" /> net.wars: September 2007 Archives

« August 2007 | Main | October 2007 »

September 28, 2007

Anything worth having is worth cheating for

How can you tell if someone is lying? The American civil rights lawyer Alan Dershowitz said during the OJ Simpson trial that even though we all want to believe we can, most people can't. That, he said, is why we must always look at the evidence.

I was thinking about this last week, when the cyclist Floyd Landis was stripped of his 2006 Tour de France title after an arbitration panel ruled two to one to uphold a two-year suspension after testing positive for synthetic testosterone. In his book, Positively False, Landis does a better job than you might expect of casting doubt on the test's validity. But the ritual public shaming will proceed unabated.

These morality plays cover no one with glory, least of all Dick Pound, the self-righteous, moralizing head of the World Anti-Doping Agency who sees all things in black and white.

Take, for example, his comment in the case of tennis player Mariano Puerta, the 2005 French Open finalist: ""You're dealing with somebody who's tested positive twice in less than two years and clearly doesn't think the rules apply to him."

Puerta's second positive test, which got him a two-year suspension and forfeiture of the money and ranking points he won at that French Open, was for traces of etilefrine so slight that the tribunal hearing the case agreed there was no performance-enhancing benefit he could have derived from it. The tribunal was slightly skeptical of Puerta's story, which was that etilefrine is a component of a medication his wife takes for low blood pressure and they must have switched glasses. But there was enough doubt to reduce his suspension from eight years to two.

Puerta's first positive test was for clenbuterol, administered for an asthma attack. The tribunal agreed that the only performance-enhancing benefit he derived from it was not being dead. Under the rules they had no choice but to suspend him. They made it as short and painless as possible, given the circumstances. Pound's attitude does nothing to win hearts and minds.

There's no question that a lot of lethal stuff is going on: this week the Drug Enforcement Administration mounted a comprehensive steroids raid that shut down 26 underground labs, made more than 50 arrests, and identified major suppliers in China. Surely high-profile top athletes with million-dollar endorsements are not buying their steroids online via hot tips from strangers on MySpace. The military and police that Pound, in his book Inside Dope pegs as heavy users also surely have better sources. It's worse: these steroids are (or were) being sold over the Internet to amateur bodybuilders and high school kids.

But it is arguable that this underground distribution network is a logical by-product of the anti-doping empire that has been built up since Ben Johnson's 1988 disqualification from the Seoul Olympics, just as Prohibition created the Mafia in the form of friendly bootleggers. The steroid message boards now are filled with warnings not to buy anything for a while.

Landis has, I think legitimately, pointed out flaws in the anti-doping system as it's presently constituted. For one thing, its courts are not governed by the due process and civil liberties that normally apply. The testing regime is privacy-invasive: urine or blood samples may be demanded at any time, without notice, and a missed test is treated as a positive test. In the case of a positive test, athletes can only call on assistance from experts who are not part of the WADA system – which means almost all the experts on the subject. Finally, the system is set up to presume guilt.

Based on experience, that may seem reasonable. There's no doubt cycling has a serious drug problem: Reading the former soigneur Willy Voet's 2000 Breaking the Chain is sufficient to show that. If you need more, read David Walsh's From Lance to Landis, Paul Kimmage's Rough Ride, or Werner Reiterer's Positive. Baseball player Jose Canseco's Juiced makes it clear that underneath many sports welcome the results. In baseball, club owners have shrunk the size of parks to increase the rate of home runs – more excitement, more paying fans. Steroids do this, too, by as much as 50 to 100 percent, according to this calculation.

Professionalism in sports has brought with it early entry, better training methods, and better nutrition, plus the freedom from other work that allows full-time effort. But American team sports like football, baseball, and hockey have been professional for a long time, and yet the change in body shapes in the last decade or two is striking.

Even so: in other areas of law enforcement it isn't enough to *know* someone is guilty, and the technicalities of how the law is applied do matter. Every year WADA expands its reach, into new sports, into new tests, into new areas of sport, including amateur competitions. We are creating the framework for an international legal system in which any legal issues to do with an ever-changing list of drugs and doping techniques are controlled by a single non-democratic organisation with multinational government funding that makes and administers its own laws. Is this what people mean by "clean sport"?

Wendy M. Grossman’s Web site has an extensive archive of her books, articles, and music, and an archive of all the earlier columns in this series. Readers are welcome to post here, at net.wars home, at her personal blog, or by email to netwars@skeptic.demon.co.uk (but please turn off HTML).

September 21, 2007

The summer of lost hats

I seem to have spent the summer dodging in and out of science fiction novels featuring four general topics: energy, security, virtual worlds, and what someone at the last conference called "GRAIN" technologies (genetic engineering, robotics, AI, and nanotechnology). So the summer started with doom and gloom and got progressively more optimistic. Along the way, I have mysteriously lost a lot of hats. The phenomena may not be related.

I lost the first hat in June, a Toyota Motor Racing hat (someone else's joke; don't ask) while I was reading the first of many very gloomy books about the end of the world as we know it. Of course, TEOTWAWKI has been oft-predicted, and there is, as Damian Thompson, the Telegraph's former religious correspondent, commented when I was writing about Y2K – a "wonderful and gleeful attention to detail" in these grand warnings. Y2K was a perfect example: a timetable posted to comp.software.year-2000 had the financial system collapsing around April 1999 and the cities starting to burn in October…

Energy books can be logically divided into three categories. One, apocalyptics: fossil fuels are going to run out (and sooner than you think), the world will continue to heat up, billions will die, and the few of us who survive will return to hunting, gathering, and dying young. Two, deniers: fossil fuels aren't going to run out, don't be silly, and we can tackle global warming by cleaning them up a bit. Here. Have some clean coal. Three, optimists: fossil fuels are running out, but technology will help us solve both that and global warming. Have some clean coal and a side order of photovoltaic panels.

I tend, when not wracked with guilt for having read 15 books and written 30,000 words on the energy/climate crisis and then spent the rest of the summer flying approximately 33,000 miles, toward optimism. People can change – and faster than you think. Ten years ago, you'd have been laughed off the British isles for suggesting that in 2007 everyone would be drinking bottled water. Given the will, ten years from now everyone could have a solar collector on their roof.

The difficulty is that at least two of those takes on the future of energy encourage greater consumption. If we're all going to die anyway and the planet is going inevitably to revert to the Stone Age, why not enjoy it while we still can? All kinds of travel will become hideously expensive and difficult; go now! If, on the other hand, you believe that there isn't a problem, well, why change anything? The one group who might be inclined toward caution and saving energy is the optimists – technology may be able to save us, but we need time to create create and deploy it. The more careful we are now, the longer we'll have to do that.

Unfortunately, that's cautious optimism. While technology companies, who have to foot the huge bills for their energy consumption, are frantically trying to go green for the soundest of business reasons, individual technologists don't seem to me to have the same outlook. At Black Hat and Defcon, for example (lost hats number two and three: a red Canada hat and a black Black Hat hat), among all the many security risks that were presented, no one talked about energy as a problem. I mean, yes, we have all those off-site backups. But you can take out a border control system as easily with an electrical power outage as you can by swiping an infected RFID passport across a reader to corrupt the database. What happens if all the lights go out, we can't get them back on again, and everything was online?

Reading all those energy books changes the lens through which you view technical developments somewhat. Singapore's virtual worlds are a case in point (lost hat: a navy-and-tan Las Vegas job): everyone is talking about what kinds of laws should apply to selling magic swords or buying virtual property, and all the time in the back of your mind is the blog posting that calculated that the average Second Life avatar consumes as much energy as the average Brazilian. And emits as much carbon as driving an SUV for 2,000 miles. Bear in mind that most SL avatars aren't figured up that often, and the suggestion that we could curb energy consumption by having virtual conferences instead of physical ones seems less realistic. (Though we could, at least, avoid airport security.) In this, as in so much else, the science fiction writer Vernor Vinge seems to have gotten there first: his book Marooned in Real Time looks at the plight of a bunch of post-Singularity augmented humans knowing their technology is going to run out.

It was left to the most science fictional of the conferences, last week's Center for Responsible Nanotechnology conference (my overview is here) to talk about energy. In wildly optimistic terms: technology will not only save us but make us all rich as well.

This was the one time all summer I didn't lose any hats (red Swiss everyone thought was Red Cross, and a turquoise Arizona I bought just in case). If you can keep your hat while all around you everyone is losing theirs…

Wendy M. Grossman’s Web site has an extensive archive of her books, articles, and music, and an archive of all the earlier columns in this series. Readers are welcome to post here, at net.wars home, at her personal blog, or by email to netwars@skeptic.demon.co.uk (but please turn off HTML).

September 14, 2007

Nothing to hide, no one to trust

The actor David Hyde Pierce is widely reported to have once responded to a TV interviewer inquiring as to whether he was gay, "My life is an open book, but that doesn't mean I'm going to read it to you." (Or something very like that.)

This seems to me a both witty and intelligent response to the seemingly ever-present mantra these days, "If you have nothing to hide, you have nothing to fear," invoked every time someone wants to institute some new, egregious privacy-invasive surveillance practice. And there are a lot of these.

Last week, a British judge came up with a brilliant scheme for eliminating the racial bias of the 3 million-entry DNA database: collect samples from everyone, even visitors. I may have nothing to fear from this - after all, DNA testing has, in the US, been used to exonerate the innocent on Death Row - but it invokes in me what British politicos sometimes call the "yuck factor". Normally, this is reserved for such science-related ethical dilemmas as human cloning, but for me at least it applies much more strongly here. I loved the movie Gattaca, but I don't want to live there.

In fact, there are considerable risks in DNA-printing the entire population (aside from killing tourism). For one thing, we do not know how we will be able to use or interpret DNA in the future as sequencing plummets in price (as it's expected to do). Say, the UK had considered compiling a nationwide fingerprints database back in 1970 (there would have been riots, but leaving that aside). No one would have foreseen then the widespread availability of cheap fingerprint scanners and online communications that could turn that database into a central authority.

We can surmise that the DNA database will contain sufficient information to allow anyone who can gain access to it to impersonate anyone at any time. Conversely, as we get better and better at understanding what individual genes mean and sequencing drops precipitously in price, the DNA database will grant those who have access to it unprecedented amounts of information about each person's biological or medical prospects and those of their immediate relatives. While there are many diseases that do not have markers in our genes, there are plenty more that do. Does anyone really want the government to be the first to know that they carry the gene for cystic fibrosis or breast cancer?

I don't believe for a second that it was a serious proposal. This is the kind of thing someone says and then everyone holds their breath to gauge the reaction. Has the country been softened up enough to accept such a thing yet? But the fact that someone could say it at all shows how far we have moved away from the presumption of innocence on which both the UK and the US governments were founded.

Witty answers on talk shows aren't, however, quite enough to make a case to a government that what it wants to do is a bad idea. In his book The Digital Person, George Washington University law professor Daniel Solove compares privacy to environmental damage: not the single horror story implied by "nothing to hide, nothing to fear", but the result of the accumulating damage caused by a series of "small acts by different actors". The broader structural damage that happens in breaches of confidentiality (such as companies violating their own privacy policies by selling data to third parties) is a loss of trust.

I am not a supporter of open gun ownership, but the US Second Amendment has some merit in principle: the basic idea is to balance the power of the individual against the State. The EU's data protection laws do - or would, if the EU doesn't ignore them as it has in the case of passenger data - a reasonable job of balancing the power of the individual against commercial companies. But the data protection laws can be upended, it seems, whenever a national government wants to do so. All it has to do is pass a law making it legal or mandatory to supply the data it wants to collect, transfer, share, or sell. But the fact that such policies are possible doesn't make them a good idea, even with the best intentions of improving security or personal safety.

The San Francisco computer security expert Russell Brand once asked me, in the casual way he poses philosophical questions, "If you knew they would never be used against you, would you still have secrets?" After some thought, I came up with this: yes. Because one of the ways you show someone that they are important to you and you trust them is that you disclose to them things you don't normally tell other people. It is, in fact, one of the ways we show we love them. We don't tell governments secrets because we want to be intimate with them; we do it because we're required to do so by law. The more one-sided laws make the balance of power, the less we're going to trust our government. Is that really what they want?


Wendy M. Grossman's Web site has an extensive archive of her books, articles, and music, and an archive of all the earlier columns in this series. Readers are welcome to post here, at net.wars home, at her personal blog, or by email to netwars@skeptic.demon.co.uk (but please turn off HTML).

September 7, 2007

Was that private?

Time and again the Net has proved that anything large corporations can do to us – we can do to ourselves much more effectively and willingly. Churn, for example, used to be something people fired stockbrokers for; it is the practice of buying and selling stocks much more frequently than is rational in order to profit from the brokerage fees. But during the dot-com day-trading boom, as I remember brokers saying at the time, people churned their own accounts far more than any broker would ever have dared to do (and, we add, probably losing themselves far more money).

The same is happening now with privacy. If, say, Tesco posted the real names of its club card members on a Web site complete with little jokes about the foods they buy and the times of day they like deliveries, there would be considerable outrage. (And rightly so.) When a government allows the kinds of leaks detailed here on the Blindside site (to which I contribute) we are significantly unimpressed. On the other hand, over and over on the Net we see people invading their own privacy to a degree that probably no corporation or government would dare. We post about our friends, our habits, our flight times, the shinies we just bought, the books and newspapers we read, the TV programs we watch (and, in some cases, download), our religious feelings or lack thereof, and the organisations we join and promote. We do this for the same reason people feel safer driving in their own cars than they do flying on someone else's airplane: we think we're in control.

Which all leads to a 2003 European court decision that was noted this week by Oxford Internet Institute law professor Jonathan Zittrain (who had it from Karen McCullagh) about Mrs Bodil Lindqvist, a Swedish church catechist who apparently chatted rather liberally about some of her fellow church committee members on a Web site they didn't know she'd created. Among other information, she included names, the fact that a colleague was on partial medical leave because her foot was injured, phone numbers, and so on.

Your attitude about this sort of thing depends partly on your personality, your culture, and your own online habits. So many of my friends blog what seems to be their whole lives in copious detail that it never occurred to me I was doing anything privacy-invasive when I visited a foreign country and blogged the name of the friend of a friend I met there and an account of a day we spent together. The blogee, however, was unhappy and asked me to remove the name and other identifying details. I was surprised, but complied. Referring to someone's injured foot seems kind of harmless, too. On the other hand, I would never, however, put someone's telephone number online without their consent, even though my own phone number is on my Web site. Yet that prejudice seems irrational if you instead call the information about the injured foot "personal medical data" but see the phone number as something anyone could find in the phone book.

Fortunately, I don't live in Sweden. Mrs Lindqvist also took down her pages when she found out the people she had mentioned were upset. But nonetheless she was prosecuted for several violations of the data protection laws – processing personal data without giving prior written notice to the data protection authorities, processed sensitive personal data (the medical information about the foot) without consent, and transferred personal data to a third country. The European Court of Justice, where the case eventually ended up, concluded the third of these did not apply – simply posting something on a Web page that can be read by someone in another country isn't enough for that. But the ECJ agreed she was guilty of the first two of these offenses – as are, by now, probably hundreds of thousands, if not millions, of other Europeans.

This judgement was rendered (and ignored) before Facebook and MySpace became phenomena, and before blogging became quite such a widespread pastime. It acknowledges the competing claims of laws guaranteeing freedom of expression, but still comes down against Mrs Lindvist – who, frankly, seems like pretty small beer compared to this week's announcement that Facebook is to open its member listings to Google's search engine.

The problem with the Facebook decision is that one of the things that really does govern the Net while the law is still making up its mind is community standards. Based on Facebook's assurances that the system was closed to members only, people posted material about themselves and their friends that they thought would stay private. The decision to open the service makes them more like celebrities at Addictions Anonymous meetings. They are about to discover this in the same way that a generation of Usenet posters did when the archives of what they thought were ephemera were assembled and opened to the public by Deja News (now Google Groups). What they will also discover is that although they can delete their own accounts or mark them private, like Mrs Lindqvist's church colleagues, they have no control over what others have said about them in public when they weren't looking.

Wendy M. Grossman’s Web site has an extensive archive of her books, articles, and music, and an archive of all the earlier columns in this series. Readers are welcome to post here, at net.wars home, at her personal blog, or by email to netwars@skeptic.demon.co.uk (but please turn off HTML).