Climate Change and the Integrity of Science

European Parliament Official In Charge Of ACTA Quits, And Denounces The 'Masquerade' Behind ACTA

This is interesting. Kader Arif, the "rapporteur" for ACTA, has quit that role in disgust over the process behind getting the EU to sign onto ACTA. A rapporteur is a person "appointed by a deliberative body to investigate an issue." However, it appears his investigation of ACTA didn't make him very pleased:

I want to denounce in the strongest possible manner the entire process that led to the signature of this agreement: no inclusion of civil society organisations, a lack of transparency from the start of the negotiations, repeated postponing of the signature of the text without an explanation being ever given, exclusion of the EU Parliament's demands that were expressed on several occasions in our assembly.

As rapporteur of this text, I have faced never-before-seen manoeuvres from the right wing of this Parliament to impose a rushed calendar before public opinion could be alerted, thus depriving the Parliament of its right to expression and of the tools at its disposal to convey citizens' legitimate demands.”

Everyone knows the ACTA agreement is problematic, whether it is its impact on civil liberties, the way it makes Internet access providers liable, its consequences on generic drugs manufacturing, or how little protection it gives to our geographical indications.

This agreement might have major consequences on citizens' lives, and still, everything is being done to prevent the European Parliament from having its say in this matter. That is why today, as I release this report for which I was in charge, I want to send a strong signal and alert the public opinion about this unacceptable situation. I will not take part in this masquerade.

Pretty rare to find such direct honesty in political circles. That's quite a direct and clear condemnation of the entire process. In terms of process, it will be interesting to see if this has an impact. While the EU did sign on to ACTA today, it still needs to be ratified by the European Parliament (more on that in a little while). Having Arif quit makes a pretty big statement, and hopefully makes it easier for Parliament Members to speak out loudly against ACTA... Still, this is an uphill battle. The supporters of ACTA have been working to get ACTA approved for years. To them, this is basically a done deal.

Man who downloaded recipes on how to make explosive devices jailed

A man who downloaded recipes on how to make explosive devices onto a pen drive has been jailed.

Asim Kauser, aged 25, of Bardon Close, Halliwell, Bolton, pleaded guilty to four offences under Section 58 of the Terrorism Act 2000 at an earlier hearing. The particulars are that Kauser was in possession of records of information of a kind likely to be useful to a person committing or preparing an act of terrorism.

He has today, 27 January 2012, been sentenced to two years and three months in prison at Manchester Crown Court, Crown Square. Kauser was arrested and charged following an operation by the North West Counter-Terrorism Unit.

Police first became involved when officers from Bolton were called to investigate a burglary that happened overnight between 1 and 2 June 2011 at Kauser's family home, in which the thieves stole a car.

Kauser's father gave police a USB stick which was thought to contain CCTV images of the burglary.

However, when it was examined it contained recipes on how to make explosive devices and poisons, anti-interrogation techniques and details on how to kill efficiently.

A further examination of the stick revealed a letter, addressed to an unknown recipient, in which the author - again anonymous but referring to himself as a 24-year-old man - seeks spiritual guidance and says he has prepared himself physically and financially for jihad.

Officers also recovered a list that contained prices in both pounds and rupees of a number of items, including an AK47 rifle, rounds of ammunition, a grenade launcher and other survival or combat material.

Forensic analysis of the pen drive revealed the material had been downloaded in the spring of 2010.

Explosive experts were consulted who confirmed the recipes on the stick were viable ways of making explosive devices.

Detective Chief Superintendent Tony Porter, head of the North West Counter-Terrorism Unit, said: "The materials we discovered on that pen drive were clear and viable instructions on how to make explosive devices.

"When you combine that with the letter and the 'shopping' list that was found in Kauser's bedroom which contained pricing details for guns, ammunition and other survival equipment it builds up a picture of his state of mind.

"This case has never been about proving an endgame and we may never know what his intentions were, but when you have significant evidence of how to make explosive devices and pricing lists for weapons, we had to act quickly.

"The North West Counter-Terrorism Unit has to act on any information or suggestion of terrorist activity - in situations like these there can be absolutely no delay.

"Throughout this investigation, we have worked with members of our community, who were understandably anxious to see this case resolved, to keep them informed and we would like to thank those people for their support.

"I also want to stress that this case is not about policing people's freedom to browse the Internet. The materials that were downloaded were not stumbled upon by chance - these had to be searched for and contained very dangerous information that could have led to an explosive device being built. That is why we had to take action.

"All forms of violent extremism present a threat to our communities and we all have a role to play in protecting them."

Why History Needs Software Piracy

How copy protection and app stores could deny future generations their cultural legacy.
By Benj Edwards

Amid the debate surrounding controversial anti-piracy legislation such as SOPA and PIPA, our public discourse on piracy tends to focus on the present or the near future. When jobs and revenues are potentially at stake, we become understandably concerned about who is (or isn’t) harmed by piracy today.

I’m here to offer a different perspective, at least when it comes to software piracy. While the unauthorized duplication of software no doubt causes some financial losses in the short term, the picture looks a bit different if you take a step back. When viewed in a historical context, the benefits of software piracy far outweigh its short-term costs. If you care about the history of technology, in fact, you should be thankful that people copy software without permission.

It may seem counterintuitive, but piracy has actually saved more software than it has destroyed. Already, pirates have spared tens of thousands of programs from extinction, proving themselves the unintentional stewards of our digital culture.

Software pirates promote data survival through ubiquity and media independence. Like an ant that works as part of a larger system it doesn’t understand, the selfish action of each digital pirate, when taken in aggregate, has created a vast web of redundant data that ensures many digital works will live on.

Piracy’s preserving effect, while little known, is actually nothing new. Through the centuries, the tablets, scrolls, and books that people copied most often and distributed most widely survived to the present. Libraries everywhere would be devoid of Homer, Beowulf, and even The Bible without unauthorized duplication.

The main difference between then and now is that software decays in a matter of years rather than a matter of centuries, turning preservation through duplication into an illegal act. And that’s a serious problem: thousands of pieces of culturally important digital works are vanishing into thin air as we speak.

The Case of the Disappearing Software

The crux of the disappearing software problem, at present, lies with the stubborn impermanence of magnetic media. Floppy disks, which were once used as the medium du jour for personal computers, have a decidedly finite lifespan: estimates for the data retention abilities of a floppy range anywhere from one year to 30 years under optimal conditions.

A floppy stores data in the form of magnetic charges on a specially treated plastic disc. Over time, the charges representing data weaken to the point that floppy drives can’t read them anymore. At that point, the contents of the disk are effectively lost.

This becomes particularly troubling when we consider that publishers began releasing software on floppy disk over 30 years ago. Most of those disks are now unreadable, and the software stored on them has become garbled beyond repair. If you’ve been meaning to back up those old floppies in your attic, I have bad news: it’s probably too late.

To make matters worse, software publishers spent countless man-hours in the 1980s preventing us from archiving their work. To discourage piracy, they devised schemes to forever lock their software onto a single, authorized diskette. One popular copy protection method involved placing an intentionally corrupt block of data on a disk to choke up error-checking copy routines. It worked so well that it also prevented honest attempts to back-up legally purchased software.

If these copy protection schemes had been foolproof, as intended, and copyright law had been obeyed, most of the programs published on those fading disks would now be gone forever. Many cultural touchstones of a generation would have become extinct due to greed over media control.

It’s not just floppy disks that are under threat. Thousands of games published on ROM cartridges and as enormous arcade cabinets are now hard to find and can only run on electronic hardware that will not last forever. Publishers have re-released a handful of the most prominent games among them on newer platforms, but the large majority of legacy video games don’t get this treatment. Pirates liberate the data from these ROM chips and allow them to be played, through software emulation, on newer consoles and PCs.

Pirating also makes foreign game libraries easily available for historians to study. Some games only appeared on writable cartridges in Japan via download methods like the Nintendo Power flash cart system and the BS-X Satellaview. Those would be entirely out of the reach of Western historians today without previous efforts to back them up illegally.

For a sample slice of what’s at stake when it comes to vanishing software, let’s take a look at the video game industry. The Web’s largest computer and video game database, MobyGames, holds records of about 60,000 games at present. Roughly 23,000 of those titles were originally released on computer systems that used floppy disks or cassette tapes as their primary storage or distribution medium.

23,000 games! If game publishers and copyright law had their way, almost all of those games would be wiped from the face of the earth by media decay over the next 10 years. Many would already be lost.

For the past decade, collectors and archivists have been compiling vast collections of out-of-print software for vintage machines (think Apple II, Commodore 64, and the like) and trading them through file sharing services and on “abandonware” websites. Through this process, they’ve created an underground software library that, despite its relative newness, feels like the lost archives of an ancient digital civilization.

About Abandonware

Abandonware is a pseudolegal concept that posits the righteousness of distributing software that is no longer commercially sold or supported — that which seems “abandoned” by its owners. Despite this, if the software is copyrighted and permission to distribute software has not been expressly given by the owner, distributing it is still illegal.

As a journalist and historian, I rely on these collections of pirated software to do my job. I’d rather it not be that way, but there is no legal alternative (more on that in a moment).

The compilation of this underground library–a necessary resource for future historians–is a brave act of civil disobedience that needs to continue if we are to protect our digital heritage. As we’ll see, the greatest threats to software history lie not behind us, but directly ahead of us.

Why Preserve Software?

Before we go any further, let’s take a step back and consider why we should preserve software in the first place. Software often seems inconsequential because of its ephemeral nature. It’s a dynamic expression of electrons on a computer screen, and that doesn’t mean much, instinctively, to brains that evolved to recognize value in physical objects.

But software is also a powerful tool whose mastery says something profound about our civilization. If we look back through a museum, we can get a good idea about a certain society’s potential by examining its tools. If a civilization could build threshing machines, for example, we know that they could harvest and process wheat much faster than people 100 years earlier. That, in turn, might explain a known population boom.

Likewise, we can measure mankind’s recent potential by looking at his software tools. Future historians may ponder how people achieved a surreal vocal effect in music or created the CGI animated films of today. They may wonder at what point a certain tool allowed fantastic, photorealistic image manipulations that now dominate advertising. Without knowledge of and experimental access to various versions of Auto-Tune, Pixar RenderMan, and Adobe Photoshop, they’ll have a difficult time finding accurate answers to those questions.

Software is also entertainment. It is culture. Like books, music, and films before it, the art form expressed in software entertainment programs–usually games–has both reflected and influenced the cultural behavior of multiple generations around the globe.

Is there an American alive between the ages of 15 and 35 that doesn’t know who Mario is? (I’m sure you can find someone who has not heard of Mario, but he was locked in a basement from 1980 to 1999.)

Thanks to the work of preservationists that flout the law, future historians will be able to more fully consider Mario’s cultural impact and answer deeper, ancillary questions like “Why did people wear T-shirts with pixelated mushroom people on them?” and “What games, exactly, did Mario appear in and why?”

It’s possible that Nintendo will be around 200 years from now, but it is unlikely to provide all the answers. The company will only convey the history that is in their best commercial interest to show you (i.e. Super Mario Bros. 3, over and over). Historians will show you everything without restraint — even Hotel Mario, Mario Roulette, and I Am A Teacher: Super Mario Sweater. None of those games will survive 200 years without piracy, because Nintendo would rather see those embarrassingly low-quality titles rot away in a tomb sealed by copyright law.

We Have Everything To Lose

It would be nice if the problem of disappearing software was limited to the past, but there’s a disturbing parallel at work in the current software marketplace. App stores and other digital distribution methods–which often inextricably link purchased software to a unique licensee, sometimes on a unique machine–threaten to deprive us of even more software in the very near future.

Thanks to widespread adoption of aggressive digital rights management (DRM) and a single-source model of distribution, most digitally distributed software will vanish from the historical record when those stores shut down. And believe me, they will shut down some day. If this doesn’t scare you, then you need an allegorical history lesson. Here it is:

Imagine if a publisher of 500,000 different printed book titles suddenly ceased operation and magically rendered all sold copies of its books unreadable. Poof. The information contained in them simply vanished. It would represent an cultural catastrophe on the order of the burning of the Great Library of Alexandria in 48 B.C. In that fire, a majority of the Western world’s cultural history up to that point turned to ash.

Now take a look at the iTunes App Store, a 500,000 app repository of digital culture. It’s controlled by a single company, and when it closes some day (or it stops supporting older apps, like Apple already did with the classic iPod), legal access to those apps will vanish. Purchased apps locked on iDevices will meet their doom when those gadgets stop working, as they are prone to do. Even before then, older apps will fade away as developers decline to pay the $100 a year required to keep their wares listed in the store.

From a historical perspective, we can only hope that hackers and pirates have been quietly making archives of as much as they can grab from download services like the iTunes App Store, the PlayStation Store, the Wii Shop Channel, Xbox Live Arcade, and other online app stores.


And what about cloud software? If all of our software tools become centralized and run over the Internet, it will be hard to pirate them, which also means they won’t get preserved. That’s bad for history.

When paleoanthropologists wonder if a 13,000 year-old Clovis point can take down a Bison, they tie one to a spear and let it fly. If spear points had been automatically cloud updated over the course of their development, however, we would only know of the most recent iteration in the design process. Clovis points wouldn’t exist today, and we’d be wondering how ancient Native Americans managed to hunt game with uranium-tipped bullets.

With that in mind, think about this: What did Gmail’s interface look like just one year ago? How did Google Maps work before it added Street View? Lacking experimental access to older versions of cloud-based software tools, future historians will have to depend on screenshots and personal testimony to work out exactly what the tools were capable of at any time, if they still exist.

But if future historians retain access to old versions of non-cloud software, they will be able use the tools, as they would with a Clovis point, to experimentally duplicate the activities of people in the past. For example, they could run the AtariWriter word processing program on an Atari 800 emulator to reproduce a document from the 1980s in a way that would explain its format.

A complete reliance on cloud gaming (think OnLive) is also a very bad idea. Looking to OnLive to preserve game software would be like expecting your local movie theater to preserve film history. It’ll only show what is commercially viable to show at the time, and they discard the rest. That is how cloud gaming will work as well.

The new Great Library is already burning, and we are only just beginning to smell the smoke.

When Corporations Own History, They Change It

The DRM found in digital app stores today poses a significant threat to our future understanding of history. Sure, the companies that create this software own the rights to these products now, but once a work becomes consumed and embedded into mass culture, it belongs to the ages. It assumes a role larger than that of a mere commercial product, and copies of the work should be protected and preserved as cultural treasures.

It’s hard to protect and preserve that which is liable to change or disappear at any time. If VHS tapes worked like app stores, George Lucas could force all of us to upgrade our purchased Star Wars films to the Special Edition versions (to maintain compatibility with LucasOS, of course), overwriting the old ones in the process. Heck, one day he could decide he doesn’t like the movies at all and replace them with copies of Willow. It would be within his legal rights, but it would also be cultural robbery.

It bugs me that iOS software today updates at a galloping pace that deletes previous versions unless you’ve taken pains to archive them. It is convenient and wonderful functionality in many ways, but the practice also rewrites history with every download. What if Photoshop had been updated that way throughout the 1990s? Would anyone have a copy of the first version that could work with layers? Such a historically important piece of software would be lost. Similarly, if we move to a completely controlled, single-source, automatic update scheme for all PC applications–it’s almost here with Windows 8, by the way–we will be destroying digital artifacts with a fervor heretofore unseen.

By accepting restrictive DRM into our lives, we are giving not only software publishers, but all media publishers the power to erase, control, or manipulate digital cultural history if they choose. That is why DRM feels fundamentally wrong from a humanistic standpoint: it conspires, in conjunction with time, to deprive humanity of its rightfully earned cultural artifacts.

To be sure, every creator of software should be rewarded appropriately with exclusive rights of reproduction for a certain period of time, as they are now, but only in a soft legal sense, not with a virtual lock and key that stymies the preservation of history.

Let’s not repeat what happened 2000 years ago in Alexandria. The only scrolls that survived the burning of the Great Library were those that had been copied and distributed, likely without the permission of their authors. (Unfortunately, library officials strictly limited library access to prevent this, so very few texts escaped destruction.) If we don’t open the doors to the legal preservation of all software, civilizations thousands of years from now will only possess copies of programs that pirates illegally duplicated and distributed while the works were still officially available.

The cultural impact of software easily equals that of any other creative work. It is time to legitimately preserve this digital art form in libraries alongside books and films. Setting up such a library, however, is a very difficult proposition.

The Plight of the Digital Librarian

If you wanted to study the history of our culture up to the present, you’d probably turn to a library. There you can find comprehensive collections of analog data to study for free. If you want to study software in the same way, you’re out of luck: operating a practical, comprehensive software library is currently illegal in the United States.

Don’t get me wrong: it is possible to create a legal software library, but its implementation would make it nearly useless. The best a library can hope to do, within its legal limits, is to stock physical copies of officially duplicated software media on physical shelves. That means that all the problems with decaying and obsolete media come along with it. There’d be plenty of bulk and very little guarantee that you’d be able to access what is sitting in the stacks.

A more practical approach for a software library would be to liberate the data from fixed media and store it in arrays of redundant hard disks. Librarians could upgrade the arrays over time to avoid obsolescence, and the software could be painlessly transferred over a network to be run on emulators (which would simulate the original software platforms) for historical study.

Unfortunately, the practical approach doesn’t work because it’s currently illegal under US copyright law to copy software — a necessary part of freeing it from its original media — and then share it with the public without the publisher’s permission. (The law provides for legal backup copies, but you can’t share them with other people.) Moreover, it’s illegal under the Digital Millennium Copyright Act (DMCA) to circumvent copy protection schemes to actually make those copies in the first place.

Right now, there exist libraries that store floppy disks on their shelves as if they were books. These organizations make the mistake of assuming that, like books, the data on computer disks will last indefinitely if carefully shielded from the elements. But there is nothing they can do to ultimately stop the loss of data. The data needs to be copied onto a new medium. At some point, the law needs to be broken — or changed.

Copyright’s Obsolete Legal Assumption

Current U.S. copyright laws have good intentions, but they ultimately jeopardize the survival of digital property because they do not take into account the rapid pace of digital media decay and obsolescence.

Our body of copyright law makes a 19th-century-style legal assumption that the works in question will stay fixed in a medium safely until the works become public domain, when they can then be copied freely. Think of paper books, for example, which can retain data for thousands of years under optimal conditions.

In the case of digital data, many programs will vanish from the face of the earth decades before the requisite protection period expires (the life of the author plus 70 years in the U.S.). Media decay and obsolescence will claim that software long before any libraries can make legal, useful backups.

A potential solution would be to limit copyright terms on software to a more reasonable period of time — say, 20 years maximum. Then archivists would have a far greater chance of properly retrieving and storing the old software before it deteriorated into oblivion.

It should also be permanently legal for librarians to circumvent copy protection schemes to archive software. Currently, limited exemptions to the DMCA provide temporary DRM-breaking provisions under very narrow circumstances, but that is not enough.

As an alternative, a new law could require publishers that seek copyright protection to deposit DRM-free versions of software to the U.S. Library of Congress for media-independent archival. The software could later be digitally “checked out” on a limited basis by patrons doing research. If necessary, these digital library materials could become available only after a period of time, say five years, to further protect commercial interests

Don’t Let Software Disappear

We live in a civilization dominated by commerce and those who benefit from it, so we instinctively want to protect those who fairly engage in business. There are those among us who, in pursuit of that goal, would like to assault piracy with heavy-handed legislation. But piracy, which is endemic to and inseparable from digital distribution, can never be fully controlled without depriving freedom. Legislation that attempts to do so will only drive the practice further underground while punishing those who don’t even engage in it by crippling the technology that allows software to exist in the first place.

The Four Forces of Software Decay

There are four main techno-cultural forces pushing software toward extinction.

Force 1: Physical Decay

No form of digital media holds data forever. Every computer data storage medium physically deteriorates over time, losing data in the process.

Force 2: Medium Obsolescence

As technical innovations continue, every storage format will become obsolete and rarely used at some point, making retrieving the data in the future difficult.

Force 3: Copy Deterrence

For economic reasons, software publishers have historically tried to deter users from copying the publisher’s software without permission. These methods prevent the legitimate archival of software.

Force 4: Economic Obsolescence

Every software product has a limited market lifespan, which is the result of rapid technological progress. This means that software will only be duplicated and distributed commercially for a short period of time.

At the moment, you can obtain just about any entertainment work or software program for free if you try hard enough. Despite that, millions of people still pay real money to obtain legal copies of software, films, and music, in the process making those industries bigger and more profitable than ever.

The fact that people still buy access to digital media in large numbers means that piracy is simply not the problem they think it is. In fact, piracy is itself the solution to another problem: the problem of over-protected intellectual property. It would be wonderful if those companies utilizing strict DRM and pushing for aggressive anti-piracy legislation saw the need to be a little less profiteering for the greater historical good, but since that is rarely the objective of the free market, don’t hold your breath.

It is up to us, as a generation, to preserve our cultural history. We must also push for reforms in copyright law that allow software to take its rightful place in historical archives without the need to rely upon the work of pirates.

If you love software, buy it, use it, and reward the people who make it. I do it all the time, and I support the industry’s right to make money from its products. But don’t be afraid to stand up for your cultural rights. If you see strict DRM and copy protection that threatens the preservation of history, fight it: copy the work, keep it safe, and eventually share it so it never disappears.

Some people may think ill of your archival efforts now, but they’re on the wrong side of history: no one living 500 years from now will judge your infringing deeds harshly when they can load up an ancient program and see it for themselves.

It’s time to end the failed war on drugs

By Richard Branson

Just as prohibition of alcohol failed in the United States in the 1920s, the war on drugs has failed globally. Over the past 50 years, more than $1 trillion has been spent fighting this battle, and all we have to show for it is increased drug use, overflowing jails, billions of pounds and dollars of taxpayers’ money wasted, and thriving crime syndicates. It is time for a new approach.


Too many of our leaders worldwide are ignoring policy reforms that could rapidly reduce violence and organised crime, cut down on theft, improve public health and reduce the use of illicit drugs. They are failing to act because the reforms that are needed centre on decriminalising drug use and treating it as a health problem. They are scared to take a stand that might seem “soft”.


But exploring ways to decriminalise drugs is anything but soft. It would free up crime-fighting resources to go after violent organised crime, and get more people the help they need to get off drugs. It’s time to get tough on misguided policies and end the war on drugs.


I was fortunate to be part of the Global Commission for Drug Policy, along with the former US Secretary of State George Shultz, former UN Secretary-General Kofi Annan, President Cardoso of Brazil and the likes of the former UN High Commissioner for Human Rights, Louise Arbor, and the former chairman of President Obama’s Economic Recovery Advisory Board, Paul Volcker. We studied international drug policy over the past 50 years, and found that it has totally failed to stop the growth and diversification of the drug trade. Between 1998 and 2008, opiate use increased by more than 34 per cent, even as prison populations swelled and profits for drug traffickers soared.


As these grim trends show, the two strategies at the core of drug control policy have been ineffective. First, prohibition and enforcement efforts have failed to dent the production and distribution of drugs in any part of the world. Second, the threat of arrest and punishment has had no significant deterrent effect on drug use.

Unless this issue is tackled now, countless individuals and families will continue to suffer, no matter how much money is spent. We need a debate on how policy can cut consumption and reduce harm, rather than inflammatory scaremongering. It is not about supporting drug use; it is about solving a crisis.

Drugs are dangerous and ruin lives. They need to be regulated. But we should work to reduce the crime, health and social problems associated with drug markets in whatever way is most effective. Broad criminalisation should end; new policy options should be explored and evaluated; drug users in need should get treatment; young people should be dissuaded from drug use via education; and violent criminals should be the target of law enforcement. We should stop ineffective initiatives like arresting and punishing citizens who have addiction problems.

The next step is simple: countries should be encouraged to experiment with new policies. We have models to follow. In Switzerland, the authorities employed a host of harm-reduction therapies, and successfully disrupted the criminal drug market. In Portugal, decriminalisation for users of all drugs 10 years ago led to a significant reduction in heroin use and decreased levels of property crime, HIV infection and violence. Replacing incarceration with therapy also helped create safer communities and saved the country money – since prison is far more expensive than treatment. Following examples such as these and embracing a regulated drugs market that is tightly controlled and complemented by treatment – not incarceration – for those with drug problems will cost taxpayers a lot less.

Even with these examples, we do not yet know what will work best. New policies should be evaluated according to the scientific evidence. But we can say now that these policies should focus on the rights of citizens and on protecting public health. Drug policy should be a comprehensive issue for families, schools, civil society and health care providers, not just law enforcement.

To evaluate such policies, we should stop measuring their success according to such indicators as numbers of arrests, prosecutions and drug seizures, which turn out to have little impact on levels of drug use or crime. We should instead measure the outcomes in the same way that a business would measure the results of a new ad campaign. That means studying things like the number of victims of drug-related violence and intimidation, levels of corruption connected to the drug market, the amount of crime connected to drug use, and the prevalence of dependence, drug-related mortality and HIV infection.

Many political leaders and public figures acknowledge privately that repressive strategies have only made the drug problem worse. It took 14 years for America’s leaders to repeal Prohibition. After 50 years of the failed drug war, it is time for today’s leaders to find the courage to speak out.

For all the successes I’ve had in business, I’ve also learnt to accept when things go wrong, work out why, and try to find a better way. The war on drugs is a failed enterprise. We need to have the courage to learn the lessons and move on.

What Does Twitter’s Country-by-Country Takedown System Mean for Freedom of Expression?

Yesterday, Twitter announced in a blog post that it was launching a system that would allow the company to take down content on a country-by-country basis, as opposed to taking it down across the Twitter system. The Internet immediately exploded with allegations of censorship, conspiracy theories about Twitter’s Saudi investors and automated content filtering, and calls for a January 28 protest. One thing is clear: there is widespread confusion over Twitter's new policy and what its implications are for freedom of expression all over the world.

Let’s get one thing out of the way: Twitter already takes down some tweets and has done so for years. All of the other commercial platforms that we're aware of remove content, at a minimum, in response to valid court orders. Twitter removes some tweets because they are deemed to be abuse or spam, while others are removed in compliance with court orders or DMCA notifications. Until now, when Twitter has taken down content, it has had to do so globally. So for example, if Twitter had received a court order to take down a tweet that is defamatory to Ataturk--which is illegal under Turkish law--the only way it could comply would be to take it down for everybody. Now Twitter has the capability to take down the tweet for people with IP addresses that indicate that they are in Turkey and leave it up everywhere else. Right now, we can expect Twitter to comply with court orders from countries where they have offices and employees, a list that includes the United Kingdom, Ireland, Japan, and soon Germany.

Twitter's increasing need to remove content comes as a byproduct of its growth into new countries, with different laws that they must follow or risk that their local employees will be arrested or held in contempt, or similar sanctions. By opening offices and moving employees into other countries, Twitter increases the risks to its commitment to freedom of expression. Like all companies (and all people) Twitter is bound by the laws of the countries in which it operates, which results both in more laws to comply with and also laws that inevitably contradict one another. Twitter could have reduced its need to be the instrument of government censorship by keeping its assets and personnel within the borders of the United States, where legal protections exist like CDA 230 and the DMCA safe harbors (which do require takedowns but also give a path, albeit a lousy one, for republication).

Twitter is trying to mitigate these problems by only taking down access to content for people coming from IP addresses the country seeking to censor that content. That's good. For now, the overall effect is less censorship rather than more censorship, since they used to take things down for all users. But people have voiced concerns that "if you build it, they will come,"--if you build a tool for state-by-state censorship, states will start to use it. We should remain vigilant against this outcome.

In the meantime, Twitter is taking two additional steps to ensure that users know that the censorship has happened. First, they are giving users notice when they seek that content. Second, they are sending the notices they receive to the Chilling Effects Project, which publishes the orders, creating an archive. Note: EFF is one of the partners in the Chilling Effects project. So far, of very big websites only Google and Wikipedia are this transparent about what they take down or block and why. When Facebook takes down a post, there is no public accountability at all. Through Chilling Effects, users can track exactly what kinds of content Twitter is being asked to censor or take down and how that happened.

So what should Twitter users do? Keep Twitter honest. First, pay attention to the notices that Twitter sends and to the archive being created on Chilling Effects. If Twitter starts honoring court orders from India to take down tweets that are offensive to the Hindu gods, or tweets that criticize the king in Thailand, we want to know immediately. Furthermore, transparency projects such as Chilling Effects allow activists to track censorship all over the world, which is the first step to putting pressure on countries to stand up for freedom of expression and put a stop to government censorship.

What else? Circumvent censorship. Twitter has not yet blocked a tweet using this new system, but when it does, that tweet will not simply disappear—there will be a message informing you that content has been blocked due to your geographical location. Fortunately, your geographical location is easy to change on the Internet. You can use a proxy or a Tor exit node located in another country. Read Write Web also suggests that you can circumvent per-country censorship by simply changing the country listed in your profile.

Australia - ISP data retention still an issue, Ludlam warns

Greens Senator Scott Ludlam has warned that a secretive proposal — known as ‘data retention’ — by the Attorney-General’s Department to force internet service providers to store a wealth of information pertaining to Australians’ emails and telephone calls is still an issue, with the public needing to remain vigilant on how the Government handles Internet surveillance.

The proposal — known popularly as ‘OzLog’ — first came to light in June 2010, when AGD confirmed it had been examining the European Directive on Data Retention (PDF) to consider whether it would be beneficial for Australia to adopt a similar regime. The directive requires telcos to record data such as the source, destination and timing of all emails and telephone calls – even including internet telephony.

In August the Attorney-General’s Department confirmed to iTNews that it was still considering the introduction of a data retention regime separately from the sort of watered down data ‘preservation’ rules being introduced in new cybercrime legislation. Delimiter has this week filed a Freedom of Information request with the Attorney-General’s Department in an effort to ascertain the precise current state of the data retention proposal.

Speaking at Electronic Frontiers Australia’s ‘War on the Internet’ event on Saturday in Melbourne (full video available online here), Ludlam, who is the Communications Spokesperson for the Greens, said much of the thinking around the data retention proposal had been integrated into new cybercrime legislation introduced in mid-2011.

Ludlam said the proposal had been narrowed down to a degree to which most people would find ‘reasonable’, in that law enforcement agencies could, for example, request ISPs to keep all available data on people suspected of committing major crimes such as terrorism — a technique he described as “hold that person’s everything, until we tell you not to any more”.

However, the Greens Senator warned, that cybercrime legislation could “mutate” into something completely different. “Maybe let’s trap all the data of these categories of people,” he said, appearing to refer to the political activist community, many members of whom had gathered at the Melbourne event. “Or these postcodes of people.”


“We know that that agenda is there,” Ludlam said, referring to the potential to “broaden out” the applications of the data retention system. “And it’s going to take sustained work to prevent that from happening. Once these systems and structures are in place, they are abused, almost by definition.”

Ludlam highlighted a Sydney Morning Herald article published several weeks ago which revealed that the Federal Resources and Energy Minister, Martin Ferguson, had secretly pushed for increased surveillance by police of environmental activists who had been protesting peacefully at coal-fired power stations and coal export facilities, with some of the work being carried out by a private contractor, the National Open Source Intelligence Centre (NOSIC).

The Greens Senator said his party would be filing freedom of information requests with the Government to find out why it thought it was appropriate, “at taxpayer’s expense, to surveil” activists who were legitimately drumming up interest in the environment. Ludlam said he presumed the Government was also tracking animal rights and anti-nuclear campaigners as well.

Hacker luminary Jacob Appelbaum, who also spoke at the event, said data retention weakened the whole of society as such systems would eventually be compromised by criminals both in Australia and internationally. With data retention, authorities could “retroactively police the population,” he acknowledged.

However, once a database like that existed, he said, that database would be stolen, leading to a point where criminals would find it very easy to commit crimes because they would be able to generate a precise pattern of people’s personal movements from the data — for example, “knowing where a car is regularly parked so you can steal it”.

Appelbaum encouraged Australian telecommunications engineers to find the points in their networks where law enforcement officials were able to connect to conduct surveillance such as wire tapping and disclose those points to the public. “Find those, and expose them. Tell journalists. Tell MPs like this guy over here,” he said, pointing at Ludlam. Ludlam highlighted the fact that it was only through the efforts of such public spirited individuals — which leaked the proposal to the media — that the data retention proposal had come to light in the first place.

Ludlam also warned of the potential for a reshuffle of cybercrime resources within the Federal Government to lead to dangerous outcomes in the area. In late December, a new cybersecurity unit was quietly formed within the Prime Minister’s Department, although the Government has not yet clarified what its responsibilities will be.

“We have a major restructure that just occurred in the commonwealth — a super-portfolio, drawn together in the Prime Minister’s office from fragments in Defence, Foreign Affairs, Communications, some presumably copyright stuff and commercial stuff that has all come together,” Ludlam said. “… really most of that sat in the former Attorney-General’s Office … [it was] picked up and moved to the PM’s office. And that’s important. We are getting a cyber-safety strategy at some point this year. That’s going to be very important to watchdog to watch how they’re thinking and what they’re doing, because all kinds of sneaky and nasty agendas are going to creep into that thing.”

Hawaii may keep track of all Web sites visited

by Declan McCullagh

Hawaii's legislature is weighing an unprecedented proposal to curb the privacy of Aloha State residents: requiring Internet providers to keep track of every Web site their customers visit.

Its House of Representatives has scheduled a hearing this morning on a new bill (PDF) requiring the creation of virtual dossiers on state residents. The measure, H.B. 2288, says "Internet destination history information" and "subscriber's information" such as name and address must be saved for two years.

H.B. 2288, which was introduced Friday, says the dossiers must include a list of Internet Protocol addresses and domain names visited. Democratic Rep. John Mizuno of Oahu is the lead sponsor; Mizuno also introduced H.B. 2287, a computer crime bill, at the same time last week.

Last summer, U.S. Rep. Lamar Smith (R-Texas) managed to persuade a divided committee in the U.S. House of Representatives to approve his data retention proposal, which doesn't go nearly as far as Hawaii's. (Smith, currently Hollywood's favorite Republican, has become better known as the author of the controversial Stop Online Piracy Act, or SOPA.)

Democrat Jill Tokuda, the Hawaii Senate's majority whip, who introduced a companion bill, S.B. 2530, in the Senate, told CNET that her legislation was intended to address concerns raised by Rep. Kymberly Pine, the first Republican elected to her Oahu district since statehood and the House minority floor leader.

"I was asked to introduce the Senate companions on these Internet security related bills by Representative Kymberly Marcos Pine after her own personal experience in this area," Tokuda said. "I would defer to her on the origins of these bills as she has done the research and outreach, and been the main champion of this effort."

Pine, who did not immediately respond to queries, has been targeted by a disgruntled Web designer, Eric Ryan, who launched KymPineIsACrook.com and claims she owes him money, according to an article last summer in the Hawaii Reporter. Her e-mail account was also reportedly hacked around the same time. The article said Pine would advocate for "tougher cyber laws at the Hawaii State Capitol" as a result.

"We must do everything we can to protect the people of Hawaii from these attacks and give prosecutors the tools to ensure justice is served for victims," Pine said at the time.

Whatever its sponsors' motivations, the bill isn't exactly being welcomed by Hawaiian Internet companies.

"This bill represents a radical violation of privacy and opens the door to rampant Fourth Amendment violations," says Daniel Leuck, chief executive of Honolulu-based software design boutique Ikayzo, who submitted testimony opposing the bill. He adds: "Even forcing telephone companies to record everyone's conversations, which is unthinkable, would be less of an intrusion."

Mizuno's proposal currently specifies no privacy protections, such as placing restrictions on what Internet providers can do with this information (like selling user profiles to advertisers) or requiring that police obtain a court order before perusing the virtual dossiers of Hawaiian citizens. Also absent are security requirements such as mandating the use of encryption.

Because the wording is so broad and applies to any company that "provides access to the Internet," Mizuno's legislation could sweep in far more than AT&T, Verizon, and Hawaii's local Internet providers. It could also impose sweeping new requirements on coffee shops, bookstores, and hotels frequented by the over 6 million tourists who visit the islands each year.

"H.B. 2288 raises all of the traditional concerns associated with data retention, and then some," Kate Dean, head of the U.S. Internet Service Provider Association in Washington, D.C., which counts Verizon and AT&T as members, told CNET. "And this may be the broadest mandate we've seen."

Even the Justice Department has only lobbied the U.S. Congress to record Internet Protocol addresses assigned to individuals--users' origin IP address, in other words. It hasn't publicly demanded that companies record the destination IP addresses as well.

In Washington, D.C., the fight over data retention requirements has been simmering since the Justice Department pushed the topic in 2005, a development that was first reported by CNET. Proposals publicly surfaced in the U.S. Congress the following year, and President Bush's attorney general, Alberto Gonzales said it's an issue that "must be addressed." So, eventually, did FBI director Robert Mueller.

Insane English copyright ruling creates ownership in the idea of a photo's composition

By Cory Doctorow



In a bizarre ruling, an English court has ruled that in favor of a commercial poster company that argued that a photo that showed a similar (but different) scene taken by a different person in a different place nevertheless infringed the copyright of a poster. What the judge ruled was that photographing a scene that is "substantially similar" to a scene someone else has already photographed infringes the first shooter's copyright.

It's impossible to understand how this will play out in real life. If a Reuters and an AP photographer are standing next to each other shooting the Prime Minister as he walks out of a summit with the US President, their photos will be nearly identical. Will the slightly faster shutter on the AP shooter's camera give him the exclusive right to publish a photo of the scene from the press-scrum?

The judge here ruled that the idea of the image was the copyright, not the image itself. Ideas have always been exempt from copyright, because courts and lawmakers have recognized the danger of awarding ownership over ideas. Indeed, the "idea/expression split" is pretty much the first thing you learn in any copyright class.

Amateur Photographer quotes "photographic copyright expert Charles Swan" who warns, "The Temple Island case is likely to herald more claims of this kind."

Yeah, no shit. This creates a situation where anyone who owns a large library of photos -- a stock photography outfit -- can go through its catalog and start suing anyone with deep pockets: "We own the copyright to 'two guys drinking beer with the bottoms of the mugs aimed skyward!'" It's an apocalyptically bad ruling, and an utter disaster in the making.

Swan warned: 'The Temple Island case is likely to herald more claims of this kind. The judgement should be studied by anyone imitating an existing photograph or commissioning a photograph based on a similar photograph.

'“Inspiration' and “reference” are fine in themselves, but there is a line between copying ideas and copying the original expression of ideas which is often a difficult one to draw.'
Though, in the past, the cost of such court actions has made them 'uneconomic to pursue' this is all about to change, added Swan. 'The UK government has accepted a recommendation in the Hargreaves Report that the Patents County Court… should operate a small claims procedure for intellectual property claims under £5,000.'

Europe proposes a "right to be forgotten"

By Peter Bright

European Union Justice Commissioner Viviane Reding has proposed a sweeping reform of the EU's data protection rules, claiming that the proposed rules will both cost less for governments and corporations to administer and simultaneously strengthen online privacy rights.

The 1995 Data Protection Directive already gives EU citizens certain rights over their data. Organizations can process data only with consent, and only to the extent that they need to fulfil some legitimate purpose. They are also obliged to keep data up-to-date, and retain personally identifiable data for no longer than is necessary to perform the task that necessitated collection of the data in the first place. They must ensure that data is kept secure, and whenever processing of personal data is about to occur, they must notify the relevant national data protection agency.

The new proposals go further than the 1995 directive, especially in regard to the control they give citizens over their personal information. Chief among the new proposals is a "right to be forgotten" that will allow people to demand that organizations that hold their data delete that data, as long as there is no legitimate grounds to hold it.

It's not 1995 anymore

The 1995 Directive was written in a largely pre-Internet era; back then, fewer than one percent of Europeans were Internet users. The proposed directive includes new requirements designed for the Internet age: EU citizens must be able to both access their data and transfer it between service providers, something that the commission argues will increase competition. Citizens will also have to give their explicit permission before companies can process their data; assumptions of permission won't be permitted, and systems will have to be private by default.

These changes are motivated in particular by the enormous quantities of personal information that social networking sites collect, and the practical difficulties that users of these services have in effectively removing that information. Reding says that the new rules "will help build trust in online services because people will be better informed about their rights and in more control of their information."

Where do the claimed savings come from? EU member states currently comply with the 1995 Directive, but each of the 27 states has interpreted and applied these rules differently. The European Commission argues that this incurs unnecessary administrative burdens on all those involved with handling data. The new mandate would create a single set of rules consistent across the entire EU, with projected savings for businesses of around €2.3 billion (US$2.98 billion) per year.

With rules streamlined throughout the trading bloc, companies would in turn only have to deal with the data protection authorities in their home country, rather than in every state in which they trade.

The new rules would also reduce the routine data protection notifications that businesses must currently send to national data protection authorities, allowing further savings of €130 million (US$169 million). However, organizations that handle data will have greater obligations in the event of data breaches: they will have to notify data protection authorities as soon as possible, preferably within 24 hours.

The rules will also apply to companies that process data abroad, if those companies serve the EU market and EU citizens.

Non-compliance will be punishable by the national data protection authorities, and they will be able to apply penalties of up to €1 million (US$1.3 million) or two percent of global annual turnover.

The proposal will undergo discussion in the European Parliament. Once the rules are adopted, they will take effect within two years.

A mixed response

Industry responses to the proposals have been varied. While the harmonization and reduction of routine notifications is welcomed, some have rubbished Reding's claim that the new directive will reduce costs. For example, the Business Software Alliance's European government affairs director, Thomas Boué said, "The Commission's proposal today errs too far in the direction of imposing prescriptive mandates for how enterprises must collect, store, and manage information."

Supporters of the new proposals argue that the new directive will force companies to do things that they should already be doing. Christian Toon, head of information security at document management firm Iron Mountain, says, "Many businesses of all sizes are falling short of what is required to manage information responsibly. [...] Regardless of turnover, sector or country of operation, making sure that employee and customer information is protected should be common practice, not a reaction to new legislation."

Indeed, many of the provisions of the new directive have similar counterparts in the existing directive, and others are features of national law of some, but not all, EU member states. For example, current law gives citizens the right to have inaccurate data about them corrected. In some countries, such as the UK, this extends to a right to have that inaccurate data deleted outright. In others, such as Belgium, Germany, and Sweden, it does not. The new rules would make that right to delete universal, and would make it apply even for accurate data that is no longer necessary.

This is the so-called "right to be forgotten". The proposal does not create a right to be thrown down the memory hole or rewrite the past; news reports and similar material would be a legitimate reason to retain personal information, and this would override a demand to have data deleted. But sites like Facebook—which has had difficulties with the concept of deletion—and Google would likely be required to purge any such personal data should someone demand that they do so.

A strict "opt-in" requirement for the use of personal data could make advertising-funded services that rely on that personal data to properly target advertisements difficult to operate. The requirement to report breaches in 24 hours might also be difficult to fulfil, since it can take much longer for a breach to even be detected.

The new rules would create an interesting predicament for a company like Google. The search giant has just announced its new privacy policy that enables it to collect and aggregate data from almost all Google services, with no provision to opt out or restrict the processing the company performs to private data. This is the opposite of the "private by default" policy that the proposed rules require, and the only way that Google users will attain that privacy is by not creating or using a Google account.

When asked about the impact of the new rules, a Google spokesperson told Ars: "We support simplifying privacy rules in Europe to both protect consumers online and stimulate economic growth. It is possible to have simple rules that do both. We look forward to debating the proposals over the coming months."

But still, this is not a fundamental shift in the demands placed on data-holding organizations. They must already be able to identify personal data, they must already store it securely, and they must already be able to provide it on-demand. Doing these things requires that systems are designed appropriately, and this can certainly incur costs—but they are costs that should already exist today.

Disappointing Ruling in Compelled Laptop Decryption Case

A federal district court in Colorado has handed down an unfortunate early ruling (pdf) in a case in which the government is attempting to force a criminal defendant to decrypt the contents of a laptop.

In United States v. Fricosu, the government seized several computers from the home of a woman charged with mortgage fraud, including a laptop containing encrypted information. Prosecutors asked the court (pdf) to force the woman to either type an encryption passphrase into the laptop to decrypt the information or turn over a decrypted version of the data, relying heavily on the fact that the government recorded a conversation between Fricosu and her ex-husband in which the government says she admitted that the laptop was hers and she knew the password. EFF filed an amicus brief (pdf) in July, arguing she had a Fifth Amendment privilege against self-incrimination that prevented the government from compelling her to disclose the data.

The Fifth Amendment protects a person from being forced to be a witness against herself in a criminal case, a right often called the privilege against self-incrimination. The privilege doesn't prevent the government from gathering evidence from a person, but rather protects a person from being forced to make communications that would reveal the contents of her mind. The Supreme Court has held that it also applies to actions that communicate something of value—for example, producing records that would confirm the existence or authenticity of certain information, or the fact that a particular person had control over that data.

Regardless, the government can overcome the privilege by offering immunity that matches the scope of the protected right, since any information revealed after that wouldn't be incriminating. The government can also bypass the privilege if it already knows about existence, location and possession of the evidence it seeks, such that forcing a person to turn over that information won't tell the government anything more than it already knows. The government claimed that it had defeated Fricosu's privilege in both of these ways.

In the order issued yesterday, the court dodged the question of whether requiring Fricosu to type a passphrase into the laptop would violate the Fifth Amendment. Instead, it ordered Fricosu to turn over a decrypted version of the information on the computer. While the court didn't hold that Fricosu has a valid Fifth Amendment privilege not to reveal that data, it seemed to implicitly recognize that possibiity. The court both points out that the government offered Fricosu immunity for the act of production and forbids the government from using the act of production against her. We think Fricosu not only has a valid privilege against self-incrimination, but that the immunity offered by the government isn't broad enough to invalidate it. Under Supreme Court precedent, the government can't use the act of production or any evidence it learns as a result of that act against Fricosu.

The court then found that the Fifth Amendment "is not implicated" by requiring Fricosu to turn over the decrypted contents of the laptop, since the government independently learned facts suggesting that Fricosu had possession and control over the computer. Furthermore, according to the court, "there is little question here but that the government knows of the existence and location of the computer's files. The fact that it does not know the specific content of any specific documents is not a barrier to production." We disagree with this conclusion, too. Neither the government nor the court can say what files the government expects to find on the laptop, so there is testimonial value in revealing the existence, authenticity and control over that specific data. If Fricosu decrypts the data, the government could learn a great deal it didn't know before.

In sum, we think the court got it wrong. Regardless, the result is a very specific to the facts of this case and is unlikely to have far-reaching consequences, even if it stands.

Professor Orin Kerr has more thoughts about this case here.

Related Cases

US v. Fricosu

Supreme Court holds warrantless GPS tracking unconstitutional

By Timothy B. Lee

All nine justices of the Supreme Court ruled on Monday that police officers violated the Fourth Amendment rule against unreasonable search and seizure when they attached a GPS device to a suspect's car and tracked it for 28 days without a warrant. But the court was split down the middle on the reasoning. Four justices focused on the physical trespass that occurred when the police attached the device, four focused on the violation of the suspect's "reasonable expectation of privacy," and the final justice, Sonia Sotomayor, endorsed both theories.

The case involved a suspected drug dealer. The feds got a warrant to track his car with a GPS device and then "installed a GPS tracking device on the undercarriage of the Jeep while it was parked in a public parking lot." But agents installed it a day after the warrant had expired and in a location not authorized by the warrant—making the surveillance warrantless. (The feds also had to access the Jeep again a couple weeks later in order to change the GPS tracker's battery "when the vehicle was parked in a different public lot in Maryland.")

At trial, the GPS data was used to link the defendant to an alleged drug stash house that "contained $850,000 in cash, 97 kilograms of cocaine, and 1 kilogram of cocaine base." The defendant was sentenced to life in prison. The Supreme Court considered the question of whether the GPS tracking had been conducted legally.
Two theories

While the result was unanimous, the reasoning was not. A five-judge majority led by Justice Scalia, and including most of the court's conservatives, focused on the physical trespass involved in attaching the device to the car. "The Government physically occupied private property for the purpose of obtaining information," Scalia wrote. "We have no doubt that such a physical intrusion would have been considered a 'search' within the meaning of the Fourth Amendment when it was adopted."

The focus on physical trespass is significant because it suggests that GPS surveillance by other means—such as by obtaining data from the GPS device already included in many of our cell phones—would not violate the Fourth Amendment.

Three of the court's liberals signed a concurrence by Justice Alito, a conservative, that would have taken a stronger pro-privacy stance. Alito argued that extended warrantless tracking itself violates the Fourth Amendment regardless of whether the government committed a trespass to accomplish it.

Alito focused on the famous case of Katz v. United States that established the "reasonable expectation of privacy" test for violations of the Fourth Amendment. He argued that the trespass here was of little consequence to Fourth Amendment analysis, and that what really matters is that the defendant had a reasonable expectations that the details of his movements over a 28-day period would be private.

Scalia responded to this critique in his opinion. "Unlike the concurrence, which would make Katz the exclusive test, we do not make trespass the exclusive test," he said. "Situations involving merely the transmission of electronic signals without trespass would remain subject to Katz analysis."

Of course, because Scalia chose to rule on narrow trespass grounds, he doesn't actually explain how the "reasonable expectation of privacy" reasoning would apply to GPS tracking. That leaves this important body of law unsettled, which is worrying because it's becoming increasingly common for the police to obtain cell phone location data without a warrant.
Sotomayor attacks the third-party doctrine

Justice Scalia's opinion is the majority opinion only because Justice Sotomayor, an Obama appointee, signed onto it. But in addition to endorsing Scalia's position, she also filed a separate concurrence in which she endorsed both Scalia's concerns about physical trespass and Justice Alito's broader concerns about the dangers of warrantless GPS tracking.

"As Justice Alito incisively observes, the same technological advances that have made possible nontrespassory surveillance techniques will also affect the Katz test by shaping the evolution of societal privacy expectations," Sotomayor wrote. "Under that rubric, I agree with Justice Alito that, at the very least, 'longer term GPS monitoring in investigations of most offenses impinges on expectations of privacy.'"

Justice Sotomayor also raised an issue that neither Scalia or Alito addressed: the third party doctrine. That's the theory that we lose Fourth Amendment protection when we disclose information, such as bank records, cell phone locations, or the contents of our email inboxes, to a third party such as Bank of America, Verizon, or Google, respectively.

Sotomayor called the third-party doctrine "ill-suited to the digital age, in which people reveal a great deal of information about themselves to third parties in the course of carrying out mundane tasks. People disclose the phone numbers that they dial or text to their cellular providers; the URLs that they visit and the e-mail addresses with which they correspond to their Internet service providers; and the books, groceries, and medications they purchase to online retailers."

Sotomayor's discussion of the third-party doctrine has no legal significance, since she was the only one to sign onto her concurrence. But it could prove to have greater significance in the long run. The existence of at least one justice who is skeptical of the doctrine will inspire privacy advocates to raise objections to the idea in future cases. And one of those cases is likely to reach the high court at some point in the future.

If Pajamas Are Outlawed, Only Outlaws Will Wear Pajamas

I guess that slogan does work better for guns, probably because that's something people might conceivably care about.

At least, until recently it honestly hadn't occurred to me that the wearing of pajamas, even in public, could cause any controversy. Maybe it should have, given the number of words I have directed at the nation's War on Sagging. See, e.g., "Georgia Town Enters Fight Against Sagging Pants," Lowering the Bar (Sept. 14, 2010) (noting that, at the time, at least a dozen state and local legislatures had taken up this critical issue). At least three Louisiana towns banned sagging, including Shreveport (a state ban failed in the Senate). As we can now see, failing to stand up for saggy pants has put our pajama bottoms at risk.

Michael Williams, a commissioner for Caddo Parish (which includes Shreveport), says he was horrified when he visited a local Walmart and espied a group of young miscreants "wearing pajama pants and house shoes." He was extra-horrified when he glanced at one of the young men and noticed that "at the part where there should have been underwear" - you know the part - one of his parts in particular was allegedly "showing through the fabric." Seems like existing law on indecent exposure should cover that, if it was really that bad, but Williams concluded further legislation was necessary.

"Pajamas are designed to be worn in the bedroom at night," said Williams, likely after extensive research on the history and design of pajamas. "If you can't [wear them to the] courthouse, why are you going to do it in a restaurant or in public?" (Um, because those aren't courthouses?) Williams also invoked the "slippery-slope" argument, of course. "Today it's pajamas," he said, "tomorrow it's underwear. Where does it stop?" Seems to me there's only one further step once you get to underwear. This guy is really not that imaginative.

Which raises the question of what such an ordinance might look like. It would have to define "pajamas," for one thing, which could be tricky. Williams has suggested the term could be defined as "a garment sold in the sleepwear section of department stores." But that puts our pajama rights in the hands of department-store managers, though it could also provide an easy way around the ban by just shelving pajamas differently. Maybe partly for this reason, the parish sheriff does not seem sold on the idea. "It's going to be very difficult to enforce the way it's described," he said. Doesn't mean they won't try; Shreveport has been enforcing its saggy-pants ban, reporting 31 "incidents" during 2010, one every 12 days or so, involving the "wearing of pants below the waist in public." Presumably no other crimes were committed in the city that year.

The Shreveport Times was able to locate two citizens who could be affected by the ban. Neither seemed too happy about it. "We all wear our pajamas out," said Tracy Carter. By "we," she meant herself and her three children, one of whom was wearing dinosaur pajamas at the time in flagrant violation of community standards. "They're covering everything," she said of her PJs. (Thankfully, they were.) Another pajama bandit was more outspoken. "I'm an American," said Khiry Tisdem, "and I can wear my [pajamas] anywhere I want." There is a First Amendment issue here, it's true, although some will ask what the Founders thought about this. "I'm a grown man," Tisdem continued, wearing pants with pictures of Stewie from Family Guy on them. "I can wear my clothes the way I want." We'll see about that.

Williams said he plans to "poll his fellow commissioners" on the topic in February, and presumably will then draft an ordinance to address the pajama crisis if a majority of them don't think this is stupid.

Judge: Fifth Amendment doesn't protect encrypted hard drives

By Timothy B. Lee

A federal judge has ruled that a Colorado woman can be compelled to decrypt her encrypted laptop so that the police can inspect it for incriminating evidence. The woman, Ramona Fricosu, is a defendant in a mortgage scam case. She had argued that the Fifth Amednment's privilege against self-incrimination protected her from having to disclose the password to her hard drive, which was encrypted using PGP Desktop.

In previous cases, judges have drawn a distinction between forcing a defendant to reveal her password and forcing her to decrypt encrypted data without disclosing the password. The courts have held that the former forces the defendant to reveal the contents of her mind, which raises Fifth Amendment issues. But Judge Robert Blackburn has now ruled that forcing a defendant to decrypt a laptop so that its contents can be inspected is little different from producing any other kind of document.

Fifth Amendment issues can also arise if acknowledging ownership of a laptop or the existence of relevant documents is itself incriminating. But the police had recorded a phone call between Fricosu and her husband in which she seemed to acknowledge ownership of the laptop and to reference incriminating material on it. Blackburn ruled that barring prosecutors from using the fact that she was able to decrypt the laptop as evidence against her in court would satisfy the Fifth Amendment concerns with compelled disclosure.

Fricosu's lawyer talked to CNET about the case and about his plans to appeal the ruling.

Dubois said that, in addition, his client may not be able to decrypt the laptop for any number of reasons. "If that's the case, then we'll report that fact to the court, and the law is fairly clear that people cannot be punished for failure to do things they are unable to do," he said.

Jurors: leave the information age—or go to jail

By Peter Bright

An English court has sentenced a juror to six months in prison for contempt of court after she performed research on the Internet and forced the abandonment of a criminal trial.

Psychology lecturer Theodora Dallas, 34, was a member of the jury in the trial of Barry Medlock, accused of causing grievous bodily harm. She looked up certain information related to the trial on the Internet, came across information concerning Medlock, and told her fellow jurors what she had found. One of them informed the judge, causing the judge to abandon the trial. Medlock was later retried and found guilty.

Dallas claims that she was searching for "grievous bodily harm"—a term of art in English law that encompasses wounding and serious injury—to learn what precisely it meant. She claims that she then added "Luton" to the search terms (the town in England where Dallas worked and the trial was being held), and came across a newspaper report that Medlock had been accused, and acquitted, of rape. Such information is not disclosed in trials lest it prejudice the jury.

Contempt of court proceedings were initiated by Attorney General Dominic Grieve. Three judges, including Lord Judge (sic; Igor Judge is an example of New Scientist's nominative determinism in action), the Lord Chief Justice, found her guilty. Lord Judge said that Dallas had deliberately disobeyed the trial judge's instructions not to search the Internet and that "the damage to the administration of justice is obvious."

This is not the only recent case of an English juror being imprisoned for misusing the Internet. In June 2011, Joanna Fraill was sentenced to eight months for contempt of court after contacting one defendant, Jamie Sewart, during a drug case, and researching another, Sewart's boyfriend Gary Knox. Sewart was acquitted early in the case, and then added Fraill as a friend on Facebook. Sewart asked Fraill about the deliberations over Knox's charges. Sewart received a two-month sentence; Knox is now attempting to have his six-year conviction overturned for jury misconduct.

Fraill felt guilty about what she had done and disclosed it to the court. The Lord Chief Justice acknowledged that Fraill had not attempted to pervert the course of justice, but nonetheless insisted on a custodial sentence to "ensure the continuing integrity of trial by jury."
Enforced ignorance

The position of the juror is a peculiar one. On the one hand, the juror is expected to draw on his experiences as a human when assessing the case presented to him. On the other, the juror is supposed to have essentially no outside knowledge, making his assessment only on the basis of the narrow set of facts presented during the trial. Simultaneously, he should be worldly and wise, but also ignorant and naive.

This has always created tensions, but they have never been more acute than today. Not only is information abundantly available—just type whatever you want to know about in a search engine of your choosing—it's expected and depended on. We don't like it when instant access gets taken away from us. The demand that jurors actively avoid informing themselves, while always unsettling for those of an inquisitive nature, has become completely out-of-step with modern life.

The blanket ban on Internet research also intuitively feels heavy-handed. Jurors in a court might well come across vocabulary and terminology that they're not familiar with; they might not know that a "caucasian male" means a white dude, or that "mens rea" refers to the guilty mind and intent to perform a criminal act. While jurors may, depending on jurisdiction and tradition, be permitted to direct demands for clarification to the judge, looking up such information on the Internet would seem harmless.

Clearly, not all Internet research is so innocuous. Learning that a defendant had previously been accused of rape, even if acquitted, may very well be prejudicial, and such findings are likely to taint the jury.

Between the two extremes of harmless dictionary-style research on the one hand and direct investigation into the defendant on the other is a world that is murky and uncertain. It would be difficult to argue that, for example, learning about the history of grievous bodily harm, and some of the notable relevant court decisions in English history, could lead to a juror making a decision that is unjust. But it might nonetheless lead them to make a decision that is different than the one they would otherwise have made.

Taking a hard line against Internet usage is the only way of avoiding "accidental" tainting. While Fraill admitted to deliberately searching for Gary Knox, Dallas did not claim to have directly sought information about Barry Medlock. Rather, she claims to have found the newspaper article after localizing her search on grievous bodily harm. Even searches that might be widely agreed to be harmless in and of themselves could reveal prejudicial information by accident.

The rules given to jurors are essentially unenforceable. Sequestration of juries is unusual. Most of the time, jurors are unsupervised when not in the courtroom, giving them ample freedom to read whatever they like on the Internet. Both Fraill and Dallas got caught only because they told other people what they had done; had they kept quiet, there would have been literally no way of knowing that they had broken the rules (especially as English jurors may not disclose their deliberations or thought processes to anyone, even after the trial has concluded).

In the world of paper research and legal libraries, fewer jurors were motivated to do the leg-work to learn about the case or its defendants (though the newspaper might pose a temptation when it provided reporting on high-profile cases). But in the modern world of search engines and Wikipedia, where similar research might be conducted routinely throughout the day—just look at how smartphone-toting twentysomethings deal with unfamiliar terms on a restaurant menu, for example—such research isn't just "not unusual," it's increasingly the norm. Against this backdrop, can courts continue to demand that jurors willingly place themselves in a bubble of ignorance, and are such demands even meaningful when they depend so heavily on self-incrimination to enforce?

SOPA, Internet regulation, and the economics of piracy

By Julian Sanchez

Earlier this month, I detailed at some length why claims about the purported economic harms of piracy, offered by supporters of the Stop Online Piracy Act (SOPA) and PROTECT-IP Act (PIPA), ought to be treated with much more skepticism than they generally get from journalists and policymakers. My own view is that this ought to be rather secondary to the policy discussion: SOPA and PIPA would be ineffective mechanisms for addressing the problem, and a terrible idea for many other reasons, even if the numbers were exactly right. No matter how bad last season's crops were, witch burnings are a poor policy response. Fortunately, legislators finally seem to be cottoning on to this: SOPA now appears to be on ice for the time being, and PIPA's own sponsors are having second thoughts about mucking with the Internet's Domain Name System.

That said, I remain a bit amazed that it's become an indisputable premise in Washington that there's an enormous piracy problem, that it's having a devastating impact on US content industries, and that some kind of aggressive new legislation is needed tout suite to stanch the bleeding. Despite the fact that the Government Accountability Office recently concluded that it is "difficult, if not impossible, to quantify the net effect of counterfeiting and piracy on the economy as a whole," our legislative class has somehow determined that—among all the dire challenges now facing the United States—this is an urgent priority. Obviously, there's quite a lot of copyrighted material circulating on the Internet without authorization, and other things equal, one would like to see less of it. But does the best available evidence show that this is inflicting such catastrophic economic harm—that it is depressing so much output, and destroying so many jobs—that Congress has no option but to Do Something immediately? Bearing the GAO's warning in mind, the data we do have doesn't remotely seem to justify the DEFCON One rhetoric that now appears to be obligatory on the Hill.

The International Intellectual Property Alliance—a kind of meta-trade association for all the content industries, and a zealous prophet of the piracy apocalypse, released a report back in November meant to establish that copyright industries are so economically valuable that they merit more vigorous government protection. But it actually paints a picture of industries that, far from being "killed" by piracy, are already weathering a harsh economic climate better than most, and have far outperformed the overall US economy through the current recession. The "core copyright industries" have, unsurprisingly, shed some jobs over the past few years, but again, compared with the rest of the economy, employment seems to have held relatively stable at a time when you might expect cash-strapped consumers to be turning to piracy to save money.

Decreasing creative output?

Since the core function of copyright is to incentivize the production of creative works, it's also worth looking for signs of declining output associated with filesharing. Empirically, it's surprisingly hard to find an effect. Rather, a recent survey study by Felix Oberholzer-Gee of the Harvard Business School concluded that "data on the supply of new works are consistent with the argument that file sharing did not discourage authors and publishers" from producing more works, at least in the US market.

So, for instance, Nielsen SoundScan data shows new album releases stood at 35,516 in 2000, peaked at 106,000 in 2008, and (amidst a general recession) fell back to mid-decade levels of about 75,000 for 2010. That's against a general background of falling sales since 2004—mostly explained by factors unrelated to piracy—which finally seems to have reversed in 2011. The actual picture is probably somewhat better than that, because SoundScan data is markedly incomplete when it comes to the releases by indie artists who have benefited most from the rise of digital distribution.
Most entertainment industries continue to operate on a "tournament" or "lottery" model, where a few hits generate jackpot revenues, sufficient to make up for losses on the majority of new products

If we look at movies, the numbers compiled by the industry statistics site Box Office Mojo show an average of 558 releases from American studios over the past decade, which rises to 578 if you focus on just the past five years. The average for the previous decade—before illicit movie downloads were even an option on most people's radar—is 472 releases per year. (As we learn from a recent Congressional Research Service report, it's weirdly hard to detect a strong overall correlation between output and employment in the motion picture industry, which actually fell slightly from 1998 to 2008, even as profits and CEO pay soared. One reason is the growing trend in recent decades for "Hollywood" features to actually be produced in Canada or Australia.)

That's all very nice, one might object, but wouldn't these heartening numbers be even higher if labels and studios could recapture some of the revenue lost to illicit downloads? Well, they surely might—but it's not nearly as clear as you'd think.

One reason is that they already are recapturing much of that revenue through "complementary" purchases. As Oberholzer-Gee observes, recording industry numbers show large increases in concert revenues corresponding to the drop in recorded music sales. That suggests that, as people discover new artists by sampling downloaded albums online, they're shifting consumption within the sector to live performances. In other words, people have a roughly constant "music budget," and what they don't spend on the albums they've downloaded gets spent on seeing that new band they discovered. For the firms that specifically make their money from the sale of recordings, that may seem like cold comfort, but if we're concerned with the music industry as a whole, it's a wash. Something similar might occur with respect to purchases of merchandise based on licensed film properties.

Another factor is that, notwithstanding projections of a "long tail" effect resulting from lower search and distribution costs in the digital era, most entertainment industries continue to operate on a "tournament" or "lottery" model, where a few hits generate jackpot revenues, sufficient to make up for losses on the majority of new products. Unsurprisingly, the most heavily pirated movies each year tend to be the ones that are also highly successful at the box office and in DVD sales, with similar patterns in album downloads. In other words, bleeding revenue to piracy is going to be a problem to the extent that your product is a hit, in a market where the core uncertainty about this crucial fact (at the time when the decision whether to greenlight production is made) looms a lot larger than the marginal loss from illicit downloads if you are successful.

It's a tricky but more or less tractable problem to estimate roughly how many full-time jobs you'll need regionally to support one additional $150 million movie production next year. It's a totally different question how aggregate sectoral employment in a volatile and evolving industry changes based on investor responses to a $150 million across-the-board drop in the size of the total film jackpot, especially given that arcane financial arrangements are one place Hollywood does show a genius for constantly adapting its business model. If you want to know how many people are getting laid off when McDonald's revenues drop, it makes a difference whether it's each of 13,000 franchises earning $100 less per year, or one franchise earning $1.3 million less, even though the total reduction is the same.

Finally, more demand for content being captured by the content industries is not always the same thing as demand for more content, in the sense of "a greater variety of output." I noted earlier that the past few years have seen a significant spike in the number of movie titles released annually. But as the Los Angeles Times reported in 2008, studio executives soon began complaining about a "glut" of new movies, many of which were targeted at the same demographics, and therefore cannibalizing their own audiences. As one executive suggested, that meant that (at least in a market dominated by a few huge distributors) releasing fewer titles could yield higher profits—and, indeed, the number of titles released in the following two years dropped back to mid-decade levels.

The key point here is that shifting some portion of the pirate audience to some form of legal viewing doesn't necessarily change this basic calculus, because there's an upper bound to the number of hours most people are going to spend watching (say) racing movies, whether they're paying for the privilege or not. Rising demand can just as easily, for instance, bid up star salaries for a fixed number of films.

Still seeking a real, quantifiable link

The point here isn't that piracy by American consumers is somehow completely independent from output or employment rates in the content industries—though, again, that's not at all the same thing as the overall US employment rate. Obviously, at some level it has to have some effect. But the link is, to use the technical economic term, weirder than in many other sectors of the economy. In many industries, the relationship between consumer spending and job creation is relatively straightforward. If demand for widgets or restaurant meals rises, satisfying that demand requires a roughly linear increase in widget factories and restaurants, in hiring of widget-makers and cooks and waiters, and in purchases of the raw material inputs for those goods. Distribution of copyrighted content—and in particular digital distribution over the Internet—is a bit more complicated, for precisely the same reason piracy is an issue: once the first copy of a work has been created, an unlimited number of additional units (of the digital product) can be produced at effectively zero cost.

No doubt piracy is costing the content industries something—or they wouldn't be throwing so much money at Congress in support of this kind of legislation

Let's imagine, implausibly, that a measure like SOPA did manage to reduce online piracy by US consumers by some meaningful amount. A small portion of that reduction, the minority of downloads representing legal purchases displaced by file sharing, would translate into sales for the content industries. What form would these take? It seems reasonable to suppose that the majority of people who were previously getting their music and movies from The Pirate Bay are not typically lining up to buy shiny plastic discs at Wal-Mart. Rather, they're probably disproportionately displacing legal digital downloads from venues like iTunes and Amazon, or subscription services like Netflix and Spotify, which are pretty clearly where the overall market is quickly going anyway. (Apparently, literal thieves don't even bother stealing physical media anymore.) For movies, there's probably also some displacement of theatrical ticket sales, though as the theatrical experience is in many ways a distinct good, it's hard to say how much substitution it's reasonable to expect.

In the very short term, increased legal purchases of digital content wouldn't seem likely to generate many additional jobs. If spending in the physical retail sector jumps 20 percent, shops need to hire more clerks, and their suppliers more manufacturing workers, to meet the increased demand. If spending in the iTunes store jumps 20 percent, Apple probably needs to pay a few bucks more for bandwidth and electricity, but basically everyone just gets to smile and pocket the extra profit. The jobs effects estimates we're seeing tossed around, however, are coming from a 2007 study that would have had to employ, at the most recent, adjustments made several years before that to the benchmark multipliers the Bureau of Economic Analysis developed in 2002.

Even leaving aside its many other problems, then, the job impact estimates in that study would have been largely based on legacy assumptions from a brick-and-mortar economy. (The loss estimates relied on would also, necessarily, fail to account for the recent rise of popular, legal streaming services that have likely lured many consumers back from the pirate market. There is, alas, no very good data here, but I'd wager Hulu and Netflix have done exponentially more to reduce piracy losses than enforcement crackdowns ever will.) In any event, you'd expect the most immediate effect of consumer spending shifts from widgets and restaurants to digital downloads would be, if anything, fewer net jobs. The output and employment effects, rather, would show up in the longer term as lower returns reduce incentives to produce new content—and hire the workers needed to support that production. For some of the reasons discussed above, though, empirically there's just not much evidence for a dramatic effect of this kind.

No doubt piracy is costing the content industries something—or they wouldn't be throwing so much money at Congress in support of this kind of legislation. If we could wave a magic wand and have less piracy, obviously that would be good. But in the real world, where enforcement has direct costs to the taxpayer, regulation has costs on the industries it burdens, and the reduction in piracy they're likely to produce is very small, it seems important to point out that the credible evidence for the magnitude of the harm is fairly thin.

As a rough analogy, since antipiracy crusaders are fond of equating filesharing with shoplifting: suppose the CEO of Wal-Mart came to Congress demanding a $50 million program to deploy FBI agents to frisk suspicious-looking teens in towns near Wal-Marts. A lawmaker might, without for one instant doubting that shoplifiting is a bad thing, question whether this is really the optimal use of federal law enforcement resources. The CEO indignantly points out that shoplifting kills one million adorable towheaded orphans each year. The proof is right here in this study by the Wal-Mart Institute for Anti-Shoplifting Studies. The study sources this dramatic claim to a newspaper article, which quotes the CEO of Wal-Mart asserting (on the basis of private data you can't see) that shoplifting kills hundreds of orphans annually. And as a footnote explains, it seemed prudent to round up to a million. I wish this were just a joke, but as readers of my previous post will recognize, that's literally about the level of evidence we're dealing with here.

In short, piracy is certainly one problem in a world filled with problems. But politicians and journalists seem to have been persuaded to take it largely on faith that it's a uniquely dire and pressing problem that demands dramatic remedies with little time for deliberation. On the data available so far, though, reports of the death of the industry seem much exaggerated.

Julian Sanchez is a research fellow at the Cato Institute, where he focuses primarily on issues at the busy intersection of technology, privacy, civil liberties, and new media. He was formerly Ars Technica's Washington Editor, and his writing has appeared in The Los Angeles Times, The American Prospect, and Reason, among other places. He also blogs regularly for The Economist's Democracy in America.