Thursday, June 25, 2009

Tories plan radical action on privacy

Most gratifying to see the Conservative shadow minister for security, Baroness Neville-Jones, announce plans on data protection clearly based around our Database State report (via Ideal Government):

The individual is the rightful owner of personal information and the state is merely possessor and should behave as a responsible custodian. We need to roll back the advance of Big Brother and restore this fundamental right of our citizens. Restoring privacy today must mean a clear statement on the part of those who have custody of personal information of their purpose in retaining it and of their commitment to its proper management. This will necessarily involve a review of most of the government's centralised databases, their use and access to them regulated. It leads to the unavoidable conclusion that that the Information Commissioner should emerge as one of the important offices of state in the twenty first century.

Monday, June 22, 2009

Iranian repression aided by Nokia/Siemens

Quelle surprise: Iran has been using communications monitoring equipment developed by Nokia and Siemens for lawful intercept US/EU purposes to try and crush the ongoing Twitter revolution.

"Enfin, et c'est le point le plus polémique, la liste noire confidentielle gérée par cinq personnes de la BKA et supervisée par un délégué national à la protection des données privées ne sera contrôlée par personne d'autre. Dès lors — et c'est devenu la coutume à propos de ce genre de lois — se pose toujours la même question : qui surveillera les surveillants ?" —Olivier Dumons (merci a Michael!)

Friday, June 19, 2009

Google to improve cloud security

Google has responded quickly to an open letter signed by 38 security and privacy experts (including yours truly) asking them to improve the security of their cloud applications (such as Docs, Mail and Calendar). They are planning trials of the use by default of secure Hypertext Transfer Protocol, which will protect information while in transit between user machines and Google's servers.

This is an important protection for Google's users, especially those with laptops whose WiFi links can be easily monitored. Bravo to Google, and to the original author of the open letter Chris Soghoian.

Thursday, June 18, 2009

Iran is not the only enemy of online freedom

Go to hell dictator
This last week's events in Iran have demonstrated the potential of the Internet as a tool for freedom. As Timothy Garton Ash writes in today's Guardian:
Is there sufficient energy, somewhere between a self-mobilised, networked youth, the Mousavi camp and disaffected factions within the regime, to sustain the demand for a new election? Or will it all fizzle out, defeated by a combination of repression, censorship, exhaustion and disunity? … One thing our governments can and should do … is to maintain and enhance the 21st-century global information infrastructure which allows Iranians – whichever candidate they support – to keep in touch with each other and to find out what is really happening in their own country. Earlier this week, I spent some time in the studio of the BBC Persian TV service, watching them upload and air electrifying video footage, blog posts and messages generated by Iranians from inside Iran. Probably the single most important thing the US state department has done for Iran recently was to contact Twitter over the weekend, to urge it to delay a planned upgrade that could have taken down service to Iranians for some crucial hours of people power protest. Welcome to the new politics of the 21st century.

And yet, what do we see in yesterday's Digital Britain report? Plans to order Internet Service Providers to implement the following:
28. For that reason the Government will also provide for backstop powers for Ofcom to place additional conditions on ISPs aimed at reducing or preventing online copyright infringement by the application of various technical measures. In order to provide greater certainty for the development of commercial agreements, the Government proposes to specify in the legislation what these further measures might be; namely: Blocking (Site, IP, URL), Protocol blocking, Port blocking, Bandwidth capping (capping the speed of a subscriber’s Internet connection and/or capping the volume of data traffic which a subscriber can access); Bandwidth shaping (limiting the speed of a subscriber’s access to selected protocols/services and/or capping the volume of data to selected protocols/services); Content identification and filtering– or a combination of these measures.

Alongside demands from childrens' charities for mandatory Internet filtering, and intelligence agency demands to install thousands of wiretapping devices across the UK Internet, it seems that it is not just the Iranian government that is uncomfortable at the freedom the Internet has enabled.

Wednesday, June 17, 2009

Scrapping ID cards

"In my view a national identity card system is not necessary in our country. No further money should be spent on it. The idea should be abandoned." —Former law lord Lord Steyn

"We are close to a general election and … a change of government will mean an end to ID cards. It will, quite literally, be the first thing we do. Drafting an ID card repeal bill will be right at the top of our to-do list." —Shadow home secretary Chris Grayling MP

Tuesday, June 16, 2009

The Internet is as vital as water and gas

Compare and contrast:

Gordon Brown: "Whether it is to work online, study, learn new skills, pay bills or simply stay in touch with friends and family, a fast internet connection is now seen by most of the public as an essential service, as indispensable as electricity, gas and water."

The French Constitutional Court: "Freedom of expression and communication is so valuable that its exercise is a prerequisite for democracy and one of the guarantees of respect for other rights and freedoms and attacks on the exercise of this freedom must be necessary, appropriate and proportionate to the aim pursued."

Creative Industries Coalition: "ISPs hold the key to creating the step change necessary to tackle illegal filesharing. For the vast majority, simply drawing attention to the illegality of their actions would be sufficient, but this needs to be backed by further graduated technical measures for those who do not change their behaviour."

The government is today publishing its Digital Britain report. How far are they intending to "balance" this essential prerequisite for democracy against the protection of failed 20th century business models for content, and demands for a filtered network?

Saturday, June 13, 2009

Monday, June 08, 2009

China orders installation of blocking software

Interesting to see that China has ordered PC makers to install custom-developed blocking software on every new PC from next month, which will prevent users accessing sites on a secret list that is centrally updated by the government. Although pornography is the stated target, clearly the list will also include the political opponents already filtered by the Great Firewall. Network-based blocking must have been insufficiently reliable for the Communist Party.

I imagine the software will also have other "interesting" functionality such as providing direct government access to user data.

Sunday, June 07, 2009

Privacy Law Scholars' Conference

Have just spent a wonderful few days in Berkeley at the PLSC. We got to hear from both Alan Westin, perhaps the most influential privacy researcher of the 20th century, and the counsel for Katz — who persuaded the US Supreme Court in 1967 that phone conversations deserved Fourth Amendment protection.

The format of two days of intensive discussions with all papers circulated beforehand was much more productive than the usual conference panels and keynotes. I'm already looking forward to next year's event back in Washington DC. But now I'm on the beach in Sydney preparing for SoGikII on Tuesday :)

Wednesday, June 03, 2009

Can the Internet still route around censorship?

US Supreme Court
I'm in the US this week for Computers, Freedom & Privacy in Washington DC and then the Privacy Law Scholars' Conference at UC Berkeley. Yesterday I spoke at a CFP session organised by Wendy Grossman. John Gilmore famously observed in 1990 that "the Internet interprets censorship as damage and routes around it." Is this still true?

My position, explained in much greater detail in a recent book chapter, was that even the more sophisticated filtering technologies of the last five years can be trivially circumvented by skilled users, absent a totalitarian state that will break down doors in response. However, they provide the ability to impose mass censorship on the vast majority of Internet users. States that value freedom of expression should therefore think very carefully before starting off down this road.

Derek Bambauer has more at Info/Law.