Recommended reading, 7-13 February 2013

News, blog posts, etc

European Commission, ‘EU Cybersecurity plan to protect open internet and online freedom and opportunity‘ (press release, 7 February 2013).  Marking the release of a new strategy and proposed Directive (download both of them here) on this topic.  The interesting bit about this is how it’s framed – legally speaking it’s an internal market measure (not crime!); strategically, it follows up on the many comments about ‘trust’ in the Digital Agenda documents of the last couple of years.  While most of the operative provisions of the Directive are about national authorities for infrastructure and cooperation between them, there is an interesting (proposed) obligation for member states to regulate ‘market operators’ in terms of security and also notification of breaches.  (Incidentally, is this category of ‘market operator’ a new one?  It has two sub-categories – information society services ‘which enable the provision of other’ ISSes (examples in an Annex are cloud computing platforms, app stores, search engines, social networks), and operators of certain types of critical infrastructure.  Art 14 doesn’t apply, in essence, to telephone/mobile/broadband providers, because the electronic communications directives already occupy the field.  (It also doesn’t apply to certain players in the much-maligned electronic signatures field – although I read that exclusion as being broader than those entities contemplated in the 1999 Directive).  (The ‘open internet’ etc language of the strategy and press release is slightly overstated, I think).

John Brodkin, ‘Wi-Fi “as free as air”—the totally false story that refuses to die‘ (Ars Technica 8 February 2013). This is most curious. The (interesting and potentially significant) work of the FCC on what to do with UHF ‘white spaces’ – spectrum formerly used or left as a buffer for TV broadcasting but becoming available for other uses – has been of interest in IT law for some years now.  Then seemingly from nowhere, a normal development in the regulatory process became the basis for an article about free wifi.  This is not to say that white spaces and Internet access are unconnected; clearly, it’s one of the reasons that people beyond spectrum gurus talk about it.  (I wrote about it in passing in this 2009 article, in section 5.5).  But the licensing process does not deliver a free service by any means (even if, as is being discussed, the regulatory model would not include a license fee for spectrum use).  Nor has anything particularly interesting happened in recent weeks – as Brodkin’s deconstruction points out, the interesting stuff either happened a few years ago (when the opening up started) or will happen in the future (if new services are launched).

Simon Fodden, ‘Edwin Mellen Press’s Curious Case‘ (Slaw 10 February 2013).  A comment, with plenty of links, on the developing (and worrying) story about the huge defamation claim (the applicant seeks the equivalent of over £2m!) against a librarian (who wrote some quite critical things about a publisher, informed by his knowledge of the field) and his university employer.  I would certainly not have anything to do with this publisher as a result of its actions in this case (whatever about the underlying allegations themselves!).

Alexander Hanff, ‘The murky world of privacy advocacy‘ (10 February 2013). A new blog and a rollicking start, with a detailed analysis of corporate funding for tech-related NGOs. It’s about time. Given the field I’m working in, I’ve seen quite a few of these organisations (and indeed, their close cousins, the consultant reinventing themselves as an NGO/think-tank with no membership, no membership and often nothing to add). I think the post by Hanff demonstrates a very honest attempt to understand the weaknesses of the lobbying system and reminds us all to think about the motives as well as the contents of interventions.

Virtual currency and virtual property revisited‘ (Technollama 11 February 2013). An overview of recent developments on virtual £££ and IP and other things, prompted by a piece in Forbes which mostly about virtual property). See also this nice PBS video on Bitcoin, etc.

Academic articles

Nina Mendelson, ‘Should Mass Comments Count?’ (2012) 2 Michigan Journal of Environmental & Administrative Law 173 (SSRN). This is a response to the author’s earlier work (and a debate about it), but reading the article covers much of what before quite neatly.  The issue is a controversial one – how, when public consultation happens, to deal with different forms of participation (particularly one-click or template methods).

Michael O’Flaherty, ‘Freedom of Expression: Article 19 of the International Covenant on Civil and Political Rights and the Human Rights Committee’s General Comment No 34′ (2012) 12 Human Rights Law Review 627-654 (£, link).  The author of this article was the rapporteur work on this General Comment and discusses the comment as well as some of the cases and stories it relied upon.  Watch out for the interesting discussion of article 19 and emerging technology, too.

E Tarantino, ‘A simple model of vertical search engines foreclosure’ (2013) 37 Telecommunications Policy 1 (£, link).  The new volume of this journal (mix of law, business, economics, etc) starts off with one of the topics of the year, competition law and search engines.

Wifi 2011

John William Nelson (website, papers, Lex Technologiae blog) is an American attorney and was, in 2008-9, a postgraduate student and associate tutor at the UEA Law School. Since returning to the US, he has continued to write about law and technology, and most recently, his Lex Technologiae blog turns to a subject very close to my heart, that of open wifi. I last wrote in detail about this in a 2009 paper in SCRIPTed, but if anything, the issue has become more prominent since as a result of legislative and judicial developments. John’s post (read it here) is triggered by a short piece in Wired, but he goes further and argues that the problem is the lack of a clear interpretation of the US legislation (the CFAA) and the use of a wifi-related charge in place of or to add to other criminal charges; this makes it harder to test the hard cases. If you’re interested in the Australian situation, there’s a lovely paper by Carter and Makin available here.

Meanwhile, one of the big issues in the UK was the treatment of small-scale wireless networks under the Digital Economy Act (i.e. whether running an access point made you an ISP) – which, of course, isn’t about the wifi user but the wifi provider, but does have an impact on the availability and viability of open wifi. That hasn’t been resolved yet by any means, despite some intriguing (and inconclusive) comments in Ofcom’s 2010 consultation on its initial obligations code). Continuing the theme of different measures affecting the wireless world, the last fortnight has seen good coverage of a battle (read the for and against as reproduced by Ars Technica) in North Carolina on that old favourite, municipal wifi. I’m not sure ‘wifi law’ is any clearer than it was two years ago, and indeed the popularity of smartphones (aka portable wifi detecting and joining devices!) and that always-mentioned cloud thing cannot but make the questions more significant.

Wireless networks detected?

I’ve followed (from a distance) the debate on the copyright-related provisions of the Digital Economy Bill. I find the House of Lords debate on such causes unnecessary stress, although I’m somewhat doubtful about the legislation ever finding its way onto the statute book, given the approaching general election and the length that the HL stage is taking (note that this legislation started there, so has yet to even trouble the elected house. However, I’ve been jolted into action by the frankly bizarre response of the Bill’s proposers to the initial criticism regarding the impact of the Bill on wireless/wifi networks. The Open Rights Group sets out the earlier stages of this sub-issue and the most recent developments here, and Lilian Edwards (who has been following it) has already analysed these questions very well indeed. The document referred to in this post is Factsheet B2, available here in .doc.

Now I have a bit of prior interest in this area, and it’s only fair to point it out. I wrote an overview of a bundle of legal issues, published in 2009 here. At the time, I was a little concerned (and mentioned in passing) about this issue of responsibility for the actions of others using the network. It formed part of the broader theme (which was amplified in contemporary press coverage) that wireless networks play an important social role in providing access to underserved groups and thinking about Internet use as something beyond a way in which ISPs make money. I suggested that there might be some conflict between defining the admin of a wireless network as a customer of an ISP (subscriber) or as the operator of another provider (public electronic communications network). There are advantages and disadvantages either way. The Bill, though, seems to take this doubt, refuse to answer it, and throw in some previously-unknown restrictions that I would now argue are a serious threat to the development of open networks that I did not then anticipate. This is not to suggest that I had any great insight – quite the opposite, I feel as if my crystal ball needs an upgrade. That said, on with business.

The current state of play is that the Government is not prepared to consider exemptions. The argument is a rather ignorant one that an exemption e.g. for libraries would lead to abuse of the exemption and even fake institutions taking advantage of it.

We have considered the extent to which an exemption might be provided in the legislation. We cannot give blanket exemptions for any such establishment. This would send entirely the wrong signal and could lead to “fake” organisations being set up, claiming an exemption and becoming a hub for copyright infringement. Similarly existing establishments might simply ignore the issue of copyright infringement (or treat as “too difficult”) and allow users to infringe copyright with effective immunity.

This is a little surprising, given the range of existing special provisions and exemptions in the law for libraries; the Copyright, Designs & Patents Act 1988 contains stacks of them. Presumably on the Government’s new view they should all be repealed forthwith. Great.

Furthermore, it’s also being suggested that operators of open wifi be required to put in place untested, burdensome and potentially pointless restrictions such as peer-to-peer blocking, commercial filtering software, and terms and conditions for users. Registration is also suggested – just like pay-as-you-go mobiles, the intention to have a complete record of users is clear. This is putting in place restrictions that are not currently required under UK law. Filtering software is not a legal requirement in this jurisdiction nor should it be. Effectively requiring it for cafes, universities and libraries – at the very time that we are suggesting that the future is based around Internet delivery of everything from video news to Government services – is absurd. Surely a system like this will lead to an environment where there are fewer open networks and those that remain being crippled. The presumption in the new proposals is that the best network is a closed network – indeed, one idea is that admins be sent instructions on how to secure the network. I am, as I mentioned above, already associated with the anti-closed network view, but I accept that there are complex arguments here. That said, this is something that should be considered in full, rather than as a subset of a subset of a copyright debate. If wireless networks are to be controlled, this should not be achieved through the nod and wink approach of allowing open networks but forcing those who provide them to change the essence of Internet access through the threat of liability for supposed copyright infringement. Given that the Government refuses to say what the status of the wifi admin is, it’s far too early to decide what their responsibilities are, especially when the net result of those responsibilities is a dystopian vision of the version of the Web used in primary schools. I’ll leave the final word to the document, which appears confused as to whether it is a legal proposal, a statement of fear, or a sales pitch for software:

Wireless connections are harder to secure. It is straightforward to limit use to only authorised users – via a password or by registering the PCs that can access. Access might also be limited to particular times of the day. Preventing authorised users from miss-using a connection is more difficult. One option is to route all traffic via a proxy server which does not support or allow (eg) use of file-sharing technologies. Another is to place similar restrictions on the router.
The “Get Safe Online” website (http://www.getsafeonline.org/) – supported by HMG and Ofcom – lists three companies who provide filters and software which can block or filter content and who can also block the use of P2P programmes: Cybersitter, Net Nanny, and Cyberpatrol.
It also provides a link through to other sites such as GetNetWise.org which lists and evaluates a wider range of products including BSafe, Safe Eyes, ChildSafe and Cybersentinel.
These products typically cost in the region of US$40 (about £30) and allow the user to block the most popular P2P applications such as: Bit Torrent, eMule, Gnutella, Kazaa, Morpheus, and Limewire.

Law In The Last Mile: Sharing Internet Access Through Wifi

This article has been published in the hot-off-the-digital-press issue (vol 6 no 2 pp 355-376) of SCRIPTed: A Journal of Law & Technology, which as regular readers know is based at the University of Edinburgh’s School of Law, and more specifically its research centre SCRIPT. The article is a version of a paper presented at the March 2009 conference, ‘Governance of New Technologies’. I’ll publish a post about the other papers in the journal tomorrow.

Access to the Internet through wireless access points (typically wifi routers) is both simple and common. In this paper, the legal restrictions on “sharing” an Internet connection in this way are assessed. Criminal offences that could apply to the use of open networks, such as dishonest use of a communications service or unauthorised access to a computer, are considered, as are issues of criminal and civil liability and terms of use affecting the owner of the router. It is suggested that there are advantages to sharing and that these provisions unnecessarily restrict the development of what would be of benefit to society. Furthermore, the problems encountered by proponents of municipal and community networks based on a collection of wireless access points, in terms of competition law but also other matters, are summarised. The paper concludes with an assessment of the links between the various aspects of wireless Internet policy, suggesting that it is necessary to recast relevant legal provisions so as to avoid granting disproportionate protection to Internet service providers (ISPs).

View the paper at SCRIPTed

Responses and coverage from:

University of East Anglia
Stewart Mitchell, PC Pro
Kimberley Howson, Top 10 Broadband
Brian Tinham, MC Solutions
ISP Review
Science Daily

Added Tuesday 18th September:

Out-law.com
David Neal, The Inquirer
cable.co.uk

SCRIPTed 2009: Internet internet

Three presentations in this parallel session.

The first was my own, “Law in the Last Mile: Three Stories of Wireless Internet Access”. I will make the paper available shortly. I write about the legal restrictions and risks associated with the sharing of Internet access through wifi, the objections to municipal or community wifi systems, and touch on the ‘white spaces’ Internet access proposals. The bulk of the paper deals with the first, looking at what I argue is the inappropriate use of criminal sanctions against users of open wireless access points and the tools that discourage users from sharing. I believe photos were taken of the special interactive element, which I’ll leave as a surprise for the time being.

The second presentation was given by Anniina Huttunen on behalf of a research group at Helsinki, “Cooling-Off the Over-Heated Discussion of Consumer Digital Rights Discourse by Extending the Cooling-Off Period to Digital Services”. They take as a starting point the problem that there is a high level of protection for physical goods, but almost non-existent for digital services. Consumers are more empowered than ever, and the Facebook user revolt is an example of this, but what is the position of online purchases of software? There is the familiar cooling-off period in EU law – no penalties and no reason needed – for situations like doorstep, time sharing and distance selling. The case study is on software sold as downloaded data. Referring to the revision of the consumer acquis: 34th recital, data files downloaded during cooling-off period not to be included, unfair to allow cooling-off when service enjoyed in full or part. At the moment, many providers have a return policy (well hidden), and also ‘lite versions’ available, or restrictions on return (i.e. download for a second time). The pros of allowing cooling-off are allowing testing of technical and contextual compatibility; no unreasonable cost (physical return) and no wear and tear (so no need to re-sell the product at a lower price), but the cons are the expense for the developer, the design consequences, and seeming to make unauthorised use easier.

The final presentation was Scott Boone’s, ‘Why Study Virtual Worlds‘? It was a report on his own efforts but also evangelical – so that we can consider the advantages. There’s some cynicism – ‘this generation’s D&D’, also critiques that it’s just a fad/hype. But VW give us a means to study possible futures. Borrowing from the discipline of Future Studies, look at simulation gaming (formerly operational gaming). Do things that we can’t do with a real world in terms of understanding scenarios. VWs have a unique set of features and practices, and indeed more focused than the Internet taken as a whole. Already in use are 3D as user interface; what sorts of benefits do we get? and the ‘future of money’ (note disappearance of fiscal currency and privatisation of money). The focus of the paper was then on five potential outcomes of studying virtual worlds: (A) fully realised third paradigm of computing: (1) mainframe/client, (2) personal computing, (3) ubiquitous/pervasive : entirely computer-mediated ‘universe’?; (B) widespread distribution of property without relinquishment of control – do we have emerging issues here – cars on the cellphone model, control separated from use; (C) (nearly) perfect DRM for media distribution – see what the market does; (D) software designed for universal connectivity; this will be a different authorisation, practice etc. Look at business models, EULAs etc (E) augmented reality (though how do we do this without putting in all the variables?) In questions, Boone clarified that his focus was on studying virtual worlds as they currently exist, rather than creating simulations in future virtual worlds (though this too is interesting).

This is the last of my blog updates on the SCRIPTed conference at the University of Edinburgh. Remember, the full list of papers is available here. I will return to the themes of the conference (including the keynote by Prof. Bartha Knoppers) in a later post, and hope that you have enjoyed these fairly rambling updates. There will be one final session that, unfortunately I will miss most of for travel reasons, featuring Lilian Edwards, Andres Guadamuz and TJ McIntyre, which I’m sure will be excellent.