Ben Edelman reports that Utah’s governor signed HB323 into law yesterday. That’s the anti-spyware law I discussed two weeks ago. I guess we’ll find out whether the bill’s opponents were right about its supposed burden on legitimate software businesses.
Shielding P2P Users' Identities
New P2P technologies are more effectively shielding the identities and net addresses of their users, according to a John Borland story at news.com. This is not surprising given that the past generation of P2P systems did essentially nothing to hide their users’ addresses. Agents of the RIAA exploited that lack of protection to identify people uploading copyrighted music, leading to the wave of lawsuits against P2P users.
Given the lawsuits, and the relative ease with which P2P technologies can be redesigned to shield users’ addresses, it’s not surprising to see such redesigns. If anything, the surprise is that this didn’t happen sooner.
It will take some time for address-shielding technology to be adopted, but eventually it will be. And this will be bad news for copyright owners, because it will thwart their current identify-and-sue tactic, which seems to be having some effect.
Copyright owners’ best hope in the short run is that users will have trouble telling the effective shielding technologies from the bogus ones, and so will come to doubt that any of the shields work.
BayTSP CEO Mark Ishikawa is already trying to spread fear, uncertainty, and doubt about the shields; he says in the article that his company will still be able to defeat the all of the shields. He is wrong, in the sense that BayTSP-proof shields are certainly possible and probably already exist; but it’s easy to see how his claim advances his company’s interests.
The adoption of address shields is just the latest step in the ongoing co-evolution of P2P systems and media business models.
How To Annoy Your Mother-in-Law
Look up her age here. Then send her an email informing her that anyone on the Net can do the same.
UPDATE (9:00 PM): How to run up your mother-in-law’s AOL bill: tell her she can look up her friends’ ages.
Privacy, Blogging, and Conflict of Interest
Blogging can create the most interesting conflicts of interest. Here is a particularly juicy example:
William Safire’s column in today’s New York Times questions the motives of the new LifeLog program at DARPA. (DARPA, the Defense Advanced Research Projects Agency, is the part of the U.S. Department of Defense (DoD) that funds external research and development.)
LifeLog is a latter-day version of the Memex, which was proposed by Vannevar Bush in his famous 1945 Atlantic Monthly article, “As We May Think.” Bush foresaw the Memex as a sort of universal aid to memory that would help you remember everything you had seen and heard. If you couldn’t remember the name of that great Vietnamese restaurant your brother told you about last month, your Memex would know.
Bush realized that the technology to build a real Memex was far in the future, from his perspective in 1945. As of yet, nobody has built a real Memex, because the basic technology hasn’t been available. But that is about to change. Recording devices are getting cheaper and smaller, storage devices are getting cheaper and more capacious, and wireless communication is knitting devices together. Within a few years, it will be possible to build the first Memex. Inevitably, someone will do so.
The DARPA LifeLog program is trying to build a smart Memex. LifeLog is supposed to be smart, so that it can figure out the context of actions, so as to help you recall more accurately and naturally.
LifeLog makes Safire nervous:
But wouldn’t the ubiquitous partner be embarrassing at times? Relax, says the program description, presumably written by Dr. Doug Gage, who didn’t answer my calls, e-mails or frantic telepathy. “The goal of the data collection is to `see what I see’ rather than to `see me.’ Users are in complete control of their own data-collection efforts, decide when to turn the sensors on or off and decide who will share the data.”
That’s just dandy for the personal privacy of the “user,” who would be led to believe he controlled the only copy of his infinitely detailed profile. But what about the “use-ee” — the person that [LifeLog’s] user is looking at, listening to, sniffing or conspiring with to blow up the world?
The human user may have opt-in control of the wireless wire he is secretly wearing, but all the people who come in contact with [LifeLog] and its willing user-spy would be ill-used without their knowledge. Result: Everybody would be snooping on everybody else, taping and sharing that data with the government and the last media conglomerate left standing.
Now we come to the conflicts of interest. Safire laments his inability to talk to DARPA program manager Doug Gage. It so happens that I discussed this very topic with Dr. Gage on Monday – and that I have an audio recording of that conversation! One of my colleagues made the recording, with Dr. Gage’s consent, as a Memex-style aid to memory. [But was his consent really uncoerced, since it might look hypocritical for him to withhold consent under the circumstances? Discuss.]
I would be lying if I said that the thought of publishing the tape never crossed my mind. But it seems obvious that publishing the tape would be unfair to Dr. Gage. He clearly saw me as just another computer scientist. He probably didn’t know that as a blogger I sometimes wear the hat of a pseudo-journalist. It seems unfair to act like a journalist when he was treating me as a non-journalist.
At this point I should probably tell you that I was meeting with Dr. Gage because I’m considering applying to him for funding to do research on how to make LifeLog, and Memexes in general, more privacy-friendly. (The LifeLog announcement explicitly invites proposals for such privacy research.) Publishing the tape would not endear me to the man who will ultimately decide whether to fund my research, so my decision not to publish it cannot be entirely disinterested.
On the other hand, publishing the tape would provide a perfect illustration of the need for the very research I want to fund, by illustrating how one person’s Memex records information that another person considers private. This is exactly the problem that the research is supposed to address. Not publishing the tape just reinforces the counter-argument that the research is not necessary because people can be trusted to respect each others’ confidences.
[In case you’re wondering, there is nothing shocking on the tape. If anything, Mr. Safire would probably find its contents mildly reassuring.]
Clearly, the shrewdly self-interested course of action for me is to write about all of these angles, without actually publishing the tape, and to throw in a gratuitous link to one of my own relevant research papers. Fortunately I would never stoop to that level.
NRC Report on Authentication Technology and Privacy
The authoritative National Research Council has issued an important new report entitled “Who Goes There?: Authentication Through the Lens of Privacy.” Like all NRC reports, this is an in-depth document reflecting the consensus of an impressive panel of experts.
Often people think of authorization (that is, ensuring that only authorized people get access to a resource) is antithetical to privacy, but this need not be true. One of the report’s findings is this:
Authorization does not always require individual authentication or identification, but mosts existing authorization systems perform one of these functions anyway. Similarly, a requirement for authentication does not always imply that accountability is needed, but many authentication systems generate and store information as though it were.
There are many ways to use authentication in designing systems, and a careful design can reduce the privacy cost that must be paid to achieve a given level of security. There is not a single “knob” that we can turn to trade off security against privacy, but a complex landscape in which we can hope to get more of both, if we choose wisely.