July 21, 2006 | Glyn Wintle

Public meeting on RIPA consultations

The Regulation of Investigatory Powers Act Part III gives law enforcement the power to serve notices requiring that encrypted material be "put into an intelligible form" (or as everyone else would say, decrypted). Under some circumstances the notices can require that encryption keys are handed over. At present Part III is not in force, but the Home Office are consulting on a Code of Practice for its operation and it must be expected to come into force in early 2007.

The eighth Scrambling for Safety meeting on the Home Office's access to keys and communications data code of practice consultations is being held from 2-5pm on Monday 14 August 2006, at the Gustave Tuck Lecture Theatre, South Wing, UCL, Gower St, London WC1 [campus map].

Admission is free but space is limited, so if you wish to attend please subscribe to the meeting mailing list. Please e-mail with requests for any other information.

The agenda as follows:

1400WelcomeDr Ian Brown, UCL Computer Science
1405The Home Office consultationsSimon Watkin, Home Office
1420Government access to communications dataDr Richard Clayton, Cambridge University Computer Laboratory
1435Government access to decryption keysCaspar Bowden, ex-director, FIPR
1505Risks to safety and securityDr Brian Gladman, MoD and NATO (retired)
1520Errors of judgment and integrity in presenting computer-based evidenceDuncan Campbell, expert witness and investigative journalist
1545Parliamentary scrutiny of RIPA and its OrdersThe Earl of Erroll, House of Lords (crossbencher)
1615Compatibility with human rights lawProf. Douwe Korff, London Metropolitan University
1630Do the police need longer detention periods to investigate encrypted evidence?Prof. Ross Anderson, Cambridge University Computer Laboratory
1645The changing public mood on privacyLord Phillips of Sudbury, House of Lords (Liberal Democrat)
1655Questions and conclusionsSimon Davies, Privacy International and LSE

Useful background information is at Privacy International's wiretap page and FIPR's "Surveillance and security" pages.

[Read more]

July 18, 2006 | Glyn Wintle

Danny O'Brien at the Drunken Brunch

Last Sunday saw the latest edition of the London Copyfighter's Drunken Brunch & Talking Shop. Led by our founding pledger, the EFF's Danny O' Brien, we had a great turnout, including many new faces tempted by the irresistible combination of sunshine, mixed drinks and heated IPR debate.

Danny O'Brien opens proceedings (photo by Yoz) Danny O'Brien opens proceedings (photo by Yoz)

For readers not yet acquainted with Copyfighters, the big idea is to sink a few swift halves before heading to Speaker's Corner for a good old-fashioned bellow on any topic relating to digital rights. It's a chance to hone your public-speaking skills as well as chat with other activists, and also see some of speakers corners more interesting characters. Our rants this time around ranged from the music industry's proposal for a new tax on ISPs, to ID cards, to useless MP3 players.

Photos of the glorious day are up on Flickr, from Yoz and Dave, plus there's a new London Copyfighters Flickr group you can join and add your pics to.

Details of next month's Copyfighters will be announced soon.

[Read more]

July 13, 2006 | Glyn Wintle

Information Commissioners annual report

Richard Thomas, the Information Commissioner, has published his annual report. The Information Commissioner's Office is the UK's independent public body set up to promote access to official information and to protect personal information.

"Never before has the threat of intrusion to people’s privacy been such a risk. It is no wonder that the public now ranks protecting personal information as the third most important social concern."

"What is the right balance between public protection and private life? How long, for example, should phone and internet traffic records be retained for access by police and intelligence services fighting terrorism? Whose DNA should be held, and for how long, to help solve crime? What safeguards are needed for commercial internet-based tracking services which leave no hiding place?"

"In our annual survey on information rights, protecting people’s personal information was highlighted as one of the top three issues of social importance, with 80 per cent of individuals saying that they were concerned about the use, transfer and security of their personal information. Organisations do recognise that good information handling makes good business sense, with the vast majority telling us it improves customer trust, information management and risk management."

Annual Report 2005 - 2006 - Information Commissioner’s Office

The report also singles out ID cards, children’s databases and spam as worthy of mention.

[Read more]

July 11, 2006 | Suw Charman Anderson

BPI asks ISPs to do its dirty work

As reported by Reuters and the BBC, the BPI has asked two ISPs - Cable & Wireless, and Tiscali - to terminate the accounts of 59 broadband users because the BPI claims that they are infringing copyright. Cory Doctorow has an excellent post on BoingBoing explaining why this is a really bad idea, not just for users but for ISPs too:

Notice-and-takedown is a censor's best friend, but as the music and film industry can attest, it hasn't made any kind of dent in copyright infringement. For one thing, it's wholly ineffective against P2P file-sharing -- notice-and-takedown only works on stuff hosted on an ISP's web-server, not on a customer's own PC.

The new proposal for notice-and-termination aims at creating an even more radical version of this judge, jury and executioner privilege the entertainment industry has secured for itself. Under notice-and-termination, you need only claim to be an aggrieved rightsholder to actually knock someone's DSL circuit offline.

This sounds like something similar to notice-and-takedown, but there's a gigantic difference: the cost of connecting a DSL circuit is vastly higher than the cost of putting some files on a web-server. Indeed, ISPs have told me that it can take years to recoup the cost of connecting a customer to the Internet.

This story has also been covered by eHomeUpgrade, where I commented:

It's essential that ISPs resist the BPI's attempt to strong-arm them into becoming the music industry's bully-boys. If the BPI has evidence of wrong-doing, then it must go through the proper channels in order to pursue its case. Producing a list of IP addresses and demanding that the customers who used them be disconnected is no more than an attempt at summary justice. If the end-user is mis-identified - perhaps the IP address was shared or mis-communicated by the BPI - then it will be the ISPs and their innocent customers who will suffer the consequences.
Hopefully, the ISPs will resist the BPI's machinations, but I suspect this is just the beginning of an attempt by the entertainment industry to get a firm grip on the internet's jugular. As Cory says:

The BPI is floating a trial balloon here, but it's not a coincidence that they're proposing something already under discussion at WIPO. Getting countries or even major ISPs to adopt notice-and-termination paves the way for the creation of a takedown treaty -- and the end of the Internet as we know it.

UPDATE: Tiscali tell the BPI to get lost, and sound distinctly unimpressed with the BPI's tactics. From Webuser:

A Tiscali spokeswoman described the move as a 'media ambush'. She said the BPI had “[sent] their letter to the media before we even had a chance to read it and the information they went to press with was not strictly correct”.

And more from Tiscali's letter to the BPI:

You have sent us a spreadsheet setting out a list of 17 IP addresses you allege belong to Tiscali customers, whom you allege have infringed the copyright of your members, together with the dates and times and with which sound recording you allege that they have done so. You have also sent us extracts of screenshots of the shared drive of one of those customers. You state that such evidence is "overwhelming". However, you have provided no actual evidence in respect of 16 of the accounts. Further, you have provided no evidence of downloading taking place nor have you provided evidence that the shared drive was connected by the relevant IP address at the relevant time.

Similar requests we have dealt with in the past, have included such information and, indeed, the bodies conducting those investigations have felt that a court would consider it necessary to see such evidence, supported by sworn statements, before being able to grant any order.

[Read more] (2 comments)

July 11, 2006 | Glyn Wintle

700,000 children fingerprinted by schools

Children are being threatened with exclusion from school unless they submit to being fingerprinted, reports Leave Them Kids Alone. This Daily Mirror story illustrates the size of the problem:

FURY erupted yesterday after it emerged an estimated 700,000 children are being fingerprinted at school.

Systems in 3,500 primary school libraries allow pupils to take out books by scanning their thumb prints instead of using a card.

But campaigners warn the technology is a massive invasion of privacy and a step towards a "database state".

With an average primary school size of 200 pupils, pressure group No2ID says at least 700,000 pupils are regularly having their fingerprints scanned.

Fingerprint scandal of 700,000 kids - The Daily Mirror

For more on children's rights, visit the ARCH website.

[Read more] (18 comments)

July 11, 2006 | Glyn Wintle

Commission Cheats European SMEs in Patent Consultation

The European Commission has been consulting on the future of Europe's patent regime and, as always, the FFII have been doing a good job of monitoring their progress. Fears that this was a third attempt to legalise software patents in Europe prompted a large number of SMEs, software developers and bigger IT firms to respond, but it seems that the Commission did not like the answers they got:

The Commission made an undercover move to get more "useful" answers following the 12 April closing date of its Patent Policy consultation. It sought out small firms across Europe who had used the patent system. It then provided these firms with new documentation and specialist assistance to help them write individual answers. None of the firms answering the online consultation got this help. But when the software firms in this new group came to the same conclusions as the FFII, the Commission concluded that these firms were "lacking knowledge about the patent system".

Commission Cheats European SMEs in Patent Consultation - FFII

[Read more]

July 10, 2006 | Suw Charman Anderson

16 July, London Copyfighters Drunken Brunch and Talking Shop with Danny O'Brien

The next London Copyfighters' Drunken Brunch and Talking Shop will be held on Sunday 16 July, and it will be chaired by Danny O'Brien. We will meet upstairs at the Mason's Arms, 51 Upper Berkeley Street, Marble Arch at 12noon for brunch. The Mason's Arms is on the corner of Berkeley Street and Seymour Place. Once we are suitably lubricated (at around 2pm) we will, en mass, go to Speaker's Corner and orate on the subject of copyright, DRM, the weather -- whatever. Speaking isn't mandatory, but it IS highly encouraged. Photos from past events are on Flickr. Please let me know if you are coming by signing up on the ORG wiki page so that I can get an idea for how much food to order. Nearest underground station is Marble Arch. Turn right at the top of the escalators, then right as you leave the station, then right down Great Cumberland Place, then left down Upper Berkeley Street. The Mason's Arms is on the corner of Seymour Place and Upper Berkeley Street. Any problems, please call Suw on 020 7096 1079 (which redirects to my mobile). Hope to see you there!

[Read more] (1 comments)

July 07, 2006 | Suw Charman Anderson

IPPR/Reuters - The Long Tail: Opportunities in a New Marketplace

The IPPR and Reuters held a seminar on Tuesday 4 July about the 'long tail' and niche marketing, and how it relates to IP. Speakers were Shaun Woodward MP; Chris Anderson, Wired; Azeem Azhar, Reuters. As usual, I took copious notes, a habit which will become redundant if all organisers provide the level of recording that the IPPR has for this seminar. You can read the official summary, and you can listen to Part 1: Shaun Woodward MP, Chris Anderson, Azeem Azhar (21.1MB), and Part 2: Questions from the floor and responses (16.8MB). My notes from the event are over on Strange Attractor.

[Read more]

: E-voting's Unsolvable Problem-->
  • ORG Glasgow: A discussion of the General Data Protection Regulation (GDPR)
  • ORG Aberdeen: March Cryptonoise event
  • ORG North East: Take control of your online life
  • ORG Cambridge: Monthly March Meetup