" /> net.wars: March 2009 Archives

« February 2009 | Main | April 2009 »

March 27, 2009

The view

"Am I in it?"

That seems to be the first question people ask about Street View. Most people I know actually want to see themselves caught unawares; the ones who weren't captured are actively disappointed, while the ones who were are excited.

At least as many - mostly people I don't know - are angry and unhappy and feel their privacy has been invaded just by having the cars drive down their street taking photographs. Hundreds have complained and had pictures taken down. The Register called the cars Orwellian spycars and snoopmobiles, and charted their inexorable progress across the UK on a mash-up.

I can, I think, understand the emotions on both sides. Most of the take-down requests are understandable. Of course, there are some that seem ridiculous. Number 10 Downing Street? The Blairs' house? Will they claim copyright in their homes and sue, like Barbra Streisand in 2003?

What I can't understand is the relative size of the fuss over Street View compared to the pervasive general apathy about CCTV. Street View is one collection of images that will gradually age. CCTV is always with us.

Privacy International, who, to be fair, have persistently and publicly criticized CCTV, has filed a formal complaint with the Information Commissioner and asked the ICO to order the service offline while investigating.

Google, of course, has absolutely no excuse this time. When, two years ago, Street View originally launched in the US, it seemed as though Google had (yet again) failed at privacy - but that it had failed in a very geeky way. You could easily imagine the engineers at Google who started up Street View going, "This is so *cool*! You can see into people's windows!" You can also see them never thinking of applying to each local council for permission and having to wait for a public inquiry and local vote because that would take too long, and we have this idea today!

Google should have learned from the outcry that followed the launch that many people do not react casually to discovering that their images have been captured and put online. The town of North Oaks, Minnesota kicked them out entirely. Two years and scores of complaints weren't enough to teach the company to proceed with a little more humility and caution? Is it so difficult to imagine, when you assign people to drive around the streets taking pictures, that they might capture the strange and the embarrassing?

This isn't like Flickr, where users post millions of images of which the company has no prior knowledge and no control and where there is no organized way to search through them. The Google employees who drive the Street View cars and operate the cameras could, oh, I don't know, actually look at their surroundings while they're doing it. Of course there are plenty of things that look innocent but aren't - the person walking into the newsagent's who's supposed to be at work at a wholly different location, say, or the couple making out on the park bench who are married but to other people. But how hard is it to stop and think that maybe the guy urinating in public - or vomiting, or falling off a bicycle - might prefer not to have that moment immortalized on the Web? This is especially true because the Googlers themselves objected to being photographed.

It's also true that simply blurring car license plates and people's faces isn't enough to erase all chance that they'll be identified. If you wear a lime green coat, own the only 23-year-old Nissan Prairie in London, or routinely play tennis wearing a James Randi Educational Foundation hat you're going to be easily identifiable. (Though it's arguable that if you do those things you probably don't object to standing out from the crowd.)

For all those reasons, Privacy International is right to throw the book at the company (which came bottom of the heap in PI's report on the privacy practices of major Web companies).

And yet. Google's Street View is one very large set of images captured once, and there are all sorts of valid uses for it. You can get a look at the route you're going to navigate through so you don't get lost. You can look at the neighborhoods surrounding the prospective homes you're looking at in the property listings. And there will doubtless be dozens or hundreds of other genuinely useful things you can do with it once we've had time to think. The privacy debate over it, therefore, has similar characteristics to the debate over file-sharing: it, too, is a dual-use technology.

CCTV is not. It has been sold to the public as a crime-prevention technology, and perhaps it seems private because we only see the images when a crime has been committed. CCTV cameras do not - as far as we know - provide anything like the quality or resolution of the Street View photographs. Yet. What Street View really exposes is not the personal moments causing all the fuss but the power we are giving the state by allowing CCTV to spread everywhere.

Wendy M. Grossman's Web site has an extensive archive of her books, articles, and music, and an archive of all the earlier columns in this series. Readers are welcome to post here, at net.wars home, at her personal blog, or by email to netwars@skeptic.demon.co.uk (but please turn off HTML).

March 20, 2009

The untweetable Xeroxness of being

So the other week I was chatting on Twitter across time and space with a Xerox machine from 1961... (As you do.)

At least, it said it was a Xerox machine. On the Internet, no one knows you're a coffee pot.

In fact, the conversation is less rational than that: it's a fictional Xerox machine.

The story begins with the brilliantly conceived and executed TV show Mad Men. Set in the 1960s in a Madison Avenue advertising agency of the kind my father worked with at that time (my father was a Manhattan printer from the 1920s to 1980s), the show's first season featured secretaries and a typing pool. At the beginning of the second season, which starts in February 1962, the office has a new arrival: a Xerox 914. The secretaries gape at it and admire its workings without quite realizing that the machine heralds the decline of secretarial careers, a process that will become complete when PCs arrive on every desktop. Like, now.

"There will be a little 914 in everything," the machine tweeted at one point, a nod to the fact that today's graphical interfaces were first dreamed up at Xerox's PARC research lab, doubtless funded by some of the 914's revenues.

Pause to look up the Xerox 914. It was, I read on Wikipedia, the first commercially successful plain-paper copier. Plain paper! In 1961 the only copy machines I ever got near used nasty thermal paper that got easily scuffed. In fact, I was still being rude about the local library's thermal paper fax in 1971. Sterling Cooper was an early adopter and a big spender on this one. Its number derived from the size of things it could copy: anything up to 9in by 14in.

Aaannyway, someone on WELL noted that the show's 914 had a Twitter account. I thought it was just amusing enough to follow. For months, it burped out a tweet at irregular intervals, a few weeks or a month apart. It's hinted at irregularities in the expense accounts filed by Pete Campbell (a character on the show who also has a Twitter feed), and admired Joan Holloway's figure (ditto). I don't follow the human characters. Human characters are a dime a dozen. It takes real talent to be a machine.

The other night, the machine went berserk and started pumping out URLs. No explanation of what they were, just shortened URLs. Ten or 20 at least, in the space of an hour or two. Finally, maddened, I sent the machine a message.

"Did squirrels get into the nuts in the writers' room, or what?" I demanded intemperately. I didn't expect an answer any more than I did on the day in 1979 at the Winnipeg Folk Festival, when I passed a guy pouring beer on his head and - well, I guess he thought it was - dancing, and muttered, just to vent, "First time on the planet, sir?" (Stan Rogers, who happened to be watching, reminded me of this incident several years later; apparently he liked the line so much he grabbed it and used it on hecklers throughout the rest of his career.)

The next morning, however, I found a message waiting: "My nuts are perfectly tight, thank you."

I posted this little exchange back onto the WELL, where someone less suspicious than I pointed out that the URLs the machine had been posting were links to pictures of other old Xerox machines and very early computers, plus one to a secret Fortran manual. The machine, in other words, was behaving exactly in character, excited because it had come across a treasure trove of pictures of friends, family, and...would that machine look sexy if you were a machine? Oh. It was surfing for *porn*.

It wasn't unreasonable to be suspicious. Spam has come to Twitter, as will become increasingly obvious over the next few months. I used "credit card" in a message this week, and almost instantly got a reply directing me to a site selling money management tools to help me pay off my credit cards. (My credit cards are perfectly tight, thank you.) And of course, someone could have hacked the machine's account, or the studio advertising department could have decided restraint was stupid. You just never know. But...I was wrong.

And so I told it, with an apology for not trusting it. It replied with nothing but a shortened URL that, when I clicked, displayed an empty page with a message in the title bar: " No apology needed @wendyg, I am only offended by shameless low voltage and the occasional body fluids on my glass." Hm.

But I'm still making this conversation sound more sensible than it was, because it's actually not clear which, if any, of the characters' Twitter feeds actually emanate from the show's broadcast channel, AMC, or from the show's production team. There was, some months back, a mini-war between the Twitterers and AMC, which issued DMCA notices to shut them down and then recanted. Xerox914's profile links to the real 914's Wikipedia entry; others link to fan blogs; a few go to AMC's site.

So start over.

The other week I was chatting on Twitter with a fake fictional Xerox machine from 1961. On the Internet, no one knows you're a piece of carbon paper...

Wendy M. Grossman's Web site has an extensive archive of her books, articles, and music, and an archive of all the earlier columns in this series. Readers are welcome to post here, at net.wars home, at her personal blog, or by email to netwars@skeptic.demon.co.uk (but please turn off HTML).

March 13, 2009

Threat model

It's not about Phorm, it's about snooping. At Wednesday morning's Parliamentary roundtable, "The Internet Threat", the four unhappy representatives I counted from Phorm had a hard time with this. Weren't we there to trash them and not let them reply? What do you mean the conversation isn't all about them?

We were in a committee room many medieval steps up unside the House of Lords. The gathering, was convened by Baroness Miller of Chilthorne Domer with the idea of helping Parliamentarians understand the issues raised not only by Phorm but also by the Interception Modernisation Programme, Google, Microsoft, and in fact any outfit that wants to collect huge amounts of our data for purposes that won't be entirely clear until later.

Most of the coverage of this event has focused on the comments of Sir Tim Berners-Lee, the indefatigable creator of the 20-year-old Web (not the Internet, folks!), who said categorically, "I came here to defend the integrity of the Internet as a medium." Using the Internet, he said, "is a fundamental human act, like the act of writing. You have to be able to do it without interference and/or snooping." People use the Internet when they're in crisis; even just a list of URLs you've visited is very revealing of sensitive information.

Other distinguished speakers included Professor Wendy Hall, Nicholas Bohm representing the Foundation for Information Policy Research, the Cambridge security research group's Richard Clayton, the Open Rights Group's new executive director, Jim Killock, and the vastly experienced networking and protocol consultant Robb Topolski.

The key moment, for me, was when one of the MPs the event was intended to educate asked this: "Why now?" Why, in other words, is deep packet inspection suddenly a problem?

The quick answer, as Topolski and Clayton explained, is "Moore's Law." It was not, until a couple-three years ago, possible to make a computer fast enough to sit in the middle of an Internet connection and not only sniff the packets but examine their contents before passing them on. Now it is. Plus, said Clayton, "Storage."

But for Kent Ertegrul, Phorm's managing director, it was all about Phorm. The company had tried to get on the panel and been rejected. His company's technology was being misrepresented. Its system makes it impossible for browsing habits to be tracked back to people. Tim Berners-Lee, of all people, if he understood their system, would appreciate the elegance of what they've actually done.

Berners-Lee was calm, but firm. "I have not at all criticized behavioral advertising," he pointed out. "What I'm saying is a mistake is snooping on the Internet."

Right on.

The Internet, Berners-Lee and Topolski explained, was built according to the single concept that all the processing happens at the ends, and that the middle is just a carrier medium. That design decision has had a number of consequences, most of them good. For example, it's why someone can create the new application of the week and deploy it without getting permission. It's why VOIP traffic flows across the lines of the telephone companies whose revenues it's eating. It is what network neutrality is all about.

Susan Kramer, saying she was "the most untechie person" (and who happens to be my MP), asked if anyone could provide some idea of what lawmakers can actually do. The public, she said, is "frightened about the ability to lose privacy through these mechanisms they don't understand".

Bohm offered the analogy of water fluoridation: it's controversial because we don't expect water flowing into our house to have been tampered with. In any event, he suggested that if the law needs to be made clearer it is in the area of laying down the purposes for which filtering, management, and interference can be done. It should, he said, be "strictly limited to what amounts to matters of the electronic equivalent of public health, and nothing else."

Fluoridation of water is a good analogy for another reason: authorities are transparent about it. You can, if you take the trouble, find out what is in your local water supply. But one of the difficulties about a black-box-in-the-middle is that while we may think we know what it does today - because even if you trust, say, Richard Clayton's report on how Phorm works (PDF) there's no guarantee of how the system will change in the future. Just as, although today's government may have only good intentions in installing a black box in every ISP that collects all traffic data, the government of ten years hence may use the system in entirely different ways for which today's trusting administration never planned. Which is why it's not about Phorm and isn't even about behavioural advertising; Phorm was only a single messenger in a bigger problem.

So the point is this: do we want black boxes whose settings we don't know and whose workings we don't understand sitting at the heart of our ISPs' networks examining our traffic? This was the threat Baroness Miller had in mind - a threat *to* the Internet, not the threat *of* the Internet beloved of the more scaremongering members of the press. Answers on a postcard...

Wendy M. Grossman's Web site has an extensive archive of her books, articles, and music, and an archive of all the earlier columns in this series. Readers are welcome to post here, at net.wars home, at her personal blog, or by email to netwars@skeptic.demon.co.uk (but please turn off HTML)

March 6, 2009

The camcorder conundrum

So yesterday on BBC Radio Scotland's The Movie Café, Eddie Leverton, on behalf of the Federation Against Copyright Theft, directed what I thought was going to be a general discussion of file-sharing and the role of ISPs into the specific case of movies being uploaded within weeks, perhaps hours, of their first release.

This is a different problem than the one we usually talk about. While it's legitimate to argue that people who sample music and TV shows online may become paying customers, it's harder to argue the same about movies, still less about movies in first-run, when they pick up most of their ticket sales. A Dutch study of file-sharing, published on February 18 (there's an English version here (PDF)), makes precisely this point: that file-sharing does not have the same impact on music, TV shows, and films.

Music, the authors argue, is the most likely to be replayed frequently. TV shows, less so, but still: you replay early episodes when later ones cast a new light on them, or (with shows like The Sopranos or Damages you rewatch the last season to gear up for the new one). Movies, however... There are of course some movies - the Marx Brothers in A Night at the Opera, François Truffaut's Day for Night - that you revisit periodically throughout your lifetime. But let's face it, there a lot of movies that you're only going to see once, and that only to stay in touch with popular culture. One must therefore calculate the ratio of files shared to sales lost differently in each of these cases. It is reasonable to suppose that file-sharing has a bigger impact on the film industry.

Nonetheless, the Dutch report calculates that overall file-sharing is a benefit to society at large. Certainly, a lot of Dutch people are doing it: 4.7 million Dutch Internet users (out of a total population of 16.6 million as of last July) aged 15 or older have downloaded files without paying on one or more occasions in the last year. As of now, the film industry's revenues are still growing in the Netherlands in terms of cinema visits and DVD sales.

But DVD rentals are slumping - and that, in my own experience, is exactly where you'd expect file-sharing to have its first effect. For me, DVD rental replaced premium TV channels: for the same money, I could see at least as many new movies in a month, and they'd be more interesting. Since most movie DVDs get ripped and uploaded with celerity, if you're willing to forego some quality in favor of convenience, file-sharing is an easy replacement for DVD rentals. "File-sharing and buying go hand in hand," says the Dutch report; the same need not apply to rentals.

But Leverton was talking about movies recorded in the cinema on a camcorder and then uploaded. Industry paranoia about this has reached a high level. Also on the show was a film critic enraged at having his mobile phone uplifted during critics' previews. Impounding critics' mobile phones makes sense, I suppose, if you think alienating the critics before the movie even starts is a good idea. Making them line up at the end to get their phones back is a really excellent way of putting them in a foul mood to write their reviews, too.

The film critic and I pointed out that a lot of early torrents come from screeners and other insider leaks. Leverton denied this, saying screeners haven't been an issue for three years. I have news for him: a quick search finds (unchecked for validity) torrents of screeners of films opening in the US this week and even a few that haven't opened yet. Surely these pose a bigger threat than camcorders: there must be some limit to how much quality people are willing to give up just to get something for free. The camcorder rips I've seen are ghastly; you'd have to be either desperate to see that particular film or the kind of person who'll watch anything as long as it's free. The former probably have no other choice; the latter are interested in free stuff, not movies. Neither category is likely to represent lost sales.

More generally, if people are watching downloaded copies of movies rather than go to a theater, then there's something wrong with the theater experience. And there is: it's expensive, it's technically inferior, the sound is usually too loud, and the traveling takes time, which is in increasingly short supply. Cinema showings now have to compete with home theater, especially as many DVDs now cost less to buy than a single ticket. They also have to compete with other entertainments: when the cost of movies in London's West End reached the price of a ticket for live theater, suddenly live theater seemed like the far better deal.

So is file-sharing really the film industry's biggest problem? The Dutch report recommends redefining its business models. Creating legitimate download services is a start. But do stop blaming ISPs: licit downloads cost them just as much in bandwidth as illicit ones.

Wendy M. Grossman's Web site has an extensive archive of her books, articles, and music, and an archive of all the earlier columns in this series. Readers are welcome to post here, at net.wars home, at her personal blog, or by email to netwars@skeptic.demon.co.uk (but please turn off HTML).