June 19, 2006 | Suw Charman Anderson

ORG Update - what have we been up to?

Last year, over a thousand people pledged a fiver a month to help us set up the Open Rights Group - an organisation to publicise and fight for civil liberties in the digital world. So far, we have around 500 supporters who have been true to their pledge and are giving us a fiver each month. If you are one of those five hundred, thank you. That was enough money to secure our short term future and to begin laying the foundations for the group. But we don't have enough funding to achieve all that we set out to do. In the next six months, we want to expand the work that ORG is doing, and go beyond these first steps. If you haven't yet fulfilled your pledge to ORG, can I ask you to live up to your promise, and send us that fiver? Please become an ORG supporter, and one of the Founding 1000. We need your help to be able to expand and increase our campaigning power. What have we been doing over the last six months? Working on a shoestring and a part-time staff, we've still managed:

With your additional support, we'll be able to expand our work. This year, the UK is facing some significant challenges in the online world:
  • The criminalisation of many intellectual property rights infringements, in the form of the second EU Intellectual Property Rights Enforcement Directive. Accidentally using copyrighted or patented materials in your own work? Under IPRED, you could end up in jail.
  • The implementation of EU Data Retention legislation. Which ISPs are already storing your phone and internet usage on behalf of the police?
  • Pushes to extend the copyright term for sound recordings. Cliff Richard may be all for it, but we think it's bad for music and musicians. We'll be publicising the benefits of public domain, examining the dangers of term extension, and lobbying for the term to remain the same.
  • The introduction of Part III of the Regulation of Investigatory Powers Act, permitting the government to seize private encryption keys. Will it stop terrorists? Or will it just compromise your security?
With your help, we can work to shine more light on these issues, bringing them to the attention of the media, the politicians and the wider public. Please support ORG with just a fiver a month. Your promise is what will let us fulfill ours. But remember, it's not just your money that's valuable, it's you. To get more involved, please join the ORG Discussion list (sign up using the forms in the righthand sidebar) or visit the ORG wiki. And thanks again for your support.

[Read more] (1 comments)

June 19, 2006 | Suw Charman Anderson

Film censors want a stab at the net

The British Board of Film Classification want to have stab at classifying content on the net, a Sisyphean task if ever I heard of one. I couldn't agree more with Simon Davies:

Simon Davies, of Privacy International, which campaigns for freedom of expression, told The Times: “It sounds like the most stupid intervention since the registration of fax machines and photocopiers in communist China.”

Board of censors wants net classified - Times Online

[Read more]

June 19, 2006 | Suw Charman Anderson

Linux User

A few months ago, I started writing a monthly column for Linux User. The first one, Whose Net is it, anyway? is now up online. I'm not sure how long it will be there, or if there will be an archive, so get it whilst it's hot. And, for your delectation, an excerpt:

Just imagine. The sum of all human knowledge available at your fingertips via a desktop machine. In 1985, that would have seemed like a dream. In 1945 when Vannevar Bush posited such a system - the Memex - in his essay As We May Think, it would have seemed like magic. Yet here we are. With Google and a razor sharp search term, you can now access a significant portion of all human knowledge. Indeed, some would say that the World Wide Web has exceeded Bush's original vision: it's not just a repository of information, it's a communications tool that millions of people rely upon every day.

[Read more] (2 comments)

June 15, 2006 | Suw Charman Anderson

ORG on the BBC

The Apple/iPod DRM story seems to be a hot one at the moment. I've just got back from the Apple Store, where I did an interview with BBC journalist Sumant Bhatia. The segment will be on World Business Report on BBC World tomorrow morning, which BBC1 and BBC News 24 air at 0530. After that, it will be repeated on BBC World all day, which you can only get if you're abroad. You should be able to watch it online, however. ORG has had quite a few requests to be on the news, but until now all of the stories they would have wanted us to comment on have been dropped at the last minute. Nice to finally have a story run, though. UPDATE: Hah! Looks like they bumped me for Bill Gates. Still, nice practice.

[Read more] (1 comments)

June 14, 2006 | Suw Charman Anderson

ORG in the FT

In the UK, the Open Rights Group, another consumer protection organisation, has been lobbying MPs to force companies to open up their DRM. “If I buy a car I expect any brand of petrol to work in it. Consumers are starting to see that they can do less with the music they buy,” says Suw Charman, executive director of the group. Crunch time for Apple’s music icon
Props to Cory for the 'do less with' line, which always seems to make the point beautifully.

[Read more] (2 comments)

June 13, 2006 | Suw Charman Anderson

Cryptography and fallacy

The Times has an emotive piece on the implementation of Part III of RIPA, the Regulation of Investigatory Powers Act, which demands that people hand over their cryptographic keys.

The internet has transformed life for billions, making the once time-consuming swift and the once complex straightforward. Unfortunately the beneficiaries include paedophiles who now have a frighteningly easy vehicle with which to peddle the most depraved and exploitative material that would turn the stomachs of those unfortunate enough to come across it. The advance of computer technology now makes it cheap to render such material inaccessible, even to experts in software code-cracking. This is a problem that directly affects the safety of Britain’s children.

Punishing silence - Comment - Times Online

I'm always suspicious of overly emotional pieces like this, because they're full of logical fallacies which are designed to undermine rational argument. The first I spotted is called 'argumentum ad metum', which is Latin for 'giving you the screaming heebie-jeebies' - you can see it in that last sentence about 'the safety of Britain's children'.

There's also a hefty dose of 'argumentum ad odium', which is all about appealing to your hatred of, in this case, people who do nasty things to children. Yes, paedophiles are depraved and exploitative, and yes child pornography would make your stomach turn. But the reason for including that sentence is not to provide you with information, but to whip up your hatred of paedophiles.

The question is not 'are paedophiles bad?', but 'should people be forced to hand over cryptographic keys, and punished when they do not?' By reframing the argument as if it is only about paedophiles, The Times evokes an emotional response that 'yes, paedophiles are bad, so yes, we should have legislation that forces them hand over their keys.'

They fail to consider that of the people using cryptographic keys, paedophiles are in the minority. This is a logical fallacy of it's own called 'secundum quid', which is when you make a hasty generalisation based on a small and unrepresentative sample. The paedophiles are presented as the general problem, and the author ignores all other types of people - such as business people - who use cryptographic keys.

As Ian Brown says, it seems that the Times has had a briefing from the Home Office, resulting in this rather slick paragraph:

Punishing silence is a dangerous concept and should be rejected in all but severe cases. But the consultation paper circulated by the Home Office sets out the hurdles, designed to protect the innocent, which prosecutors would have to jump. For a suspect to be charged and face a prison term of more than two years for failing to unlock computer files, he would have to be a convicted paedophile; his computer would have to contain indecent pictures of children; or there would have to be evidence that he had communicated the encrypted information to someone else. The court would have to be satisfied that the encrypted data was likely to contain illegal images of children. The battle against paedophiles, like that against money-launderers, has been made more complicated by the internet. It is reasonable that law enforcement acquires stronger powers to fight back.

Of course, it's not just paedophiles... it's obviously money-launderers, and before you know it, it will be anyone they fancy. That's what you call 'mission creep'.

(And there you might accuse me of committing the logical fallacy of 'the slippery slope', where you imply that one step in the wrong direction must, perforce, lead to disaster. But when you have a point of principle at stake, then examining the wider ramifications is not a slippery slope argument. The point of principle here is, Should people be forced to give up their cryptographic keys? and if you concede Yes, then any community of cryptography users is at risk and it's fair game to point that out.)

There are a bunch of other fallacies used in this piece, and I'm not even an expert fallacy spotter yet.

'Argumentum ad modum', a call for proportion: "It is reasonable that law enforcement acquires stronger powers to fight back."

'Shifting the burden of proof', which runs through the whole of the article, and says 'prove why we shouldn't demand cryptographic keys' or 'prove that these files aren't evil', rather than proving why we should or why they are.

'Petitio principii', which is basically where your conclusion is the same as your argument, in this case it's that 'police should have access to cryptographic keys because they need to access cryptographically concealed computer files'. This one is quite well dispersed, but it's there in the first paragraph: "Mr A was caught trying to procure a 10-year-old child for sex. Police found in his possession a number of computer files. They almost certainly contained illegal images and further damning evidence. They may also have contained clues. But officers were unable to read them because they were encrypted."

Finally, we have 'half-concealed qualification', a limited claim which is expressed in an inflammatory way so that you don't hear/see the disclaimer: "In recent years, police investigators have run up against encrypted data with increasing frequency. Even if they succeed in getting into protected files, they may be unable to comprehend the contents without a second key. This is more than frustrating when a suspect is in custody and the clock is ticking until he must be charged or released. A dangerous man could be allowed home." In this section, the 'increasing frequency', 'clock ticking' and 'dangerous man' undermine the 'may' which qualifies the existence of the putative second key.

For more on RIPA Part III (which sounds an awful lot like the last installment of a slasher film trilogy), take a look at Spy's blog on the Home Office Consultation, and for background see FIPR's RIPA Information Centre.

[Read more] (1 comments)

June 13, 2006 | Suw Charman Anderson

Denmark, Norway and Sweden put pressure on Apple's iTunes

STOCKHOLM (AFP) - Denmark, Norway and Sweden plan to force Apple Computers Inc to break the exclusive link between its iPod music players and online iTunes store.

The three Scandinavian countries have decided to take iTunes to their respective government mediators, or ombudsmen.

"iTunes' terms and conditions are illegal in all three countries," Swedish Consumer Agency spokeswoman Marianne Aabyhammar told AFP Friday.

Scandinavia pressures Apple's iTunes - Yahoo! News

(Just trying out Flock to see if I blog more news this way... if you see a sudden rash of news stories, that's why!)

[Read more] (1 comments)

June 05, 2006 | Suw Charman Anderson

Launch of the APIG report on DRM

Last year, the Open Rights Group submitted evidence to the All Party Internet Group's public inquiry into digital rights management (DRM) after carrying out it's own public consultation into questions raised by the call for evidence. In February this year, ORG gave oral evidence to the APIG inquiry, giving a concise statement regarding ORG's position and answering questions from Derek Wyatt MP, Ian Taylor MP and the Earl of Erroll.

This morning, at an event organised by the IPPR and hosted by the British Library, APIG launched their report. The 30 page report can be downloaded as a PDF from APIG's website. For those of you with a shorter attention span, here is the official report summary as provided by APIG's secretariat.

The inquiry's key recommendations: 1. A recommendation that the Office of Fair Trading (OFT) bring forward appropriate labelling regulations so that it will become crystal clear to consumers what they will and will not be able to do with digital content that they purchase.

Thinking behind the recommendation:

There was considerable consensus on the principle that consumers should be aware of what they are purchasing.

Not surprisingly, the consumers were in favour, but other respondents were as well. For example, EMI told us "consumers should be aware of the precise terms of the package of rights they have paid for by proper labelling or other explanation" and Intel said "consumer notice requirements in connection with content protection and DRM are not only appropriate, but will in fact help drive both the deployment of new business models and consumer acceptance of content protection and DRMs generally". In the long run, 'media literacy' will ensure that consumers understand what they are purchasing and what they might reasonably expect to be able to do with digital content. In the meantime, the evidence we received suggests that extensive labelling is essential.

2. A recommendation that the OFT labelling regulations we propose, should ensure that the risks are clearly spelled out, at the point of purchase, whenever consumers could lose access to digital content if systems are discontinued, or devices fail, or players are replaced by systems from a different manufacturer.

Thinking behind the recommendation:

One of the issues that we asked respondents to comment upon was that of Technical Protection Measure systems being discontinued. Although this will seldom cause a work to disappear altogether, it can have significant impact on individual consumers who find themselves with content that they can no longer enjoy. Even where the manufacturer stays in business, there is still an issue of being 'locked in' to particular technologies, even if other offerings are more attractive or less expensive. As an example, once someone has purchased a great deal of protected music for an iPod then if their next player is not manufactured by Apple then this music could become inaccessible to them. There are currently practical (albeit, not necessary lawful) ways of addressing this problem for iPods, but this may not be true for all formats.

3. A recommendation that OFCOM publish guidance to make it clear that companies distributing Technical Protection Measures systems in the UK would, if they have features such as those in Sony-BMG's MediaMax and XCP systems, run a significant risk of being prosecuted for criminal actions.

Thinking behind the recommendation:

Shortly before our inquiry was announced it was revealed that Sony-BMG had shipped millions of CDs in the United States with two extremely problematic copy-protection systems

[Read more] (4 comments)