January 31, 2007

Identity, Privacy and Dataveillance (II) [12:57 pm]

The TJX data break-in has gotten the Boston press all a-twitter about data privacy, so we get this great discussion of some of the fundamental disconnects that seem to underly the problem: We’re helping the hackers - pdf

There is no doubt that the true victim in identity theft is the individual, who must bear the worry, cost, and aggravation of fixing personal data and finances. But in many cases, the legal victim is the institution that was attacked and robbed of their data. This fact only underscores that we do not own our personal data. The institutions with which we do business own our information and, in their practices of storing and sharing such data, expose millions to the consequences.

[...] The problem perhaps is best illustrated by the fact that pornography has more legal protection (copyright) than anyone’s Social Security number. Too often the problem of identity theft is considered a failure of technology, but the true failure is that neither culture nor the law recognizes personal data should be owned and controlled by the individual. [....]

Sadly, this writer’s solution to the problem illustrates exactly why this one in so hard — the solution is meaninglessly impossible to achieve:

Consumers, it is up to us. Think of the benefit of shopping your corner store where their database is maybe a paper notebook and their service is friendly and effective. Shred your credit cards; both your mailbox and bank account will thank you. Get yourself and your kids off social-networking sites. Peer pressure was bad enough when it was the size of a classroom; don’t make it the breadth of the Internet.

Related: this letter to the editor (pdf); ask yourself how the direct marketing associations might react to such a proposal:

With regard to TJX Cos. and the latest breach in security to threaten consumers, I am disgusted that retailers such as TJX feel they are entitled to keep my credit card number and personal information in their databases (”TJX facing customer complaints,” Jan. 20 [pdf]). Once the retailer has been paid and the transaction completed, there is no need for TJX to keep that data. It is time for the public and our lawmakers to demand that this practice stop. My credit card number and personal information are personal. They belong to me and to the bank that issued the card, not to retailers.

See Turow’s Niche Envy, Solove’s The Digital Person and O’Harrow’s No Place To Hide.

permalink to just this entry

Reminder: Boston Athenæum Event Feb 22 [11:33 am]

Hands Off, That’s Mine! Who Owns What, and For How Long?; part of the Boston Athenæum Bicentenniel Lecture Series, Current and Back Issues: Persistent Themes in the Library; Thursday February 22 at 6:00 PM; Rabb Lecture Hall, Boston Public Library. Speakers: Meredith McGill and Siva Vaidhyanathan; Moderator: William Strong.

This provocative series will examine a number of isses that have long confronted the library world, and which hold implications for libraries in the future.

Each program will feature two distinguished speakers, one of whom will offer a historical perspective on the issue as it affected libraries (such as the Boston Athenæum); the second speaker will address the issue from a contemporary vantage point.

A moderated discussion will follow.

permalink to just this entry

January 30, 2007

“We’re the Government, and We’re Here to Help” [5:11 pm]

FBI turns to broad new wiretap method [via Slashdot]

The FBI appears to have adopted an invasive Internet surveillance technique that collects far more data on innocent Americans than previously has been disclosed.

Instead of recording only what a particular suspect is doing, agents conducting investigations appear to be assembling the activities of thousands of Internet users at a time into massive databases, according to current and former officials. That database can subsequently be queried for names, e-mail addresses or keywords.

[...] Call it the vacuum-cleaner approach. It’s employed when police have obtained a court order and an Internet service provider can’t “isolate the particular person or IP address” because of technical constraints, says Paul Ohm, a former trial attorney at the Justice Department’s Computer Crime and Intellectual Property Section. (An Internet Protocol address is a series of digits that can identify an individual computer.)

In a telephone conversation afterward, Ohm said that full-pipe recording has become federal agents’ default method for Internet surveillance. “You collect wherever you can on the (network) segment,” he said. “If it happens to be the segment that has a lot of IP addresses, you don’t throw away the other IP addresses. You do that after the fact.”

“You intercept first and you use whatever filtering, data mining to get at the information about the person you’re trying to monitor,” he added.

permalink to just this entry

Sony BMG Settlement [4:00 pm]

Sony BMG settles with FTC over anti-piracy software - pdf

The U.S. Federal Trade Commission said on Tuesday Sony BMG agreed to settle charges that it secretly embedded potentially damaging anti-piracy software in some of its CDs.

The settlement requires Sony BMG, a joint venture of Sony Corp. (6758.T) and Germany’s Bertelsmann AG (BERT.UL), to make further disclosures, to allow consumers to exchange the CDs at issue and reimburse consumers for up to $150 to repair any damage to their computers, the FTC said.

“Consumers’ computers belong to them, and companies must adequately disclose unexpected limitations on the customary use of their products so consumers can make informed decisions regarding whether to purchase and install that content,” FTC Chairman Deborah Majoras said in a statement.

The FTC Press Release, Sony BMG Settles FTC Charges, also includes links to the documents in the complaint and the settlement — In the Matter of Sony BMG Music Entertainment, a general partnership.

permalink to just this entry

Business Opportunities [12:46 pm]

The developing market in exploitable software bugs — with both white hats and black hats participating: A Lively Market, Legal and Not, for Software Bugs

Companies like Microsoft do not endorse such bounty programs, but they have even bigger problems: the willingness of Internet criminals to spend large sums for early knowledge of software flaws that could provide an opening for identity-theft schemes and spam attacks.

The Japanese security firm Trend Micro said in December that it had found a Vista flaw for sale on a Romanian Web forum for $50,000. Security experts say that the price is plausible, and that they regularly see hackers on public bulletin boards or private online chat rooms trying to sell the holes they have discovered, and the coding to exploit them.

Especially prized are so-called zero-day exploits, bits of disruption coding that spread immediately because there is no known defense.

Software vendors have traditionally asked security researchers to alert them first when they find bugs in their software, so that they could issue a fix, or patch, and protect the general public. But now researchers contend that their time and effort are worth much more.

“To find a vulnerability, you have to do a lot of hard work,” said Evgeny Legerov, founder of a small security firm, Gleg Ltd., in Moscow. “If you follow what they call responsible disclosure, in most cases all you receive is an ordinary thank you or sometimes nothing at all.”

permalink to just this entry

Motives? [12:41 pm]

So, what is Google trying to accomplish, really? I can only read this as a pre-emptive strike on something, but I just don’t know what it is that Google is worried about. Google Halts ‘Miserable Failure’ Link to President Bush

Writing on the Google blog, Matt Cutts, the head of the Google’s Webspam team, said that Google bombs had not “been a very high priority for us.” But he added: “Over time, we’ve seen more people assume that they are Google’s opinion, or that Google has hand-coded the results for these Google-bombed queries. That’s not true, and it seemed like it was worth trying to correct that misperception.”

Mr. Cutts was not available on Friday to expand on his blog, a Google spokeswoman said. A White House spokesman had no comment on the issue.

Despite the changes by Google, some other Google bombs are still operative.

permalink to just this entry

January 29, 2007

Scientific American On Slamming Open Access [4:38 pm]

Discussing the way the debate is being “framed:” Open Access to Science Under Attack - pdf [via Salon]

The Professional and Scholarly Publishing Division of the Association of American Publishers hired Eric Dezenhall, head of Dezenhall Resources, a public relations firm that specializes in “high stakes communications and marketplace defense,” to address some of its members this past summer and potentially craft a media strategy. Dezenhall declined to comment for this article, citing “our longstanding policy due to strict confidentiality agreements neither to identify our clients nor comment on the work we do for them,” in an e-mail response to a request for an interview. But “nobody disagrees on the goals of high-stakes communications—sell a controversial product, win an election, defuse conflict and so forth,” Dezenhall notes in the “manifesto” on the firm’s Web site. “The life-or-death public relations struggles facing businesses today are not about information, they are about power.” In this case, the struggle is over access to scientific information.

Specifically, according to Dezenhall’s suggestions in a memo to the publishers that they should “develop simple messages (e.g., Public access equals government censorship; Scientific journals preserve the quality/pedigree of science; government seeking to nationalize science and be a publisher) for use by Coalition members.” In addition, Dezenhall suggests “bypassing mass ‘consumer’ audiences in favor of reaching a more elite group of decision makers,” including journalists and regulators. This tack is necessary, he writes, because: “it’s hard to fight an adversary that manages to be both elusive and in possession of a better message: Free information.” Finally, Dezenhall suggests joining forces with think tanks like the American Enterprise Institute and National Consumers League in an attempt to persuade key players of the potential risks of unfiltered access. “Paint a picture of what the world would look like without peer-reviewed articles,” he adds.

Of course, open access does not mean no peer review. While the National Institutes of Health (NIH) is not in the business of peer review, according to Norka Ruiz Bravo, NIH’s deputy director for extramural research, the entirety of PLoS journals are peer-reviewed. “Open-access journals are peer-reviewed to the same standards,” notes Mark Patterson, PLoS’s director of publishing. “We wanted to provide an open-access alternative to the best journals to allow the very best work to be made publicly available.”

permalink to just this entry

Viral Video and the 2008 Election [4:31 pm]

This article focuses on sticking it to McCain, but it’s just the beginning: Attack ads go online and underground - pdf - [via Salon]

The first whack at McCain, now on the video-sharing site YouTube, joins a rapidly growing collection of Web videos posted by critics of leading contenders in the 2008 presidential race. Targets so far include Barack Obama, Rudolph W. Giuliani, John Edwards, Mitt Romney and Hillary Rodham Clinton.

The explosion of video-sharing on the Web poses major risks for presidential candidates: Gaffes and inconsistent statements witnessed by dozens can be e-mailed instantly to millions.

[...] For the candidates, as well as their detractors, the chief attribute of Web video is its broad reach, accomplished at little or no expense.

“You can grab it, send it, link it, and at zero cost,” said Matthew Dowd, a top strategist for President Bush’s 2004 reelection campaign. “Two hundred thousand people could see it in 24 hours.”

Later: In Politics, the Camera Never Blinks (or Nods)

permalink to just this entry

Hmmm — A Privacy Candidate? [3:33 pm]

And I thought health care was a tough row to hoe: Hillary: The Privacy Candidate? [via Slashdot]

Clinton, the presidential front-runner among Democrats in way-early polling, addressed electronic privacy issues at a constitutional law conference in Washington, D.C. last June. There she unveiled a proposed “Privacy Bill of Rights” that would, among other things, give Americans the right to know what’s being done with their personal information, and offer consumers an unprecedented level of control over how that data is used.

“At all levels, the privacy protections for ordinary citizens are broken, inadequate and out of date,” Clinton said.

[...] “The reality (of her proposals) is that they would almost turn the information economy inside out — it’s like saying, ‘OK, now the water in the stream is going to flow in the other direction,’” said Jim Harper, director of information policy studies at the libertarian think tank The Cato Institute. “It’s easy to imagine, but changing the way information moves in the economy is very, very hard to do.”

“I think that over time that these ideas will reemerge (and gain momentum),” said Marc Rotenberg, the Electronic Privacy Information Center’s executive director, who adds that the second half of this congressional session will provide the senator with many opportunities to support privacy-related legislation.

Note that, for any number of reasons, Russ Feingold is a far more credible “privacy” candidate.

permalink to just this entry

Geist Looks at Vista’s Fine Print [3:00 pm]

Vista’s Fine Print Raises Red Flags [via Slashdot]

While those reviews have focused chiefly on Vista’s new functionality, for the past few months the legal and technical communities have dug into Vista’s “fine print.” Those communities have raised red flags about Vista’s legal terms and conditions as well as the technical limitations that have been incorporated into the software at the insistence of the motion picture industry.

The net effect of these concerns may constitute the real Vista revolution as they point to an unprecedented loss of consumer control over their own personal computers. In the name of shielding consumers from computer viruses and protecting copyright owners from potential infringement, Vista seemingly wrestles control of the “user experience” from the user.

permalink to just this entry

Frankness at Davos’ World Economic Forum [2:12 pm]

Siva points out what can happen at Davos: China censorship damaged us, Google founders admit - pdf

Google, launched in 1998 by two Stanford University dropouts, Sergey Brin and Larry Page, was accused of selling out and reneging on its “Don’t be evil” motto when it launched in China in 2005. The company modified the version of its search engine in China to exclude controversial topics such as the Tiananmen Square massacre or the Falun Gong movement, provoking a backlash in its core western markets.

Asked whether he regretted the decision, Mr Brin admitted yesterday: “On a business level, that decision to censor… was a net negative.”

The company has only once expressed any regret and never in as strong terms as yesterday. Mr Brin said the company had suffered because of the damage to its reputation in the US and Europe.

permalink to just this entry

Toobin on Google BookSearch in The New Yorker [1:50 pm]

Google’s Moon Shot - pdf

In part because of that ambition, Google’s endeavor is encountering opposition. A federal court in New York is considering two challenges to the project, one brought by several writers and the Authors Guild, the other by a group of publishers, who are also, curiously, partners in Google Book Search. Both sets of plaintiffs claim that the library component of the project violates copyright law. Like most federal lawsuits, these cases appear likely to be settled before they go to trial, and the terms of any such deal will shape the future of digital books. Google, in an effort to put the lawsuits behind it, may agree to pay the plaintiffs more than a court would require; but, by doing so, the company would discourage potential competitors. To put it another way, being taken to court and charged with copyright infringement on a large scale might be the best thing that ever happens to Google’s foray into the printed word.

In case you don’t get the sense the Toobin’s drunk the Kool-aid from the above quote, there’s this:

But a settlement that serves the parties’ interests does not necessarily benefit the public. “It’s clearly in both sides’ interest to settle,” Lawrence Lessig, a professor at Stanford Law School, said. “Businesses in Internet time can’t wait around for years for lawsuits to be resolved. Google wants to be able to get this done, and get permission to resume scanning copyrighted material at all the libraries. For the publishers, if Google gives them anything at all, it creates a practical precedent, if not a legal precedent, that no one has the right to scan this material without their consent. That’s a win for them. The problem is that even though a settlement would be good for Google and good for the publishers, it would be bad for everyone else.”

[...] In other words, a settlement could insulate Google from competitors, which would be especially troubling, because the company has already proved that when it comes to searches it is not infallible. “Google didn’t get video search right—YouTube did,” Tim Wu, a professor at Columbia Law School, said. (Google solved that problem by buying YouTube last year for $1.6 billion.) “Google didn’t get blog search right—technorati.com did,” Wu went on. “So maybe Google won’t get book search right. But if they settle the case with the publishers and create huge barriers to newcomers in the market there won’t be any competition. That’s the greatest danger here.”

[...] The law is supposed to resolve issues like these—between self-interested parties with reasonable claims and legitimate arguments. But the rules of copyright are so ambiguous, and the courts so slow, that the judicial system serves largely to implement the law of the jungle. “There is a real opportunity to move books into the digital arena,” [Google VP in charge of BookSearch] Marissa Mayer told publishers during the conference at the New York Public Library. “And we are going to do it together.”

Siva’s pre-release hints

permalink to just this entry

January 28, 2007

A Surprising Statistic [7:49 pm]

As someone from South Carolina, I wouldn’t have expected this: USC a top pirate among colleges - pdf

“We’re No. 1! We’re No. 1!”

It’s a chant University of South Carolina students can’t say about their football or basketball teams.

But when it comes to online music piracy, USC tops the charts, according to the Recording Industry Association of America.

The association has sent 914 notices of copyright infringement to the university this year — the highest number in the state and one of the highest among colleges nationwide — for illegally downloaded songs.

I found the second of these two paragraphs particularly surprising:

RIAA spokeswoman Jenni Engebretsen said copyrighted material is in abundance on USC’s network.

“We target the illegal activity, not individual student populations,” Engebretsen said. “It’s as simple as that.”


USC is soliciting bids for legal file-sharing services like Ruckus, which is used by more than 100 colleges nationwide, [Bill] Hogue [USC’s chief information officer] said.

“I didn’t realize we were going to be in the music business.”

“Nobody expects the Spanish Inquisition!”

permalink to just this entry

January 27, 2007

OT: A Point of Clarification from Garry Wills [4:48 pm]

Funny how a little historical perspective can be so illuminating; sad that we seem to be repeating our past errors anyway: At Ease, Mr. President

When Abraham Lincoln took actions based on military considerations, he gave himself the proper title, “commander in chief of the Army and Navy of the United States.” That title is rarely — more like never — heard today. It is just “commander in chief,” or even “commander in chief of the United States.” This reflects the increasing militarization of our politics. The citizenry at large is now thought of as under military discipline. In wartime, it is true, people submit to the national leadership more than in peacetime. The executive branch takes actions in secret, unaccountable to the electorate, to hide its moves from the enemy and protect national secrets. Constitutional shortcuts are taken “for the duration.” But those impositions are removed when normal life returns.

But we have not seen normal life in 66 years. The wartime discipline imposed in 1941 has never been lifted, and “the duration” has become the norm. World War II melded into the cold war, with greater secrecy than ever — more classified information, tougher security clearances. And now the cold war has modulated into the war on terrorism.

[...] Senator Daniel Patrick Moynihan’s prescient last book, “Secrecy,” traced the ever-faster-growing secrecy of our government and said that it strikes at the very essence of democracy — accountability of representatives to the people. How can the people hold their representatives to account if they are denied knowledge of what they are doing? Wartime and war analogies are embraced because these justify the secrecy. The representative is accountable to citizens. Soldiers are accountable to their officer. The dynamics are different, and to blend them is to undermine the basic principles of our Constitution.

permalink to just this entry

January 26, 2007

Is This What They Mean By “Mindshare?” [1:59 pm]

And what’s that worth, exactly? I guess we’ll get to find out: Popularity of Web brands signals power shift - pdf

A consumer poll on Friday exposed the worst kept secret in the business world: Internet companies are becoming more important to people than firms that operate in the real world.

[...] Visitors of technology and telecoms tradeshows, for instance, may be forgiven for thinking that photo-sharing site Flickr, blogging software firm Vox, Internet calling service Skype and YouTube are multibillion dollar companies, because no company from the old world announces anything without them.

[...] “All innovation is coming from the edge of the Internet,” said James Enck, an analyst at Daiwa Securities, referring to the Web sites which offer services online.

[...] John Chambers, the chief executive of Cisco (founded in 1984) which is the biggest plumber of the Internet, calculated that in four years time 20 families will generate as much Internet traffic as the entire world in 1995.

permalink to just this entry

Confirmation of HD DVD “Crack” Claim [9:26 am]

The earlier claims seems to have been confirmed that it has been possible to capture so-called “title keys:” Hackers find key to DVD piracy - pdf

Hackers have defeated the core means for protecting the medium seen by Hollywood as a major new source of revenue as growth of traditional DVDs has slowed.

An underground programmer this month released code on the Internet that would free some high-definition DVD movies from their digital handcuffs if a consumer also had a software key for that particular video.

On Thursday, backers of the anti-piracy technology confirmed that those keys were being posted on the Internet. Late in the day, keys for 35 titles, including “King Kong” and “World Trade Center,” were available.

“Such unauthorized disclosures indicate an attack on one or more” of the high-end video players that use the anti-piracy technology known as AACS, for Advanced Access Content System, according to the website of the consortium of home-electronics, technology and entertainment companies backing the encryption system.

[...] An executive at one of the member companies involved in the decision-making said the group might deactivate the model of player used in the hacking.

Although such a move would make life difficult for consumers and manufacturers, most studios have “grave concern that content is being unencrypted,” said the executive, who asked that his name not be used because the group had not reached a decision on what action to take.

permalink to just this entry

The Passing of a Famous Name [8:48 am]

EMI Merging Record Labels and Ousting Capitol’s President

In the United States, the world’s biggest music market, the cutback is expected to represent the effective end of Capitol as a stand-alone label, though EMI will continue to occupy its offices, a famed cylindrical tower that opened its doors in Hollywood in 1956.

As usual, the LATimes coverage (pdf) has a little more “inside baseball:”

But Art Alexakis, singer of the band Everclear, which has been on the Capitol roster since the 1990s, said he believed that the move signaled EMI would be on the sales block soon.

“I think really it’s no secret that they’re bringing in people to get the place in shape so that they can sell it,” Alexakis said. “The only way to make it look profitable on paper is to downsize. The heyday of the entire music business looks to be long gone, and so I think now you see companies trying to figure out what’s next.”

permalink to just this entry

It’s Just Hard To Believe This Is Going To Turn Out Well [8:41 am]

But at least there’s hope: Secrecy Is at Issue in Suits Opposing Spy Program

The Bush administration has employed extraordinary secrecy in defending the National Security Agency’s highly classified domestic surveillance program from civil lawsuits. Plaintiffs and judges’ clerks cannot see its secret filings. Judges have to make appointments to review them and are not allowed to keep copies.

Judges have even been instructed to use computers provided by the Justice Department to compose their decisions.

But now the procedures have started to meet resistance. At a private meeting with the lawyers in one of the cases this month, the judges who will hear the first appeal next week expressed uneasiness about the procedures, said a lawyer who attended, Ann Beeson of the American Civil Liberties Union.

Lawyers suing the government and some legal scholars say the procedures threaten the separation of powers, the adversary system and the lawyer-client privilege.

Later: The Bait-and-Switch White House

permalink to just this entry

January 25, 2007

International Trade Policy [6:10 pm]

Hollywood blames Canada for half of movie piracypdf

As much as 50 per cent of the world’s pirated movies come from Canada, prompting the film industry to threaten to delay the release of new titles in this country.

According to an investigation by Twentieth Century Fox, most of the illegal recording, or “camcording,” is taking place in Montreal movie houses, taking advantage of bilingual releases and lax copyright laws.

“In Quebec, it is much more advantageous because you get both English and French. You cover a bigger part of the world,” said Ellis Jacob, chief executive of the Cineplex Entertainment theatre chain. “They are using Canada because they can have the movie out on the street in the Philippines and China before it even releases there.”

Jacob said he was warned in a letter from Bruce Snyder, president of Fox’s domestic distribution, that if Canada doesn’t do something to curb its growing piracy problem, Hollywood will.

Later: Michael Geist begs to differ; Slashdot discussion: Canadian Movie Piracy Claims Mostly Fiction?

Later: US Group Wants Canada Blacklisted Over Piracy

permalink to just this entry

Surprise! [9:00 am]

Americans think downloading no big deal - pdf

Most Americans regard the illegal downloading and distributing of Hollywood movies as something on par with minor parking offenses, according to a report issued Wednesday.

[...] The survey found that 59 percent of Americans polled considered “parking in a fire lane” a more serious offense than movie downloading.

Hmmm — seriously, wouldn’t you? The press release of their Digital Life America effort shows how little effort it can take to construct a Reuters news blurb when it’s all been done for you.

Related: Fox subpoenas YouTube after “24″ clips postedpdf

permalink to just this entry

January 2007
« Dec   Feb »

0.207 || Powered by WordPress