Wednesday, December 29, 2010

Moral rights, property rights, and copyright trolls: any connections?

I’ve talked about copyright trolls (Righthaven especially) and property rights as an “absolute constitutional guarantee”, and I’ve wondered if this has any relation to the notion of “moral rights”.

Generally, moral rights relate to the “rights” of content creators to maintain the “integrity” of their work after they’ve sold what otherwise would be exclusive rights. The legal foundation for them is stronger in Europe than in the U.S. Here’s a good write-up (link) from Harvard Law School. Visual works have more protection, because of the Visual Artists Rights Act of 1990 (VARA).

What comes to mind is the situation where a novelist sells movie rights, and the motion picture studio “changes” the story (especially the ending – as in “Rebecca”), a common occurrence. That’s pretty hard to stop, especially in the U.S.

But with “copyright trolling” it seems like the concept is turned upside down. A content originator (a newspaper) has sold away the rights to an entity that has no other purpose than to sue purported infringers. The more I think about Copyright in the US, the more I wonder if courts will ultimately accept this idea as legitimate. On the other hand, content originators, sometimes because of potential “conflict of interest” situations (and I’ve personally been in a couple of them, and I’ll get into more detail in 2011) really need to be able to protect their investment in time and work.

I found only one major link where “Righthaven” and “moral rights” appeared on the same page (wondering if there could be any relation), and this one link, at a site called “Internet Revolution”, has some strange comments by another plaintiff in a supposed moral rights case, Curtis Neeley. (v. NameMedia), in a Supreme Court filing here.  I had trouble following what his case amounts to from what I saw, and will look into it more later.

The Internet Revolution link was titled “New troll under the copyright bridge” and says that the whole Righthaven affair “does not bode well for the future of blogging or the diversity of content on the web”, possibly because of future insurance issues. But the article also talks about the “hole” in the DMCA Safe Harbor Act, which Righthaven has “exploited.”

Remember, the Safe Harbor protects service providers from downstream liability. This enables service providers to offer their services for reasonable cost (sometimes free), but does not directly protect the content creator or publisher, who is still liable for potential copyright infringement for what she posts. From the best that I can determine so far, anyone who hosts content (other than just comments) created by others can try to register as a “Copyright Agent”. But people who host only their own probably cannot (unless they provide their own direct Internet connections). Nobody seems to have this right. I am still tracking this issue down and will report more definitively on it in early 2011.

In the meantime, bloggers and particularly forum hosts should talk to their own attorneys about agent registration, but they may find attorneys themselves confused. It seems murky right now. Letters to Congresspersons by speakers on the DMCA issue seem in order as the 112th Congress approaches, in January. This question doesn't sound very partisan.

Monday, December 27, 2010

Righthaven answers defendants' claims on "Fair Use": does a copyright owner get to define "Fair Use" on its own terms? What about paraphrase?

Today (Monday Dec. 27), Steve Green has a story in the Las Vegas Sun where Righthaven contests the claims that a number of defendants in its “copyright trolling” lawsuits (now up to 195) can claim “Fair Use”. The link is here.

Specifically, Righthaven claims that the Las Vegas Journal Review permits users only to cite or email a hyperlink to the article. That is “controversial” inasmuch as it seems to maintain that a copyright owner can define the terms of what it will allow as “Fair Use” ahead of time.

More interesting would be the question as to whether a close paraphrase, restating the facts of a news story, could fail to qualify as “Fair Use”. A number of AP stories and television stations stories say that their stories may not be “rewritten” (paraphrased?) for redistribution. Can they do this?

Sunday, December 26, 2010

Boxing Day adventuring: a note about Time's POTY

Well, on Boxing Day , I did not go see “The Fighter” (I had already seen it, and maybe today is “Fencing Day”, too), but I picked up the Time Magazine “Person of the Year” issue for 2010, and that cover FaceMash of Zuckberberg’s blue stare is plain weird. (Because of copyright trolling, I won’t reproduce the image here.) There’s a great novella-length article by Richard Stengel. And the most important passage is “The masked ball period of the Internet is ending.” (That includes the “White and Black Swan Era”.) “Where people led double lives, real and virtual, now they lead single ones again.”

And we don’t have “don’t ask don’t tell”. Finally. But I think I had something to do with that. But Zuckerberg did more to end it than any court or Congressional hearing.

The last name, translated from German, seems to mean “sugar mountain”. Earlier (p. 53) the article gives a character sketch that could be summarized as “feline.”

It would seem that if Facebook can conquer China, maybe the country’s authoritarian style of “capitalism” will indeed be challenged and changed. Challenge Hillary Clinton is she can accomplish so much. Actually, I've wondered if a publicly known but "controversial" person can travel safely (as a "private citizen") in countries like China (like on the high speed train to Tibet) or even Saudi Arabia.  I expect Dubai is OK. 

I think the social consequences of the “single lives effect” are barely being understood yet. It’s going to matter, in a sense, whether you belong again, and meet “real needs”. Maybe that was true a half-century ago, and then we forgot about it. It’s odd than an Internet and Web experience grown by individualism comes full circle (even if means passing through "being alone together").

I did visit some old haunts today, west of the Blizzard Line.

Saturday, December 25, 2010

Writer's Digest moves away from free content, but has some good end-year advice for bloggers: entering the privacy debate

I see that “Writer’s Digest” itself has migrated away from the free content model, charging for digital downloads of its content (purchase link here.)

I did get mailed to my business box a hard copy of the Nov-Dec. 2010 issue, “Your Guide to Success on the WEB”, and I wanted to recommend a couple of articles.

One of them is “How to Lose Blog Traffic and Alienate Readers” by Monica Bhide (p. 39). She talks about posting too often, and not posting often enough (becoming a “delinquent blogger”), or becoming “snarky” (which can result on Twitter Wars). There is some advice not to use photos at all unless they are thematic for the post. (I went ahead and put a Christmas shot of 17th Street in Washington here.)  Generally, it is a good idea to space out blog posts (so that readers get a chance to see the "Next Blog" event separately for each one) and to post them when the likely readers are actually online (it matters sometimes whether it is busness-related or legally interesting; but movie reviews often do better on weekends).

Tim Beyers has a timely piece called “The Price of Privacy” on p. 42. This certainly fits into the recent debate about “do not track”, and the way the Internet has changed old business models (and depends so much on visitors' interest in "commerce"). But the thrust of the article isn’t so much about personal privacy (as it has evolved in the debate over Facebook) as how much free content to post when you want trade publishers to pay you and give you advances. That is something that matters.

Talking sense about republishing "leaked" materials

It’s important to have a level head about the controversy over news organizations and bloggers publishing leaked and purportedly classified information, as well as individuals (especially government workers or individuals needing security clearances) viewing it at home with their own resources.

The Wall Street Journal had a summary article on the legal questions by Ashby Jones back on July 26, 2010, “Pentagon Papers II: On WikiLeaks and the First Amendment?” link here.

Generally, republication has been considered immune from prosecution or legal consequences, largely because of the Supreme Court ruling on the Pentagon Papers case. Because of some constitutional law subtleties, as they might apply with Internet technology, however, it’s not absolutely certain that the Ellsberg and Pentagon affairs are completely reliable precedents for Wikileaks. The Opinion was “per curiam” and today there are more questions about oversight and implicit content in Internet publication. Still, most legal scholars feel that the scales are balanced very much toward free speech and the right to republish, as long as the publisher did nothing illegal in acquiring the information and it “fell into his lap.”  (And there are genuine questions about whistle blower protections and journalistic shield also.)

Some hosting companies have terminated Wikileaks sites or, now, sites that mirror Wikileaks or possibly even link to them. They claim TOS violations. But what seems to have happened is that the government (or some powerful Senators, like Lieberman, a “friend” on removing “don’t ask don’t tell” but not on unregulated free speech) has pressured them. There may be more legal basis for government pressuring credit card processing companies, because of money laundering laws. In any case, companies that have “cooperated” with government have sometimes become targets of DDOS attacks, more for “cooperation” than for their original willingness to do business with Assange and his likenesses.

But as noted recently by EFF (Thursday’s posting), some hosting companies have suddenly panicked over the possibility that they in turn could be targeted, for DDOS or possibly hacks, if they host “nuisance” customers. Indeed, there could exist scenarios where their other (“legitimate”) customers are affected or jeopardized. The Internet has always had a “Wild West” quality, but suddenly we find a situation where “power” (which corrupts “absolutely’) can undermine the individualism that drove the Net to begin with.

In sum, however, it seems to me that the “panic” over ordinary citizens looking at leaked documents online at home (and then go to work for the government or contractors) , or ordinary bloggers linking to them, seems greatly overblown. Major newspapers are writing analyzes on important stuff apparently found in WikiLeaks, such as China’s censorship policies and Russia’s political stability. If the New York Times can link to them, so can I. In fact, by the most extreme consequences of this logic, it would be wrong for a government employee to even read the New York Times.

Thursday, December 23, 2010

Mirror sites for Assange have plugs pulled by "fearful" ISP's or hosts that act like they're "caught in the middle"

Marcia Hoffman at Electronic Frontier Foundation has an important perspective on an incident where a site supposedly hosting a “Wikileaks Mirror” was taken down because the hosting company “SiteGround” said the customer was violating TOS, but that was because of a complaint from an upstream provider, SoftLayer, which would not talk to the webmaster. Eventually Site Ground told the customer that the upstream provider was worried about the potential for "attracting" DDOS (distributed denial of service) attacks.

The story is titled “Wikileaks Mirror Taken Down: Host Buckles Under Demands from Upstream Provider” link here.  Hoffman writes “Will a news organization that posts cables and provides journalistic analysis be next? Or a blogger who posts links to news articles describing the cables? If intermediaries are willing to use the potential for future DDOS attacks as a reason to cut off users, they can cut off anyone for anything.”  Hoffman writes that your free speech and distribution online are only as strong as the weakest intermediary.

In fact, Steve Ragan has a more detailed story on Tech Herald, Dec. 23, (website url) here  in which he writes that on at least three occasions (since Dec 23) sites have been taken down for hosting Wikileaks mirror content because of pressure from hosting providers. He gives more details on the SiteGround incident (right now the site “markmmccoy.org” goes to SiteGround hosting) and mentions another case where a someone had a plug pulled for linking to another page with over 2000 mirrors. There is a letter on PasteBin which shows how a customer was contacted (link ) and shows that hosting companies are concerned that an upstream provider could pull the plug on all customers on the same shared hosting server (especially in a DDOS or any other "nuisance" scenario). Admittedly, it appears that the hosting company counseled the customer on the likelihood of a worm infection, also (and there has been talk of service hosts, ISP's and telecommunications providers disconnecting customers who repeatedly have infected sites or even personal computers).

One potential risk for many shared hosting accounts is that a user could exceed his or her bandwidth limit, even though major hosting companies generally enormously increased these limits around 2005. Excess usage could incur large charges, and the excess could continue for several hours before it is caught and stopped. That could provide a natural market incentive for webmasters not to become targets of DDOS’s -- but if you were so "popular" that you didn't take a risk, would you have anything valuable to say?

But the whole discussion carries on a bad taste: it sounds like hosting companies or upstream providers giving in to bullies (even if those are minions of the federal government). That’s like letting parents, teachers and school administrators give in, and we know where that leads.

I don’t troll the web for classified information or go looking for it, but I do have the impression that 90% or so of what was “leaked” shouldn’t have been classified to begin with; this sounds like a coverup. I’ve had security clearances before, and one thing you learn is the dangers of overclassification, which leads to a loss in credibility. On the other hand, when a piece of information is so secret, why is the government so careless with letting it leak in the first place?

And protecting classified information is a problem that is distinct from protecting consumer personal information, or PII – related to privacy and “identity security” issues on the Web, which occurs everywhere, regardless of having a clearance.

Nevertheless, someone in my “situation” does get “tips” sent sometimes (I could say, like Zuckerberg, “I don’t know why” and “They ‘trust’ me”) and I have actually shared a few of them with law enforcement over the years, without publishing them – if common sense told me they were credible and dangerous. (In fact, some “ordinary people” may have gotten emails before 9/11 warning of an event – and thought the emails were spam sent by a virus.) In April 2002, a page on one of my other sites, discussing the possible consequences of nuclear material in the wrong hands, was hacked, which was tracked to a hosting company leaving a Unix SITE command open. At the time, this was a novel experience for me, and I had to contemplate the idea that a “controversial” website could attract risk to a shared host. Nothing “happened” at the time, but the idea that ISP’s or hosting companies could feel “caught in the middle” has been around for a long time, since 9/11 (when there was talk of misuse for steganography), and I have been concerned about it before.

This whole WikiLeaks matter reminds me that there are people who like to model, analyze and publish things, to “keep them honest” (Anderson Cooper’s favorite phrase on his CNN AC360 program) but who don’t like to have to achieve things just by negotiating social hierarchies. After all, the founder of Facebook preferred to model social relationships on a computer server than engage them himself.

Tuesday, December 21, 2010

Law professor explains that complete reproduction of newspaper articles can sometimes be Fair Use (Righthaven cases)

Tech Dirt has an important short article today about an amicus brief filed by Berkeley law professor Jason Schultz for Electonic Frontier Foundation (linked there) maintaining that sometimes the quotation of entire newspaper articles can still be transformative enough to be fair use, particularly if the articles are assembled in original ways to “connect the dots”. That relates to what Schultz calls “purpose and character of the use.” Another major factor would be whether the use significantly affects the benefit to the original owner of the copyrighted material (normally, ability to earn revenue from the work).

The particular case in Righthaven’s suit against the Center for Intellectual Organizing.

It is significant that Schultz maintains that Righthaven is throwing out the multifactorial analysis of fair use (the four “prongs”) and making up its own definition based on amount of quotation. Of course, only an original copyright owner can determine the effect of large quotation volume on its revenue. But if so, then the sale of copyrighted articles just to collect infringement revenue might invalidate the owner’s claim that it’s ability to earn revenue as originally intended has been harmed. Stacked against all this, of course, is Righthaven’s and Stephens Media’s claim that its constitutional “property rights” give it the right to control the use of Stephens’s media, given the work and money Stephens had put in it. That sort of argument could matter in other kinds of cases associated with implicit content problems. At least Righthaven may have stimulated legal debate on how far the libertarian idea of “property rights” should go.

Memorial Posting

On Tuesday, December 14, 2010, my mother, Margaret Esther Davidson Boushka, passed away, of heart failure, at age 97, in the Capital Hospice Facility in Arlington VA. The graveside service was held today, the Day of the Winter Solstice, at Columbia Gardens in Arlington. It was well attended. The Arlington Funeral Home has a memorial for her on line here.

I generally don’t discuss family matters in my blog entries or social media posts, although I do go into them in my books (especially the first one). But I do want to communicate to visitors that this has happened in my life. My father had passed away on January 1, 1986, when I was living and working in Dallas. His final service was held at the same place.

Since I have lived a “different life”, I am not as given to some of the demonstration of emotion as are many people in family situations.

Mother was a stay-at-home mom who experienced her life through family. She did not expect "personal sovereignty", self-expression or self-display, or the absolute right to choice, the way modern society has come to encourage. She accepted that some circumstances were given. My life went in a direction that I do not believe she understood fully in the usual cognitive sense.

I was in Washington DC, on the Metro, on the way to an SLDN rally on December 10 (concerning the need to introduce a standalone bill to repeal “Don’t Ask Don’t Tell”), when I got a call from a caregiver regarding a sudden turn. I got another call during the rally, at the most intense part of the speaking. I stayed to the end of the rally (one hour). My Mother lived long enough (which was approaching 100 and surpassing many medical obstacles) to see an effort in which I had participated for so long, however behind the scenes (yet out in the open, on the Web) succeed.

The last time she was able to understand me in the Hospice facility, the Hospice music radio played the close of the Symphony #2 by Robert Schumann, a work that has unusual significance for me, with its famous theme in the Finale. That is the last music she ever heard. I have never seen that theme (“A-B-C_E-F—G_F-E”) in a Baptist hymnal, but I wonder if it appears in the Lutheran hymnals. The year 2010 marks the composer’s 200th anniversary.

Pastor Jeffrey Haggray, of the First Baptist Church of the City of Washington DC, talked about the Virgin Mary’s Magnificat, and about how the words had long been part of sacred tradition, even if obscure to many people. He also mentioned her (and my) dedication to moral causes.

As I approached led the procession in my car toward the tent, the Sirius 2 Channel 80 station played the Sibelius Symphony #5, another work that had unusual significance for me during high school days. The music could be heard by others as I stopped. As we departed, the station was playing the conclusion of the Mendelssohn D Minor Piano Trio (which is triumphant and major and happy).

I had attended an outdoor service for my aunt, June, in Ohio in October.

For me, life enters “a new chapter.” I am serious about the idea of a “Do Ask Do Tell” movie and company, and will post more soon as I am able to be specific. That will include restructuring of much of my material on the web.

Monday, December 20, 2010

Washington Post: FBI keeping "rumors" database on ordinary people

Today, Monday morning Dec. 20, there appeared a front page “Washington Post Investigation” titled “Top Secret America”, main title “Monitoring America” by Dana Priest and William M. Arkin. The main link is here.

I’m sure that EFF will have a lot to say about this piece in the coming days. But one alarming detail was that on the fourth floor of the FBI Building in downtown Washington DC (the physical target in Screen Gems’s 1999 film “Arlington Road”, and ironically near Landmark E Street Theater) are files on “rumors” articulated about individual people, even by neighbors. It is an invitation to abuse in the future. My father used to say, “we have to worry about what everyone thinks” after my 1961 WM expulsion. The tone of the article brings back the mood of the Cuban Missile Crisis days.  From my perspective, it's an ironic presentation two days after Congress repealed the military "don't ask don't tell" for gays.

Of course, there is paranoia that it will keep track of people who connected themsevles to WikiLeaks.  This sounds a bit like hysteria.

The article describes the fingerprint center, in Clarksburg, W Va, pretty far from most of urban America.

The article has a lot of ad-ons, interactive maps and videos, available only online, adding to the notion that soon most newspapers will have to charge subscriptions to see all their content online.

Friday, December 17, 2010

Commerce Department comes out with softer proposal for "Privacy Bill of Rights"

In light of the recent FTC proposal and House hearings, the Department of Commerce, in the Obama Administration, has published a paper, pdf link here, “Commercial Data Privacy and Innovation in the Internet Economy: A Dynamic Policy Framework”, link here.

One underlying concept is what the media calls a "Privacy Bill of Rights", which would give users the right to control what information is collected about them and for what purposes. In theory, well educated users would allow some information to be kept if they benefited from the process. Curiously, the phrase doesn't come up in the document when searched.

Like the FTC, the Commerce Department is concerned about user transparency, and discusses a concept called PIA, or Privacy Impact Assessment. Another acronym is FIPP, Fair Information Practice Principles.

The proposal would call for companies to enroll in voluntary best practices programs, but those that do would be monitored by the Federal Trade Commission, with FECC, or “Flexible but Enforceable Codes of Conduct”.

Nevertheless, the Commerce Department seems to be backing away from the idea that government should mandate rules like requiring a vanilla “do not track”.

The CNN story by David Goldman appears here.

Thursday, December 16, 2010

Judges in West Virginia, Washington DC restrict copyright troll suits "out of state" on jurisidictional issues

A judge in West Virginia has forbidden plaintiffs from identifying potential defendants in seven “copyright troll” lawsuits against unnamed individuals for downloading copyrighted porn. The plaintiffs are trying to use the subject matter of the downloads to force early settlement. The judge will not allow refilling unless plaintiffs can show the defendants acted in West Virginia. Electronic Frontier Foundation has the story here.

Also Nate Anderson at Ars Technica wrote that the US Copyright group had dropped about 5000 defendants from P2P independent movie downloading cases, link here. This amounted to 93% of the defendants, whom the judge indicated weren’t under the jurisdiction of a DC court.

The case could be important in the Righthaven case, for defendants who do not operate in Nevada, if judges there take the same approach on jurisdiction.

DMB Digital Media Wire has a similar story on the US Copyright Group case (website url) here.

Free speech is only as strong as its weakest link

Inasmuch, as Electronic Frontier Foundation reminds us, “free speech is only as strong as its weakest link”, a number of rogue initiatives have been sprouting, to make speakers and entrepreneurs more immune to impulsive actions taken by governments or others to censor or stop them.

DOT-P2P (link) appears to be another mechanism to set up a domain name resolution system independent of ICANN. Now, personally, I feel that ICANN’s domain name dispute procedures and policies sound reasonably fair, but I guess “good faith” can sometimes live in the eyes of beholders. Such a system would have to deal with the "Existential DNS Problem", discovered by a regular programmer, studied in Finland and vetted at Microsoft in the summer of 2008 (my "ID Security" blog, Aug. 9, 2008).

The Tahoe Least Authority File System (Tahoe-LAFS) (link) propses “provider -independent security”, which, in The Cloud, would prevent the possibility that attackers to get at an unpopular speaker by compromising “open doors” within the ISP (this happened to me in April 2002), and would prevent the ISP from having any access at all to the speaker’s content. There is a topology diagram in which one can see what parts of a setup are vulnerable to whatever service provider hosts the connection.

The Tor Project Anonymity Online (link) is somewhat well known from overseas dissent, especially from Iran.

Bitcoin (link) is a P2P digital currency, fiat in the sense that there is some intrinsic “wealth” backing it up in the solutions of “problems”. The website explains the concept of fiat backing by gold in the familiar physical world, and makes the case for the analogy in cyberspace.

All of these would make Internet activity farther from the reach of government, or at least corruption by government or “establishment”. Yet, any of these systems will have to develop their own rules and culture, just as we see today with social networking and blogging environments.

At a conference on the impact of WikiLeaks on Journalism, a speaker just said "information by itself is not worth all that much until you know a context to put it in."  In the age of "cybernararchy", the question is, "what is truth online now?"  Some speakers give WikiLeaks credit for starting to redact the names of overseas civilians and certain sensitive interests.  Even amateur journalists do practice some restraint, out of self-interest.

Wednesday, December 15, 2010

Law enforcement stings off of social media raise implicit content questions (again)

A backpage Metro story in the Washington Post on Wednesday Dec. 15 by Maria Glod, about the FBI charges against Awais Younis (or Mohanme Khan or Sundullah Ghilzai) for threats made on Facebook pages (website url link) brings up a related problem considered here before, implicit content.

It’s true that law enforcement regularly trolls social media and blogs and Twitter for clues for crimes (which some people are amazingly brazen about in bragging online – check another story in the same Post by Marc Fisher) and for threats, and there have been numerous arrests and prosecutions since the late 1990s for making threats on the Internet (“through interstate communications media”), especially since 9/11. But what if someone writes a fictitious story about such an incident and posts it online for “free” browsing?

If the characters in the story were identifiable (even if names were changed) and the story were plausible, there could occur a defamation or libel issue (we’ve discussed libel in fiction here before, esp. July 27, 2007). But if one of the characters were the speaker himself, would or could law enforcement look upon it as a “threat”? That’s where “implicit content” or “gratuitous publication” comes into play.

One could pose the question even about a self-published novel or screenplay in conventional book or hard copy DVD or CD format, if it the protagonist was identifiable. Ironically, if the novel or self-distributed video sold copies and made money, the implicit content question might go away: if the publication resulted in a “rational” constructive purpose (profit), there might not be a reason for law enforcement to question another “purpose” for the publication (implying a threat).

The question of the legitimacy of some self-publication came up recently with a “guide” by Phillip Greaves, offered on Kindle, which Amazon had to withdraw after popular pressure. In the future, self-publishing services may feel pressured to pay more heed to the “purpose” of the material being offered and track whether they actually generate revenue in a manner normally expected in business.

That brings us back to the question, does free speech provide its own justification? Or is it morally and legally appropriate to question what other purpose it serves? Does someone need external “standing” to speak to an issue publicly and without supervision, and reach an audience?

Tuesday, December 14, 2010

EFF announces Appeals Court supports applying 4th Amendment to email, in Warshak case

The Electronic Frontier Foundation announced today that the Sixth Circuit (in Ohio) had affirmed a lower court decision in the case of U.S. v. Warshak, that, as a consequence of the Fourth Amendment, the government must have a search warrant to seize emails and similar communications (like texts) stored by service providers. The press release from EFF is here.

The Opinion on the 6th Circuit’s own website is here.

The following excerpt is instructive:

“The district court’s decision also appears to be supported by the balancing of the interests of Warshak, the government, and the public. Although the government claims that its investigative abilities will be unduly hampered by the injunction, it still can search e-mails stored with ISPs either through obtaining a warrant, by notifying the account holder, or, in light of our modification to the injunction, by making a fact specific showing that the account holder has waived his expectation of privacy with respect to the ISP. Further, under section 2703(f), it can require an ISP to preserve evidence “pending the issuance of a court order or other process,” ameliorating any concerns about the destruction of evidence.”

An earlier (2007) YouTube video from WPN (posted by ientry) explained the earlier lower court decision



Warshak had been chased for peddling Enzyte.

This case may not be as critical in an existential sense as are some others floating around. However the constitutional protection of requiring a warrant would let an “ordinary blogger” know in advance if the government thought she had done something “wrong.” Think about connecting this to the Wikileaks controversy.

College students "outsource" their work to ghost writers; has plagiarism become socially acceptable?


ABC “World News Tonight” and then “Nightline” reported on ghostwriters who make a “living” by writing themes and term papers for college students, and even to write admission essays. “Ed” says he made over $60000 a year and wrote a 175 accounting term paper and did part of the research for a sociology Ph D.

Students are “outsourcing” work. When a student doesn’t get a good grade, a ghostwriter hears from parents!

Use of plagiarism software (like “Turn it in”) doesn’t catch this. Five papers at Hofstra University were asked to identify an “outsourced” paper and only one professor got it right. The professor said you have to get to know your students.

“Ed” says that he develops the content of his papers entirely from Google.

I recall that in 1963, a George Washington University English professor required students to return their term papers after grading so they wouldn't wind up in "fraternity files."  How times have changed.

Another risk is that bloggers sometimes find their posts have been plagiarized for themes. I am aware of two or three times that this has happened with me, and also friends.  (And sometimes "spam blogs" are built by robots that "plagiarize" parts of legitimate blogs.) Of course, this is related to “copyright infringement” in the Internet world as we have been examining here (as with copyright trolls). Kids are growing up with the idea that content is free.

In another area, writers and usually most musicians (especially classical, as on my “drama blog”) are fiercely proud of the originality of their published work. In “modern music” with atonality it may be easier to guarantee; how many times does a “good composer” (the drama blog again) have to wonder if, with a theme he or she uses, “have I heard that before”? (This year, it seems like so many themes by Robert Schumann pop into my head.) A car radio with Sirius can make much obscure music stick in your mind.

When I went to college, many schools had honor codes. Academic integrity was a core moral value. There was a different spin on it in those days: people were deferred from the military draft based on academic performance (during the Vietnam era), so “cheating” could be a way to save your life, or that’s how it was sometimes perceived. I caught one student copying on an exam when I was teaching algebra at the University of Kansas in 1966 and gave him an automatic "F" in the course, and he came to my dorm room at McCollum Hall and pleaded, over the draft!  In my days, you were regarded as "qualified for life" if you had earned your academic credentials honestly! (Of course, student deferments became a tremendous moral issue, leading to a lotttery before the draft ended.)

There is a website called "Custom Papers" ("Professional research and writing service for students") that presents itself as a totally legitimate business, with privacy policies!  And once you have "paid for" the paper, you own the intellectual property rights to it (just like Righthaven -- how about that!)

"Outsourcing" of academic work, perceived as a moral issue, might bring up other similar issues of "outsourcing" duties. Back during the War Between the States, in New York people could buy their way out of the draft. We could reach a point where we look at eldercare (or child rearing) that way. The "money economy" isn't everything; for some things in life, you have to "pay your dues" with labor.


Monday, December 13, 2010

Companies using "cloud scores" on people's "reputations" to make all kinds of decisions

Michael Fertik, founder and CEO of “Reputation Defender”, appeared on CNN today with a demonstration of the private facts that an Internet application and found about a CNN journalist  (Poppy Harlow). Much of the information was incorrect. And a professional journalist is likely to see herself as less "private" than the "average person".

Fertik said, however, that more and more decisions are made about people from information collected by “machines”, which, apart from the question of privacy as we usually understand it, also raise the question automated computer processes can “make mistakes”.

Employers and insurance companies are making decisions based on automatically collected information from the “Cloud”, much of which is probably wrong.

The report is in tandem with the recent discussion of “do not track”.

My take is this: It’s fine with me for a Web application to track my information and compute "Cloud scores" to allow companies to send me ads about my own movie (assuming I get started with “Do Ask Do Tell: The Movie” or something like that soon), or about my friend’s upcoming piano concert (yes, it takes a long time to become a good composer). It’s not OK to collect the information to tell a company whether to hire me (in most cases), or whether a health or property insurance company could sell to me, or even someday a landlord could rent to me. It is OK with me to use credit reports in the manner to which we have been long accustomed for those purposes, because, imperfect as it is, the credit industry (by which I was gainfully employed in Dallas in the 1980s – good karma for me) is regulated. I don’t want to see the “amateur” Internet regulated the same way.

Here’s a story by John Sutter, “The Internet and the End if Privacy”, link. Another related headline is "Sacrificing Privacy on the Altar of the Internet".

By the way, today is the ninth anniversary of my “career changing” layoff (Dec 13, 2001), about this exact time of the day.

Sunday, December 12, 2010

"Anonymous" "activists" may be a bigger issue for Internet freedom curtailment than was Wikileaks itself!

Ian Shapira and Joby Warrick have a front page story in the Washington Post Sunday Dec. 12, “Wikileaks’ advocates are wreaking ‘hactivism’; global online community has launched attacks in support of anti-privacy group”, link here.  Correction: DOS attacks don't involve compromising data, so "hacking" may be an inappropriate term.

The article describes “Anonymous” as the most “prominent” of the groups, whose general concern is that governments will gradually put a strain on Internet free entry and free speech, paring it back and placing under control of those in power, very much as what China does today. There is a concern that there will be no net neutrality, and that companies may not have the incentives in the future to offer free content or publishing services that they do today. Yet, some of these concerns do indeed come from the possibility that governments could “overreact” out of miscast privacy concerns. For example, “do not track”, is misapplied, could undermine much of the free content model today. Or privacy and reputational concerns could lead to undermining the downstream liability protections now well established in American law.

Do these concerns morally justify the release of officially classified documents? One problem is that some government operations, both in the US and overseas, obviously related to legitimate public safety concerns (to say the least) and the safety of civilians abroad. It is difficult for the public to know where the “line” between legitimate need for secrecy and cover-up exists.

The article discusses as “social networking” service Reddit and a sub-section called “Operation Leakspin” which tries to sift through the various cables. The link is here.

A site called “Anonymous Freedom” keeps track of the status of various “Anonymous” groups by IP address, link here.

A blog called “AnonOps” makes regular announcements and features the YouTube “Collateral Murder” film here

If the legal system says that people can be assessed civil penalties for possessing illegal downloads through P2P (as with the RIAA and IS Copyright Group mass litigation), and if people can go to jail for possessing “c.p.”, is it rational to say that people could incur civil or criminal penalties for possessing classified information? (Previous post).  Or, as noted before, should people be asked in security clearance applciations if they have read or linked to illegally published classified information? Will all of this affect how service providers implement terms of service?

The concept of “privacy” is very fluid indeed, as is the concept of “public figure” and anyone with an agenda can twist the terms. Fred Phelps’s group has claimed that the military veterans’ families it has picketed made themselves “public figures” by announcing funerals in newspaper obituaries.

Generally, mainstream news commentators are more concerned about the “hacktivism” (and the DOS attacks against credit card companies and other parties “cooperating” with government requests) now than they are with the contents of the leaked cables themselves, most of which are turning out to be mainly embarrassment and probably not critical to military and diplomatic operations. Yet, as Richard Clarke said recently, diplomacy particularly depends on trust and confidence that some “under the table” (or “off the books”) measures will remain unpublished.

“Disclaimer”: I give links here only as part of “complete” and relatively unbiased news reporting (since they are already widely public); I do not encourage anyone to knowingly engage in illegal behavior.

Note something else: CNN has been reporting school system experiments in having kids turn off all electronic media together for a week or so.  Good for interpersonal social engagement? Maybe.  But one student pointed out that experiments only work if everybody has to pull the plug at the same time.

Be careful what you wish for.

An RT YouTube video about the "consequences of making information more available".



Also, the Outlook Section, p B1, of the Dec. 12 Washington Post has a perceptive article by Tim Hwang, "Wikileaks and the Internet's Long War", where he suggests a book "The Master Switch" by Columbia law professor Tim Wu  (I'll order it soon), proposing that the Internet is really a communications utility that will ultimately fall under more government regulation, even in the U.S.  But the rogue innovators may be much more determined. Hwang talks about the contribution of Shawn Fanning, with Napster being eventually rolled back and forced to become "legal" and establishment. One could see Mark Zuckerberg, Steve Jobs, Bill Gates, Steve Case, Brin and Page, all as a bit rogue, and Assange as just much more so, and maybe even me (more obscure), as having affected the way the stakes of the "War" are seen.  There have been debates on CNN as to whether Assange is really a "journalist."

Friday, December 10, 2010

Government pressure on Wikileaks could affect ISP, service provider terms of service enforcement

Jennifer Elsea has a paper for the Congressional Research Service, dated Dec 6, 2010, “Criminal Prohibitions on the Publication of Classified Defense In formation,” pdf link here.

The paper indicates that prosecution with severe penalties are possible when there are deliberate leaks (there is some controversy of exactly which diplomatic communications are included), especially when US agents die as a result. In practice, newspapers (or reporters) have not been prosecuted for publishing or especially linking to leaked information, although the wording of the 1917 law, with constitutional reservations, might allow prosecution. It is apparently very unlikely that ordinary amateur bloggers could be prosecuted except in the most exceptional circumstances.

There is a practical problem in that numerous American companies (such as Amazon, Mastercard and Visa) have yielded to government pressure to shut down ties with Wikileaks. Senator Joseph Lieberman, a good guy on “don’t ask don’t tell” [especially today], apparently applied some of the pressure. This tendency could affect how Internet ISP’s and publishing service providers and social networking sites apply or interpret their “terms of service” or “acceptable use” policies. Generally, these companies forbid illegal use, but typically it’s not a problem to link to another site that might be illegal (except that it could affect a site’s reputation with Internet site rating operations like Web of Trust or McAfee Site Advisor). A major exception could be “c.p.”, where it’s illegal to possess on your hard drive cache the material that would be linked to. Service providers might want to include material known to be leaked, although it sounds almost inconceivable that the government could ever prosecute ordinary people for possessing cached copies of classified material.

Nevertheless, an MSNBC story reports some very strident recommendations indeed, such as a note that Sarah Palin’s Facebook posts might prevent Assange from giving a fair trial, and Mike Huckabee’s idea that anyone who leaked information to Wikileaks should be tried for treason with capital punishment possible.

Wednesday, December 08, 2010

People who post about Wikileaks could jeopardize getting federal or clearance-requiring jobs, some legal experts say -- but it sounds so silly; the latest "online reputation" fiasco

I suppose this post could belong on my “IT Jobs blog” or the “International Issues” blog, but it is primarily a speech issue. CNN has a story “Will reading WikiLeaks cost students jobs with the federal government?” , by Emanuella Grinberg, link here.

The story suggests that people who , on their own personal blogs or social networking profiles or tweets, link to or even comment on Wikileaks items could jeopardize their chances for security clearances later.

It seems bizarre, with so many documents leaked and so many millions of blog posts on them already in existence, to think that security officers would make that much of people “commenting on”, say, the Iraq “killing fields” film (which is on YouTube and which I linked to in April 2010 on my “cf” blog – the link still works), or on a number of genuine items in the diplomatic cables (such as those discussing China’s Internet censorship, or of instability in Russia and Saudi Arabia). But, then again, I remember the case of a teacher’s college in Pennsylvania that gave so much weight to a graduating student’s “drunken pirate” Facebook picture. Some security officers, in their own thought processes, might see a tendency to post about Wikileaks a sign of unreliability. I personally think this is all very silly.

Even reading “classified” documents at home, and admitting it, might be a risk.

On Dec. 9. Derrick T. Dortch, a federal jobs consultant (mentioned in my IT jobs blog under the label "security clearances") has a Washington Post piece "Job hunters should steer clear of WikiLeaks site", link here, and that might even include those planning to enlist in the miltiary and follow a speciality (like intelligence, and maybe hinting at a new controversy to follow "don't ask don't tell").  He writes that the Adjudication Desk Reference of the Defense Human Resources Activity is pretty explicit, and job applicants could be "asked" (there's that first DADT verb again!) if they've accessed classified documents on the Wikileaks sites or maybe if they've linked to them on their own postings or saved them on their own computers.  Conceivably they could be asked on polygraphs. I guess I'm toast since I embedded the "illegal" 40-minute Wikileaks movie on YouTube from Iraq on another blog. Dortch writes that there are mitigation factors, such as the length of time since the "violation", the lack of training and remediation.

I do think bloggers should be very careful with tips that they receive from others -- both as to credibility and in some cases the possibility that they could be classified (or could be sensitive for other reasons such as employment, family, or neighborhood issues). This is so even as immunity for journalsits remains controversial, and as the relationship between blogging and "professional" journalism remains an issue (discussed in the EFF Bloggers legal guide reference linked on Feb. 2009 here). In my own case, there are a couple of items that have come to me that I have reported to authorities and have not disclosed publicly.

Now, we’ve also heard that Assange’s nightbreed minions have DOS-ed Visa and Mastercard (they’re back up now), and even the Swedish prosecutor’s site today. It’s all getting silly.

I guess this is the latest wrinkle in the “online reputation” debate. Or maybe it's an example of just how far Internet "assymetry" and the power it can give one rogue person, can go.

I say, the best defense is an offense; the best antidote to a wildfire is a fire break.

Picture: The Blair Witch may roam here!

Tuesday, December 07, 2010

The Nuisance Factor: those who watch and document the world from a distance

There’s a couple of issues going on with the Wikileaks controversy. OK, it’s illegal to acquire, keep, and certainly distribute classified information, even if we wonder why government was so careless as to leak it. (Did it want to?) And remember that in the world of information security clearance, its when pieces of a puzzle get put together that the apparent value of information to “enemies” might increase.

Nevertheless, government has real First Amendment issues in suppressing publication, especially by those who “accidentally” acquire the information (the “Pentagon Papers” matter, etc.). So, government cajoles private companies not to do business with Wikileaks. Hence we see the actions by Amazon and now MasterCard.

One of the most disturbing aspects of the “plug pulling” by some private interests was their notation of the nuisance issue: Wikileaks was reportedly “attracting” harm from enemies, such as DOS attacks. Imagine how this could apply to an “unpopular” individual in other circumstances. Ultimately, this is giving into “snitch mentality”. But, yup, “enemies” can apply leverage against others dependent (often involuntarily) on an unpopular person. I’ve noted this issue for some time, ever since 9/11, when government expressed a concern that ordinary amateur websites could be hijacked for steganography, a concern that has since waned; I used the theme as a plot element in a couple of my screenplays.

Rainey Reitman and Marcia Hofmann have a short but pertinent piece about this today for Electronic Frontier Foundation, “Amazon and WikiLeaks: Online speech is only as strong as its weakest intermediary”, here.  EFF refers to the saga of the Cody bookstore, which had to fight off threats decades ago as it sold books like “Howl”, Wikimedia link here.

There is something about Assange’s personality, an interest in exposing problems for the sheer pleasure of saying “I told you so”, without participating in a solution, that seems like an ethical sink to some people. I don’t try to get classified information (although I have received a few tips over the years, which I have shared with authorities), but I do like to take material from research and compile and link it in novel ways to “connect the dots” and show the fallacy of most “partisan” thinking, which tends to focus on the “needs” of just one constituent group. Call me anti-Marxist, that’s good. Actually, the “common good” considers everyone simultaneously, not just “to each according to his needs”. My inclination to do this comes from thirty years in information technology, where you stress test everything before you put it into production and see if you can “break” it. I’ve covered this before as “the privilege of being listened to.”

So what I came up with, was a philosophy, that we have to look at the boundaries of hyperindividualism, that shared goals do matter (a lot), especially for “sustainability”, and that some politics is still local, even familial or filial; translated into “individualism”, it means something like, we all have to “pay our dues” as well as “pay our bills” if we aren’t to live off the hidden sacrifices of others. But can I put this into practice in my own relationships with others? That’s much harder. It’s easier for some people to model something on a computer system than actually do it.

So we come to a New York Times article Monday Dec. 6 by Noam Cohen, “Link by Link: Wikileaks, Facebook, and Perils of Oversharing”, p B3, link here.  I am certainly an example, maybe prototypically, of “a private person, … who is a mystery to the world .. and to (himself)”. It’s ironic that the founder of Facebook, while having now matured in his own direction (as in the interview discussed yesterday), modeled on a system what he himself was not good at, so that everyone else had to do it!

Sunday, December 05, 2010

Let's run down the "existential" threats to free entry and free content on the Web; Facebook does even another makeover!

The recent flaps over such divergent problems as “do not track” and “copyright trolling” give me reason to cause and ponder all the “existential threats” to free content and “free entry” on the web.

Remember, I got into this in the late 1990s, starting self-publishing in the low-cost desktop publishing and book manufacturing area, and then moving into “Web 1.0” to keep a running supplement on what had been published in book form. Gradually, search engine visibility became more important to me that in person word-of-mouth. Even though I came to this from a publishing direction, social networking, with people whom one would want to know, was a major result.

Other priorities were important to me. I started with the “don’t ask don’t tell” issue and branched off into “everything else” concentrically, like following a maze or a board game and connecting dots. Political ideology is very definitely a “topologically connected space”. I wanted to become my own voice, equivalent to an “organization”, and I resisted efforts to be “recruited” to replace my own interest in “truth” by working for “other people’s causes”. One of my goals was to get people to account for why freedom gets taken away from people (like me). At the same time, I recognize that others expect me to account for what I would “do” with more freedom, and not undermine the freedom of others whom I watch from a safe distance. I think we have an underlying question about sustainability and how that relates to maintaining personal autonomy, as opposed to identifying with the aims of a group. That gets translated into an individualist’s view: we need to know what rules are necessary at least to keep people from living off the sacrifices of others that stay out of sight. We have to recognize that sometimes we don’t get to choose everything we have to do.

But the clouds on the horizon are numerous. We discussed “do not track” at length the past few days. Here are some others:

Copyright trolling: I’ve covered Righthaven (and others like the US Copyright Group and RIAA). It’s hard to say if courts will accept Righthaven’s “business model”, but ironically Righthaven’s defense of the absolute nature of “property rights” (so well known to libertarians) could come in handy for other speakers caught in “conflict of interest” situations. The main practical danger to bloggers comes in large part that the DMCA safe harbor doesn’t really protect them the way we thought it did (it protects “service providers” from downstream liability, below, and not speakers directly), and that’s another problem the courts may weigh in on, or that Congress could address again.

Downstream liability: If YouTube had to review every video for libel risks, there could be no YouTube. We already have dangerous court verdicts from overseas (Italy). But the main risks could call from calls to eliminate or scale back Section 230 protection. But law professors like GWU’s Daniel Solove suggest that Section 230 should work in conjunction with a “safe harbor” provision that protects communications providers from downstream liability but only if they take down libelous content (or particularly content that invades privacy) when asked to in a credible way. Companies like “Reputation Defender” may be accomplishing some of this in a less formal way.

Insurability: In 2008, there was an announcement of a new “media perils” product to protect bloggers, after earlier attempts back in 2001 from the National Writers Union had failed. I don’t know how well it’s working. But in a world where we make people buy health insurance, politicians might get the idea that they should require “amateur” self-publishers to be insured, too, knocking them off the web. At the same time, property and casualty insurers are starting to notice that social media use carries its own kind of home security risks.

Implicit content, conflict of interest, and generalized online reputation issues. This area imputes prospectively the apparent “purpose” or “intent” of the speaker (a topic I analyzed in detail here July 27, 2007 after I was involved in a serious “incident” in 2005). But generally, the world is starting to see Internet expression is a less than completely valid “end in itself” but a necessary sales or marketing strategy to sell oneself in some other specific area of expertise that one has developed – and that’s where Mark Zuckerberg’s concept of “one identity” becomes so critical. And we’re starting to anticipate the “Food Lion Problem” or “Assange Problem”: employers or other business interests may fear dealing with a person who appears motivated to “expose things” after leaving the business relationship, rather than compete (as to provide for a family) in a “socially normal” fashion.

For me, the "implicit content" issue may be the most critical of all. I made a decision to stay in the game to tbe end, after I entered it in the 1990s.  One could propose was I should have "paid my dues" first and earned "the privilege of being listened to."

Tonight Facebook announced a new look, which would give members the ability to display their entire social infrastructure much more publicly. I didn’t see the option to turn it on there for me yet. The implication of such a capacity may be that social presence comes before work or creative accomplishments, an idea that could squeeze many people (including me). Yet, the “sustainability” theory of ethics says that people will have to be much more “locally interdependent” rather than just public global citizens with “one identity”. (Um, how did I learn how big a place the world was? As a boy, maybe my first impression came from my father’s business trips, or from following Major League Baseball, in an era when “road trips” lasted a while and were accomplished by passenger train.)

You can watch CBS 60 Minutes cover the Facebook announcement (today, December 5) here (sorry, CBS seems not to want to offer embeds on this, and the embed was even disabled on YouTube; too bad -- at 26, Zuckerberg looks great in an embed, better than a few years ago).

The Switched Show has this 4 minute video on Facebook and employers (“Facebook Killed the Private Life”). Social networks are certainly redefining what we consider “private” (from as far back as 2007). Do we need to carve-out a “semi-private space” of “documented personal actions” that’s OK?



The most critical "existential" threat to global free speech could be infrastructure. Coronal mass ejections from the Sun or an EMP (electromagnetic pulse) attack from enemies could shut everything down for a long time.

Saturday, December 04, 2010

More discussion about "do not track": a stop at an Internet cafe

Yesterday, I stopped at an Internet cafĂ© in Washington DC and paid the $3 for surf for 15 minutes. I tried a variety of domains and browsers, and found that browser history disappeared when I closed it. Ads served to me were indeed more general than I would receive at home, but were still of fair quality, but tended to become more specific as I continued to surf. All of this suggests, heuristically, that Internet users even now have some control over how much “tracking” is done of them if they bother to find out.

The value of marketing to users is not so much in immediate purchases, as in creating interest over time. The car that I bought in midi 2009 (a Ford Focus) was certainly influenced by ads I had seen for months. Movies I see may be influenced by previews and trailers on the Internet. Commercials can have good quality. (When I lived in Minneapolis, I heard that the Twin Cities was a major player in making commercials and industrial films.) One of the best commercials around is one developed by AMC Theaters, to show moviegoers what they might experience in an outdoor theater on another (M-star) planet!

I looked over again the FTC document (link given here Dec. 2) suggesting a “do not track” capability. I’m struck by how much of this discussion has involved “apples and oranges”.

Let me back up for a moment and note that as a webmaster who has maintained free sites (no advertising, no credit cards) of political content for a number of years (hppub.com, doaskdotell.com, billboushka.com) that I’ve been aware of possible privacy implications for all these years. I get Urchin reports on my sites and particularly access logs which list IP addresses associated with searches and page requests on my sties. In a few cases, it is possible to see who may have visited the site (from the logs). In analyzing an incident in 2005 with possible legal implications, these logs were useful to me (more details here July 27, 2007). From an ethical perspective, looking at these logs might seem like the equivalent of knowing who bought your book or saw your movie. You actually don’t have the right to know that. That’s part of what “publication” means.

With my blogs (16 other them, as accessed through Blogger profile), there is “behavioral advertising” as explained in the “Privacy Policy” at the physical bottom of the page of this blog. There are links (admittedly in small print) there that show the visitor how to regulate his own experience. Visitors have quite a bit of power now to make choices as to how “visible” they are; learning to use the Web is a bit learning to drive a car; you need to know the rules of the road and about safety.

All this said, I still think it’s appropriate that the FTC (along with Congress) wants the Web community to do a bottom up review of its practices with respect to interacting with consumer data. But it’s important to keep a number of these issues in perspective.

First of all, it’s true that most of our “privacy regulation” so far has dealt with predictable or known avenues of specific harm. The personal data is in a “Cloud.” Normally, it isn’t readily accessible for malicious purposes. And, unlike the case with telephone telemarketing, its collection was non-intrusive.

But in the long run, as the FTC points out, “harm” may become more subjective or elusive than before, It seems to be more of a social than technical concept, more about “online reputation” and the idea that reputation tends to be socially “contagious”, especially within families, whether we like to admit it or not. Part of the deeper problem is that as human beings we vary so much as to our notions of autonomy and need for interdependence. Protection of minors is certainly part of this.

It certainly is true that certain kinds of sites, that like to aggregate preference information (Netflix, Amazon, imdb, etc) could pose certain risks (to misuse by hackers or by future abusive governments). I don’t worry that anyone cares about my movie preferences (after all, I have a movies blog), and I don’t think that in a real world that Metro would try to deduce my sexual orientation from the way I use my Metro Smart Card. But one cannot be sure what a future totalitarian government could do (let’s say,if it could track citizens by global positioning on their mobile devices). But inevitably, most companies collect consumer information, at least internally, and must respect employees to keep it in confidence and not abuse it. Imagine an employee going through an insurance company’s records to look for military servicemembers with HIV.

But it’s probably easier for large retail sites (like Amazon) to put in consumer-friendly tools than it is for sites that publish free content (that is, most newspapers and bloggers) and who may be dependent on “marketing” – yup, the way broadcast television depends on commercials – and where behavioral “targeting” is economically important

But for “free content” sites as above, it seems that the FTC says, on page vi, “The most practical method of providing such universal choice would likely involve the placement of a persistent setting, similar to a cookie, on the consumer’s browser signaling the consumer’s choices about being tracked and receiving targeted ads.” On p 65 the FTC writes similarly “The most practical method of providing uniform choice for online behavioral advertising would likely involve placing a setting similar to a persistent cookie on a consumer’s browser and conveying that setting to sites that the browser visits, to signal whether or not the consumer wants to be tracked or receive targeted advertisements. To be effective, there must be an enforceable requirement that sites honor those choices. Such a mechanism would ensure that consumers would not have to exercise choices on a company-by-company or industry-by-industry basis, and that such choices would be persistent. It should also address some of the concerns with the existing browser mechanisms, by being more clear, easy-to-locate, and effective, and by conveying directly to websites the user’s choice to opt out of tracking.”

The FTC is suggesting that present methods available, somewhat effective, are too hard to find and do not address flash cookies, which seem to be beyond the control of browsers. But the FTC also recognizes that an IP list is not equivalent structurally to a telephone number book, and that unintended consequences could be damaging to companies economically.

Would such an add-on allow different specifications for different advertisers or groupings of advertisers on a particular newspaper or blog-oriented site? That would seem necessary to ensure that informed surfers could still have a rich web experience with free content.

We should indeed be wary of the unintended consequences of chasing too many ghosts with “do not track”, or encouraging web users to become lazy with a carelessly chosen name for what is offered to them.

Mike Schulder has an interesting perspective on CNN, “Go ahead, invade my privacy, I’m honored”, link here.

Riva Richmond has a story in the New York Times, “What is there was a do-not-track list for online browsing?” but the story focuses on the concept of a HTML header (as a well-known component of HTML), as evident in an add-on to Firefox and IE from Taco and Indiana University. The list is here.

But in general, media commentators have presented the “do not track” proposal as scare mongering based on false analogies to other privacy problems and possibly undermining the Internet as a the free speech engine that we value so much.

Thursday, December 02, 2010

House holds hearing on "do not track" proposal

Today the House of Representatives Subcommittee on Commerce, Trade and Consumer Protection held hearings on “’Do-No-Track’ Legislation: Is now the right time?” The link with PDF documents of the testimony is here.

The witnesses were Daniel J. Weitzner, Associate Administrator for the Office of Policy Analysis and Development, Department of Commerce, National Telecommunications and Information Administration, Department of Commerce
• David Vladeck, Director, Bureau of Consumer Protection, Federal Trade Commission
• Susan Grant, Director of Consumer Protection, Consumer Federation of America
• Joe Pasqua, Vice President of Research, Symantec Corporation
• Joan Gillman, Executive Vice President and President, Media Sales, Time Warner Cable
• Eben Moglen, Ph.D., Legal Advisor, Diaspora*, Professor of Law, Columbia University, Founding Director, Software Freedom Law Center
• Daniel Castro, Senior Analyst, Information Technology and Innovation Foundation

I did not watch or attend this because I was watching Senate hearings on repealing “don’t ask don’t tell” occurring at the same time (see my GLBT blog).

Mr. Weitzner, from the Department of Commerce, suggested that a nuanced balance could be achieved where consumers could set the amount or privacy control they needed, but suggested that most consumers might not want companies to know their buying habits (not too realistic for regular users of Amazon or Netflix).

Mr. Vladeck suggested industry certification standards.

Ms. Grant suggested that in the physical world, tracking, even “namelessly” would be perceived as stalking, as we sometimes experience it with strangers socially.

Mr. Pasqua compared spyware to adware, and explained that the sophisticated techniques for user tracking, while ethically acceptable in their own right, tend to be associated with imputed risks to security. He discussed “reputation based” security but suggested that a formal “do not track” list in analogy to “do not call” could be very difficult to accomplish technically. Mr. Pasqua also explained how a “do not track registry” could work. For one thing, advertisers would have to register their domains with the FTC, and browsers would have to communicate with this registry in some statutorily defined and regulated manner.

Mr. Gillman noted that the current advertising technology serves self-publishers (like me) who do not sell much separate content (other than books and probably film in the future, in my case).

Columbia University law professor Moglen did some Facebook bashing.

Mr. Castro said that many of the concerns about privacy are largely hypothetical, and that Internet advertising is very important to the economy, particularly in the current challenged environment; it has held up well, generating legitimate jobs, especially in IT, while many other industries have been hit hard by the recession. He called some of the thinking behind “do not track” proposals a kind of “fundamentalism.”

David Goldman has a CNN Money story titled bluntly “FTC ‘do not track’ plan would be a Google killer”, at this link. Browser tracking options could be designed in such a way that users unwilling to be tracked would see many fewer websites with “free” content.  Nevertheless, the company's stock rose by 1.3% today, as if investors either did not make the connection or believed that advertisers will be able to live and prosper in a "flexible" world where users can stop them from following.

Electronic Frontier Foundation appears to welcome the FTC report, perhaps with some hesitation.

Insurance companies tracking to set premiums?

Diane Sawyer covered the "Do not track" hearings on ABC "World News Tonight" on Dec. 2 and noted that sometimes insurance companies (life and perhaps auto and home, maybe even health) may be tracking people online (or getting data from other companies) and could use the information to raise premiums or deny coverage. If this is true, it's certainly a dark side to tracking that deserves regulation.

Another irony: Congress is looking at "do not track" even as the controversial "Boucher Bill" from the previous Congress dies with the inability of its author to get reelected this past November.



Update: Dec. 7

Check the New York Times story today by Tanzina Vega and Verne Koytoff, "In Online Privacy Plan, the Opt-Out Question Looms", link here. "Do not track" could be particularly harmful to smaller publishers, but some could decide to charge for content for consumers who don't want to allow tracking. But consumers might not be that interested in reading what newbies have to say if they had to allow tracking.

Wednesday, December 01, 2010

FTC issues report, loosely proposes "do not track"

Today the Federal Trade Commission (FTC) offered a “Privacy Report” as a “framework for consumers,, businesses and policymakers,” in which companies implement “privacy by design” and provide consumers the ability to know when they are being tracked for “behavioral advertising” and offer a usable “do not track” facility. The PDF report is called “Protecting Consumer Privacy in an Era of Rapid Change” and has link here.

The AP, in a story by Joelle Tessler, “FTC proposes 'Do Not Track' tool for Web surfers”, provides detailed analysis (which was reported by ABC tonight in summary) and says that the “do not track” concept is inspired by the “do not call” lists that have circumscribed telephone telemarketing. The link is here.

Again, the media seems unaware of Microsoft’s tool, and of the business model implications of limiting behavioral advertising.

The House will hold hearings on the matter Dec. 2.