E-Privacy's Foggy Bottom Privacy from Companies8/8/2000; 10:00:49 AM 'The discovery spurred a controversy over the role of this unseen third party -- as well as lawsuits targeting Toysrus.com and Coremetrics. The suits focused on the seemingly inflammatory fact that the hand-off was not mentioned in Toysrus.com's privacy disclosures even though the information handed over was explicitly personal. 'But the alleged privacy transgression isn't as clear as it might seem. Coremetrics was a contractor to Toysrus.com, which was turning over its customer activity data for analysis to Coremetrics. That outsourcing relationship between the two companies shed light on an area of relative obscurity in the debate over the acceptable ebb and flow of private information online.'It's worth remembering that it was an out-sourcing relationship, and the hoopla is over what could happen, not what has happened. While a reason for concern, as few we have trusted with our data have resisted the temptation to abuse it, nothing truly wrong has been done.However, from the article:'Privacy advocate Jason Catlett said concern over the issues misses the point. "A company that outsources doesn't necessarily make its customers more vulnerable to privacy violations than a large company that processes the data in-house," Catlett said.'I have to disagree. It greatly increases the potential correlation of the data, which greatly increases the value... which greatly increases the temptation on the part of Coremetrics. It is proper to be concerned... though a lawsuit is a bit much, admittedly

Piano Scrolls and the Law Music & MP38/7/2000; 3:24:14 PM Two articles that go well together:The Standard has ''The Piano-Scroll Precedent'', a retrospective on copyright law and past technology.'Technology, then and now, takes unexpected twists and turns, and copyright law struggles to keep up. Today, as the 9th U.S. Circuit Court of Appeals ponders the Recording Industry Association of America's complaint against Napster, people trying to cope with the fast-changing Internet might draw some lessons from history.'And a reminder from Salon that the law is not the immutable thing that some believe:'...And for six months, two questions have persistently filled my e-mail in box from perplexed or outraged readers. 'First: Why do so many people think it's OK to break the law and cheat artists out of their income? Second: If I'm so smart, what do I think the record companies should do? 'These questions share some unspoken assumptions that are worth noting -- like a belief that the law is always unambiguous and unchangeable, and a notion that the interests of "artists" (creators) and record companies (distributors) are identically aligned. But the people asking the questions are sincere, and they deserve answers.'

Will the Real Katie.com Please Stand Up?
General IP Issues
8/7/2000; 3:02:41 PM 'This isn't the first time that two parties have squabbled over a domain name, but Jones' case is unique in one aspect. Countless cybersquatters have registered domain names of large companies and tried to extort large fees from the companies in exchange for relinquishing the names. A whole body of law now addresses the rights of companies to extend their trademark to Web addresses. But no one has yet tested the right of Web address owners to extend their trademarks to other offline media.'

A hacker crackdown?
Programmer's Rights
8/7/2000; 12:39:30 PM 'As the long arm of the law reaches Napster and its lookalikes, programmers could be held responsible for what others do with their code.'

The inaugural "Programer's Rights" story, which convinced me to start this as a new department.

New Department: Programmer's Rights Programmer's Rights8/7/2000; 12:37:39 PM I'm creating a new department for what I percieve to be a controversy I suspect we'll be hearing more about in the future: Programmer's Rights and the responsibilities that come along with those rights.Like any controversy, one can find hints of it extending far back, but I think this issue has come into a new focus with the developments surround Napster. Can Napster-the-software's writers (i.e., Napster-the-company) be held responsible for the software's use?In Napster's case, it is further blurred by the fact that Napster is also a service (Napster-the-service), but in the case of distributed programs like FreeNet, there's no service to shut down, so when the authors are taken to court, it will be solely because they have created a program with which it is possible to violate some law or other. While copyright is the current favorite, expect old the old standbys to show themselves (you know, kiddie porn and bomb instructions) and new ones to join the fray around the world (illegal political speech, perhaps not in the USA (perhaps!) but it will be an issue in other countries).If this issue continues to take off, there are some other lawsuits waiting to happen in this area:

• So-called root kits: These are little bundles of programs that you can download that will allow you to completely take over some computer. These are created by exploiting known vulnerabilities in some program and using those vulnerabilities to gain some user control over the system. Usually, these kits will also attempt to hide their prescense, with varying levels of success.Frequently, they are usable by people with little-to-no computer knowlege. They can cause great damage, both when used deliberately to cause damage, and accidentally, when used by a novice to powerful effect. Does the author of this kit bear some level of responsibility for the authoring of the kit?I'd consider this on the far end of the spectrum, BTW. There are no compelling reasons for these kits to exist, except to crack. Programs that simply exploit security holes and do so in an open fashion to demonstrate them are necessary to computer security discourse... programs that use these holes to secretly take computers over and hide their existance are not necessary.
• ALL Serving software: If you're going to hold Napster accountable because it facilitates MP3 sharing, then for consistency, you need to go after other things that facilitate that sharing... IRC being the natural first target.If the corporations could twist this the way they'd like, this could be used to largely lock us into a web where only approved servers could serve anything significant, with teams of lawyers verifying the intellectual property status of every byte being served, because it would be illegal to run a rogue server. I can't seriously imagine things going this way, it's just the logical conclusion of the Napster suit.
• Utility software: Any software peripherally related to any other lawsuit. Can I sue the manufacturors of the crash simulation software the car companies use if I'm injured in a crash? What about the people who wrote the software to design the crash simulation software? If Intel releases another chip with a division bug, could I sue Intel for nearly anything related to a computer at some point, because it might have something to do with that bug? Certainly, these are extreme, but I expect to see them in some form.

Yet, for all the confusing technology and endless permutations involved in the computer business, this is actually not a technical or Internet issue at all. It is really a result of our society's fascination with lawsuits, and our desires to shift blame from people to whoever has deep pockets and can pay for the blame.In the end, this boils down to a fundamental question that people of all industries face: Can the manufacturor of a product be held responsible for the use of that product? Can the supplier of a product be held responsible for its use? When? Why? This is the really the same issue for guns, tobacco, cars, planes, and anything else.The only rational answer is "The vast majority of the time, no." Personally, I can only stomach saying yes when there's active fraud involved, such as is claimed on the part of the tobacco companies. Most any other answer results in absurdity... and the proof of that statement will quite likely lie in the truly absurd stories I expect to populate this department... on par with the absurdity of claiming the damages caused by Napster probably exceed the entire revenue of the record companies in the last year (because each infringement could cost from $500 to $100,000... absurd!). Stay tuned

THE ARCHIVAL MIND: The Brain's Third Hemisphere Digital Divide8/4/2000; 9:59:47 PM 'Indeed it also seems possible that we are now developing a new thought-consciousness. Our intuitive awareness of this fact accounts, I believe, for the characteristic love affair people come to have with their computers. To the outsider they are "computer nuts" or "nerds." The outsider can never understand one thing the present analysis makes clear. People who fall in love with their computers are really falling in love with their own minds, and the stunning new Boolean capabilities it makes possible.'This strongly reminds me of the concept of Intelligence Amplification, or IA (to provide a counterpoint to AI, Artificial Intelligence). The idea is that computers and humans will evolve together, with each providing unique strengths, into a symbiotic relationship, rather then the more morbid and scary AI Conquers World scenario.I catagorize this as a Digital Divide story because when I think digital divide, this is what I think about. "Access to information"? Not really so importent. The question is, will there be a class of people who can use their third hemisphere, and a class of people for whom it forever remains economically inaccessible? Computer 'literacy' is aptly named; the importence of being able to manipulate computers and obtain useful data and knowlege from them is on par with conventional literacy, for much the same reasons, and those reasons are growing stronger daily.Without computers, without the network of webloggers functioning almost as a prototypical group mind (without all that nasty mind-merging stuff I'd hate), without the computers to manage the astonishing flow of data I take in every day, I'd never be able to run this site. I don't just mean that because, as a web site, you need a computer of some kind to read it and I need one to create it, but I mean I'd never be able to hunt down the amount of information on these topics that I do... and still have time to do anything else. Rather then a consuming life passion, iRights is much more like a hobby, one of many.So, look at it this way: Because I make good use of my third hemisphere, I routinely engage in an activity as a hobby that in any other century would have required full time engagement. To deny these abilities to anybody is on par with denying them the ability to read. Perhaps they can't or won't read, but they must be given a chance.Note that conventional computer classes taught in high-school and even college (for the non-Computer Science majors) do not cover this sort of thing at all... they teach computers as a tool to do paperwork, or perhaps as a glorified calculator, but not as a thought tool. (This will not be easy to correct until we have a better understanding of how this thought tool affects us, and learn how to exploit it to the fullest.)This is also in some sense why Linux and Unix geeks like those operating systems so well... they may be a pain to use, but they facilitate being used to process information and extract meaning that Windows can't do (without massive effort).'People who fall in love with their computers are really falling in love with their own minds, and the stunning new Boolean capabilities it makes possible.'

Privacy Plan Likely to Kick Off Debate Surveillance and Privacy from Government8/4/2000; 10:26:00 AM 'he goal of the plan announced by President Clinton's chief of staff, John Podesta, sounded admirable: to overhaul the nation's privacy laws, harmonizing a patchwork of inconsistent rules and extending to e-mail and mobile phone messages the same strict safeguards against government snooping that now apply to telephone calls.' ...'In arguing that all e-mails should be given the same enhanced protections as telephone calls, Podesta in effect declared that the telephone wiretap law should be the privacy baseline.'By saying that, however, he also signaled his intention to greatly lower the standard that may be protecting a relatively small but fast-growing class of e-mails and other electronic communications: messages created by users of cable-based Internet services. 'That's because the laws governing the cable television industry, the Cable Act of 1984 and the related sections of the Telecommunications Act of 1996 have privacy protections for cable subscribers that make the telephone wiretap laws seem positively pallid. '

Registrar Sues for Whois Spam Privacy from Companies8/4/2000; 8:29:58 AM 'In a dispute that could test the legal limits for how of personal information stored on publicly available websites is used, a domain name registrar has filed suit against a firm it claims illegally used its customer contact information in an aggressive marketing campaign of unsolicited email and phone calls.'Register.com, a New York company that registers Internet domain names, filed suit this week against Verio Inc., a Colorado website developer and hosting firm, charging that the company engaged in "unauthorized commercial use of Register.com's Whois database."'This registration information is public knowlege, I'm just surprised it took this long for a major suit to emerge over somebody misusing it.

TheStandard.com: Privacy Report Criticizes 'Infomediaries' Privacy from Companies8/3/2000; 9:16:41 AM 'A new report released by Internet security firm Interhack, based in Columbus, Ohio, warns that the practice of outsourcing data collection on the activities of Web site visitors creates significant potential for privacy breaches. 'The report takes several e-commerce Web sites to task, as well as Coremetrics, the firm that collects and analyzes their customer information. But concern about outsourced data collection is applicable to any company that serves as an "infomediary" between the customer and the Web site.'Links The Standard Didn't Think You'd Need:

• The press release announcing the report
• The report, Getting to Know You (Intimately): Surreptitious Privacy Invasion on the E-Commerce Web
• Coremetric's response
• Interhack's response

In particular, the response contains important clarifications of what Interhack was trying to say. In light of the response, I have to agree with the point Interhack was trying to make: Only our trust in CoreMetrics prevents them from perform exquisitely detailed tracking... and many people are forced to so trust them against their knowlege.

Reform Voting Evokes E-Votes
Political Speech
8/3/2000; 8:47:53 AM '[Reform] Party officials say that the contest between Patrick Buchanan and John Hagelin for the Reform Party presidential nomination will be settled through a unique "mixed-media" election, giving voters the option of voting either through a mail-in paper ballot or on the Web over a three-day period prior to the party's Aug. 10-13 national convention.'

'The entire voting process -- electronic and postal -- is being handled by eBallot, a relatively new entrant into the raucous electronic voting industry, in which upstart companies are tripping over each other to get valuable commissions from national organizations.'