by not connecting with the mass messengers, but important messages still propagate through the mesh.

Does the new technology bring new problems? Could it be colonised by subversives and used to instigate destructive mob behaviour, or is it simply a return to the social norm prior to the advent of the printing press?

In part 2 I'm going to look at an exception to the rule, worthless viral trends; and how the social filter has already learned and adapted to prevent a repeat, pretty much as antibodies develop in biology to prevent a repeat inefection of a pathogen.

@JamesFirth

Friday, 1 April 2011

Digital Economy Act April Fool

If only it received Royal Assent one week earlier...!
No need for cutting satire or schoolboy jibes; enacted April 2010 The Digital Economy Act is an April Fool. That's why today is #deactday!

Over a year since I marched outside parliament with my flag, some of my friends, even, don't understand why a law-abiding software engineer who's never been in to free downloads of copyrighted content - ever - is still going on about this foolish law.

To mark its first birthday I thought a quick summary is in order.

Take action:
Email your MP
It's a costly solution to a complex problem that, according to the government's own predictions, will increase the cost of broadband for everyone.

This sledgehammer of a law might not even crack the nut, if early studies from France (where similar legislation - HADOPI - came into force last year) are anything to go by.

The burden of detecting, determining copyright ownership (far from trivial) and enforcement probably won't see a single extra penny go to help struggling artists and song writers.  The Act was described by the Earl of Erroll as "A dream for lawyers" as the bill passed the Lords for the final time [Hansard].  I predict a whole industry of detection and complaint-filing agencies will develop to facilitate the anti-file sharing measures in the Act, in addition to the lawyers the Earl mentioned, needed to fight cases for the wrongly accused.

In addition, the Culture Secretary Jeremy Hunt, whose government is now defending the bill in the judicial review brought by Talk Talk and BT, was in opposition critical of the measures:
In short, we could have had a proper Digital Economy Bill. We wanted an iPod, but we got an Amstrad. 6th April 2010 [Hansard]
Libraries, universities and schools - in fact any person or business who provides access to a shared internet connection - will be at risk of civil action from rights holders or having their internet connection throttled or disconnected (dressed up as "technical measures" to get the act through parliament in a rush last year)  should three of their staff, students, colleagues or customers be detected sharing copyrighted content.

In light of this, the IFPI, voiced their opposition to sections of the act.

A strong copyright model is probably not well suited for the digital age.  The measures outlined are fundamentally illiberal. IP addresses cannot be relied upon to prove individual guilt (even to a civil standard).  Enforcement carries unintended consequences like a private army of data police monitoring individuals on the internet.

It's fair to say the software industry has brought matters of copyright to a head, where copyright over very basic and obvious chunks of code has been claimed.  If can't be right that the first person to solve a problem can prevent anyone else solving the same problem until 70 years after their death!

Patents last only 20 years, with the clear aim of limiting the monopoly each new invention has.  But patents must prove "inventive step" - they have to be a new idea.  This isn't true of copyright, where someone claims to have copyrighted π (pi) - you tube videos have been taken down on this claim.


Furthermore, a patent term of only 20 years hasn't prevented massive investment of hundreds of millions of pounds in industrial research and development.  So what's the argument for such lengthy copyright terms?

Yes there is a challenge.  We don't have a solution to the paradox that without strong rights protection, creative works can't contribute to the economy, yet with strong rights protection, creative innovation is hit.  We need to look at the overall value digital content has in enriching our lives, not just at economic GDP.

Alas this is only a brief summary of the issues with the Digital Economy Act 2010.  I'm not even going to mention possible contraventions of EU free market rules in the telecom sector. I'll leave that for the judicial review to decide!

@JamesFirth