November 27, 2024

Privacy, Blogging, and Conflict of Interest

Blogging can create the most interesting conflicts of interest. Here is a particularly juicy example:

William Safire’s column in today’s New York Times questions the motives of the new LifeLog program at DARPA. (DARPA, the Defense Advanced Research Projects Agency, is the part of the U.S. Department of Defense (DoD) that funds external research and development.)

LifeLog is a latter-day version of the Memex, which was proposed by Vannevar Bush in his famous 1945 Atlantic Monthly article, “As We May Think.” Bush foresaw the Memex as a sort of universal aid to memory that would help you remember everything you had seen and heard. If you couldn’t remember the name of that great Vietnamese restaurant your brother told you about last month, your Memex would know.

Bush realized that the technology to build a real Memex was far in the future, from his perspective in 1945. As of yet, nobody has built a real Memex, because the basic technology hasn’t been available. But that is about to change. Recording devices are getting cheaper and smaller, storage devices are getting cheaper and more capacious, and wireless communication is knitting devices together. Within a few years, it will be possible to build the first Memex. Inevitably, someone will do so.

The DARPA LifeLog program is trying to build a smart Memex. LifeLog is supposed to be smart, so that it can figure out the context of actions, so as to help you recall more accurately and naturally.

LifeLog makes Safire nervous:

But wouldn’t the ubiquitous partner be embarrassing at times? Relax, says the program description, presumably written by Dr. Doug Gage, who didn’t answer my calls, e-mails or frantic telepathy. “The goal of the data collection is to `see what I see’ rather than to `see me.’ Users are in complete control of their own data-collection efforts, decide when to turn the sensors on or off and decide who will share the data.”

That’s just dandy for the personal privacy of the “user,” who would be led to believe he controlled the only copy of his infinitely detailed profile. But what about the “use-ee” — the person that [LifeLog’s] user is looking at, listening to, sniffing or conspiring with to blow up the world?

The human user may have opt-in control of the wireless wire he is secretly wearing, but all the people who come in contact with [LifeLog] and its willing user-spy would be ill-used without their knowledge. Result: Everybody would be snooping on everybody else, taping and sharing that data with the government and the last media conglomerate left standing.

Now we come to the conflicts of interest. Safire laments his inability to talk to DARPA program manager Doug Gage. It so happens that I discussed this very topic with Dr. Gage on Monday – and that I have an audio recording of that conversation! One of my colleagues made the recording, with Dr. Gage’s consent, as a Memex-style aid to memory. [But was his consent really uncoerced, since it might look hypocritical for him to withhold consent under the circumstances? Discuss.]

I would be lying if I said that the thought of publishing the tape never crossed my mind. But it seems obvious that publishing the tape would be unfair to Dr. Gage. He clearly saw me as just another computer scientist. He probably didn’t know that as a blogger I sometimes wear the hat of a pseudo-journalist. It seems unfair to act like a journalist when he was treating me as a non-journalist.

At this point I should probably tell you that I was meeting with Dr. Gage because I’m considering applying to him for funding to do research on how to make LifeLog, and Memexes in general, more privacy-friendly. (The LifeLog announcement explicitly invites proposals for such privacy research.) Publishing the tape would not endear me to the man who will ultimately decide whether to fund my research, so my decision not to publish it cannot be entirely disinterested.

On the other hand, publishing the tape would provide a perfect illustration of the need for the very research I want to fund, by illustrating how one person’s Memex records information that another person considers private. This is exactly the problem that the research is supposed to address. Not publishing the tape just reinforces the counter-argument that the research is not necessary because people can be trusted to respect each others’ confidences.

[In case you’re wondering, there is nothing shocking on the tape. If anything, Mr. Safire would probably find its contents mildly reassuring.]

Clearly, the shrewdly self-interested course of action for me is to write about all of these angles, without actually publishing the tape, and to throw in a gratuitous link to one of my own relevant research papers. Fortunately I would never stoop to that level.

Petition for Public Domain Enhancement Act

Larry Lessig writes:

We have launched a petition to build support for the Public Domain Enhancement Act. That act would require American copyright holders to pay $1 fifty years after a work was published. If they pay the $1, the copyright continues. If they don’t, the work passes into the public domain. Historical estimates would suggest 98% of works would pass into the pubilc domain after 50 years. The Act would do a great deal to reclaim a public domain.

This proposal has received a great deal of support. It is now facing some important lobbyists’ opposition. We need a public way to begin to demonstrate who the lobbyists don’t speak for. This is the first step.

Regardless of your position on the proper length and breadth of copyright, I hope you will agree with me that there is no reason to maintain the copyright on works that are essentially abandoned. A great many old works are simply unusable, because it would cost too much to figure out who owns the copyrights on them. The Public Domain Enhancement Act would put only two tiny “burdens” on copyright owners: (1) pay a fee of one dollar to maintain their copyright on any old work, and (2) register their ownership of the copyrights on old works so that potential licensees can find their owners.

The beauty of this approach is that, while imposing essentially no cost on the owners of commercially valuable copyrights, it reclaims for the public domain that vast majority of works that have no remaining commercial value after fifty years. To enter the public domain, a work has to be so devoid of commercial value that the copyright owner isn’t willing to pay even one dollar to maintain its copyright. This seems like such a no-brainer that it’s hard to see how anyone who takes cultural progress seriously could oppose it.

If you agree with me, please sign the petition.

Software Infringement Rate Decreasing

The Business Software Alliance (BSA), a prominent industry group, has announced the results of its annual study of copyright compliance by business software users.

According to BSA, 39% of business application software, worldwide, was infringing in 2002. This is down from a high of 49% in 1994. The U.S. was the most law-abiding country, with an infringement rate of 23% in 2002.

These are interesting data for the debate about music and movie copyrights. For software at least, the infringement rate is going down, and the U.S. has the lowest infringement rate. The software industry must be doing something right.

Palladium as P2P Enabler

A new paper by Stuart Schechter, Rachel Greenstadt, and Mike Smith, of Harvard, points out what should have been obvious all along: that “trusted computing” systems like Microsoft’s now-renamed Palladium, if they work, can be used to make peer-to-peer file sharing systems essentially impervious to technical countermeasures.

The reason is that Palladium-like systems allow any software program absolute control over which hardware/software configurations it will interoperate with. So a P2P system can refuse to interoperate with any “unauthorized” version of itself. This would keep copyright owners (or anyone else) from spoofing file contents. Although the paper doesn’t point this out directly, a clever Palladium-enabled P2P system would make it much harder for anyone to trace the true source of a copyrighted file.

The moral of this story is simple. Computer security is, ultimately, a battle for control of a computer system; and in that battle, both sides will use the available tools. The same tools that make robust networks also make robust P2P networks. The same tools that prevent infiltration by viruses also prevent infiltration by spoofing agents.

SearchKing Suit Dismissed

Stefanie Olsen at CNet News.com reports that SearchKing’s lawsuit against Google has been dismissed. The judge ruled, as expected, that Google’s page rankings are opinions, and that Google has a First Amendment right to state its opinions.

Here’s the background: SearchKing sells a service that claims to raise people’s page rankings on the Google search engine. Google adjusted their page ranking algorithm to demote SearchKing’s pages. SearchKing sued Google, asking the court to grant a preliminary injunction requiring Google to restore the page rankings of SearchKing’s pages. The court has now dismissed SearchKing’s suit. For a longer analysis of the case, see James Grimmelmann’s old LawMeme posting.