October 12, 2006 | Suw Charman Anderson

Parliament and the Internet: William Dutton

William Dutton, Director of the Oxford Internet Institute, Social dynamics of the internet This conference is focused on the future, and we wanted it to be evidence based, so thought to identify some patterns and themes in internet use, which are shaping the future of this emerging cyber-infrastructure. Who uses the internet? How to people use it? What level of trust do people place in the internet, and why? What at the key implications? Oxford Internet Surveys (OxIS) done in 2003 and 2005, going out again in 2007 cross-sectional surveys, i.e. new section of people each time. vs panels England, Scotland, Wales Face to face, interviews Response rate: 66% in 03 and 72% in 05. Part of World Internet Projects, data put in pot with 22 other nations. Who uses the internet? Who does not? Internet has become central in 2001, people thought the net was 'new'. Even in 01 people thought it was a fad. But 60% of britains are online. Was a new tech, but now has become an invisible infrastructure to many homes. It's being taken for granted now. New stage of development where it's central, and a cyber-infrastructure. UK is doing well, but not as well as many Scandinavian countries, but digital divide is an important issue, particularly in countries like China where only 7% are online. Important to realise that diffusion of the internet has plateau'd at 60%, and this has happened in other countries. Bumps up against limit, such as number of PCs in the home. Getting to the next level of diffusion is important. Broadband has diffused rapidly, so 70% of households with the internet are broadband, and soon that will be 100%. So this plateau is more significant because broadband allows increasing integration into every day life, but those without internet get no benefit of that. Education is related to having the internet. Note - 'internet use' means anywhere, home, country or school, but the prime place to use it is at home. Education, income related to use of internet. Access via mobile devices also linked to income. Thus reinforces existing social divides. Richer people have more access. Not just about digital divide, but also digital choice. People who gamble on line: younger men with full time jobs, i.e. risk-taking demographics. In a way, early internet use is a risk-taking activity, so in a way it's a choice. Higher income, job, educated are more likely to take the risk of going online. Even in households with broadband, some people choose not to use the internet when it's there. Non-users don't use because they're not interested. Building infrastructure is one thing, but building interest is another. Cannot explain age patterns via socio-economic divides. So all kids use the internet, but only 30% of retirees use the internet. Younger people think the internet is more interesting and important than older people. This is a worldwide pattern. Age is more important than gender divides. Factors: - cohort, what tech was there when you were growing up - life stage - ageing, e.g. eyesight, memory, stiffer fingers - design, computer industry not targeting older people Kids use computers in three or more locations: home, friends house, school, cafe, etc. Older people use it in one location. People who have 'always on' broadband capability, older people tend to actually turn it off, younger people leave it on all time. Again, a generational issue. Multitasking, as you get older it's harder to multitask, but almost all computer use is multitasking. How do people use the internet? Gambling was the lowest use of the internet, but checking email and product information online was the biggest. But lots of heterogeneity. Factors Entertainment, captures most of the greatest degree of variance Information Banking Learning, looking up words or facts Communication, email, IM etc. one of the most common things we do, but doesn't discriminate among people Planning, e.g. travel plans. Communication - 92% use email. Entertainment - more divided, e.g. 50% download music, but the rest don't. Those with higher income use the net more functionality to access information; the more expertise you have the more you use it for information. Oldest and youngest don't use it for getting information. Idea of a knowledge society or information society is wrong - just because kids use the net doesn't mean they are accessing information. Use of information to get health info is mainly people of a working age. Younger people use the internet for entertainment, but not for info. Slight uptick in oldest age group. Gender divides, males u se the internet more for entertainment than female, who use it more for information. Internet does not realise its potential for UGC. Very low proportion, 18% or less, use the net for blogging, pictures, discussion/meassage board, but this was 2005. Maybe more now. 5% keep a blog. Most people use the internet passively, not actively. Do people trust the internet? Is trust declining? Two issues of trust. - Net confidence: reliability f information on the net, confidence in people running the net, people you can communicate with on the net. - Net risks: perceived risks ot privacy, security of information, accurately judging quality of products. Non-users say they don't know if the net is reliable. But users have an opinion. Non-users are most sceptical, but users and past users are more positive about the reliability. Internet is an experience technology. People have to experience it to understand it. More experienced users have different attitudes. Not the case that people who have trust in the internet do not necessarily trust all over tech. Broadband users people trust internet about as much as TV, but more than newspapers. More experienced and more educated people are, more people trust the net. Bad experiences. Many people have had bad experiences, and the more bad experiences you have the less you trust the internet. So more experience = trust; back experience = loss of trust, so a bit of an arms race there to see which will win. People think the internet is more reliable in 2005 than in 2003. And have more confidence in the people they meet, and in ISPs. People trust people they meet online a bit less than other people from your country, but it's gone up since 03. People perceive it to be more powerful now, and people who've not used the internet now are less likely to be sceptical and more likely to say they don't know. Different patterns of use. More experienced people use the net differently to beginners with less than 1 year's experience. So what? Lots of opinions as to what all this means. Utopian vs dystopian, substitution, dual effects, reinforcement, reconfiguring access. Internet has a transformative impact that's not deterministic in the long run. Internet reconfigures access, e.g. where would you go first if looking for information on, an MP... people first go to the internet. Taxes, second place, planning a journey, first place, for books, visit a website is second, local schools, internet is major source of information Changing how we go about getting information. More dramatic if you pull out age groups. Younger people, 56% would go to the internet, 8% would not. Also changes what you read, what information you get. Asked what newspapers you read online that you don't read offline? 20% of users find info online they don't find in print. 20% met people or made friends online and this is a pre-social networking phenomenon. People meet these people offline too. Also make friends online that they never meet. As people get more skills, they meet more people online. People who use the net more meet more people. So as it becomes a more central infrastructure we'll see more people meting more people online. And this refiguring will change the way that people learn - more people having more access to more learning. Politics - how will politicians react to bloggers? Across every sector, it's changing not just the way we do things but also the outcome. Major challenges: - addressing socio-economic digital divides - countering digital choice - focus on patterns of consumption and production as well as adoption - creating and maintaining a learned level of trust in an experience technology - strategically reconfiguring access to you and the world

[Read more] (1 comments)

October 12, 2006 | Suw Charman Anderson

Parliament and the Internet: Jon Gisby, Yahoo!

In UK: 26 million people online 20 billion minutes a month >20% media consumption time But big disparity in behaviour: for one part of the day it's the major source of news and entertainment. In some households, the internet is the dominant entertainment medium in the evening too. Total advertising market growth is 2.5%, but internet advertising growth is 65%. Ad revenue, internet is half the size of commercial TV in terms of size. For subscription revenue is about half what the UK is paying for pay TV. Numbers growing. Biggest number of people search. Biggest time spent is on shopping. Biggest amount of time per person is gaming. Communities and email are next biggest time spent. Big explosion is 'user generated content', the ability to participate, to share. Not about one-to-many, but about one-to-one and many-to-many. What does the UK long tail look like for brands? (Note: sites, not brands.) Top sites Long tail is enormous. Top sites are in the 20 million people, but the 5000th is 25,000 people (although margins of error quite large in long take stats). Lots of the top sites are media sites: BBC, Lloyds, Tesco, HSBC, Barclays, Miniclip, Blue Yonder, Guardian. Public sector don't do too badly, MI5 is 602th, NHS is 44th, Dundee and Leeds must be doing something interesting because they are engaging 100,000s of people. Voluntary sector, millions of people a month going to those, although they start at Cancer Research 586th. Politics, pretty poor, House of Commons is 957th, next is TheyWorkForYou at 4177th, but the political parties are far further back, Labour at 5011th, Liberal Democrats at 5012th, Conservatives at 5207th. Ability to communicate with audiences is an opportunity. [I cut out the sales pitch regards Yahoo]] Moving from models where the power is in being the gatekeeper, to a model where there is limitless distribution and production in a global market. Scarcity of attention is the biggest problem they have. Lots of innovation and fluidity in business models. What's next? Broadband growth, competition and investment in services, media literacy. Policy needs to be evidence based, not based on our own behaviour and extrapolated but actually look at what people are doing. Needs to be future-focused. Some markets are moving at an amazing speed, so have to think about where things might end up, but if you extrapolate too far you might stumble. Open competition whilst managing transitions - many sectors are going through a transitional period and how we manage and incentivise whilst protecting what's public is a real challenge. Need the right policy mix, can give communities and individuals the tools to regulate themselves. Find the right balance between user empowerment and protection. If you try to control people, tell them too much what they can and can't do you'll get robust opinions, but need to balance this with a large part of the population who need protection. Tom Steinberg asked if it was within Yahoo!'s remit to build democratic tools such as those of MySociety, but Jon Gisby responds that they feel it more important to create all-purpose tools such as discussion groups that can be bent to the will of those interested in democracy.

[Read more]

October 12, 2006 | Suw Charman Anderson

Parliament and the Internet: Plenary discussion round-up

Synopses of the discussions held earlier. Derek Wyatt MP, Considering the issue of internet governance Most of the world governing bodies came out of WWII. Are they appropriate for a 21st C globalised world? If we discuss how we look at he net, is where it is right now currently appropriate. Is WSIS the right place? Or should it be the WTA but the WTA is falling over. And the net can undermine them all anyway. WSIS in Tunisia was really about ICANN, and the discomfort with America's hold on it. But in places like the Middle East where they have no search in Arabic, they get understandably frustrated. [Google then corrects they have Google Arabic search and can do page translation although that's in beta. Some of the problems are that it's an intricate language to translate and potential for misunderstanding is great, so volunteers provide feedback on translation which is why they are beta.] Three areas to consider: regulatory centre which seems to work well; internet user behaviours like gambling and porn and which is the most appropriate way to deal with them; and non-internet issues like copyright and DRM. Old paradigm was the telcos were run by government and geographically constrained, but hankering by government to bring internet into that paradigm. That was part of the issue at WSIS, that politicians don't like not having control. Question about whether America is driving policy by default, e.g. by trying to turn the net into another TV channel, by clamping down on things like gambling. But would the UK be good at being a centre of light-touch regulation. Question: do we need a new body? Exiting organisations like G8 and UN are no good if they take 3 years to come up with a policy. It's like ISO taking so long to ratify standards that business have already adopted. Internet is going to be pervasive and need to look at socio-economic impacts. Internet Governance Forum, point is to get a bit closer to the users and create a multi-stakeholder discussion. Need to keep track of pace of change. How can any regulator hope to keep up? To manage the era we're in needs a fresh look at the institutions. In terms of child protection issues, for example, is getting credit card companies to work more closely with child protection. But some issues in the ether are going to be very hard to manage, and the idea that there's a quick fix at the UN is wrong, because it takes one rogue nation to make it impossible to enforce. The issue is to chase the money, because that's where you can have an impact. Around child porn and child safety, there should be controls. And in this country we've been very successful with the IWF. But what mechanisms could be used internationally, so that we can extend good practice in this country out to other countries. Following the money has been one way to deal with this but there's a range of issues we need to deal with. One of the disappointing things APIG found in the US is that they use the First Amendment to say 'We can't do anything' about child abuse. But can we do something? Every country accepts that child abuse is wrong. How you try to get organisations and countries to subscribe to dealing with it has to be done on a case by case basis. The solution that doesn't work is when you try centrally to resolve the issue because you're left still with an awful lot of questions that need to be addressed. It's an awareness raising issue, a following the money issue, it's tackling the crime. When people start coming aware of the things you can do, and the mechanisms you can do, you're in a better position to get people to sign up to address those issues. The US is actually starting to recognise that they can start doing things about it because they have a mechanism that allows them to do it. As a consequence of the voluntary approach to blocking child porn, America have now agreed to follow our system and IWF provide that data to US ISPs that aren't already getting it. The model is being picked up in many places, and interest in the IWF is outstripping their resources, e.g. China and Japan interested in it too, and trying to get head round self-regulation instead of legislation. Alun Michael MP, Security and eCrime Alun Michael has taken on chair in EURIM on ecrime. Today's session was short, just a taster of what will need to be talked about in developing parliamentary understanding. Tension between benefits of freedoms and opportunities of internet, and the vulnerabilities, security risks etc. Have gov't buildings secure if people are unsafe on the street; online equivalent of a fort, where the barons are secure but the peasants are at risk. What happened to HO strategy on ecrime? Need ecrime to be demystified, it's not virtual crime, but real crime with real victims and real damages. Is there a need for legislation on encryption? Is it reducing opportunity? Need education not awareness, because awareness is too skimpy. Have to give people knowledge and the tools to do something about it. Security and a false sense of security are not too far from each other. Too much security can be problematic at the moment. Going forward there are major issues, many industrial, some parliamentarian. People fear internet crime more than mugging or car crime, they think it's more likely to happen. 40% thought big online organisations should insure users against fraud. International co-operation, not just to take down the criminals but to follow the money and find allies. Take civil action where it's most effective. Need to get away from the idea that 'there ought to be a law about it'. Quote: Laws rarely prevent what they forbid. Need to look not just at what you can prosecute, but how can you create an environment where you can protect those who deserve it and make it hard to make money by illegal means. My question: Where do victims report ecrime? If someone steals a sword I've created in an online game which has real value, both in the game and offline, where do I report that? Local police are not going to be interested. Guy from Tiscali talking about getting intelligence about illegal operations, but had no one to report it to. Who deals with acting on this information? Every stakeholder needs to do what they can, but we need to know what that is. Need specialist departments for specialist crimes. Have set up help lines for children concerned for what's happening on the net. So crime that involves a financial action is different from one that results in a physical crime. Can't imagine we have one crime agency. Getting into the heart of the discussion that needs to take place. Need to have the police involved, along with industry people, because that's the only way to get a capacity for parliamentarians to take intelligent action. In terms of reporting, it's huge, and we need to be clear about what expectations are. With child abuse, there are important lessons to be learnt, (but not inappropriately translated to areas of crime where not appropriate), is about actual physical abuse. Success of partnership on child abuse, police would never have had resources to work on online child abuse on an investigative basis. But the take-down regime doesn't work for, say, fraud. Specialists on ecrime is tricky. Do you separate e-fraud from e-abuse from e-security? You need expertise but you need it linked into the mainstream, yet must not go to lowest common denominator. [Although I didn't hear an answer for exactly where I would report an ecrime, such as the theft of my virtual sword.] Mark Gracy, ISPs in the content driven era Short debate. But three key areas: - why should ISPs have mere conduit - perhaps they could do more - is mere conduit the only problem? Why do ISPs have mere conduit status. It drives innovation, social/economic development. without it, no protection for ISPs for content they can't control. If it was lost there'd be no innovation, no growth. If ISPs have to control traffic, then that's added cost and could fall back onto consumer. Should ISPs be doing more. Public expectation that perhaps they should. They appear to have the means and the technology to control traffic. ISPs should also be a bit more proactive in the messages they are giving out, how things work, what the implementations of some technologies actually means. Should be more responsible for their services, perhaps a need for an understanding of the issues. Has to be everybody involved, not just industry, but end users too. Ask infringers why they are infringing not just make assumptions. Is mere conduit the only problem? Other bits of legislation get in the way, on IP front, ISPs control the network and have the customers, and have to protect their customer data because of Data Protection act. So we need to look at other bits o legislation. Are ISPs hiding behind mere conduit and not doing things because they don't need to. Should they do more? But if they start saying 'we can do this for this area of this issue' that the floodgates might be opened. Implications. Are different attitudes across the world, even within the EU. Not enough time to debate in enough detail but still an argument that IPSs is that we do need mere conduit status, it's very important. Some people have issues around the way that ISPs approach types of content and they want something done. But everyone needs to be involved. MS guy talks about parental controls. Should ISPs take out insurance against the problems they face, the way that financial companies do against fraud. Can't be purist and say that ISPs have no responsibilities. If a postman knows there's a crime being committed, he has a moral and legal obligation to report it. But the ISP industry needs to be very careful with their language, if they say 'we are only a pipe', then people draw parallels with other conduits and say 'no, there are responsibilities'. If one as a network provider one takes legal advice, the advice has come back 'don't look too closely because if you do and you see things, you are liable'. If one wants to be a responsible provider, it's not a good position to be in. Close to issue on confidentiality, and we need to create new boundaries. Lots of work is being done on parental controls to help people understand them, Kite Marks, going into schools and helping children understand the issues, etc. Everyone has a part to play. Internet remains a good thing for peopel to use, but we need to make sure people understand what it offers and how to protect themselves. Liability for internet is codified in the ECommerce Directive, and you have the mere conduit status, and limitation of liability for hosting and caching, for which the test is actual knowledge of illegal things, and that you act expeditiously to do something about it. But it's not clear that that exactly means. Should ISPs be deciding of content actually is illegal? Is that not for the court? For defamatory material, they have to ask lawyers if the content bares defamatory, not is it defamatory because that's the court's decision. Customer also has freedom of speech. Yes, do need insurance so if ISPs do get sued, they claim it back. Or have a clearer notice and takedown methodology. What is 'actual knowledge'? What is 'expeditious'? How do we trust the complainant to be telling the truth. Can cite lots of cases where the complainant has got it wrong. But just because the complainant is well known, say, does not mean that their customer is breaking the law. Important that ISPs have the mere conduit protection, and this is not wiping our hands of the issues, and ISPs do act responsibly, e.g. having acceptable use policies, working with IWF, police, etc.

[Read more]

October 12, 2006 | Suw Charman Anderson

Parliament and the Internet: ISPs in the content driven era

So I'm here at the Parliament and the Internet Conference, which is being held at Portcullis House and which has been put together by the All Party Parliamentary Internet Group (APIG). There are some 200 delegates here, and the day looks like a very intensive examination of a whole number of issues around the internet. The first session is about ISPs' 'mere conduit' status as set out in the EU ECommerce Directive and affected by the Terrorism Act, and what their role and responsibilities should be in what they are calling a 'content driven era'. Note: There are many speakers and I have not indicated who said what as it's just a bit too difficult to keep track. 'Mere conduit' status means that ISPs are not responsible for the traffic going over their network when they are not aware of the content. Copyright material, for example - if an ISP is hosting infringing material then they can be put on notice and must remove that material. The ECommerce Directive doesn't go into what the methodology for notice and take down should be. Another example is P2P. ISPs act as intermediaries between user and content, they don't host it. They are 'mere conduit's. Arguments: rights holders need to be able to pursue infringement, and as the ISP 'has the power' to pull the plug on hosting and traffic, then they should do more. We've seen lawsuits against P2P infringers, and different ISPs react differently to notices. Issues around how copyright is affected on the internet. Broadband take-up is being driven by illegal downloading of movies and music etc., and the content industry is pushing for action on this. But issues around losing 'mere conduit' status, it could be damaging as people will route round the problem as if ISPs start blocking content then there will be other ways round it. Without 'mere conduit', ISPs face legal action over traffic that's outside of their control. Could drive ISPs out of business or drive customers out of the EU to ISPs based elsewhere. The issue of justifying the status: it's great for ISPs to have mere conduit, but why should society grant that status. Key reason is the innovation argument. 'Mere conduit' says that ISPs are not liable for traffic that goes over their network. If ISP did have liability, they would have to ensure they were protected through some means? How would ISPs implement that? They would have to make judgements about whether traffic is good or bad (or unknown). Unknown traffic is all the innovation, all the stuff the ISP hasn't seen yet, some guy's knew project, that would be seen as 'bad' because you can't judge what it is. The protocols that make up the traffic were created after the basic internet protocol, in 1980. Email was then invented... then the web, IM, voip... lots of new things that have been invented which could never have been predicted. Do we want to freeze innovation where we are now, and say 'everything that can be invented has been invented' and stop development. Or do we want to support innovation? The original rationale for mere conduit was linked to the notion of the internet as a common carrier. The idea of a platform lie the Post Office who create an opportunity for any-to-any communication. Once you start interfering with the mere conduit principle, you end up on a slippery slope that moves towards a walled garden approach where any-to-any doesn't exist and you undermine the whole social and economic value of the platform. A bit more about complaints. The originators of the complaints only have the internet address of where the content is, and only the ISP can match that address to a physical name and address. There is a data protection issue here too - ISPs will not give out that name and address without a court order. They have a duty to protect their customer's data. At an EC level it's difficult - attitudes are different from country to country. The challenge is obvious, it's the balance between this concept of mere conduit, which in a way is intuitive, with the genuine concern of IP rights holders. Or if we look at security matters, and want to make the internet safer, what responsibility shoudl ISPs have? That balance is key for policy makers. Internet is still new, so we shouldn't jump to conclusions. It's still developing rapidly. DTI might say that we should try and find solutions that all parties agree with. [But this speaker, Jean-Jacque Sahel from the DTI ignores the public and rules out 'those people who infringe copyright'.] I brought up the issue that the public/consumers aren't being involved in this conversation. Mr Sahel challenged me to say 'should the infringers be part of the conversation' to which I would argue, yes, absolutely. If you don't know why they infringe, how can you tell if you are moving towards the right policy? The aim, after all, is to bring everyone into the fold, and ignoring those who infringe does nothing to help create a climate in which it becomes easy for them to change their behaviours to more law abiding ones. Also need more of a dialogue between the public and ISPs about what the public expects. In many ways, we have to ask what the ISPs should be doing, and what should be done. It's more 'something should be done', and we have to ask who should do it? Society at large should also be involved. Businesses, in a matter of self-interest will find ways around problems, but with the TV Without Frontiers Directive, it will undermine their ability to do that. Better to have a self-regulatory regime that allows companies to publicise their conformity with a set of objective standards than to have a set of legal rules that apply in principle to all providers but can't be effectively enforced. The advantage of a self-regulatory regime is that it would allow consumers to make informed choices. More than price and business model. The Adelphi Charter makes the point that extending IP law does no one any favours. But is data protection a bigger problem than extension of IP law? Yes, Data Protection Act is currently more important to ISPs than the ECommerce Directive. Public has an expectation that ISPs will take action about security, abuse, spam, etc. One of the problems of this IP debate is that it detracts us from working on more important issues that feel into this debate, such as detecting zombie computers. Is attempting to locate zombies going beyond the mere conduit? These are things we want to do but fear opening the floodgates. The Government expects ISPs more and more to do things that are not in 'mere conduit' status. With abuse, customers are increasingly expecting ISPs to be involved in their own computer security which requires inspecting traffic. Just looking at copyright root is restricting us from looking at other issues and their implications. Need to do a better job of telling people about the good work ISPs are doing, but in some areas if we are not doing good work politicians will want to act. We can achieve more without punitive regulation. Self-regulation is important, and child-saftey is at the top of that. We have a good story to tell about that and we should. Need to ensure that people understand parent control and how to use it. It's a challenge we have to rise to, and we need to talk about it more so that we can avoid regulation first. Have to think about how we present our position to politician. Unfortunate that we aren't talking more about content. ISPs use mere conduit to hide behind for illegal content, whether it's pornography or infringed copyright. Illegal content does us no good. I was hoping we'd have a discussion about what ISPs could to to help. In response, have to review the point about business models. There's limits to what you can achieve with legal action. Just to be a bit controversial, I remember a discussion with music industry representatives and I was told 'there guys are breaking the letter of the law and destroying your business, why don't you sue their arses off?', but no business model has a divine right to exist forever. The reflex is always to try to use the law rather than develop new business models that work with the grain of reality, and that's a problem. There is perplexity in the current policy debate, between ISPs status of mere conduit and their ability to actually manage traffic. Some would argue their ability to manage traffic should be constrained by some sort of net neutrality legislation. In the US at least, it is the ISPs who say they need to be able to actively manage traffic, and the activists say that's inappropriate. So is there a tension between ISPs saying they need to give priority to some traffic and not others, but at the same time saying they are mere conduits. Rights holders say ISPs have the technical ability to pick out, say, P2P traffic and x% is infringing so why not block it. But if that was a bill in front of Parliament there'd be a vigourous debate. Copyright is important, but at the same time blocking of innovation or outlawing of technologies which have uses which are illegal - P2P is not *inherently* illegal. So which considerations outweight the others? But it's not for BT or other IPSs to unilaterally block P2P traffic. The damage to us would be huge, it's nothing to do with the money we make out of P2P traffic - we actually don't make any money out of it. That's a claim that's made, that we have a duty to do something because we make money. But the minority heavy users cost us money, they don't make us money. Also, you can't directly import the discussion from the US to the UK of net neutrality. It arose in the US out of the specifics of the marketplace. That gave rise to specific legislative proposals which caused concern, so I don't think there's a direct comparison. No conflict between differential pricing, say, and mere conduit. So long as you have a possibility for any-to-any communication then there's compromise of mere conduit status. Murmurs around the table afterwards were that the discussion had been oversimplified. It's not just about rights holders and ISPs. It's important to remember, after all, that law is here to protect the public good, not to protect business models, and this discussion appears to be mainly between those parties with the biggest sticks.

[Read more]

October 12, 2006 | Glyn Wintle

Making, supplying or obtaining articles for use in computer misuse offences

Some very well informed, entertaining and persuasive arguments were put forward in the House of Lords yesterday in a debate on 'Making, supplying or obtaining articles for use in computer misuse offences'. Its not often that you here the phrases "script kiddies" and "code monkeys" in Parliament.

Yes, we are once again talking about the proposed amendment (to s42 of the CMA 1990), which criminalises making, adapting, supplying and offering to supply a program that is likely to be used to commit an offence. Although the original amendment has been improved to 'offers to supply a program that is likely to be used to commit an offence', giving coders less cause for concern, the amendment remains fundamentaly flawed.

The many long and very readable speeches are reproduced here, but for those of you only skimming here's Lord Lawson of Blaby giving one succinct argument.

I am concerned about how this wording will be interpreted. It is clear that anything—whether it be a fast motor car or what we are talking about in this debate—that can be used for a malign purpose is likely to be used by someone of evil intent for that purpose. The wording of the Government's amendment is,

   "is likely to be used",

which means anything that is capable of being used. That goes much further than this House should be comfortable with. I hope that the Government will therefore give it consideration. With this amendment, they seek to narrow the conditions, but they are not narrowing them at all. Another look at this is warranted.

Lord Lawson of Blaby - House of Lords debates - Police and Justice Bill - 10 October 2006

The government apparently see nothing wrong in overly broad laws that criminalise activities the vast majority of computing professionals believe should be lawful. The Earl of Erroll summed up the Home Office's attitude as "Well of course we won't chase the good guys. We won't go after them. We are only after the bad guys." If you're not sure why that's a flawed argument have a read through some of the speeches. Why bother with laws and courts at all, if we can trust the police will only go after the bad guys?

[Read more] (1 comments)

October 11, 2006 | Michael Holloway

Draft submission to EC Consultation on 'Content Online in the Single Market' - comments welcomed

Thanks for the comments on our draft. We made the submission - duplicated here on our wiki - in good time.

We're posting this to give Supporters an opportunity to review and comment on our draft version. The deadline for submission is this Friday, the 13th October.

1. Introduction to the Open Rights Group Open Rights Group is a not-for-profit advocacy group which works to raise awareness of digital rights issues in the UK and Europe. A supporter-funded group, ORG connects journalists with experts, organises campaigns and engages with government consultations on behalf of its supporters and the wider public.

2. Comment The views of all stakeholders in the information society should be taken into account when forming policy. Broadening your consultation to stakeholders outside the private/corporate sectors is an important step which we fully support. While all stakeholders agree that copyright is of growing importance in the development of the information society, it is paramount that all affected parties, including the public, have adequate opportunity to convey their views on the development of copyright law and policy.

Policy should result from a combination of subjective surveys and empirical research. Policy must not be based solely on the opinions and reports produced by those who have vested interests, but should instead be a product of independent empirical research. Where empirical research is commissioned, results must be acted upon even if their recommendations might be unpopular politically or with industry lobbying groups. We must not follow the example of the Database Directive review where damaging policy was allowed to stand because it was easier than changing it, but rather show the responsiveness to broader stakeholder interests as seen with Software Patents.

We highly recomment that you follow the recommendations of the RSA's Adelphi Charter when considering reform.

3. Specific concerns 3a. Licensing, rights clearance, right holders remuneration It is becoming increasingly common for rights holders to use contracts and contract law to bypass copyright law, using overly restrictive licence agreements to prevent the public from exercising their fair dealing rights. This effectively extends rights holders monopoly control beyond that granted them by copyright law and, in some cases, diminishes the public domain.

* Licences, rather than contracts of sale, are emerging as the key transaction method in the digital environment. The majority of these licences deliver fewer access and copying rights than are available under existing copyright law.

3b. Networks We fully support the concept of 'network neutrality', which maintains low barriers to entry, provides unfettered access to lawful content, and promotes competition. We should be very wary of any legislation which might allow network operator to profit from discriminatory practices, particularly as network neutrality is already embedded in the concept of 'mere conduits' as enshrined in the ECommerce Directive. Like the Single Market, network neutrality has allowed small publishers and businesses across Europe to reach a wider public thus avoiding media hegemony. It must, therefore, be protected.

A number of undesirable outcomes may result from an end to network neutrality:

* Anti-competitive behaviour, where network operators implement exclusive or preferential deals, or use the tiered system to unfairly promote own-brand content. * A skewed market that favours larger and better funded content providers, inhibiting local diversity and innovation. * Increased costs for consumers, because content providers inevitably pass on surcharges to their customers. * Increased consumer confusion, because broadband users will experience varying response times in a tiered system.

3c. Piracy and unauthorised uploading and downloading of copyright protected works A failure to distinguish minor copyright infringement performed by individuals from large-scale commercial counterfeiting of works by organised criminal gangs will damage public respect for copyright law. Whilst the former technically constitutes copyright infringement, there is no compelling evidence that it actually harms either right holders or authors / producers. Prosecuting such cases is not in the public interest, and it is particularly important that such infringement remains a matter for the civil, not criminal, law. Introducing draconian IP enforcement provisions, beyond the measures available in most member states, at the behest of multinational content-industries to 'fight terrorism' will also have a corrosive effect on public respect for copyright law.

3d. Digital Rights Management (DRM) We recommend that the Commission avoid future market interventions such as the Copyright Directive's anti-circumvention provisions, but instead allow the market to decide if DRM is a useful tool for consumers. We particularly support the lifting of anti-circumvention legislation Europe-wide.

* DRM is given close to total legal protection within the UK, with no practical processes allowing for legal circumvention in the interests of disabled access, long-term preservation (archiving) or where the DRM prevents uses permitted by fair-dealing exceptions. One practical effect of the EUCD anti-circumvention provisions is to undermine the intent of laws protecting the disabled and ensuring public access to information goods.

* DRM does not have to expire, and can effectively prevent the work from entering into the public domain at the expiry of the copyright period.

We recommend that DRM and TPM (technical protection measures) are not allowed to undermine the longstanding limitations and exceptions such as fair dealing in UK law. One possible method to ensure user-rights (suggested by the UK's National Consumer Council) is for mandatory labelling of DRM products, clearly explaining permitted and prohibited uses. 4. Afterword

If you would like ORG to provide more detailed testimony, please contact Suw Charman, Executive Director (

REFERENCES 1. The RSA Adelphi Charter - 2. The National Consumer Council's recommendations for labelling DRM -

[Read more] (4 comments)

October 09, 2006 | Suw Charman Anderson

22nd October - Copyfighters Drunken Brunch and Talking Shop

The next London Copyfighters Drunken Brunch and Talking Shop will be held on Sunday 22 October. We will meet upstairs at the Mason's Arms, 51 Upper Berkeley Street, Marble Arch at 12 noon for brunch. The Mason's Arms is on the corner of Berkeley Street and Seymour Place. Once we are suitably lubricated (at around 2pm) we will, en mass, go to Speaker's Corner and orate on the subject of copyright, DRM, the weather -- whatever. Speaking isn't mandatory, but it IS highly encouraged. If you've never spoken before, then I would recommend it as it's a bit of a mad experience you won't get elsewhere! Photos from past events are on Flickr, and we also have a new Flickr Group for the London Copyfighters . Please do feel free to join and add your photographs. Please let us know if you are coming by signing up on the ORG wiki so that we can get an idea for how much food to order. Nearest underground station is Marble Arch. Turn right at the top of the escalators, then right as you leave the station, then right down Great Cumberland Place, then left down Upper Berkeley Street. The Mason's Arms is on the corner of Seymour Place and Upper Berkeley Street. Any problems, please call Mike on 020 7096 1079 (which redirects to his mobile). See you there!

[Read more]

October 06, 2006 | Michael Holloway

WIPO Broadcast Treaty scheduled for further scrutiny

There are concerns proposed WIPO legislation will further extend the social and cultural dominance of trad broadcasters over the internet, as mentioned here on this blog. An announcement this week by the WIPO General Assembly regarding the draft Broadcast Treaty offers encouragement to activists, and has been hailed as a "huge victory for the public interest." Reports call for celebration on two counts.

The proposed legislation will now at least face further scrutiny. Rather than procede directly to a Diplomatic Conference (DC) next Summer - WIPO's mechanism for passing new laws - the draft will be considered in two interim meetings intended to bring about a consensus. The draft's sponsors hoped to avoid this scrutiny and simply force the legislation through, but popular opposition from a broad consensus, and disagreement amongst signatories evidently required WIPO to think more carefully. India, Brazil and the US led the calls for further review.

In addition to scheduling further discussions on the draft, it was decided to reject the controversial rights-based approach in favour of a signal-based mechanism. So the needless extension of exclusive control over 3rd party cultural productions has been rejected, in favour of legislation which pursues the less protectionist agenda of preventing theft of broadcaster's signals.

This news is genuinely heartening. WIPO gets a lot of stick for its un-democratic methods, but this announcement suggests activists and academics can influence even the most elite bureaucrats. And beyond that, the expansion of protectionist IP regimes is not inevitable; let's hope we score a similar victory with our Release the Music campaign...

[Read more]

: E-voting's Unsolvable Problem-->
  • ORG Glasgow: A discussion of the General Data Protection Regulation (GDPR)
  • ORG Aberdeen: March Cryptonoise event
  • ORG North East: Take control of your online life
  • ORG Cambridge: Monthly March Meetup