Glyn Moody’s Techdirt Profile


About Glyn MoodyTechdirt Insider

Posted on Techdirt - 7 July 2015 @ 1:11am

Aadhaar: Soon, In India, Everyone Will Be A Number

from the national-identity-card-club dept

National identification numbers are common enough -- many countries issue their citizens with a unique identifier. But in terms of scale, few can match Aadhaar, India's identity number system. As The Times of India explained a few years back, when the scheme was first announced:

Aadhaar is a 12-digit unique number which will be issued by the Unique Identification Authority of India (UIDAI) to all residents of the country. It's a step towards putting India in the club of more than 50 countries around the world that have some form of national identity cards. These include most of continental Europe (not the UK), China, Brazil, Japan, Iran, Israel and Indonesia. The number will be stored in a centralized database and linked to the basic demographics and biometric information photograph, ten fingerprints and iris of each individual. The number will be unique and would be available for online and offline verification and, hence, will rule out the possibility of duplicate and fake identities from government as well as various private databases.
The Aadhaar system is designed to make it easier for people on the sub-continent to prove their identity:
One of the key challenges faced by people in India is difficulty in establishing identity. People have multiple identity documents, each serving a different purpose. The most important characteristic of Aadhaar is its universality and it is assumed that the biometric card with the number will be gradually accepted across the country as the identification number by all service providers and government agencies.
The system is almost in place. According to an article in The Economic Times, as of this month, 870 million Aadhaar numbers have been issued. The hope is to achieve "universal coverage" -- 1.2 billion people -- by December.

Initially, the Indian government insisted that the scheme was voluntary, although even in 2013, there were concerns that it was effectively mandatory because various state benefits required its use. In 2014, India's Supreme Court reiterated that the system should not be compulsory, and also forbade the authorities from sharing biometric data held on the associated database with the police or similar agencies without the permission of the person concerned.

That raises one of the principal concerns with such centralized databases: the fact that, once created, there is a natural tendency to use them for purposes that have nothing to do with the original justification. For example, in 2013, there were suggestions that the Aadhaar card could be linked to driving licenses. In December last year, 100 million bank accounts were already associated with Aadhaar numbers. Last month, it was revealed that the Indian Railways may make the use of the Aadhaar number mandatory for booking online tickets. All of those will make tracking a person's activities much easier.

As the use of the Aadhaar system spreads to more domains, and becomes indispensable for more everyday services, that single number will assume an ever-greater importance in the lives of people in India -- and therefore become increasingly useful for identity fraud. It will doubtless make things much easier for the public there; but it will also provide the authorities with the perfect way of unifying all the information that they hold about citizens. Let's hope that by the time that happens, India has in place suitably robust laws regulating both government surveillance and data protection.

Follow me @glynmoody on Twitter or, and +glynmoody on Google+

5 Comments | Leave a Comment..

Posted on Techdirt - 2 July 2015 @ 1:16am

What's Behind The Attack On EU's Outdoor Photography? The Usual Copyright Maximalism And Anti-Americanism

from the civilization-in-peril dept

Last week, Tim Cushing explained that one of the bad outcomes of the recent European Parliament committee vote on Julia Reda's copyright reform report was that it recommended limiting freedom of panorama -- the ability to take pictures and make videos of public objects -- to non-commercial use. As Techdirt readers know, in the digital age, it is very hard to draw a clear distinction between commercial and non-commercial contexts online, which makes any kind of limitation to non-commercial use problematic. The person responsible for introducing the amendment to Reda's report, Jean-Marie Cavada, has written a blog post about the freedom of panorama issue (original in French), and it gives us some interesting insights into his thinking here:

The fight which is being led today by Ms. Reda, in the guise of defending free access to the works that are in the public domain [public objects] on behalf of users, is actually one conducted above all to allow US monopolies such as Facebook, or Wikimedia, to avoid the payment of fees to the creators.
Yes, it's all about those evil American companies again, refusing to pay when somebody dares to post a holiday picture on their Facebook page. Because, as the copyright maximalists keep on reminding us, every single use of every single owned object must be licensed every single time, otherwise civilization -- specifically European civilization -- will come crashing down.

But whatever people might think about Facebook, it's hard to see Wikipedia/Wikimedia as a "US monopoly" avoiding payment, as Cavada calls it. Indeed, Cavada goes on to contradict himself, writing:

this structure is well aware that the use of works on Wikimedia pages is not questioned by the authors, even in countries where there is no [freedom of] panorama exception.
Well, if it's not questioned, why is he using Wikipedia as an example of an evil "US monopoly" that wants to avoid paying licensing fees? Or does he mean that authors don't have a problem with Wikipedia using photos of landscapes with their works visible provided they are paid? Which of course ignores the fact that Wikipedia is not a company, and can't afford to pay licensing fees. Or, there again, is he perhaps advocating that Wikipedia just ignore the law, and use the pictures anyway?

Altogether, this confused post is a perfect demonstration of why people who don't understand a technology should not be allowed to make laws about it.

Follow me @glynmoody on Twitter or, and +glynmoody on Google+

39 Comments | Leave a Comment..

Posted on Techdirt - 1 July 2015 @ 1:07am

CETA Isn't Dead, But Its Corporate Sovereignty Chapter Is Still A Huge, Unresolved Problem

from the and-let's-not-mention-TTIP dept

It's been a while since we last wrote about CETA, the trade deal between Canada and the European Union. Back in March, we noted that the French Secretary of State for External Commerce, Matthias Fekl, said that France would not ratify CETA unless the corporate sovereignty, or investor-state dispute settlement (ISDS), provisions were removed or replaced by something completely different. Of course, it's hard not to be sceptical about these statements, since politicians like to grandstand, and are happy to change their positions every few months. But not, it seems, Matthias Fekl. According to a report on the French site Le Devoir (original in French), he's still of the same opinion:

For the Secretary of State for Foreign Trade, Matthias Fekl, who expresses the official position of France, it is not only a question of principle but a fact of life today. If negotiators do not rewrite Article 33 of the [CETA] Treaty which deals with dispute resolution, there will be no ratification.
And it's not just France that has a problem here. According to the article, Fekl said:
Look, this [refusal to accept the corporate sovereignty provisions in CETA] will also be the case in other countries. This isn't meant as a threat. But as far as this chapter is concerned, things must definitely move.
The EU Commissioner for trade, Cecilia Malmström, is well aware of the issues here -- not least because 145,000 people told her in the ISDS consultation last year -- and has presented a concept paper entitled "Investment in TTIP and beyond – the path for reform" (pdf). These are quite similar to proposals made by Fekl for the creation of a new European court to settle trade disputes. But there are two big problems with following that path.

First, the European Commission (and Fekl) have only just begun to sketch out how that reform might look. It is likely to take some time to come up with alternatives like entirely new courts. There is no way that something will be agreed for CETA, which may be ready for ratification quite soon. There's also the problem of TAFTA/TTIP. Given that Malmström has admitted that the current ISDS is unsatisfactory, and that she is trying to come up with something better, it will be hard for her to include it in TAFTA/TTIP in its current form. But the US side has made it clear that it is not happy with dropping corporate sovereignty completely, which leads once more to the problem of time-scales, since a serious replacement for ISDS may not be available even for TTIP. It will be interesting to see how Malmström deals with this key issue for both CETA and TAFTA/TTIP.

Follow me @glynmoody on Twitter or, and +glynmoody on Google+

5 Comments | Leave a Comment..

Posted on Techdirt - 29 June 2015 @ 12:41pm

Australia's New Law Would Strip Citizenship For Possessing A 'Thing' Connected With Terrorism, Or Whistleblowing

from the proportionate-response,-what's-that? dept

Things seem to be going from bad to worse in Australia. In April, it brought in mandatory data retention, and last week its own version of SOPA finally became law. Now the Australian government is working on another awful piece of legislation: a bill to revoke the citizenship of those holding dual nationality if they are "involved in terrorism." A column in The Sydney Morning Herald gives a few examples of what that dangerously elastic concept might mean in practice:

Citizenship would automatically be stripped from a person convicted of entering an area declared to be a no-go zone by the Australian government. This would occur even if the person has entered that area for innocent purposes, such as to do business, visit friends or undertake a religious pilgrimage. The same result would follow for a person convicted of damaging Commonwealth property or possessing a 'thing', such as a book or downloaded file from the Internet, that is in some way connected with terrorism.
Yes, download a file that is "in some way connected with terrorism," and your Australian citizenship will be taken away -- automatically. According to the article quoted above, this is because:
[the Australian government] has responded to concerns that its proposal might be struck down by the High Court. Instead of allowing a minister to strip a person of their citizenship, the bill states that this would occur automatically. This is consistent with the current law.
An article in The Guardian points out that the bill covers whistleblowers too:
The proposed law would also capture a range of offences for disclosing matters relating to national security under section 91.1 of the [Australian] Criminal Code.

The section is titled "offence relating to espionage and similar activities", but includes several offences for intentionally disclosing matters pertaining to national security.
The author of the article in The Sydney Morning Herald, George Williams, is a professor of law at the University of South Wales. As he says:
The government has again overplayed its hand. Its proposal goes well beyond a modest, sensible extension to the existing law so as to remove citizenship from a person who has committed a terrorist act or fought for an organisation like IS. Instead, its bill could cause people to be exiled from the Australian community where their connection to terrorism is minor, or even non-existent.
The same disregard for proportionality can be seen in the data retention and copyright laws brought in recently. Sadly, it seems likely that the proposed citizenship-stripping bill will soon join them in Australia's Hall of Legislative Shame.

Follow me @glynmoody on Twitter or, and +glynmoody on Google+

75 Comments | Leave a Comment..

Posted on Techdirt - 26 June 2015 @ 6:18pm

Two Overlooked Aspects Of Those Leaks About NSA Spying On French Presidents

from the reasons-to-be-cheerful dept

There's been quite a lot of excitement in the press about the latest leaks that the NSA has been spying on not just one French President, but (at least) three of them. As Mike pointed out, this isn't such a big deal, because it is precisely the kind of thing that you would expect the NSA to do -- as opposed to spying on the entire US public, which isn't. There is, though, an aspect that most people have overlooked: the fact that these NSA leaks don't appear to originate from Snowden's stash.

Of course, Mr Crypto himself, Bruce Schneier, did spot it, and pointed out it could be one of his "other" US intelligence community leakers, listed a couple of months ago, or even a completely new one. As that post shows, there are now a few people around that are leaking secret documents, and that's a pretty significant trend, since you might expect enhanced security measures taken in the wake of Snowden's leaks would have discouraged or caught anyone who attempted to follow suit.

That's not the only thing that's interesting about the French documents. As Fabio Chiusi points out in a blog post (original in Italian), they are the latest in a recent series of very rich leaks that include the Sony archives; the Saudi cables; the TPP transparency chapter; and -- not mentioned by Chiusi -- 17 chapters from TISA.

What all those collections have in common is the fact that they came from WikiLeaks. As Chiusi rightly emphasizes, after a period when WikiLeaks seemed to have lost its ability to release important material -- and thus its relevance -- the organization is beginning to hit its stride again. Coupled with the fact that there are half-a-dozen or so people who are leaking intelligence materials, that development offers hope that things are really beginning to look up on the transparency front.

Follow me @glynmoody on Twitter or, and +glynmoody on Google+

9 Comments | Leave a Comment..

Posted on Techdirt - 26 June 2015 @ 1:07am

Apology Legislation In Hong Kong? What Kind Of A Stupid Law Is That?

from the soz dept

Here on Techdirt, we often write about laws, particularly stupid ones. A new law that is being considered in Hong Kong, to encourage people to make apologies, seems to fit the description nicely. Here's the background, as given by the consultation paper seeking input on the idea (pdf):

In 2010, the Working Group on Mediation of the [Hong Kong] Department of Justice recommended, amongst other things, that the question whether there should be apology legislation dealing with the making of apologies for the purpose of enhancing settlement deserves fuller consideration by an appropriate body. In 2012, the Secretary for Justice established the Steering Committee on Mediation (“Steering Committee”) to further promote the development of mediation in Hong Kong. The Regulatory Framework Sub-committee set up under the Steering Committee has been tasked to consider whether there is a need to introduce apology legislation in Hong Kong. After reviewing the report prepared by the Regulatory Framework Sub-committee, the Steering Committee recommended the enactment of apology legislation in Hong Kong.
Here's why it's under consideration:
The main objective of the proposed apology legislation is to promote and encourage the making of apologies in order to facilitate the amicable settlement of disputes by clarifying the legal consequences of making an apology.
Apologizing after some mishap might be taken as a tacit admission of guilt, which could indeed have "legal consequences", since the fear is naturally that doing so will be used against the party making the apology. As a result, people often restrain their natural instinct to say sorry. The consultation documents points out that's likely to exacerbate the situation:
It is unfortunate that this is the perceived legal position as regards apologies, for the heat of the moment so commonly found in a dispute could have been extinguished (or at least reduced) by an apology or an expression of sympathy or regret, thus preventing the escalation of the dispute into legal action or making it more likely for the legal action to be settled.
Ironically, then, fear of the legal consequences of apologizing can mean that disputes are more likely to end up in court than they would had somebody quickly apologized. So apology legislation clarifying the legal effect of saying sorry makes a lot of sense, despite my erroneous initial thoughts. No wonder, then, as I learned from the consultation document, that similar laws are already found quite widely around the world -- in 57 jurisdictions to be precise. Moreover, it seems that the idea was first introduced in the US:
Our research indicates that the first apology legislation was enacted in Massachusetts in 1986. The trend then spread to other states in the United States. At present over 30 states in the United States have apology legislation. Characteristics of the legislation vary. Some deem an apology not to be an admission of liability while others only limit the admissibility of an apology in court for certain purposes. It is noted that most of the apology legislation in the United States covers partial apology (i.e. apology that does not include an admission of fault) only and is targeted at civil actions against the health care profession or involving some other aspects of personal injuries only.
Clearly I owe the lawmakers of Hong Kong an apology for misjudging their eminently sensible legislative project.


Follow me @glynmoody on Twitter or, and +glynmoody on Google+

12 Comments | Leave a Comment..

Posted on Techdirt - 24 June 2015 @ 12:54am

Whatever You Call It -- Open Journalism, Social Media Journalism, Open-Source Intelligence -- It's Going Mainstream

from the first-draft-of-first-draft dept

We've written a couple of times about the use of publicly-available information, typically posted on social networks, to verify developing stories where traditional sources are scarce or unreliable. This new field doesn't seem to have a fixed name yet -- open journalism, social media journalism, open-source intelligence are all used -- but whatever it is, it's clearly going mainstream, as this announcement on the YouTube blog of The First Draft Coalition makes clear:

You could say that user-generated news video is today’s "first draft" of capturing an event that took place. But when it comes to incorporating this content into the reporting of a news event, verification is a critical step for any newsroom -- and not every journalist knows where to start. So we're bringing together a group of thought leaders and pioneers in social media journalism to create educational resources on how to verify eyewitness media, and how to consider the ethics of using it in news reporting. This new group, called The First Draft Coalition, will consist of experts from Eyewitness Media Hub, Storyful, Bellingcat, First Look Media's, Meedan, Emergent, SAM Desk, and Verification Junkie. The Coalition will develop and program a new site for verification and ethics training, tools, research, and, most importantly, case studies around the biggest news stories of the moment.
As the post explains, The First Draft Coalition will be launching its own site later this year, but you can get a taste of the kind of thing it will be doing from examples on Medium. There's an article there by Eliot Higgins from Bellingcat, whom we wrote about last year, and who is widely regarded as one of the leading exponents of the art. His post is well-worth reading, since, as he writes:
When working on open source and social media investigation there's occasional images that at first seem as if they would be impossible to verify.
He posts one of those images, found by the Twitter user surpher:

Of course, Higgins then goes on to pinpoint the exact position in Russia of the military convoy shown there, using not just the image's co-ordinates (which anyway need to be verified) but tiny signs in the photo, including road markings, half-visible posts and cracks in the road that most of us would miss completely. It's an amazing performance, and demonstrates well the incredible potential of this field. Whatever it's called.

Follow me @glynmoody on Twitter or, and +glynmoody on Google+

11 Comments | Leave a Comment..

Posted on Techdirt - 23 June 2015 @ 1:06am

Will Corporate Sovereignty Disputes Lead To Wars One Day?

from the even-if-they-don't,-they-hardly-promote-peace dept

Last August, we wrote about the most egregious corporate sovereignty award (so far): $50 billion against Russia, under a treaty that it never even ratified, in favor of the major shareholders of the Yukos oil company. Of course, as everyone pointed out, being awarded $50 billion was one thing, collecting it, quite another. Most people probably assumed that it would be practically impossible to squeeze that money out of a recalcitrant Russia, but we now learn that some serious steps towards that goal have recently been taken, as reported by Der Spiegel (original in German). In Belgium, the bank accounts of the Russian embassy were frozen, as were those of Russia's EU and NATO missions, while in France, something similar happened, with Russian accounts blocked at 40 banks.

Understandably, this did not go down well with the Russian government. The country's deputy foreign minister warned, "whoever dares to do that must understand that it will lead to reprisals," something his boss, Sergei Lavrov echoed. Meanwhile, Lavrov's own boss, Vladimir Putin, was also well aware of the situation, and was quoted as saying: "we will defend our interests using legal means."

A story on France 24 reports that Russia has already threatened to retaliate against state-linked foreign firms operating in the country, so that's one way that things could escalate. But more seriously, the relations between Russia and EU nations are extremely strained over the conflict in eastern Ukraine; the last thing the situation needs is additional tension caused by arguments over a massive fine. Even if corporate sovereignty doesn't actually cause a war -- well, let's hope not -- the Yukos award may turn into a hindrance to resolving an existing conflict. That's yet another reason to get rid of the whole deeply-flawed system before it causes more serious damage.

Follow me @glynmoody on Twitter or, and +glynmoody on Google+

40 Comments | Leave a Comment..

Posted on Techdirt - 22 June 2015 @ 3:54am

Alleged Dallas Buyers Club Pirates To Be Asked For Employment, Income And Health Details

from the sure-you-don't-want-anything-else? dept

In the previous instalment of the long-running saga involving alleged pirates of the Dallas Buyers Club film in Australia, the court agreed that Australian ISP iiNet should hand over information about its customers. But it added an important proviso: the letter and telephone script to be used to contact and negotiate with them had to be approved by the court first in an effort to prevent "speculative invoicing" of the kind all-too familiar elsewhere.

Last week, more details emerged in another court hearing before the same judge. He was was concerned that the proposed letter from Dallas Buyers Club LLC (DBC) and Voltage Pictures LLC, the film's foreign sales agent -- which DBC is currently suing (pdf), in another twist in the plot -- would not quote a specific figure that those supposedly infringing would be asked to pay, as the Australian Financial Review reported:

Judge Nye Perram said he was concerned DBC was effectively being given a blank cheque, by not stipulating a dollar figure, which could allow the company to ask for a "very high number".

"I need comfort that you aren't going to extort these people," Judge Perram said.
The judge also refused a request by DBC that the draft letter and telephone script should be withheld from the public -- DBC claimed that doing so "could weaken the company's bargaining position and reveal to alleged infringers how they could reduce the penalties sought." As a result, The Sydney Morning Herald obtained copies of both the letter and the script, and published some interesting details. For example, the letter expects parents to shop their own children:
"If the person whom you believe to have engaged in Piracy is under 18 years of age, then please provide us with the full name and address of that person, confirm that that person is under 18 years of age, confirm whether you are the parent or guardian of that person and whether you are authorised to engage with us on behalf of that person," the letter will demand.
The proposed telephone script for people who ring the number given in the initial letter is even more extraordinary:
Callers who admit to the downloads will be asked to provide detailed personal answers including their employment status, whether or not they have a terminal illness, what their annual income is and whether or not they're serving in the military.
It will also ask the callers to incriminate themselves further:
"How many titles do you have available now and in the past on the BitTorrent network?" call centre operators will ask, according to the script.
It's not yet clear whether the judge will allow these incredibly intrusive questions -- he's expected to hand down his ruling next month. But it's an indication of the approach that DBC wants to take, and yet another reason why those receiving these emails should consider seeking legal advice, as The Sydney Morning Herald notes in a useful article on the topic.

Follow me @glynmoody on Twitter or, and +glynmoody on Google+

33 Comments | Leave a Comment..

Posted on Techdirt - 19 June 2015 @ 1:01am

Churchix: The Face Recognition Event Attendance Desktop Application You've Been Praying For?

from the forgive-me,-for-I-have-scanned dept

Churchix may sound like yet another niche GNU/Linux distro aimed, perhaps, at those who want to free their software as well as their souls, but it turns out to be both godly and down-to-earth (found via @latentexistence):

Churchix is a face recognition event attendance desktop application. Churchix identifies event attending members in videos and photos. All you need to do is enrol high quality photos of your members into the software data base, then connect a live video USB camera or upload recorded videos or photos -- and Churchix will identify your members!
Nothing remotely creepy about your church attendance being recorded automatically, of course, since presumably notes are being kept in more ethereal spheres anyway. But if you're not convinced, the makers of Churchix, Skakash, have more secular locations where you could deploy its facial recognition system. As well as obvious ones like airports and border areas, other possible uses include in casinos, where Skakash suggests there are three classes of people you might want to track: blacklisted individuals, employees and VIPs.

That's a rather telling categorization, because it basically says it doesn't matter whether you are an unwelcome or welcome visitor, or simply there as an employee, the system is designed to keep an eye on you, all the time. That's a hint of where things might be going: a world where everyone is tracked using facial recognition in commercial and public spaces, not just the criminals. The recent walkout by privacy organizations from multi-stakeholder talks because of a failure by companies using face recognition to agree to any privacy-protective code of conduct shows that it will probably take a miracle to avoid that fate.

Follow me @glynmoody on Twitter or, and +glynmoody on Google+

21 Comments | Leave a Comment..

Posted on Techdirt - 18 June 2015 @ 4:11am

Data Retention's Slippery Slope: Now Australian Police Want Warrantless Access To Bank Accounts

from the and-then-what? dept

As Techdirt has reported, data retention laws are being introduced around the world. One of the less obvious but most pernicious effects of this development is the banalization of surveillance it brings with it. People begin to find it normal that they are spied on by their government whatever they are doing, and accept without a murmur that the police can do so without a warrant. A good example of what this can lead to has surfaced in the Australian state of New South Wales (NSW), where the police are pushing for new powers:

The NSW Police Force would no longer require a judge's sign-off to gain access to the bank statements of people they suspect are engaging in criminal conduct under a police proposal before the NSW government.

The proposal would change the status quo, which requires a magistrate or registrar of a court to sign off on a "notice to produce" before police can force banking institutions to hand over documentation, such as a suspected criminal's bank statements.
What's significant is that in the article quoted above, which appears in The Sydney Morning Herald, Australia's new data retention laws are explicitly cited as a justification for the move:
[The head of NSW Police's Fraud and Cyber Crime Squad] likened the proposal to the way telecommunications metadata -- such as the time a call was made, to whom, and for how long -- is sought from telcos, which requires only the sign-off a senior officer before companies, such as Telstra or Optus, divulge such information.
Although the request from the police has not been granted -- so far, at least -- it's a sign of where things are going. It's also a great demonstration of the slippery slope: once you agree that warrantless access to personal data is acceptable in one sphere, it's much harder to argue against it in other situations.

Follow me @glynmoody on Twitter or, and +glynmoody on Google+

19 Comments | Leave a Comment..

Posted on Techdirt - 16 June 2015 @ 1:17am

UK Police Carry Out Facial Scans Of 100,000 People Attending Music Festival

from the yes,-we-scan dept

Last year, Techdirt wrote about Boston Police performing a test run of its facial recognition software on those attending a local music festival. Perhaps unsurprisingly, in the UK, land of a million CCTV cameras, the police have taken things even further. As this story in Noisey explains, drawing on a report on the Police Oracle site (registration required):

This weekend's Download Festival will be subjected to strategic facial recognition technology by Leicestershire Police, making those 100,000 plus attendees the first music fans to ever be monitored to this extent at a UK music festival

The announcement article on Police Oracle reads, "the strategically placed cameras will scan faces at the Download Festival site in Donington before comparing it with a database of custody images from across Europe."
The ostensible reason for this massive surveillance is to catch people who steal mobile phones, but that really doesn't stand up to scrutiny. The database that the 100,000 faces were matched against was "custody images from across Europe", but it seems improbable that criminals would travel all the way across Europe to this particular music festival in the hope that they might be able to relieve a few spaced-out musicgoers of their phones. Nor was general criminal behavior an issue: apparently, last year there were just 91 arrests with 120,000 people attending. It's more likely that the facial scans were born of a desire to see if the hardware and software were capable of capturing such large numbers and comparing them with the pan-European database. Worryingly, the Download Festival may be just the start:
According to the Police Oracle article previously cited, other festival organisers have expressed widespread interest in technology, pending a successful trial. DC Kevin Walker told the Oracle, "It is one of the first times it has been trialled outside, normally it is done in a controlled environment. There has also been a lot of interest from other festivals and they are saying: 'If it works, can we borrow it?' "
It's easy to see this kind of technology being rolled out ever-more widely. First at other music festivals -- purely for safety reasons, you understand -- and then, once people have started to get used to that, elsewhere too. Eventually, of course, it will become routine to scan everyone, everywhere, all the time, offering a perfect analog complement to the non-stop, pervasive surveillance that we now know takes place in the digital world.

Follow me @glynmoody on Twitter or, and +glynmoody on Google+

26 Comments | Leave a Comment..

Posted on Techdirt - 15 June 2015 @ 3:54am

German Investigation Into NSA Surveillance Of Angela Merkel Dropped

from the politic,-but-unlikely-to-be-a-popular dept

After the first wave of Snowden revelations two years ago, one of the most dramatic later claims was that the NSA had been monitoring the calls of Germany's Chancellor, Angela Merkel. As Techdirt reported at the time, the US government made things worse by emphasizing that it was not presently monitoring her calls, and promised not to monitor them in the future, while leaving the obvious question about past activity glaringly unanswered. Matters were not improved when President Obama then claimed that he had known nothing about the spying. No wonder, then, that a formal investigation into the allegations was launched by Germany in June 2014.

Since then, things went rather quiet, which makes news that Germany’s chief federal prosecutor is dropping the case because of lack of evidence rather surprising. As Reuters reports:

"The accusations made would not stand up in court with the means available for criminal proceedings," the federal prosecutors office in Karlsruhe said in a statement.

"The vague remarks from U.S. officials about U.S. intelligence surveillance of the chancellor's cell phone -- i.e. 'not any more' -- are insufficient evidence".
However, the official statement from the chief federal prosecutor's office (original in German) did not rule out resuming the investigation if new evidence emerged at a later date.

It is likely that Merkel and her advisers have decided that it is better to mend bridges with Obama in this face-saving way rather than to continue demanding answers from an unresponsive US government. That may be a politically reasonable move, but it is unlikely to satisfy many Germans who saw the allegations as evidence that no one was safe from US (and British) spying.

Moreover, as Techdirt noted back in 2013, the refusal by the US authorities to address these and other allegations of surveillance is contributing to the German public's jaundiced view of the TAFTA/TTIP negotiations, which are increasingly in trouble. That skepticism is reflected by the fact that among the 2 million signatures gathered so far by the pan-European Stop TTIP online petition, fully one half come from Germany. The decision to drop the investigation into claims that the NSA listened in on Merkel's phone calls is unlikely to make things better.

Follow me @glynmoody on Twitter or, and +glynmoody on Google+

11 Comments | Leave a Comment..

Posted on Techdirt - 12 June 2015 @ 7:39pm

Another Victory Against Government Surveillance, This Time In Paraguay

from the hashtag-pyrawebs dept

Although it would be naive to think that the tide is turning, it's heartening to see a few wins against government attempts to formalise and extend surveillance of their populations. The passage of the USA Freedom Act, however flawed and limited it may be, is one example. The various rulings against the UK government are another. While rightly celebrating these, it's easy to overlook other battles being fought elsewhere, perhaps not so high profile, but just as important. Here's one that has been fought for over a year in Paraguay, and which recently concluded in a victory, as the EFF reports:

On Thursday morning, the Paraguayan Senate defeated a mandatory data retention bill that would have compelled local ISPs to retain communications and location details of every user for a period of 12 months.

Paraguayan Internet users called the bill "Pyrawebs," alluding to the digital version of pyragües, informers who monitored the civilian population's movements, meetings, political preferences, religious beliefs, and more on behalf of dictator Alfredo Stroessner, who ruled between 1954 and 1989.
The EFF post links to a fascinating interview with Maricarmen Sequera, the director and founder of TEDIC (Technology, Education, Development, Investigation and Communications), which describes itself as:
an NGO that develops open technology and defends digital rights for free culture on the Internet.
Along with Amnesty Paraguay, TEDIC played a pivotal role in defeating the data retention bill. In the interview, Sequera was asked what advice she had for other groups facing similar battles:
With these kinds of campaigns against mass surveillance, it is difficult to generate resonance on the issue without causing fear that paralyzes people and discourages them from getting involved. Drawing on the Paraguayan notion of 'pyrague' and giving it a modern (even comical) touch by adding "webs" helped give new life to a difficult subject, and also simplified it and made it intelligible to "non-techies".

Another piece of advice could be to place the same amount of importance on community media as on the national press and radio. In the end, the community is who will promote grassroots action -- and this kind of action is always one of a campaign's goals. Additionally, getting international coverage will help to demonstrate the importance of the issue.
As well as community media, social media played its part too:
One of the most successful initiatives was the Twitter handle #Pyrawebs, which allowed us to send Twitter messages to every deputy in the Chamber, and call for them to reject the bill.
That hashtag served as a handy rallying-cry during the crucial last phase of the campaign:
#Pyrawebs trended for four days in Paraguay. On the day of the vote, seven million Twitter users worldwide were talking about it (more than the population of Paraguay).
Although it's often said that Twitter in general, and hashtags in particular, never change anything, it's seems likely that seven million people tweeting about #Pyrawebs made an important contribution to the final result. Another great thing about creating a memorable hashtag is that it can be wheeled out again, at a moment's notice. Unfortunately, that might well be necessary. As the EFF post points out:
the supporters of the bill may try to sneak it in again in the future. We will all need to stay tuned and help to fight any such move. The supporters of mass surveillance will try again, but if we stay united our fundamental rights will remain intact.

Follow me @glynmoody on Twitter or, and +glynmoody on Google+

4 Comments | Leave a Comment..

Posted on Techdirt - 12 June 2015 @ 12:34pm

Austria Wants To Bring In Google Tax For Snippets -- Including Single Words

from the how-low-can-you-go? dept

Here on Techdirt, we have been following with a certain bemusement attempts by a number of European governments to bring in laws that would grant newspaper and magazine owners a special "ancillary" copyright over snippets -- actually a thinly-disguised attempt to tax Google. Despite the miserable failure of this ploy, Austria has decided it wants to join the club, as reported here by the Initiative Against Ancillary Copyright site:

The Austrian proposal is very similar to the German law. Producers of "newspapers and magazines" shall be granted an exclusive right only against commercial providers of search engines and news aggregators. As in Germany, this right is also supposed to only last for one year. But there remains one big difference: The draft does not include an exception for "single words and shortest text-snippets" which expands the scope of the right tremendously!
That's something of an understatement.

Assuming Austria goes ahead and brings in this change (it's currently a draft amendment to the country's copyright law), it will surely learn the hard way that it doesn't help publishers. What's more worrying is that there is an amendment (number 204 - pdf) to the proposed revision of the EU copyright directive, that seeks to bring in this crazy idea across all 28 member states:

Notes that the current legal framework provides for neighbouring rights for performers, phonogram producers, film producers and broadcasting companies, but not for press publishers; calls on the Commission, therefore, to analyse whether neighbouring rights for press publishers can provide appropriate protection and remuneration for their work in a digital media world;
There's an important vote on Tuesday that will determine whether that amendment is adopted, along with some of the hundreds of others that have been proposed. Let's hope that the European politicians bear in mind how badly the idea has turned out every time it has been tried before.

Follow me @glynmoody on Twitter or, and +glynmoody on Google+

30 Comments | Leave a Comment..

Posted on Techdirt - 12 June 2015 @ 12:26am

Leak Of TPP Health Annex Shows New Zealand's Beloved Pharmac System Under Direct Attack

from the do-as-I-say,-not-as-I-do dept

After a rather quiet period, WikiLeaks seems to be back on form. After the big TISA leak last week, it's released the Healthcare Annex to the Transparency Chapter of TPP. The document itself is short (pdf), and fairly opaque, so WikiLeaks has helpfully provided some expert commentary from Deborah Gleeson (pdf) and Jane Kelsey (pdf), both well-known academics in this field. Here's a key part of Gleeson's summary:

The inclusion of the Healthcare Transparency Annex in the TPP serves no useful public interest purpose. It sets a terrible precedent for using regional trade deals to tamper with other countries' health systems and could circumscribe the options available to developing countries seeking to introduce pharmaceutical coverage programs in future.

The Annex is clearly intended to target New Zealand’s Pharmaceutical Management Agency (PHARMAC) and some of its provisions will result in new obligations for PHARMAC that will involve transaction costs and could impinge on its flexibility and autonomy. This is particularly worrying given that PHARMAC provides a model pharmaceutical coverage program that is suitable for adoption by developing countries.
Pharmac is New Zealand's system for buying medicines in bulk, which results in substantial savings for the country -- around $3.5 billion since 2000. US drug companies hate it for two reasons: it is able to negotiate lower prices in New Zealand by consolidating purchases for the whole country; and it represents a dangerously successful model that other countries might adopt. The latest leak is important because it confirms that Big Pharma is using TPP not only to strengthen drug patents, but also to attack Pharmac directly.

It has long been a fear that TPP would seek to undermine it, something that the New Zealand government has strenuously denied. The latest clear evidence that Pharmac is indeed under threat has forced the country's prime minister, John Key, to respond, reported here by the New Zealand Herald:

Prime Minister John Key has promised that New Zealanders will continue to pay no more than $5 [US$3] for subsidised prescriptions, whatever happens to Pharmac under the Trans Pacific Partnership.
Jane Kelsey is quoted in the new story as noting that there were only four possibilities:
the Government could increase the health budget overall; the health budget could remain the same but more funding go from non-Pharmac costs to Pharmac; the price the public paid for prescriptions could rise -- which Mr Key ruled out today; and the fourth was that fewer medicines were bought by Pharmac.
Any of the other options means higher taxes in New Zealand or cuts somewhere else to pay for the more expensive drugs TPP is almost certain to bring. That fact has led to a spate of articles in the New Zealand press, and a wider awareness about the negative consequences of the hitherto obscure TPP, albeit rather late in the day.

As a side note, it's worth noting one other interesting aspect, pointed out by Kelsey in her detailed analysis of the latest leak:

The Annex applies very specifically to a 'national health care program' that makes recommendations/decisions about listing pharmaceutical products or medical devices for reimbursement, or the sum of that reimbursement, where these programmes are run by a 'national health care authority'.

The Annex does not apply to direct government procurement of pharmaceuticals and medical devices.

'National' is presumably chosen to preclude such programmes that are run by states and provinces, which are politically sensitive in the US and Canada. In effect, the US has excluded almost all its own programmes, while targeting New Zealand

Clever, no?

Follow me @glynmoody on Twitter or, and +glynmoody on Google+

15 Comments | Leave a Comment..

Posted on Techdirt - 10 June 2015 @ 11:10pm

Analysis Shows European Commission's 'Improved' Corporate Sovereignty Model Would Actually Make Things Much Worse

from the institutionalized-regulatory-chill dept

Last year, the controversy around corporate sovereignty was such that the European Commission felt obliged to slam the brakes on this particular part of the TAFTA/TTIP negotiations in order to try to defuse the situation. The ostensible reason for that unexpected pause was to hold a public consultation on the "investor-state dispute settlement" (ISDS) mechanism. It turned out to be of a very limited kind. Rather than asking whether people wanted corporate tribunals passing judgment on their laws and regulations, the European Commission instead presented the ISDS chapter of another agreement, that with Canada, and posed some rather technical questions about the subtle changes it incorporated.

The Comprehensive Economic and Trade Agreement (CETA) is nominally finished, and is currently undergoing what is known as "legal scrubbing", during which it is checked and polished for final ratification by Canada and the EU, although that's looking much more problematic now than it did a year ago. In the consultation, CETA's ISDS chapter was offered as a kind of template for TAFTA/TTIP. The Commission's argument was that it incorporated many improvements over traditional corporate sovereignty chapters -- which even the EU admitted were flawed -- and could be tweaked further to produce an even better solution for the US-EU negotiations.

Techdirt has already written about one detailed analysis of the claimed improvements in CETA's ISDS that found them seriously wanting. Confirming that view is a new paper from Gus Van Harten, who is Associate Professor of Law at York University in Toronto, Canada. He has taken advantage of the fact that we now have two recent EU free trade agreements with corporate sovereignty chapters: the one with Canada, plus a less well-known deal with Singapore. Van Harten's paper looks at both of them in order to explore to what extent the European Commission's new model for ISDS represents an advance over previous versions, and is therefore something that might usefully form the basis for a possible corporate sovereignty chapter in TTIP. Here's his concluding summary:

The CETA and [EU-Singapore] FTA demonstrate the Commission's willingness to accept ISDS -- based on the model long pushed by Western European countries for developing and transition countries -- that is flawed due to its lack of independence, fairness, and balance. The Commission's approach to ISDS, as represented by the CETA and FTA, does not ensure basic safeguards of judicial independence and procedural fairness. It does not affirm clearly the state's right to regulate. It does not introduce actionable responsibilities for foreign investors or even require foreign investors to resort to domestic courts unless they have been shown not to offer justice. The only notable improvement in the CETA and FTA approach to ISDS, compared to the historical Western European model, is its greater provision for openness.

By including ISDS in the CETA and FTA, as forerunners of a TTIP, the Commission would make the problems of ISDS much worse. The Commission aims to expand and lock in a deeply flawed system of dispute resolution -- premised on the special privileging and subsidizing of large companies and very wealthy individuals, with lucrative returns also for ISDS lawyers and arbitrators -- so that it covers most of the world economy.
Although that is pretty unequivocal, it's worth reading the whole paper to understand why Van Harten is so dismissive. It contains many insights along the way, including the following astonishing fact:
The CETA's provision on the arbitrators' power to award damages to foreign investors includes a clause that I have not seen in any investment treaty. The clause says that, in calculating monetary damages, the arbitrators shall reduce the damages to account for "any... repeal or modification of the measure". Thus, the CETA appears to establish an incentive for states to change their decisions in order to appease a foreign investor (who has brought an ISDS claim) as a means to limit the state's exposure to potentially massive liability at the hands of the arbitrators. Put differently, this clause in the CETA appears to institutionalize the ISDS dynamic of "regulatory chill".
So much for the idea that corporate sovereignty "does not and cannot require countries to change any law or regulation": not only does the CETA text admit it can happen, it even provides a strong incentive to do so.

Follow me @glynmoody on Twitter or, and +glynmoody on Google+

3 Comments | Leave a Comment..

Posted on Techdirt - 10 June 2015 @ 1:12am

Privacy International Files Complaint Against GCHQ's Use Of 'Bulk Personal Datasets'

from the chipping-away dept

Last month, we noted that the UK rights group Privacy International has been at the forefront of the fight against the UK's disproportionate surveillance activities, to such an extent that the UK government has changed the law just to avoid one of its legal challenges. Those have covered many different aspects of GCHQ's activities. In July 2014, Privacy International filed a complaint with the UK's spy watchdog, the Investigatory Powers Tribunal (IPT), over GCHQ's surveillance tools. In September 2014, it tackled GCHQ's involvement in the "Five Eyes" system. And now it has come at things from yet another angle:

Privacy International today filed a legal complaint demanding an end to the bulk collection of phone records and harvesting of other databases, from millions of people who have no ties to terrorism, nor are suspected of any crime.

The complaint, filed in the UK's Investigatory Powers Tribunal, is the first UK legal challenge to attack the UK Government Communications Headquarters' (GCHQ) use of "bulk personal datasets" equivalent of the US s.215 bulk phone records metadata program. The s.215 program run by the NSA, which has dominated the US surveillance reform debate since Edward Snowden revealed it, was curtailed just days ago with the passing of the USA Freedom Act.
The latest challenge flows from the publication in March of the IPT report, "Privacy and Security: A modern and transparent legal framework." Even with its frequent redactions, the report provided important new information on which Privacy International is basing its complaint:
The ISC does not reveal which datasets have been collected by GCHQ, but they are described as being "highly intrusive", containing "millions" of records, which are then "linked together." In a startling admission, the datasets were separately described as pertaining "to a wide range of individuals, the majority of whom are unlikely to be of intelligence interest."

There is no proper legal regime in place, with no restrictions on which datasets can be collected, how long they can be stored, or accessed. The acquisition and subsequent use of datasets is not authorised by a judge, or even a Minister.
It gets even worse:
There are no legal penalties for misuse of this information, and abuse of the data has already happened with the ISC finding that agencies “had disciplined – or in some cases dismissed – staff for inappropriately accessing personal information held in these datasets.” It is not sufficient that misuse is dealt with by individual disciplinary measures. We need much stronger safeguards to prevent misuse occurring in the first place.
Bringing multiple cases before tribunals and courts is one way to achieve that. At the very least, it makes people more aware of what is going on, and increasingly it is leading to small but symbolically important victories too.

Follow me @glynmoody on Twitter or, and +glynmoody on Google+

10 Comments | Leave a Comment..

Posted on Techdirt - 9 June 2015 @ 1:12am

Meet RCEP: Yet Another Big Bad Trade Agreement No One Has Heard Of

from the worse-than-TPP,-worse-than-ACTA dept

Techdirt has been writing about major trade deals like TPP, TAFTA/TTIP and -- most recently -- TISA more than most. But there's one that we've not mentioned so far: the Regional Comprehensive Economic Partnership (RCEP). As Wikipedia explains, RCEP is:

Between the ten member states of the Association of Southeast Asian Nations (ASEAN) (Brunei, Burma (Myanmar), Cambodia, Indonesia, Laos, Malaysia, the Philippines, Singapore, Thailand, Vietnam) and the six states with which ASEAN has existing FTAs (Australia, China, India, Japan, South Korea and New Zealand). RCEP negotiations were formally launched in November 2012 at the ASEAN Summit in Cambodia.
As that makes clear, as far as participating nations are concerned, there is a big overlap between RCEP and TPP. The crucial difference is that the US is taking part in TPP, but not RCEP, while China and India are in RCEP, but not TPP. In this sense, then, they are rival free trade agreements, battling it out for economic supremacy in the Pacific region. Given the different views of the leading nations involved -- the US on the one hand, China and India on the other -- you might think the two trade agreements would be turning out to be very different, at least in certain areas. For example, as an interesting EFF analysis of a leaked South Korean RCEP document puts it:
We might then, expect that RCEP could be the "anti-TPP"; a vehicle for countries to push back against the neo-colonial ambitions of the United States, by proposing alternative, home-grown standards on the TPP's thorniest issues such as copyright, patents, and investor protection. Some members of RCEP have indeed spoken out against the TPP because of its unbalanced promotion of strict copyright and patent laws, and some commentators have characterized RCEP and the TPP as competitors.

But based on yesterday's leaks, the promise of RCEP pushing back against the TPP is being squandered. Instead, its IP chapter is turning out as a carbon copy.
Here are just a few of the proposals in the leaked South Korean document:
Prohibiting temporary copies of works in electronic form (a thoroughly misguided and anti-innovation provision that has even been erased from the TPP).

A prohibition on the Internet retransmission of broadcasts, mirroring proposals for a Broadcast Treaty that would inhibit the free use of public domain material.

Inflated awards for copyright or patent infringement, by calculating damages payable for the infringing works on the assumption that they were sold at full retail market value.

Criminal penalties for “commercial scale” copyright and trademark infringement, even where the infringer has not sought or made any profit from the activity.

Suspension of the Internet accounts of repeat infringers, and censorship of bulletin boards that are "considered to seriously damage the sound use of copyrighted works" (whatever that means).
As the EFF post rightly notes, these and the other ideas it lists are even worse than those found in TPP or ACTA, which is some achievement. So the question has to be: why has South Korea adopted this extreme position? The EFF offers an intriguing guess:
Having been pushed into accepting unfavorably strict copyright, patent, and trademark rules in the process of negotiating its 2012 free trade agreement with the United States, Korea considers that it would be at a disadvantage if other countries were not subject to the same restrictions.
If true, that would be a good demonstration of how intellectual monopolies like copyright and patents are not boons that bring benefits to those who embrace them, but banes that are imposed on others in order to hobble them. The South Korean chapter, with its revelations of just how bad things might be under RCEP, confirms once more the critical importance of leaks when negotiations with potentially far-reaching and global implications are conducted behind closed doors. Moreover:
Now that the text has been leaked and it has been revealed to be so atrocious, we can begin to build pressure for the negotiating countries to open up the process.
After all, it's hard to combat a threat if you don't even know it's there.

Follow me @glynmoody on Twitter or, and +glynmoody on Google+

9 Comments | Leave a Comment..

Posted on Techdirt - 8 June 2015 @ 5:53am

Netflix Says Piracy Helped It Succeed In The Netherlands, And Will Help When It Launches In Spain

from the gain-in-spain dept

Back in 2013, Techdirt wrote a story about how Netflix was using piracy as market research -- an approach that is as obvious as it is rare. The copyright maximalists doubtless hoped that would fail dismally, and that Netflix would see the error of its ways and join the industry chorus condemning piracy as a terrible scourge that impoverishes artists and causes society to collapse. Neither has happened, as an interview with Netflix's CEO, Reed Hastings, in El Mundo makes clear (original in Spanish, via TorrentFreak). Hastings confirms that looking at pirate sites to find out what people were interested in did indeed work out well in the Netherlands, and that this gives him confidence Netflix will thrive when it launches later this year in Spain -- a country that has traditionally had a high level of piracy:

I think that Spain is going to be one of our most successful countries. It has a population with a high level of [Internet] connectivity, which is accustomed to e-commerce and has given indications of being interested in our product. We are very optimistic.
He expands on why piracy is a help, not a hindrance, and how Netflix will manage to sell its services in the face of these free alternatives:
What's certain is that [piracy] has created a public that is accustomed to viewing content online. We will offer an alternative that is much simpler and immediate than looking for a torrent.
That's also what Hastings said in 2013, so clearly he has not found any reason to change his mind since then. These are exactly the kind of ideas that Techdirt has been promoting for years, but it's hugely refreshing to find a successful media CEO willing to say them on the record not once, but twice. It's a pity that so many other copyright companies still insist on fighting piracy, rather than learning how to turn it to their advantage.

Follow me @glynmoody on Twitter or, and +glynmoody on Google+

22 Comments | Leave a Comment..

More posts from Glyn Moody >>